github.com/polarismesh/polaris@v1.17.8/store/boltdb/strategy_test.go (about) 1 /** 2 * Tencent is pleased to support the open source community by making Polaris available. 3 * 4 * Copyright (C) 2019 THL A29 Limited, a Tencent company. All rights reserved. 5 * 6 * Licensed under the BSD 3-Clause License (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at 9 * 10 * https://opensource.org/licenses/BSD-3-Clause 11 * 12 * Unless required by applicable law or agreed to in writing, software distributed 13 * under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR 14 * CONDITIONS OF ANY KIND, either express or implied. See the License for the 15 * specific language governing permissions and limitations under the License. 16 */ 17 18 package boltdb 19 20 import ( 21 "fmt" 22 "reflect" 23 "testing" 24 "time" 25 26 apisecurity "github.com/polarismesh/specification/source/go/api/v1/security" 27 "github.com/stretchr/testify/assert" 28 29 "github.com/polarismesh/polaris/common/model" 30 "github.com/polarismesh/polaris/common/utils" 31 ) 32 33 func createTestStrategy(num int) []*model.StrategyDetail { 34 ret := make([]*model.StrategyDetail, 0, num) 35 36 for i := 0; i < num; i++ { 37 ret = append(ret, &model.StrategyDetail{ 38 ID: fmt.Sprintf("strategy-%d", i), 39 Name: fmt.Sprintf("strategy-%d", i), 40 Action: apisecurity.AuthAction_READ_WRITE.String(), 41 Comment: fmt.Sprintf("strategy-%d", i), 42 Principals: []model.Principal{ 43 { 44 StrategyID: fmt.Sprintf("strategy-%d", i), 45 PrincipalID: fmt.Sprintf("user-%d", i), 46 PrincipalRole: model.PrincipalUser, 47 }, 48 }, 49 Default: true, 50 Owner: "polaris", 51 Resources: []model.StrategyResource{ 52 { 53 StrategyID: "", 54 ResType: int32(apisecurity.ResourceType_Namespaces), 55 ResID: fmt.Sprintf("namespace_%d", i), 56 }, 57 }, 58 Valid: false, 59 Revision: utils.NewUUID(), 60 CreateTime: time.Now(), 61 ModifyTime: time.Now(), 62 }) 63 } 64 65 return ret 66 } 67 68 func Test_strategyStore_AddStrategy(t *testing.T) { 69 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 70 ss := &strategyStore{handler: handler} 71 72 rules := createTestStrategy(1) 73 err := ss.AddStrategy(rules[0]) 74 75 assert.Nil(t, err, "add strategy must success") 76 }) 77 } 78 79 func Test_strategyStore_UpdateStrategy(t *testing.T) { 80 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 81 ss := &strategyStore{handler: handler} 82 83 rules := createTestStrategy(1) 84 err := ss.AddStrategy(rules[0]) 85 assert.Nil(t, err, "add strategy must success") 86 87 addPrincipals := []model.Principal{{ 88 StrategyID: rules[0].ID, 89 PrincipalID: utils.NewUUID(), 90 PrincipalRole: model.PrincipalGroup, 91 }} 92 93 req := &model.ModifyStrategyDetail{ 94 ID: rules[0].ID, 95 Name: rules[0].Name, 96 Action: rules[0].Action, 97 Comment: "update-strategy", 98 AddPrincipals: addPrincipals, 99 RemovePrincipals: []model.Principal{}, 100 AddResources: []model.StrategyResource{ 101 { 102 StrategyID: rules[0].ID, 103 ResType: int32(apisecurity.ResourceType_Services), 104 ResID: utils.NewUUID(), 105 }, 106 }, 107 RemoveResources: []model.StrategyResource{}, 108 ModifyTime: time.Time{}, 109 } 110 111 err = ss.UpdateStrategy(req) 112 assert.Nil(t, err, "update strategy must success") 113 114 v, err := ss.GetStrategyDetail(rules[0].ID) 115 assert.Nil(t, err, "update strategy must success") 116 assert.Equal(t, req.Comment, v.Comment, "comment") 117 assert.ElementsMatch(t, append(rules[0].Principals, addPrincipals...), v.Principals, "principals") 118 }) 119 } 120 121 func Test_strategyStore_DeleteStrategy(t *testing.T) { 122 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 123 ss := &strategyStore{handler: handler} 124 125 rules := createTestStrategy(1) 126 err := ss.AddStrategy(rules[0]) 127 assert.Nil(t, err, "add strategy must success") 128 129 err = ss.DeleteStrategy(rules[0].ID) 130 assert.Nil(t, err, "delete strategy must success") 131 132 ret, err := ss.GetStrategyDetail(rules[0].ID) 133 assert.Nil(t, err, "get strategy must success") 134 assert.Nil(t, ret, "get strategy ret must nil") 135 }) 136 } 137 138 func Test_strategyStore_RemoveStrategyResources(t *testing.T) { 139 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 140 ss := &strategyStore{handler: handler} 141 142 rules := createTestStrategy(1) 143 err := ss.AddStrategy(rules[0]) 144 assert.Nil(t, err, "add strategy must success") 145 146 err = ss.RemoveStrategyResources([]model.StrategyResource{ 147 { 148 StrategyID: rules[0].ID, 149 ResType: int32(apisecurity.ResourceType_Namespaces), 150 ResID: "namespace_0", 151 }, 152 }) 153 assert.Nil(t, err, "RemoveStrategyResources must success") 154 ret, err := ss.GetStrategyDetail(rules[0].ID) 155 assert.Nil(t, err, "get strategy must success") 156 157 for i := range ret.Resources { 158 res := ret.Resources[i] 159 t.Logf("resource=%#v", res) 160 assert.NotEqual(t, res, model.StrategyResource{ 161 StrategyID: rules[0].ID, 162 ResType: int32(apisecurity.ResourceType_Namespaces), 163 ResID: "namespace_0", 164 }) 165 } 166 }) 167 } 168 169 func Test_strategyStore_LooseAddStrategyResources(t *testing.T) { 170 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 171 ss := &strategyStore{handler: handler} 172 173 rules := createTestStrategy(1) 174 err := ss.AddStrategy(rules[0]) 175 assert.Nil(t, err, "add strategy must success") 176 177 err = ss.LooseAddStrategyResources([]model.StrategyResource{ 178 { 179 StrategyID: rules[0].ID, 180 ResType: int32(apisecurity.ResourceType_Namespaces), 181 ResID: "namespace_1", 182 }, 183 }) 184 assert.Nil(t, err, "RemoveStrategyResources must success") 185 ret, err := ss.GetStrategyDetail(rules[0].ID) 186 assert.Nil(t, err, "get strategy must success") 187 188 ans := make([]model.StrategyResource, 0) 189 for i := range ret.Resources { 190 res := ret.Resources[i] 191 t.Logf("resource=%#v", res) 192 res.StrategyID = rules[0].ID 193 if reflect.DeepEqual(res, model.StrategyResource{ 194 StrategyID: rules[0].ID, 195 ResType: int32(apisecurity.ResourceType_Namespaces), 196 ResID: "namespace_1", 197 }) { 198 ans = append(ans, res) 199 } 200 } 201 202 assert.Equal(t, 1, len(ans)) 203 }) 204 } 205 206 func Test_strategyStore_GetStrategyDetail(t *testing.T) { 207 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 208 ss := &strategyStore{handler: handler} 209 210 rules := createTestStrategy(1) 211 err := ss.AddStrategy(rules[0]) 212 assert.Nil(t, err, "add strategy must success") 213 214 v, err := ss.GetStrategyDetail(rules[0].ID) 215 assert.Nil(t, err, "get strategy-detail must success") 216 217 rules[0].ModifyTime = rules[0].CreateTime 218 v.CreateTime = rules[0].CreateTime 219 v.ModifyTime = rules[0].CreateTime 220 221 assert.Equal(t, rules[0], v) 222 }) 223 } 224 225 func Test_strategyStore_GetStrategyResources(t *testing.T) { 226 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 227 ss := &strategyStore{handler: handler} 228 229 rules := createTestStrategy(2) 230 for i := range rules { 231 rule := rules[i] 232 err := ss.AddStrategy(rule) 233 assert.Nil(t, err, "add strategy must success") 234 } 235 236 res, err := ss.GetStrategyResources("user-1", model.PrincipalUser) 237 assert.Nil(t, err, "GetStrategyResources must success") 238 239 assert.ElementsMatch(t, []model.StrategyResource{ 240 { 241 StrategyID: "strategy-1", 242 ResType: int32(apisecurity.ResourceType_Namespaces), 243 ResID: "namespace_1", 244 }, 245 }, res) 246 }) 247 } 248 249 func Test_strategyStore_GetDefaultStrategyDetailByPrincipal(t *testing.T) { 250 CreateTableDBHandlerAndRun(t, "test_strategy", func(t *testing.T, handler BoltHandler) { 251 ss := &strategyStore{handler: handler} 252 253 rules := createTestStrategy(2) 254 for i := range rules { 255 rule := rules[i] 256 rule.Default = i == 1 257 rules[i] = rule 258 err := ss.AddStrategy(rule) 259 assert.Nil(t, err, "add strategy must success") 260 } 261 262 res, err := ss.GetDefaultStrategyDetailByPrincipal("user-1", model.PrincipalUser) 263 assert.Nil(t, err, "GetStrategyResources must success") 264 265 rules[1].ModifyTime = rules[1].CreateTime 266 res.CreateTime = rules[1].CreateTime 267 res.ModifyTime = rules[1].CreateTime 268 assert.Equal(t, rules[1], res) 269 }) 270 }