github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/policy/checker_test.go

github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/policy/checker_test.go (about)

     1  package policy_test
     2  
     3  import (
     4  	"errors"
     5  
     6  	"github.com/pf-qiu/concourse/v6/atc/policy"
     7  	"github.com/pf-qiu/concourse/v6/atc/policy/policyfakes"
     8  
     9  	. "github.com/onsi/ginkgo"
    10  	. "github.com/onsi/gomega"
    11  )
    12  
    13  var _ = Describe("Policy checker", func() {
    14  	var (
    15  		checker policy.Checker
    16  		filter  policy.Filter
    17  		err     error
    18  	)
    19  
    20  	BeforeEach(func() {
    21  		filter = policy.Filter{
    22  			HttpMethods:   []string{"POST", "PUT"},
    23  			Actions:       []string{"do_1", "do_2"},
    24  			ActionsToSkip: []string{"skip_1", "skip_2"},
    25  		}
    26  
    27  		fakeAgent = new(policyfakes.FakeAgent)
    28  		fakeAgentFactory.NewAgentReturns(fakeAgent, nil)
    29  	})
    30  
    31  	JustBeforeEach(func() {
    32  		checker, err = policy.Initialize(testLogger, "some-cluster", "some-version", filter)
    33  	})
    34  
    35  	// fakeAgent is configured in BeforeSuite.
    36  	Context("Initialize", func() {
    37  		It("new agent should be returned", func() {
    38  			Expect(fakeAgentFactory.NewAgentCallCount()).To(Equal(1))
    39  		})
    40  
    41  		It("should return a checker", func() {
    42  			Expect(err).ToNot(HaveOccurred())
    43  			Expect(checker).ToNot(BeNil())
    44  		})
    45  
    46  		Context("Checker", func() {
    47  			Context("ShouldCheckHttpMethod", func() {
    48  				It("should return correct result", func() {
    49  					Expect(checker.ShouldCheckHttpMethod("GET")).To(BeFalse())
    50  					Expect(checker.ShouldCheckHttpMethod("DELETE")).To(BeFalse())
    51  					Expect(checker.ShouldCheckHttpMethod("PUT")).To(BeTrue())
    52  					Expect(checker.ShouldCheckHttpMethod("POST")).To(BeTrue())
    53  				})
    54  			})
    55  
    56  			Context("ShouldCheckAction", func() {
    57  				It("should return correct result", func() {
    58  					Expect(checker.ShouldCheckAction("did_1")).To(BeFalse())
    59  					Expect(checker.ShouldCheckAction("did_2")).To(BeFalse())
    60  					Expect(checker.ShouldCheckAction("do_1")).To(BeTrue())
    61  					Expect(checker.ShouldCheckAction("do_2")).To(BeTrue())
    62  				})
    63  			})
    64  
    65  			Context("ShouldSkipAction", func() {
    66  				It("should return correct result", func() {
    67  					Expect(checker.ShouldSkipAction("did_1")).To(BeFalse())
    68  					Expect(checker.ShouldSkipAction("did_2")).To(BeFalse())
    69  					Expect(checker.ShouldSkipAction("skip_1")).To(BeTrue())
    70  					Expect(checker.ShouldSkipAction("skip_2")).To(BeTrue())
    71  				})
    72  			})
    73  
    74  			Context("Check", func() {
    75  				var (
    76  					input    policy.PolicyCheckInput
    77  					output   policy.PolicyCheckOutput
    78  					checkErr error
    79  				)
    80  				BeforeEach(func() {
    81  					input = policy.PolicyCheckInput{}
    82  				})
    83  				JustBeforeEach(func() {
    84  					output, checkErr = checker.Check(input)
    85  				})
    86  
    87  				It("agent should be called", func() {
    88  					Expect(fakeAgent.CheckCallCount()).To(Equal(1))
    89  				})
    90  				It("cluster name should be injected into input", func() {
    91  					realInput := fakeAgent.CheckArgsForCall(0)
    92  					Expect(realInput).To(Equal(policy.PolicyCheckInput{
    93  						Service:        "concourse",
    94  						ClusterName:    "some-cluster",
    95  						ClusterVersion: "some-version",
    96  					}))
    97  				})
    98  
    99  				Context("when agent says pass", func() {
   100  					BeforeEach(func() {
   101  						fakeAgent.CheckReturns(policy.PassedPolicyCheck(), nil)
   102  					})
   103  
   104  					It("it should pass", func() {
   105  						Expect(checkErr).ToNot(HaveOccurred())
   106  						Expect(output.Allowed).To(BeTrue())
   107  					})
   108  				})
   109  
   110  				Context("when agent says not-pass", func() {
   111  					BeforeEach(func() {
   112  						fakeAgent.CheckReturns(policy.FailedPolicyCheck(), nil)
   113  					})
   114  
   115  					It("should not pass", func() {
   116  						Expect(checkErr).ToNot(HaveOccurred())
   117  						Expect(output.Allowed).To(BeFalse())
   118  					})
   119  				})
   120  
   121  				Context("when agent includes reasons", func() {
   122  					BeforeEach(func() {
   123  						fakeAgent.CheckReturns(
   124  							policy.PolicyCheckOutput{
   125  								Allowed: false,
   126  								Reasons: []string{"a policy says you can't do that"},
   127  							},
   128  							nil,
   129  						)
   130  					})
   131  
   132  					It("should include reasons", func() {
   133  						Expect(checkErr).ToNot(HaveOccurred())
   134  						Expect(output.Reasons).To(ConsistOf("a policy says you can't do that"))
   135  					})
   136  				})
   137  
   138  				Context("when agent says error", func() {
   139  					BeforeEach(func() {
   140  						fakeAgent.CheckReturns(policy.FailedPolicyCheck(), errors.New("some-error"))
   141  					})
   142  
   143  					It("should not pass", func() {
   144  						Expect(checkErr).To(HaveOccurred())
   145  						Expect(checkErr.Error()).To(Equal("some-error"))
   146  						Expect(output.Allowed).To(BeFalse())
   147  					})
   148  				})
   149  			})
   150  		})
   151  	})
   152  })