github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/policychecker/handler_test.go

github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/policychecker/handler_test.go (about)

     1  package policychecker_test
     2  
     3  import (
     4  	"errors"
     5  	"io/ioutil"
     6  	"net/http"
     7  	"net/http/httptest"
     8  
     9  	"code.cloudfoundry.org/lager/lagertest"
    10  
    11  	"github.com/pf-qiu/concourse/v6/atc/api/policychecker"
    12  	"github.com/pf-qiu/concourse/v6/atc/api/policychecker/policycheckerfakes"
    13  	"github.com/pf-qiu/concourse/v6/atc/policy"
    14  
    15  	. "github.com/onsi/ginkgo"
    16  	. "github.com/onsi/gomega"
    17  )
    18  
    19  var _ = Describe("Handler", func() {
    20  	var (
    21  		innerHandlerCalled   bool
    22  		dummyHandler         http.HandlerFunc
    23  		policyCheckerHandler http.Handler
    24  		req                  *http.Request
    25  		fakePolicyChecker    *policycheckerfakes.FakePolicyChecker
    26  		responseWriter       *httptest.ResponseRecorder
    27  
    28  		logger = lagertest.NewTestLogger("test")
    29  	)
    30  
    31  	BeforeEach(func() {
    32  		fakePolicyChecker = new(policycheckerfakes.FakePolicyChecker)
    33  
    34  		innerHandlerCalled = false
    35  		dummyHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    36  			innerHandlerCalled = true
    37  		})
    38  
    39  		responseWriter = httptest.NewRecorder()
    40  
    41  		var err error
    42  		req, err = http.NewRequest("GET", "localhost:8080", nil)
    43  		Expect(err).NotTo(HaveOccurred())
    44  	})
    45  
    46  	JustBeforeEach(func() {
    47  		policyCheckerHandler.ServeHTTP(responseWriter, req)
    48  	})
    49  
    50  	BeforeEach(func() {
    51  		policyCheckerHandler = policychecker.NewHandler(logger, dummyHandler, "some-action", fakePolicyChecker)
    52  	})
    53  
    54  	Context("policy check passes", func() {
    55  		BeforeEach(func() {
    56  			fakePolicyChecker.CheckReturns(policy.PassedPolicyCheck(), nil)
    57  		})
    58  
    59  		It("calls the inner handler", func() {
    60  			Expect(innerHandlerCalled).To(BeTrue())
    61  		})
    62  	})
    63  
    64  	Context("policy check doesn't pass", func() {
    65  		BeforeEach(func() {
    66  			fakePolicyChecker.CheckReturns(policy.PolicyCheckOutput{
    67  				Allowed: false,
    68  				Reasons: []string{"a policy says you can't do that", "another policy also says you can't do that"},
    69  			}, nil)
    70  		})
    71  
    72  		It("return http forbidden", func() {
    73  			Expect(responseWriter.Code).To(Equal(http.StatusForbidden))
    74  
    75  			msg, err := ioutil.ReadAll(responseWriter.Body)
    76  			Expect(err).ToNot(HaveOccurred())
    77  			Expect(string(msg)).To(Equal("policy check failed: a policy says you can't do that, another policy also says you can't do that"))
    78  		})
    79  
    80  		It("not call the inner handler", func() {
    81  			Expect(innerHandlerCalled).To(BeFalse())
    82  		})
    83  	})
    84  
    85  	Context("policy check errors", func() {
    86  		BeforeEach(func() {
    87  			fakePolicyChecker.CheckReturns(policy.FailedPolicyCheck(), errors.New("some-error"))
    88  		})
    89  
    90  		It("return http bad request", func() {
    91  			Expect(responseWriter.Code).To(Equal(http.StatusBadRequest))
    92  
    93  			msg, err := ioutil.ReadAll(responseWriter.Body)
    94  			Expect(err).ToNot(HaveOccurred())
    95  			Expect(string(msg)).To(Equal("policy check error: some-error"))
    96  		})
    97  
    98  		It("not call the inner handler", func() {
    99  			Expect(innerHandlerCalled).To(BeFalse())
   100  		})
   101  	})
   102  })