mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-02-02 02:11:55 -05:00
82 lines
4.5 KiB
Go
82 lines
4.5 KiB
Go
package unifiedrole_test
|
|
|
|
import (
|
|
"testing"
|
|
|
|
provider "github.com/cs3org/go-cs3apis/cs3/storage/provider/v1beta1"
|
|
. "github.com/onsi/gomega"
|
|
"github.com/onsi/gomega/types"
|
|
cs3Conversions "github.com/opencloud-eu/reva/v2/pkg/conversions"
|
|
libregraph "github.com/opencloud-eu/libre-graph-api-go"
|
|
|
|
"github.com/opencloud-eu/opencloud/pkg/conversions"
|
|
"github.com/opencloud-eu/opencloud/services/graph/pkg/unifiedrole"
|
|
)
|
|
|
|
func TestPermissionsToCS3ResourcePermissions(t *testing.T) {
|
|
tests := map[string]struct {
|
|
cs3Role *cs3Conversions.Role
|
|
unifiedRoleDefinition *libregraph.UnifiedRoleDefinition
|
|
match bool
|
|
}{
|
|
cs3Conversions.RoleViewer: {cs3Conversions.NewViewerRole(), unifiedrole.RoleViewer, true},
|
|
cs3Conversions.RoleViewerListGrants: {cs3Conversions.NewViewerListGrantsRole(), unifiedrole.RoleViewerListGrants, true},
|
|
cs3Conversions.RoleEditor: {cs3Conversions.NewEditorRole(), unifiedrole.RoleEditor, true},
|
|
cs3Conversions.RoleEditorListGrants: {cs3Conversions.NewEditorListGrantsRole(), unifiedrole.RoleEditorListGrants, true},
|
|
cs3Conversions.RoleFileEditor: {cs3Conversions.NewFileEditorRole(), unifiedrole.RoleFileEditor, true},
|
|
cs3Conversions.RoleFileEditorListGrants: {cs3Conversions.NewFileEditorListGrantsRole(), unifiedrole.RoleFileEditorListGrants, true},
|
|
cs3Conversions.RoleManager: {cs3Conversions.NewManagerRole(), unifiedrole.RoleManager, true},
|
|
cs3Conversions.RoleSecureViewer: {cs3Conversions.NewSecureViewerRole(), unifiedrole.RoleSecureViewer, true},
|
|
cs3Conversions.RoleDenied: {cs3Conversions.NewDeniedRole(), unifiedrole.RoleDenied, true},
|
|
"no match": {cs3Conversions.NewFileEditorRole(), unifiedrole.RoleManager, false},
|
|
}
|
|
|
|
for name, tc := range tests {
|
|
t.Run(name, func(t *testing.T) {
|
|
g := NewWithT(t)
|
|
permsFromCS3 := tc.cs3Role.CS3ResourcePermissions()
|
|
permsFromUnifiedRole := unifiedrole.PermissionsToCS3ResourcePermissions(
|
|
conversions.ToPointerSlice(tc.unifiedRoleDefinition.RolePermissions),
|
|
)
|
|
|
|
var matcher types.GomegaMatcher
|
|
|
|
if tc.match {
|
|
matcher = Equal(permsFromUnifiedRole)
|
|
} else {
|
|
matcher = Not(Equal(permsFromUnifiedRole))
|
|
}
|
|
|
|
g.Expect(permsFromCS3).To(matcher)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCS3ResourcePermissionsToRole(t *testing.T) {
|
|
tests := map[string]struct {
|
|
cs3ResourcePermissions *provider.ResourcePermissions
|
|
unifiedRoleDefinition *libregraph.UnifiedRoleDefinition
|
|
constraints string
|
|
}{
|
|
cs3Conversions.RoleViewer + "1": {cs3Conversions.NewViewerRole().CS3ResourcePermissions(), unifiedrole.RoleViewer, unifiedrole.UnifiedRoleConditionFile},
|
|
cs3Conversions.RoleViewer + "2": {cs3Conversions.NewViewerRole().CS3ResourcePermissions(), unifiedrole.RoleViewer, unifiedrole.UnifiedRoleConditionFolder},
|
|
cs3Conversions.RoleEditor: {cs3Conversions.NewEditorRole().CS3ResourcePermissions(), unifiedrole.RoleEditor, unifiedrole.UnifiedRoleConditionFolder},
|
|
cs3Conversions.RoleFileEditor: {cs3Conversions.NewFileEditorRole().CS3ResourcePermissions(), unifiedrole.RoleFileEditor, unifiedrole.UnifiedRoleConditionFile},
|
|
cs3Conversions.RoleManager: {cs3Conversions.NewManagerRole().CS3ResourcePermissions(), unifiedrole.RoleManager, unifiedrole.UnifiedRoleConditionDrive},
|
|
cs3Conversions.RoleSpaceViewer: {cs3Conversions.NewSpaceViewerRole().CS3ResourcePermissions(), unifiedrole.RoleSpaceViewer, unifiedrole.UnifiedRoleConditionDrive},
|
|
cs3Conversions.RoleSpaceEditor: {cs3Conversions.NewSpaceEditorRole().CS3ResourcePermissions(), unifiedrole.RoleSpaceEditor, unifiedrole.UnifiedRoleConditionDrive},
|
|
cs3Conversions.RoleSecureViewer + "1": {cs3Conversions.NewSecureViewerRole().CS3ResourcePermissions(), unifiedrole.RoleSecureViewer, unifiedrole.UnifiedRoleConditionFile},
|
|
cs3Conversions.RoleSecureViewer + "2": {cs3Conversions.NewSecureViewerRole().CS3ResourcePermissions(), unifiedrole.RoleSecureViewer, unifiedrole.UnifiedRoleConditionFolder},
|
|
cs3Conversions.RoleDenied: {cs3Conversions.NewDeniedRole().CS3ResourcePermissions(), unifiedrole.RoleDenied, unifiedrole.UnifiedRoleConditionFolder},
|
|
"custom 1": {&provider.ResourcePermissions{GetPath: true}, nil, unifiedrole.UnifiedRoleConditionFolder},
|
|
}
|
|
|
|
for name, tc := range tests {
|
|
t.Run(name, func(t *testing.T) {
|
|
NewWithT(t).Expect(
|
|
unifiedrole.CS3ResourcePermissionsToRole(unifiedrole.BuildInRoles, tc.cs3ResourcePermissions, tc.constraints, false),
|
|
).To(Equal(tc.unifiedRoleDefinition))
|
|
})
|
|
}
|
|
}
|