github.com/metaworking/channeld@v0.7.3/pkg/channeld/channel_acl_test.go (about)

     1  package channeld
     2  
     3  import (
     4  	"net"
     5  	"testing"
     6  
     7  	"github.com/metaworking/channeld/pkg/channeldpb"
     8  	"github.com/metaworking/channeld/pkg/common"
     9  	"github.com/stretchr/testify/assert"
    10  )
    11  
    12  type aclTestConnection struct {
    13  	id ConnectionId
    14  }
    15  
    16  func (c *aclTestConnection) Id() ConnectionId {
    17  	return 0
    18  }
    19  
    20  func (c *aclTestConnection) GetConnectionType() channeldpb.ConnectionType {
    21  	return channeldpb.ConnectionType_NO_CONNECTION
    22  }
    23  
    24  func (c *aclTestConnection) OnAuthenticated(pit string) {
    25  
    26  }
    27  
    28  func (c *aclTestConnection) HasAuthorityOver(ch *Channel) bool {
    29  	return false
    30  }
    31  
    32  func (c *aclTestConnection) Close() {
    33  }
    34  
    35  func (c *aclTestConnection) IsClosing() bool {
    36  	return false
    37  }
    38  
    39  func (c *aclTestConnection) Send(ctx MessageContext) {
    40  
    41  }
    42  
    43  func (c *aclTestConnection) SubscribeToChannel(ch *Channel, options *channeldpb.ChannelSubscriptionOptions) (*ChannelSubscription, bool) {
    44  	return &ChannelSubscription{
    45  		options: *defaultSubOptions(ch.channelType),
    46  	}, false
    47  }
    48  
    49  func (c *aclTestConnection) UnsubscribeFromChannel(ch *Channel) (*channeldpb.ChannelSubscriptionOptions, error) {
    50  	return nil, nil
    51  }
    52  
    53  func (c *aclTestConnection) sendSubscribed(ctx MessageContext, ch *Channel, connToSub ConnectionInChannel, stubId uint32, subOptions *channeldpb.ChannelSubscriptionOptions) {
    54  
    55  }
    56  
    57  func (c *aclTestConnection) sendUnsubscribed(ctx MessageContext, ch *Channel, connToUnsub *Connection, stubId uint32) {
    58  
    59  }
    60  
    61  func (c *aclTestConnection) HasInterestIn(spatialChId common.ChannelId) bool {
    62  	return false
    63  }
    64  
    65  func (c *aclTestConnection) Logger() *Logger {
    66  	return rootLogger
    67  }
    68  
    69  func (c *aclTestConnection) RemoteAddr() net.Addr {
    70  	return nil
    71  }
    72  
    73  var idCounter = 0
    74  
    75  func createACLTestConnectionById(id ConnectionId) *aclTestConnection {
    76  	return &aclTestConnection{
    77  		id: id,
    78  	}
    79  }
    80  
    81  func createACLTestConnection() *aclTestConnection {
    82  	idCounter++
    83  	return createACLTestConnectionById(ConnectionId(idCounter))
    84  }
    85  
    86  func createChannelForTestACL(t channeldpb.ChannelType, owner ConnectionInChannel) (*Channel, error) {
    87  	if t == channeldpb.ChannelType_GLOBAL {
    88  		ch, err := CreateChannel(channeldpb.ChannelType_SUBWORLD, owner)
    89  		ch.channelType = channeldpb.ChannelType_GLOBAL
    90  		globalChannel = ch
    91  		return ch, err
    92  	} else {
    93  		ch, err := CreateChannel(t, owner)
    94  		return ch, err
    95  	}
    96  }
    97  
    98  func setChannelACLSettings(chTypes []channeldpb.ChannelType, acl ChannelAccessLevel) {
    99  	for _, t := range chTypes {
   100  		GlobalSettings.ChannelSettings[t] = ChannelSettingsType{
   101  			ACLSettings: ACLSettingsType{
   102  				Sub:    acl,
   103  				Unsub:  acl,
   104  				Remove: acl,
   105  			},
   106  		}
   107  	}
   108  }
   109  
   110  func TestCheckACL(t *testing.T) {
   111  	InitLogs()
   112  	InitChannels()
   113  
   114  	accessTypes := []ChannelAccessType{ChannelAccessType_Sub, ChannelAccessType_Unsub, ChannelAccessType_Remove}
   115  
   116  	const ChannelType_Test1 channeldpb.ChannelType = 201
   117  	allChannelTypesForTest := []channeldpb.ChannelType{channeldpb.ChannelType_GLOBAL, channeldpb.ChannelType_SUBWORLD, channeldpb.ChannelType_PRIVATE, channeldpb.ChannelType_SPATIAL, ChannelType_Test1}
   118  	allChannelTypesForTestWithoutGlobal := []channeldpb.ChannelType{channeldpb.ChannelType_SUBWORLD, channeldpb.ChannelType_PRIVATE, channeldpb.ChannelType_SPATIAL, ChannelType_Test1}
   119  
   120  	var channelOwner ConnectionInChannel
   121  	var ch *Channel
   122  	var hasAccess bool
   123  	var err error
   124  
   125  	for _, accessType := range accessTypes {
   126  
   127  		setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_None)
   128  
   129  		// CA01
   130  		func(chTypes []channeldpb.ChannelType) {
   131  			for _, chType := range chTypes {
   132  				ch, _ = createChannelForTestACL(chType, createACLTestConnection())
   133  				hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType)
   134  				assert.Error(t, err, ErrNoneAccess)
   135  				assert.EqualValues(t, hasAccess, false)
   136  			}
   137  		}(allChannelTypesForTest)
   138  
   139  		// CA02
   140  		func(chTypes []channeldpb.ChannelType) {
   141  			for _, chType := range chTypes {
   142  				channelOwner = createACLTestConnection()
   143  				ch, _ = createChannelForTestACL(chType, channelOwner)
   144  				hasAccess, err = ch.CheckACL(channelOwner, accessType)
   145  				assert.Error(t, err, ErrNoneAccess)
   146  				assert.EqualValues(t, hasAccess, false)
   147  			}
   148  		}(allChannelTypesForTest)
   149  
   150  		// CA03
   151  		func(chTypes []channeldpb.ChannelType) {
   152  			// set global channel and owner
   153  			globalOwner := createACLTestConnection()
   154  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   155  			for _, chType := range chTypes {
   156  				ch, _ := createChannelForTestACL(chType, createACLTestConnection())
   157  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   158  				assert.Error(t, err, ErrNoneAccess)
   159  				assert.EqualValues(t, hasAccess, false)
   160  			}
   161  		}(allChannelTypesForTestWithoutGlobal)
   162  
   163  		setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_OwnerOnly)
   164  
   165  		// CA04
   166  		func(chTypes []channeldpb.ChannelType) {
   167  			for _, chType := range chTypes {
   168  				ch, _ := createChannelForTestACL(chType, createACLTestConnection())
   169  				hasAccess, err := ch.CheckACL(createACLTestConnection(), accessType)
   170  				assert.Error(t, err, ErrOwnerOnlyAccess)
   171  				assert.EqualValues(t, hasAccess, false)
   172  			}
   173  		}(allChannelTypesForTest)
   174  
   175  		// CA05
   176  		func(chTypes []channeldpb.ChannelType) {
   177  			for _, chType := range chTypes {
   178  				channelOwner := createACLTestConnection()
   179  				ch, _ := createChannelForTestACL(chType, channelOwner)
   180  				hasAccess, err := ch.CheckACL(channelOwner, accessType)
   181  				assert.NoError(t, err)
   182  				assert.EqualValues(t, hasAccess, true)
   183  			}
   184  		}(allChannelTypesForTest)
   185  
   186  		// CA06
   187  		func(chTypes []channeldpb.ChannelType) {
   188  			// set global channel and owner
   189  			globalOwner := createACLTestConnection()
   190  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   191  			for _, chType := range chTypes {
   192  				ch, _ := createChannelForTestACL(chType, createACLTestConnection())
   193  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   194  				assert.Error(t, err, ErrOwnerOnlyAccess)
   195  				assert.EqualValues(t, hasAccess, false)
   196  			}
   197  		}(allChannelTypesForTestWithoutGlobal)
   198  
   199  		// CA07
   200  		func(chTypes []channeldpb.ChannelType) {
   201  			for _, chType := range chTypes {
   202  				ch, _ := createChannelForTestACL(chType, nil)
   203  				hasAccess, err := ch.CheckACL(createACLTestConnection(), accessType)
   204  				assert.Error(t, err, ErrOwnerOnlyAccess)
   205  				assert.EqualValues(t, hasAccess, false)
   206  			}
   207  		}(allChannelTypesForTest)
   208  
   209  		setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_OwnerAndGlobalOwner)
   210  
   211  		// CA08
   212  		func(chTypes []channeldpb.ChannelType) {
   213  			for _, chType := range chTypes {
   214  				ch, _ = createChannelForTestACL(chType, createACLTestConnection())
   215  				hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType)
   216  				assert.Error(t, err, ErrOwnerAndGlobalOwnerAccess)
   217  				assert.EqualValues(t, hasAccess, false)
   218  			}
   219  		}(allChannelTypesForTest)
   220  
   221  		// CA09
   222  		func(chTypes []channeldpb.ChannelType) {
   223  			for _, chType := range chTypes {
   224  				channelOwner := createACLTestConnection()
   225  				ch, _ := createChannelForTestACL(chType, channelOwner)
   226  				hasAccess, err := ch.CheckACL(channelOwner, accessType)
   227  				assert.NoError(t, err)
   228  				assert.EqualValues(t, hasAccess, true)
   229  			}
   230  		}(allChannelTypesForTest)
   231  
   232  		// CA10
   233  		func(chTypes []channeldpb.ChannelType) {
   234  			// set global channel and owner
   235  			globalOwner := createACLTestConnection()
   236  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   237  			for _, chType := range chTypes {
   238  				ch, _ := createChannelForTestACL(chType, createACLTestConnection())
   239  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   240  				assert.NoError(t, err)
   241  				assert.EqualValues(t, hasAccess, true)
   242  			}
   243  		}(allChannelTypesForTestWithoutGlobal)
   244  
   245  		// CA11
   246  		func(chTypes []channeldpb.ChannelType) {
   247  			// set global channel and owner
   248  			globalOwner := createACLTestConnection()
   249  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   250  			for _, chType := range chTypes {
   251  				ch, _ := createChannelForTestACL(chType, nil)
   252  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   253  				assert.NoError(t, err)
   254  				assert.EqualValues(t, hasAccess, true)
   255  			}
   256  		}(allChannelTypesForTestWithoutGlobal)
   257  
   258  		setChannelACLSettings(allChannelTypesForTest, ChannelAccessLevel_Any)
   259  
   260  		//CA12
   261  		func(chTypes []channeldpb.ChannelType) {
   262  			for _, chType := range chTypes {
   263  				ch, _ = createChannelForTestACL(chType, createACLTestConnection())
   264  				hasAccess, err = ch.CheckACL(createACLTestConnection(), accessType)
   265  				assert.NoError(t, err)
   266  				assert.EqualValues(t, hasAccess, true)
   267  			}
   268  		}(allChannelTypesForTest)
   269  
   270  		// CA13
   271  		func(chTypes []channeldpb.ChannelType) {
   272  			for _, chType := range chTypes {
   273  				channelOwner := createACLTestConnection()
   274  				ch, _ := createChannelForTestACL(chType, channelOwner)
   275  				hasAccess, err := ch.CheckACL(channelOwner, accessType)
   276  				assert.NoError(t, err)
   277  				assert.EqualValues(t, hasAccess, true)
   278  			}
   279  		}(allChannelTypesForTest)
   280  
   281  		// CA14
   282  		func(chTypes []channeldpb.ChannelType) {
   283  			// set global channel and owner
   284  			globalOwner := createACLTestConnection()
   285  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   286  			for _, chType := range chTypes {
   287  				ch, _ := createChannelForTestACL(chType, createACLTestConnection())
   288  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   289  				assert.NoError(t, err)
   290  				assert.EqualValues(t, hasAccess, true)
   291  			}
   292  		}(allChannelTypesForTestWithoutGlobal)
   293  
   294  		// CA15
   295  		func(chTypes []channeldpb.ChannelType) {
   296  			// set global channel and owner
   297  			globalOwner := createACLTestConnection()
   298  			createChannelForTestACL(channeldpb.ChannelType_GLOBAL, globalOwner)
   299  			for _, chType := range chTypes {
   300  				ch, _ := createChannelForTestACL(chType, nil)
   301  				hasAccess, err := ch.CheckACL(globalOwner, accessType)
   302  				assert.NoError(t, err)
   303  				assert.EqualValues(t, hasAccess, true)
   304  			}
   305  		}(allChannelTypesForTestWithoutGlobal)
   306  
   307  	}
   308  
   309  	// ch = nil
   310  	// ch.CheckACL(ownerConn, o)
   311  }