storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/bucket/policy/principal_test.go

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/bucket/policy/principal_test.go (about)

     1  /*
     2   * MinIO Cloud Storage, (C) 2018 MinIO, Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package policy
    18  
    19  import (
    20  	"encoding/json"
    21  	"reflect"
    22  	"testing"
    23  
    24  	"github.com/minio/minio-go/v7/pkg/set"
    25  )
    26  
    27  func TestPrincipalIsValid(t *testing.T) {
    28  	testCases := []struct {
    29  		principal      Principal
    30  		expectedResult bool
    31  	}{
    32  		{NewPrincipal("*"), true},
    33  		{NewPrincipal("arn:aws:iam::AccountNumber:root"), true},
    34  		{NewPrincipal(), false},
    35  	}
    36  
    37  	for i, testCase := range testCases {
    38  		result := testCase.principal.IsValid()
    39  
    40  		if result != testCase.expectedResult {
    41  			t.Fatalf("case %v: expected: %v, got: %v\n", i+1, testCase.expectedResult, result)
    42  		}
    43  	}
    44  }
    45  
    46  func TestPrincipalIntersection(t *testing.T) {
    47  	testCases := []struct {
    48  		principal            Principal
    49  		principalToIntersect Principal
    50  		expectedResult       set.StringSet
    51  	}{
    52  		{NewPrincipal("*"), NewPrincipal("*"), set.CreateStringSet("*")},
    53  		{NewPrincipal("arn:aws:iam::AccountNumber:root"), NewPrincipal("arn:aws:iam::AccountNumber:myuser"), set.CreateStringSet()},
    54  		{NewPrincipal(), NewPrincipal("*"), set.CreateStringSet()},
    55  	}
    56  
    57  	for i, testCase := range testCases {
    58  		result := testCase.principal.Intersection(testCase.principalToIntersect)
    59  
    60  		if !reflect.DeepEqual(result, testCase.expectedResult) {
    61  			t.Fatalf("case %v: expected: %v, got: %v\n", i+1, testCase.expectedResult, result)
    62  		}
    63  	}
    64  }
    65  
    66  func TestPrincipalMarshalJSON(t *testing.T) {
    67  	testCases := []struct {
    68  		principal      Principal
    69  		expectedResult []byte
    70  		expectErr      bool
    71  	}{
    72  		{NewPrincipal("*"), []byte(`{"AWS":["*"]}`), false},
    73  		{NewPrincipal("arn:aws:iam::AccountNumber:*"), []byte(`{"AWS":["arn:aws:iam::AccountNumber:*"]}`), false},
    74  		{NewPrincipal(), nil, true},
    75  	}
    76  
    77  	for i, testCase := range testCases {
    78  		result, err := json.Marshal(testCase.principal)
    79  		expectErr := (err != nil)
    80  
    81  		if expectErr != testCase.expectErr {
    82  			t.Fatalf("case %v: error: expected: %v, got: %v\n", i+1, testCase.expectErr, expectErr)
    83  		}
    84  
    85  		if !testCase.expectErr {
    86  			if !reflect.DeepEqual(result, testCase.expectedResult) {
    87  				t.Fatalf("case %v: result: expected: %v, got: %v\n", i+1, string(testCase.expectedResult), string(result))
    88  			}
    89  		}
    90  	}
    91  }
    92  
    93  func TestPrincipalMatch(t *testing.T) {
    94  	testCases := []struct {
    95  		principals     Principal
    96  		principal      string
    97  		expectedResult bool
    98  	}{
    99  		{NewPrincipal("*"), "AccountNumber", true},
   100  		{NewPrincipal("arn:aws:iam::*"), "arn:aws:iam::AccountNumber:root", true},
   101  		{NewPrincipal("arn:aws:iam::AccountNumber:*"), "arn:aws:iam::TestAccountNumber:root", false},
   102  	}
   103  
   104  	for i, testCase := range testCases {
   105  		result := testCase.principals.Match(testCase.principal)
   106  
   107  		if result != testCase.expectedResult {
   108  			t.Fatalf("case %v: expected: %v, got: %v\n", i+1, testCase.expectedResult, result)
   109  		}
   110  	}
   111  }
   112  
   113  func TestPrincipalUnmarshalJSON(t *testing.T) {
   114  	testCases := []struct {
   115  		data           []byte
   116  		expectedResult Principal
   117  		expectErr      bool
   118  	}{
   119  		{[]byte(`"*"`), NewPrincipal("*"), false},
   120  		{[]byte(`{"AWS": "*"}`), NewPrincipal("*"), false},
   121  		{[]byte(`{"AWS": "arn:aws:iam::AccountNumber:*"}`), NewPrincipal("arn:aws:iam::AccountNumber:*"), false},
   122  		{[]byte(`"arn:aws:iam::AccountNumber:*"`), NewPrincipal(), true},
   123  		{[]byte(`["arn:aws:iam::AccountNumber:*", "arn:aws:iam:AnotherAccount:*"]`), NewPrincipal(), true},
   124  	}
   125  
   126  	for i, testCase := range testCases {
   127  		var result Principal
   128  		err := json.Unmarshal(testCase.data, &result)
   129  		expectErr := (err != nil)
   130  
   131  		if expectErr != testCase.expectErr {
   132  			t.Fatalf("case %v: error: expected: %v, got: %v\n", i+1, testCase.expectErr, expectErr)
   133  		}
   134  
   135  		if !testCase.expectErr {
   136  			if !reflect.DeepEqual(result, testCase.expectedResult) {
   137  				t.Fatalf("case %v: result: expected: %v, got: %v\n", i+1, testCase.expectedResult, result)
   138  			}
   139  		}
   140  	}
   141  }