github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/api/policychecker/handler_test.go (about) 1 package policychecker_test 2 3 import ( 4 "errors" 5 "io/ioutil" 6 "net/http" 7 "net/http/httptest" 8 9 "code.cloudfoundry.org/lager/lagertest" 10 11 "github.com/pf-qiu/concourse/v6/atc/api/policychecker" 12 "github.com/pf-qiu/concourse/v6/atc/api/policychecker/policycheckerfakes" 13 "github.com/pf-qiu/concourse/v6/atc/policy" 14 15 . "github.com/onsi/ginkgo" 16 . "github.com/onsi/gomega" 17 ) 18 19 var _ = Describe("Handler", func() { 20 var ( 21 innerHandlerCalled bool 22 dummyHandler http.HandlerFunc 23 policyCheckerHandler http.Handler 24 req *http.Request 25 fakePolicyChecker *policycheckerfakes.FakePolicyChecker 26 responseWriter *httptest.ResponseRecorder 27 28 logger = lagertest.NewTestLogger("test") 29 ) 30 31 BeforeEach(func() { 32 fakePolicyChecker = new(policycheckerfakes.FakePolicyChecker) 33 34 innerHandlerCalled = false 35 dummyHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 36 innerHandlerCalled = true 37 }) 38 39 responseWriter = httptest.NewRecorder() 40 41 var err error 42 req, err = http.NewRequest("GET", "localhost:8080", nil) 43 Expect(err).NotTo(HaveOccurred()) 44 }) 45 46 JustBeforeEach(func() { 47 policyCheckerHandler.ServeHTTP(responseWriter, req) 48 }) 49 50 BeforeEach(func() { 51 policyCheckerHandler = policychecker.NewHandler(logger, dummyHandler, "some-action", fakePolicyChecker) 52 }) 53 54 Context("policy check passes", func() { 55 BeforeEach(func() { 56 fakePolicyChecker.CheckReturns(policy.PassedPolicyCheck(), nil) 57 }) 58 59 It("calls the inner handler", func() { 60 Expect(innerHandlerCalled).To(BeTrue()) 61 }) 62 }) 63 64 Context("policy check doesn't pass", func() { 65 BeforeEach(func() { 66 fakePolicyChecker.CheckReturns(policy.PolicyCheckOutput{ 67 Allowed: false, 68 Reasons: []string{"a policy says you can't do that", "another policy also says you can't do that"}, 69 }, nil) 70 }) 71 72 It("return http forbidden", func() { 73 Expect(responseWriter.Code).To(Equal(http.StatusForbidden)) 74 75 msg, err := ioutil.ReadAll(responseWriter.Body) 76 Expect(err).ToNot(HaveOccurred()) 77 Expect(string(msg)).To(Equal("policy check failed: a policy says you can't do that, another policy also says you can't do that")) 78 }) 79 80 It("not call the inner handler", func() { 81 Expect(innerHandlerCalled).To(BeFalse()) 82 }) 83 }) 84 85 Context("policy check errors", func() { 86 BeforeEach(func() { 87 fakePolicyChecker.CheckReturns(policy.FailedPolicyCheck(), errors.New("some-error")) 88 }) 89 90 It("return http bad request", func() { 91 Expect(responseWriter.Code).To(Equal(http.StatusBadRequest)) 92 93 msg, err := ioutil.ReadAll(responseWriter.Body) 94 Expect(err).ToNot(HaveOccurred()) 95 Expect(string(msg)).To(Equal("policy check error: some-error")) 96 }) 97 98 It("not call the inner handler", func() { 99 Expect(innerHandlerCalled).To(BeFalse()) 100 }) 101 }) 102 })