storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/bucket/policy/resourceset_test.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2018 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package policy 18 19 import ( 20 "encoding/json" 21 "reflect" 22 "testing" 23 ) 24 25 func TestResourceSetBucketResourceExists(t *testing.T) { 26 testCases := []struct { 27 resourceSet ResourceSet 28 expectedResult bool 29 }{ 30 {NewResourceSet(NewResource("*", "")), true}, 31 {NewResourceSet(NewResource("mybucket", "")), true}, 32 {NewResourceSet(NewResource("mybucket*", "")), true}, 33 {NewResourceSet(NewResource("mybucket?0", "")), true}, 34 {NewResourceSet(NewResource("mybucket", "/2010/photos/*"), NewResource("mybucket", "")), true}, 35 {NewResourceSet(NewResource("", "*")), false}, 36 {NewResourceSet(NewResource("*", "*")), false}, 37 {NewResourceSet(NewResource("mybucket", "*")), false}, 38 {NewResourceSet(NewResource("mybucket*", "/myobject")), false}, 39 {NewResourceSet(NewResource("mybucket?0", "/2010/photos/*")), false}, 40 } 41 42 for i, testCase := range testCases { 43 result := testCase.resourceSet.bucketResourceExists() 44 45 if result != testCase.expectedResult { 46 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 47 } 48 } 49 } 50 51 func TestResourceSetObjectResourceExists(t *testing.T) { 52 testCases := []struct { 53 resourceSet ResourceSet 54 expectedResult bool 55 }{ 56 {NewResourceSet(NewResource("*", "")), true}, 57 {NewResourceSet(NewResource("mybucket*", "")), true}, 58 {NewResourceSet(NewResource("", "*")), true}, 59 {NewResourceSet(NewResource("*", "*")), true}, 60 {NewResourceSet(NewResource("mybucket", "*")), true}, 61 {NewResourceSet(NewResource("mybucket*", "/myobject")), true}, 62 {NewResourceSet(NewResource("mybucket?0", "/2010/photos/*")), true}, 63 {NewResourceSet(NewResource("mybucket", ""), NewResource("mybucket", "/2910/photos/*")), true}, 64 {NewResourceSet(NewResource("mybucket", "")), false}, 65 {NewResourceSet(NewResource("mybucket?0", "")), false}, 66 } 67 68 for i, testCase := range testCases { 69 result := testCase.resourceSet.objectResourceExists() 70 71 if result != testCase.expectedResult { 72 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 73 } 74 } 75 } 76 77 func TestResourceSetAdd(t *testing.T) { 78 testCases := []struct { 79 resourceSet ResourceSet 80 resource Resource 81 expectedResult ResourceSet 82 }{ 83 {NewResourceSet(), NewResource("mybucket", "/myobject*"), 84 NewResourceSet(NewResource("mybucket", "/myobject*"))}, 85 {NewResourceSet(NewResource("mybucket", "/myobject*")), 86 NewResource("mybucket", "/yourobject*"), 87 NewResourceSet(NewResource("mybucket", "/myobject*"), 88 NewResource("mybucket", "/yourobject*"))}, 89 {NewResourceSet(NewResource("mybucket", "/myobject*")), 90 NewResource("mybucket", "/myobject*"), 91 NewResourceSet(NewResource("mybucket", "/myobject*"))}, 92 } 93 94 for i, testCase := range testCases { 95 testCase.resourceSet.Add(testCase.resource) 96 97 if !reflect.DeepEqual(testCase.resourceSet, testCase.expectedResult) { 98 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, testCase.resourceSet) 99 } 100 } 101 } 102 103 func TestResourceSetIntersection(t *testing.T) { 104 testCases := []struct { 105 set ResourceSet 106 setToIntersect ResourceSet 107 expectedResult ResourceSet 108 }{ 109 {NewResourceSet(), NewResourceSet(NewResource("mybucket", "/myobject*")), NewResourceSet()}, 110 {NewResourceSet(NewResource("mybucket", "/myobject*")), NewResourceSet(), NewResourceSet()}, 111 {NewResourceSet(NewResource("mybucket", "/myobject*")), 112 NewResourceSet(NewResource("mybucket", "/myobject*"), NewResource("mybucket", "/yourobject*")), 113 NewResourceSet(NewResource("mybucket", "/myobject*"))}, 114 } 115 116 for i, testCase := range testCases { 117 result := testCase.set.Intersection(testCase.setToIntersect) 118 119 if !reflect.DeepEqual(result, testCase.expectedResult) { 120 t.Fatalf("case %v: expected: %v, got: %v\n", i+1, testCase.expectedResult, testCase.set) 121 } 122 } 123 } 124 125 func TestResourceSetMarshalJSON(t *testing.T) { 126 testCases := []struct { 127 resoruceSet ResourceSet 128 expectedResult []byte 129 expectErr bool 130 }{ 131 {NewResourceSet(NewResource("mybucket", "/myobject*")), 132 []byte(`["arn:aws:s3:::mybucket/myobject*"]`), false}, 133 {NewResourceSet(NewResource("mybucket", "/photos/myobject*")), 134 []byte(`["arn:aws:s3:::mybucket/photos/myobject*"]`), false}, 135 {NewResourceSet(), nil, true}, 136 } 137 138 for i, testCase := range testCases { 139 result, err := json.Marshal(testCase.resoruceSet) 140 expectErr := (err != nil) 141 142 if expectErr != testCase.expectErr { 143 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 144 } 145 146 if !testCase.expectErr { 147 if !reflect.DeepEqual(result, testCase.expectedResult) { 148 t.Fatalf("case %v: result: expected: %v, got: %v", i+1, string(testCase.expectedResult), string(result)) 149 } 150 } 151 } 152 } 153 154 func TestResourceSetMatch(t *testing.T) { 155 testCases := []struct { 156 resourceSet ResourceSet 157 resource string 158 expectedResult bool 159 }{ 160 {NewResourceSet(NewResource("*", "")), "mybucket", true}, 161 {NewResourceSet(NewResource("*", "")), "mybucket/myobject", true}, 162 {NewResourceSet(NewResource("mybucket*", "")), "mybucket", true}, 163 {NewResourceSet(NewResource("mybucket*", "")), "mybucket/myobject", true}, 164 {NewResourceSet(NewResource("", "*")), "/myobject", true}, 165 {NewResourceSet(NewResource("*", "*")), "mybucket/myobject", true}, 166 {NewResourceSet(NewResource("mybucket", "*")), "mybucket/myobject", true}, 167 {NewResourceSet(NewResource("mybucket*", "/myobject")), "mybucket/myobject", true}, 168 {NewResourceSet(NewResource("mybucket*", "/myobject")), "mybucket100/myobject", true}, 169 {NewResourceSet(NewResource("mybucket?0", "/2010/photos/*")), "mybucket20/2010/photos/1.jpg", true}, 170 {NewResourceSet(NewResource("mybucket", "")), "mybucket", true}, 171 {NewResourceSet(NewResource("mybucket?0", "")), "mybucket30", true}, 172 {NewResourceSet(NewResource("mybucket?0", "/2010/photos/*"), 173 NewResource("mybucket", "/2010/photos/*")), "mybucket/2010/photos/1.jpg", true}, 174 {NewResourceSet(NewResource("", "*")), "mybucket/myobject", false}, 175 {NewResourceSet(NewResource("*", "*")), "mybucket", false}, 176 {NewResourceSet(NewResource("mybucket", "*")), "mybucket10/myobject", false}, 177 {NewResourceSet(NewResource("mybucket", "")), "mybucket/myobject", false}, 178 {NewResourceSet(), "mybucket/myobject", false}, 179 } 180 181 for i, testCase := range testCases { 182 result := testCase.resourceSet.Match(testCase.resource, nil) 183 184 if result != testCase.expectedResult { 185 t.Fatalf("case %v: expected: %v, got: %v", i+1, testCase.expectedResult, result) 186 } 187 } 188 } 189 190 func TestResourceSetUnmarshalJSON(t *testing.T) { 191 testCases := []struct { 192 data []byte 193 expectedResult ResourceSet 194 expectErr bool 195 }{ 196 {[]byte(`"arn:aws:s3:::mybucket/myobject*"`), 197 NewResourceSet(NewResource("mybucket", "/myobject*")), false}, 198 {[]byte(`"arn:aws:s3:::mybucket/photos/myobject*"`), 199 NewResourceSet(NewResource("mybucket", "/photos/myobject*")), false}, 200 {[]byte(`"arn:aws:s3:::mybucket"`), NewResourceSet(NewResource("mybucket", "")), false}, 201 {[]byte(`"mybucket/myobject*"`), nil, true}, 202 } 203 204 for i, testCase := range testCases { 205 var result ResourceSet 206 err := json.Unmarshal(testCase.data, &result) 207 expectErr := (err != nil) 208 209 if expectErr != testCase.expectErr { 210 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 211 } 212 213 if !testCase.expectErr { 214 if !reflect.DeepEqual(result, testCase.expectedResult) { 215 t.Fatalf("case %v: result: expected: %v, got: %v", i+1, testCase.expectedResult, result) 216 } 217 } 218 } 219 } 220 221 func TestResourceSetValidate(t *testing.T) { 222 testCases := []struct { 223 resourceSet ResourceSet 224 bucketName string 225 expectErr bool 226 }{ 227 {NewResourceSet(NewResource("mybucket", "/myobject*")), "mybucket", false}, 228 {NewResourceSet(NewResource("", "/myobject*")), "yourbucket", true}, 229 {NewResourceSet(NewResource("mybucket", "/myobject*")), "yourbucket", true}, 230 } 231 232 for i, testCase := range testCases { 233 err := testCase.resourceSet.Validate(testCase.bucketName) 234 expectErr := (err != nil) 235 236 if expectErr != testCase.expectErr { 237 t.Fatalf("case %v: error: expected: %v, got: %v", i+1, testCase.expectErr, expectErr) 238 } 239 } 240 }