-
Notifications
You must be signed in to change notification settings - Fork 165
/
files_test.go
144 lines (103 loc) · 3.67 KB
/
files_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
package backends
import (
"path/filepath"
"testing"
log "github.com/sirupsen/logrus"
. "github.com/smartystreets/goconvey/convey"
)
func TestFiles(t *testing.T) {
//Initialize Files with mock password and acl files.
authOpts := make(map[string]string)
Convey("Given empty opts NewFiles should fail", t, func() {
_, err := NewFiles(authOpts, log.DebugLevel)
So(err, ShouldBeError)
})
pwPath, _ := filepath.Abs("../test-files/passwords")
aclPath, _ := filepath.Abs("../test-files/acls")
authOpts["password_path"] = pwPath
authOpts["acl_path"] = aclPath
clientID := "test_client"
Convey("Given valid params NewFiles should return a new files backend instance", t, func() {
files, err := NewFiles(authOpts, log.DebugLevel)
So(err, ShouldBeNil)
/*
ACL file looks like this:
user test1
topic write test/topic/1
topic read test/topic/2
user test2
topic read test/topic/+
user test3
topic read test/#
pattern read test/%u
pattern read test/%c
*/
//Password are the same as users
user1 := "test1"
user2 := "test2"
user3 := "test3"
Convey("Given a username and a correct password, it should correctly authenticate it", func() {
authenticated := files.GetUser(user1, user1, clientID)
So(authenticated, ShouldBeTrue)
})
Convey("Given a username and an incorrect password, it should not authenticate it", func() {
authenticated := files.GetUser(user1, user2, clientID)
So(authenticated, ShouldBeFalse)
})
//There are no superusers for files
Convey("For any user superuser should return false", func() {
superuser := files.GetSuperuser(user1)
So(superuser, ShouldBeFalse)
})
testTopic1 := `test/topic/1`
testTopic2 := `test/topic/2`
testTopic3 := `test/other/1`
testTopic4 := `other/1`
readWriteTopic := "readwrite/topic"
Convey("User 1 should be able to publish and not subscribe to test topic 1, and only subscribe but not publish to topic 2", func() {
tt1 := files.CheckAcl(user1, testTopic1, clientID, 2)
tt2 := files.CheckAcl(user1, testTopic1, clientID, 1)
tt3 := files.CheckAcl(user1, testTopic2, clientID, 2)
tt4 := files.CheckAcl(user1, testTopic2, clientID, 1)
So(tt1, ShouldBeTrue)
So(tt2, ShouldBeFalse)
So(tt3, ShouldBeFalse)
So(tt4, ShouldBeTrue)
})
Convey("User 1 should be able to subscribe or publish to a readwrite topic rule", func() {
tt1 := files.CheckAcl(user1, readWriteTopic, clientID, 2)
tt2 := files.CheckAcl(user1, readWriteTopic, clientID, 1)
So(tt1, ShouldBeTrue)
So(tt2, ShouldBeTrue)
})
Convey("User 2 should be able to read any test/topic/X but not any/other", func() {
tt1 := files.CheckAcl(user2, testTopic1, clientID, 1)
tt2 := files.CheckAcl(user2, testTopic2, clientID, 1)
tt3 := files.CheckAcl(user2, testTopic3, clientID, 1)
So(tt1, ShouldBeTrue)
So(tt2, ShouldBeTrue)
So(tt3, ShouldBeFalse)
})
Convey("User 3 should be able to read any test/X but not other/...", func() {
tt1 := files.CheckAcl(user3, testTopic1, clientID, 1)
tt2 := files.CheckAcl(user3, testTopic2, clientID, 1)
tt3 := files.CheckAcl(user3, testTopic3, clientID, 1)
tt4 := files.CheckAcl(user3, testTopic4, clientID, 1)
So(tt1, ShouldBeTrue)
So(tt2, ShouldBeTrue)
So(tt3, ShouldBeTrue)
So(tt4, ShouldBeFalse)
})
//Now check against patterns.
Convey("Given a topic that mentions username, acl check should pass", func() {
tt1 := files.CheckAcl(user1, "test/test1", clientID, 1)
So(tt1, ShouldBeTrue)
})
Convey("Given a topic that mentions clientid, acl check should pass", func() {
tt1 := files.CheckAcl(user1, "test/test_client", clientID, 1)
So(tt1, ShouldBeTrue)
})
//Halt files
files.Halt()
})
}