storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/bucket/policy/resource_test.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2018 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package policy 18 19 import ( 20 "encoding/json" 21 "reflect" 22 "testing" 23 ) 24 25 func TestResourceIsBucketPattern(t *testing.T) { 26 testCases := []struct { 27 resource Resource 28 expectedResult bool 29 }{ 30 {NewResource("*", ""), true}, 31 {NewResource("mybucket", ""), true}, 32 {NewResource("mybucket*", ""), true}, 33 {NewResource("mybucket?0", ""), true}, 34 {NewResource("", "*"), false}, 35 {NewResource("*", "*"), false}, 36 {NewResource("mybucket", "*"), false}, 37 {NewResource("mybucket*", "/myobject"), false}, 38 {NewResource("mybucket?0", "/2010/photos/*"), false}, 39 } 40 41 for i, testCase := range testCases { 42 result := testCase.resource.isBucketPattern() 43 44 if result != testCase.expectedResult { 45 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 46 } 47 } 48 } 49 50 func TestResourceIsObjectPattern(t *testing.T) { 51 testCases := []struct { 52 resource Resource 53 expectedResult bool 54 }{ 55 {NewResource("*", ""), true}, 56 {NewResource("mybucket*", ""), true}, 57 {NewResource("", "*"), true}, 58 {NewResource("*", "*"), true}, 59 {NewResource("mybucket", "*"), true}, 60 {NewResource("mybucket*", "/myobject"), true}, 61 {NewResource("mybucket?0", "/2010/photos/*"), true}, 62 {NewResource("mybucket", ""), false}, 63 {NewResource("mybucket?0", ""), false}, 64 } 65 66 for i, testCase := range testCases { 67 result := testCase.resource.isObjectPattern() 68 69 if result != testCase.expectedResult { 70 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 71 } 72 } 73 } 74 75 func TestResourceIsValid(t *testing.T) { 76 testCases := []struct { 77 resource Resource 78 expectedResult bool 79 }{ 80 {NewResource("*", ""), true}, 81 {NewResource("mybucket*", ""), true}, 82 {NewResource("*", "*"), true}, 83 {NewResource("mybucket", "*"), true}, 84 {NewResource("mybucket*", "/myobject"), true}, 85 {NewResource("mybucket?0", "/2010/photos/*"), true}, 86 {NewResource("mybucket", ""), true}, 87 {NewResource("mybucket?0", ""), true}, 88 {NewResource("", ""), false}, 89 {NewResource("", "*"), false}, 90 } 91 92 for i, testCase := range testCases { 93 result := testCase.resource.IsValid() 94 95 if result != testCase.expectedResult { 96 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 97 } 98 } 99 } 100 101 func TestResourceMatch(t *testing.T) { 102 testCases := []struct { 103 resource Resource 104 objectName string 105 expectedResult bool 106 }{ 107 {NewResource("*", ""), "mybucket", true}, 108 {NewResource("*", ""), "mybucket/myobject", true}, 109 {NewResource("mybucket*", ""), "mybucket", true}, 110 {NewResource("mybucket*", ""), "mybucket/myobject", true}, 111 {NewResource("", "*"), "/myobject", true}, 112 {NewResource("*", "*"), "mybucket/myobject", true}, 113 {NewResource("mybucket", "*"), "mybucket/myobject", true}, 114 {NewResource("mybucket*", "/myobject"), "mybucket/myobject", true}, 115 {NewResource("mybucket*", "/myobject"), "mybucket100/myobject", true}, 116 {NewResource("mybucket?0", "/2010/photos/*"), "mybucket20/2010/photos/1.jpg", true}, 117 {NewResource("mybucket", ""), "mybucket", true}, 118 {NewResource("mybucket?0", ""), "mybucket30", true}, 119 {NewResource("", "*"), "mybucket/myobject", false}, 120 {NewResource("*", "*"), "mybucket", false}, 121 {NewResource("mybucket", "*"), "mybucket10/myobject", false}, 122 {NewResource("mybucket?0", "/2010/photos/*"), "mybucket0/2010/photos/1.jpg", false}, 123 {NewResource("mybucket", ""), "mybucket/myobject", false}, 124 } 125 126 for i, testCase := range testCases { 127 result := testCase.resource.Match(testCase.objectName, nil) 128 129 if result != testCase.expectedResult { 130 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 131 } 132 } 133 } 134 135 func TestResourceMarshalJSON(t *testing.T) { 136 testCases := []struct { 137 resource Resource 138 expectedResult []byte 139 expectErr bool 140 }{ 141 {NewResource("*", ""), []byte(`"arn:aws:s3:::*"`), false}, 142 {NewResource("mybucket*", ""), []byte(`"arn:aws:s3:::mybucket*"`), false}, 143 {NewResource("mybucket", ""), []byte(`"arn:aws:s3:::mybucket"`), false}, 144 {NewResource("*", "*"), []byte(`"arn:aws:s3:::*/*"`), false}, 145 {NewResource("mybucket", "*"), []byte(`"arn:aws:s3:::mybucket/*"`), false}, 146 {NewResource("mybucket*", "myobject"), []byte(`"arn:aws:s3:::mybucket*/myobject"`), false}, 147 {NewResource("mybucket?0", "/2010/photos/*"), []byte(`"arn:aws:s3:::mybucket?0/2010/photos/*"`), false}, 148 {Resource{}, nil, true}, 149 {NewResource("", "*"), nil, true}, 150 } 151 152 for i, testCase := range testCases { 153 result, err := json.Marshal(testCase.resource) 154 expectErr := (err != nil) 155 156 if expectErr != testCase.expectErr { 157 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 158 } 159 160 if !testCase.expectErr { 161 if !reflect.DeepEqual(result, testCase.expectedResult) { 162 t.Fatalf("case %v: result: expected: %v, got: %v", i+1, string(testCase.expectedResult), string(result)) 163 } 164 } 165 } 166 } 167 168 func TestResourceUnmarshalJSON(t *testing.T) { 169 testCases := []struct { 170 data []byte 171 expectedResult Resource 172 expectErr bool 173 }{ 174 {[]byte(`"arn:aws:s3:::*"`), NewResource("*", ""), false}, 175 {[]byte(`"arn:aws:s3:::mybucket*"`), NewResource("mybucket*", ""), false}, 176 {[]byte(`"arn:aws:s3:::mybucket"`), NewResource("mybucket", ""), false}, 177 {[]byte(`"arn:aws:s3:::*/*"`), NewResource("*", "*"), false}, 178 {[]byte(`"arn:aws:s3:::mybucket/*"`), NewResource("mybucket", "*"), false}, 179 {[]byte(`"arn:aws:s3:::mybucket*/myobject"`), NewResource("mybucket*", "myobject"), false}, 180 {[]byte(`"arn:aws:s3:::mybucket?0/2010/photos/*"`), NewResource("mybucket?0", "/2010/photos/*"), false}, 181 {[]byte(`"mybucket/myobject*"`), Resource{}, true}, 182 {[]byte(`"arn:aws:s3:::/*"`), Resource{}, true}, 183 } 184 185 for i, testCase := range testCases { 186 var result Resource 187 err := json.Unmarshal(testCase.data, &result) 188 expectErr := (err != nil) 189 190 if expectErr != testCase.expectErr { 191 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 192 } 193 194 if !testCase.expectErr { 195 if !reflect.DeepEqual(result, testCase.expectedResult) { 196 t.Fatalf("case %v: result: expected: %v, got: %v", i+1, testCase.expectedResult, result) 197 } 198 } 199 } 200 } 201 202 func TestResourceValidate(t *testing.T) { 203 testCases := []struct { 204 resource Resource 205 bucketName string 206 expectErr bool 207 }{ 208 {NewResource("mybucket", "/myobject*"), "mybucket", false}, 209 {NewResource("", "/myobject*"), "yourbucket", true}, 210 {NewResource("mybucket", "/myobject*"), "yourbucket", true}, 211 } 212 213 for i, testCase := range testCases { 214 err := testCase.resource.Validate(testCase.bucketName) 215 expectErr := (err != nil) 216 217 if expectErr != testCase.expectErr { 218 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 219 } 220 } 221 }