go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/auth_service/impl/servers/allowlists/server_test.go (about)

     1  // Copyright 2021 The LUCI Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package allowlists
    16  
    17  import (
    18  	"context"
    19  	"testing"
    20  	"time"
    21  
    22  	"google.golang.org/grpc/codes"
    23  	"google.golang.org/protobuf/types/known/emptypb"
    24  	"google.golang.org/protobuf/types/known/timestamppb"
    25  
    26  	"go.chromium.org/luci/gae/impl/memory"
    27  	"go.chromium.org/luci/gae/service/datastore"
    28  
    29  	"go.chromium.org/luci/auth_service/api/rpcpb"
    30  	"go.chromium.org/luci/auth_service/impl/model"
    31  
    32  	. "github.com/smartystreets/goconvey/convey"
    33  	. "go.chromium.org/luci/common/testing/assertions"
    34  )
    35  
    36  func TestAllowlistsServer(t *testing.T) {
    37  	t.Parallel()
    38  	srv := Server{}
    39  	createdTime := time.Date(2021, time.September, 16, 15, 20, 0, 0, time.UTC)
    40  
    41  	Convey("GetAllowlist RPC call", t, func() {
    42  		ctx := memory.Use(context.Background())
    43  
    44  		request := &rpcpb.GetAllowlistRequest{
    45  			Name: "test-allowlist",
    46  		}
    47  
    48  		_, err := srv.GetAllowlist(ctx, request)
    49  		So(err, ShouldHaveGRPCStatus, codes.NotFound)
    50  
    51  		// Allowlist built from model.AuthIPAllowlist definition.
    52  		So(datastore.Put(ctx,
    53  			&model.AuthIPAllowlist{
    54  				AuthVersionedEntityMixin: model.AuthVersionedEntityMixin{},
    55  				Parent:                   model.RootKey(ctx),
    56  				ID:                       "test-allowlist",
    57  				Subnets: []string{
    58  					"127.0.0.1/24",
    59  					"127.0.0.127/24",
    60  				},
    61  				Description: "This is a test allowlist.",
    62  				CreatedTS:   createdTime,
    63  				CreatedBy:   "user:test-user-1",
    64  			}), ShouldBeNil)
    65  
    66  		expectedResponse := &rpcpb.Allowlist{
    67  			Name: "test-allowlist",
    68  			Subnets: []string{
    69  				"127.0.0.1/24",
    70  				"127.0.0.127/24",
    71  			},
    72  			Description: "This is a test allowlist.",
    73  			CreatedTs:   timestamppb.New(createdTime),
    74  			CreatedBy:   "user:test-user-1",
    75  		}
    76  
    77  		actualResponse, err := srv.GetAllowlist(ctx, request)
    78  		So(err, ShouldBeNil)
    79  		So(actualResponse, ShouldResembleProto, expectedResponse)
    80  	})
    81  
    82  	Convey("ListAllowlists RPC call", t, func() {
    83  		ctx := memory.Use(context.Background())
    84  
    85  		So(datastore.Put(ctx,
    86  			&model.AuthIPAllowlist{
    87  				AuthVersionedEntityMixin: model.AuthVersionedEntityMixin{},
    88  				ID:                       "z-test-allowlist",
    89  				Parent:                   model.RootKey(ctx),
    90  				Subnets: []string{
    91  					"127.0.0.1/24",
    92  					"127.0.0.127/24",
    93  				},
    94  				Description: "This is a test allowlist, should show up last.",
    95  				CreatedTS:   createdTime,
    96  				CreatedBy:   "user:test-user-2",
    97  			},
    98  			&model.AuthIPAllowlist{
    99  				AuthVersionedEntityMixin: model.AuthVersionedEntityMixin{},
   100  				ID:                       "a-test-allowlist",
   101  				Parent:                   model.RootKey(ctx),
   102  				Subnets: []string{
   103  					"0.0.0.0/0",
   104  				},
   105  				Description: "This is a test allowlist, should show up first.",
   106  				CreatedTS:   createdTime,
   107  				CreatedBy:   "user:test-user-1",
   108  			},
   109  			&model.AuthIPAllowlist{
   110  				AuthVersionedEntityMixin: model.AuthVersionedEntityMixin{},
   111  				ID:                       "test-allowlist",
   112  				Parent:                   model.RootKey(ctx),
   113  				Subnets:                  []string{},
   114  				Description:              "This is a test allowlist, should show up second.",
   115  				CreatedTS:                createdTime,
   116  				CreatedBy:                "user:test-user-3",
   117  			}), ShouldBeNil)
   118  
   119  		// Expected response, build with pb.
   120  		expectedAllowlists := &rpcpb.ListAllowlistsResponse{
   121  			Allowlists: []*rpcpb.Allowlist{
   122  				{
   123  					Name: "a-test-allowlist",
   124  					Subnets: []string{
   125  						"0.0.0.0/0",
   126  					},
   127  					Description: "This is a test allowlist, should show up first.",
   128  					CreatedTs:   timestamppb.New(createdTime),
   129  					CreatedBy:   "user:test-user-1",
   130  				},
   131  				{
   132  					Name:        "test-allowlist",
   133  					Subnets:     []string{},
   134  					Description: "This is a test allowlist, should show up second.",
   135  					CreatedTs:   timestamppb.New(createdTime),
   136  					CreatedBy:   "user:test-user-3",
   137  				},
   138  				{
   139  					Name: "z-test-allowlist",
   140  					Subnets: []string{
   141  						"127.0.0.1/24",
   142  						"127.0.0.127/24",
   143  					},
   144  					Description: "This is a test allowlist, should show up last.",
   145  					CreatedTs:   timestamppb.New(createdTime),
   146  					CreatedBy:   "user:test-user-2",
   147  				},
   148  			},
   149  		}
   150  
   151  		actualResponse, err := srv.ListAllowlists(ctx, &emptypb.Empty{})
   152  		So(err, ShouldBeNil)
   153  		So(expectedAllowlists.Allowlists, ShouldResembleProto, actualResponse.Allowlists)
   154  	})
   155  }