github.com/minio/console@v1.4.1/api/policy/policies_test.go

github.com/minio/console@v1.4.1/api/policy/policies_test.go (about)

     1  // This file is part of MinIO Console Server
     2  // Copyright (c) 2022 MinIO, Inc.
     3  //
     4  // This program is free software: you can redistribute it and/or modify
     5  // it under the terms of the GNU Affero General Public License as published by
     6  // the Free Software Foundation, either version 3 of the License, or
     7  // (at your option) any later version.
     8  //
     9  // This program is distributed in the hope that it will be useful,
    10  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    11  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    12  // GNU Affero General Public License for more details.
    13  //
    14  // You should have received a copy of the GNU Affero General Public License
    15  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    16  
    17  package policy
    18  
    19  import (
    20  	"bytes"
    21  	"reflect"
    22  	"testing"
    23  
    24  	"github.com/minio/madmin-go/v3"
    25  	minioIAMPolicy "github.com/minio/pkg/v3/policy"
    26  )
    27  
    28  func TestReplacePolicyVariables(t *testing.T) {
    29  	type args struct {
    30  		claims      map[string]interface{}
    31  		accountInfo *madmin.AccountInfo
    32  	}
    33  	tests := []struct {
    34  		name    string
    35  		args    args
    36  		want    string
    37  		wantErr bool
    38  	}{
    39  		{
    40  			name: "Bad Policy",
    41  			args: args{
    42  				claims: nil,
    43  				accountInfo: &madmin.AccountInfo{
    44  					AccountName: "test",
    45  					Server:      madmin.BackendInfo{},
    46  					Policy:      []byte(""),
    47  					Buckets:     nil,
    48  				},
    49  			},
    50  			want:    "",
    51  			wantErr: true,
    52  		},
    53  		{
    54  			name: "Replace basic AWS",
    55  			args: args{
    56  				claims: nil,
    57  				accountInfo: &madmin.AccountInfo{
    58  					AccountName: "test",
    59  					Server:      madmin.BackendInfo{},
    60  					Policy: []byte(`{
    61    "Version": "2012-10-17",
    62    "Statement": [
    63      {
    64        "Effect": "Allow",
    65        "Action": [
    66          "s3:ListBucket"
    67        ],
    68        "Resource": [
    69          "arn:aws:s3:::${aws:username}",
    70          "arn:aws:s3:::${aws:userid}"
    71        ]
    72      }
    73    ]
    74  }`),
    75  					Buckets: nil,
    76  				},
    77  			},
    78  			want: `{
    79            "Version": "2012-10-17",
    80            "Statement": [
    81              {
    82                "Effect": "Allow",
    83                "Action": [
    84                  "s3:ListBucket"
    85                ],
    86                "Resource": [
    87                  "arn:aws:s3:::test",
    88                  "arn:aws:s3:::test"
    89                ]
    90              }
    91            ]
    92          }`,
    93  			wantErr: false,
    94  		},
    95  	}
    96  	for _, tt := range tests {
    97  		t.Run(tt.name, func(_ *testing.T) {
    98  			got := ReplacePolicyVariables(tt.args.claims, tt.args.accountInfo)
    99  			policy, err := minioIAMPolicy.ParseConfig(bytes.NewReader(got))
   100  			if (err != nil) != tt.wantErr {
   101  				t.Errorf("ReplacePolicyVariables() error = %v, wantErr %v", err, tt.wantErr)
   102  			}
   103  			wantPolicy, err := minioIAMPolicy.ParseConfig(bytes.NewReader([]byte(tt.want)))
   104  			if (err != nil) != tt.wantErr {
   105  				t.Errorf("ReplacePolicyVariables() error = %v, wantErr %v", err, tt.wantErr)
   106  			}
   107  			if !reflect.DeepEqual(policy, wantPolicy) {
   108  				t.Errorf("ReplacePolicyVariables() = %s, want %v", got, tt.want)
   109  			}
   110  		})
   111  	}
   112  }