github.com/outbrain/consul@v1.4.5/agent/structs/acl_legacy_test.go (about) 1 package structs 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/require" 7 ) 8 9 func TestStructs_ACL_IsSame(t *testing.T) { 10 acl := &ACL{ 11 ID: "guid", 12 Name: "An ACL for testing", 13 Type: "client", 14 Rules: "service \"\" { policy = \"read\" }", 15 } 16 if !acl.IsSame(acl) { 17 t.Fatalf("should be equal to itself") 18 } 19 20 other := &ACL{ 21 ID: "guid", 22 Name: "An ACL for testing", 23 Type: "client", 24 Rules: "service \"\" { policy = \"read\" }", 25 RaftIndex: RaftIndex{ 26 CreateIndex: 1, 27 ModifyIndex: 2, 28 }, 29 } 30 if !acl.IsSame(other) || !other.IsSame(acl) { 31 t.Fatalf("should not care about Raft fields") 32 } 33 34 check := func(twiddle, restore func()) { 35 if !acl.IsSame(other) || !other.IsSame(acl) { 36 t.Fatalf("should be the same") 37 } 38 39 twiddle() 40 if acl.IsSame(other) || other.IsSame(acl) { 41 t.Fatalf("should not be the same") 42 } 43 44 restore() 45 if !acl.IsSame(other) || !other.IsSame(acl) { 46 t.Fatalf("should be the same") 47 } 48 } 49 50 check(func() { other.ID = "nope" }, func() { other.ID = "guid" }) 51 check(func() { other.Name = "nope" }, func() { other.Name = "An ACL for testing" }) 52 check(func() { other.Type = "management" }, func() { other.Type = "client" }) 53 check(func() { other.Rules = "" }, func() { other.Rules = "service \"\" { policy = \"read\" }" }) 54 } 55 56 func TestStructs_ACL_Convert(t *testing.T) { 57 t.Parallel() 58 59 acl := &ACL{ 60 ID: "guid", 61 Name: "AN ACL for testing", 62 Type: "client", 63 Rules: `service "" { policy "read" }`, 64 } 65 66 token := acl.Convert() 67 require.Equal(t, "", token.AccessorID) 68 require.Equal(t, acl.ID, token.SecretID) 69 require.Equal(t, acl.Type, token.Type) 70 require.Equal(t, acl.Name, token.Description) 71 require.Nil(t, token.Policies) 72 require.False(t, token.Local) 73 require.Equal(t, acl.Rules, token.Rules) 74 require.Equal(t, acl.CreateIndex, token.CreateIndex) 75 require.Equal(t, acl.ModifyIndex, token.ModifyIndex) 76 } 77 78 func TestStructs_ACLToken_Convert(t *testing.T) { 79 t.Parallel() 80 81 t.Run("Management", func(t *testing.T) { 82 t.Parallel() 83 token := &ACLToken{ 84 AccessorID: "6c4eb178-c7f3-4620-b899-91eb8696c265", 85 SecretID: "67c29ecd-cabc-42e0-a20e-771e9a1ab70c", 86 Description: "new token", 87 Policies: []ACLTokenPolicyLink{ 88 ACLTokenPolicyLink{ 89 ID: ACLPolicyGlobalManagementID, 90 }, 91 }, 92 Type: ACLTokenTypeManagement, 93 } 94 95 acl, err := token.Convert() 96 require.NoError(t, err) 97 require.Equal(t, token.SecretID, acl.ID) 98 require.Equal(t, token.Type, acl.Type) 99 require.Equal(t, token.Description, acl.Name) 100 require.Equal(t, "", acl.Rules) 101 }) 102 103 t.Run("Client", func(t *testing.T) { 104 t.Parallel() 105 token := &ACLToken{ 106 AccessorID: "6c4eb178-c7f3-4620-b899-91eb8696c265", 107 SecretID: "67c29ecd-cabc-42e0-a20e-771e9a1ab70c", 108 Description: "new token", 109 Policies: nil, 110 Type: ACLTokenTypeClient, 111 Rules: `acl = "read"`, 112 } 113 114 acl, err := token.Convert() 115 require.NoError(t, err) 116 require.Equal(t, token.SecretID, acl.ID) 117 require.Equal(t, token.Type, acl.Type) 118 require.Equal(t, token.Description, acl.Name) 119 require.Equal(t, token.Rules, acl.Rules) 120 }) 121 122 t.Run("Unconvertible", func(t *testing.T) { 123 t.Parallel() 124 token := &ACLToken{ 125 AccessorID: "6c4eb178-c7f3-4620-b899-91eb8696c265", 126 SecretID: "67c29ecd-cabc-42e0-a20e-771e9a1ab70c", 127 Description: "new token", 128 Policies: []ACLTokenPolicyLink{ 129 ACLTokenPolicyLink{ 130 ID: ACLPolicyGlobalManagementID, 131 }, 132 }, 133 } 134 135 acl, err := token.Convert() 136 require.Error(t, err) 137 require.Nil(t, acl) 138 }) 139 140 }