permissions_basic_test.gno
13.03 Kb · 513 lines
1package boards2
2
3import (
4 "testing"
5
6 "gno.land/p/nt/commondao"
7 "gno.land/p/nt/uassert"
8 "gno.land/p/nt/urequire"
9)
10
11var _ Permissions = (*BasicPermissions)(nil)
12
13func TestBasicPermissionsWithPermission(t *testing.T) {
14 cases := []struct {
15 name string
16 user address
17 permission Permission
18 args Args
19 setup func() *BasicPermissions
20 err string
21 called bool
22 }{
23 {
24 name: "ok",
25 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
26 permission: "bar",
27 setup: func() *BasicPermissions {
28 perms := NewBasicPermissions(commondao.New())
29 perms.AddRole("foo", "bar")
30 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
31 return perms
32 },
33 called: true,
34 },
35 {
36 name: "ok with arguments",
37 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
38 permission: "bar",
39 args: Args{"a", "b"},
40 setup: func() *BasicPermissions {
41 perms := NewBasicPermissions(commondao.New())
42 perms.AddRole("foo", "bar")
43 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
44 return perms
45 },
46 called: true,
47 },
48 {
49 name: "no permission",
50 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
51 permission: "bar",
52 setup: func() *BasicPermissions {
53 perms := NewBasicPermissions(commondao.New())
54 perms.AddRole("foo", "bar")
55 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
56 return perms
57 },
58 err: "unauthorized",
59 },
60 {
61 name: "is not a DAO member",
62 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
63 permission: "bar",
64 setup: func() *BasicPermissions {
65 return NewBasicPermissions(commondao.New())
66 },
67 err: "unauthorized",
68 },
69 }
70
71 for _, tc := range cases {
72 t.Run(tc.name, func(t *testing.T) {
73 var called bool
74
75 perms := tc.setup()
76 callback := func(realm) { called = true }
77
78 testCaseFn := func() {
79 perms.WithPermission(cross, tc.user, tc.permission, tc.args, callback)
80 }
81
82 if tc.err != "" {
83 urequire.AbortsWithMessage(t, tc.err, testCaseFn, "expect panic with message")
84 return
85 } else {
86 urequire.NotAborts(t, testCaseFn, "expect no panic")
87 }
88
89 urequire.Equal(t, tc.called, called, "expect callback to be called")
90 })
91 }
92}
93
94func TestBasicPermissionsGetUserRoles(t *testing.T) {
95 cases := []struct {
96 name string
97 user address
98 roles []string
99 setup func() *BasicPermissions
100 }{
101 {
102 name: "single role",
103 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
104 roles: []string{"admin"},
105 setup: func() *BasicPermissions {
106 perms := NewBasicPermissions(commondao.New())
107 perms.AddRole("admin", "x")
108 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
109 return perms
110 },
111 },
112 {
113 name: "multiple roles",
114 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
115 roles: []string{"admin", "foo", "bar"},
116 setup: func() *BasicPermissions {
117 perms := NewBasicPermissions(commondao.New())
118 perms.AddRole("admin", "x")
119 perms.AddRole("foo", "x")
120 perms.AddRole("bar", "x")
121 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin", "foo", "bar")
122 return perms
123 },
124 },
125 {
126 name: "without roles",
127 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
128 setup: func() *BasicPermissions {
129 perms := NewBasicPermissions(commondao.New())
130 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
131 return perms
132 },
133 },
134 {
135 name: "not a user",
136 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
137 setup: func() *BasicPermissions {
138 return NewBasicPermissions(commondao.New())
139 },
140 },
141 {
142 name: "multiple users",
143 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
144 roles: []string{"admin"},
145 setup: func() *BasicPermissions {
146 perms := NewBasicPermissions(commondao.New())
147 perms.AddRole("admin", "x")
148 perms.AddRole("bar", "x")
149 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
150 perms.SetUserRoles(cross, "g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "admin")
151 perms.SetUserRoles(cross, "g1w4ek2u3jta047h6lta047h6lta047h6l9huexc", "admin", "bar")
152 return perms
153 },
154 },
155 }
156
157 for _, tc := range cases {
158 t.Run(tc.name, func(t *testing.T) {
159 perms := tc.setup()
160 roles := perms.GetUserRoles(tc.user)
161
162 urequire.Equal(t, len(tc.roles), len(roles), "user role count")
163 for i, r := range roles {
164 uassert.Equal(t, tc.roles[i], string(r))
165 }
166 })
167 }
168}
169
170func TestBasicPermissionsHasRole(t *testing.T) {
171 cases := []struct {
172 name string
173 user address
174 role Role
175 setup func() *BasicPermissions
176 want bool
177 }{
178 {
179 name: "ok",
180 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
181 role: "admin",
182 setup: func() *BasicPermissions {
183 perms := NewBasicPermissions(commondao.New())
184 perms.AddRole("admin", "x")
185 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
186 return perms
187 },
188 want: true,
189 },
190 {
191 name: "ok with multiple roles",
192 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
193 role: "foo",
194 setup: func() *BasicPermissions {
195 perms := NewBasicPermissions(commondao.New())
196 perms.AddRole("admin", "x")
197 perms.AddRole("foo", "x")
198 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin", "foo")
199 return perms
200 },
201 want: true,
202 },
203 {
204 name: "user without roles",
205 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
206 setup: func() *BasicPermissions {
207 perms := NewBasicPermissions(commondao.New())
208 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
209 return perms
210 },
211 },
212 {
213 name: "has no role",
214 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
215 role: "bar",
216 setup: func() *BasicPermissions {
217 perms := NewBasicPermissions(commondao.New())
218 perms.AddRole("foo", "x")
219 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
220 return perms
221 },
222 },
223 }
224
225 for _, tc := range cases {
226 t.Run(tc.name, func(t *testing.T) {
227 perms := tc.setup()
228 got := perms.HasRole(tc.user, tc.role)
229 uassert.Equal(t, got, tc.want)
230 })
231 }
232}
233
234func TestBasicPermissionsHasPermission(t *testing.T) {
235 cases := []struct {
236 name string
237 user address
238 permission Permission
239 setup func() *BasicPermissions
240 want bool
241 }{
242 {
243 name: "ok",
244 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
245 permission: "bar",
246 setup: func() *BasicPermissions {
247 perms := NewBasicPermissions(commondao.New())
248 perms.AddRole("foo", "bar")
249 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
250 return perms
251 },
252 want: true,
253 },
254 {
255 name: "ok with multiple users",
256 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
257 permission: "bar",
258 setup: func() *BasicPermissions {
259 perms := NewBasicPermissions(commondao.New())
260 perms.AddRole("foo", "bar")
261 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
262 perms.SetUserRoles(cross, "g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "foo")
263 return perms
264 },
265 want: true,
266 },
267 {
268 name: "ok with multiple roles",
269 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
270 permission: "other",
271 setup: func() *BasicPermissions {
272 perms := NewBasicPermissions(commondao.New())
273 perms.AddRole("foo", "bar")
274 perms.AddRole("baz", "other")
275 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo", "baz")
276 return perms
277 },
278 want: true,
279 },
280 {
281 name: "no permission",
282 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
283 permission: "other",
284 setup: func() *BasicPermissions {
285 perms := NewBasicPermissions(commondao.New())
286 perms.AddRole("foo", "bar")
287 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
288 return perms
289 },
290 },
291 }
292
293 for _, tc := range cases {
294 t.Run(tc.name, func(t *testing.T) {
295 perms := tc.setup()
296 got := perms.HasPermission(tc.user, tc.permission)
297 uassert.Equal(t, got, tc.want)
298 })
299 }
300}
301
302func TestBasicPermissionsSetUserRoles(t *testing.T) {
303 cases := []struct {
304 name string
305 user address
306 roles []Role
307 setup func() *BasicPermissions
308 err string
309 }{
310 {
311 name: "add user",
312 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
313 roles: []Role{"a"},
314 setup: func() *BasicPermissions {
315 perms := NewBasicPermissions(commondao.New())
316 perms.AddRole("a", "permission1")
317 return perms
318 },
319 },
320 {
321 name: "add user with multiple roles",
322 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
323 roles: []Role{"a", "b"},
324 setup: func() *BasicPermissions {
325 perms := NewBasicPermissions(commondao.New())
326 perms.AddRole("a", "permission1")
327 perms.AddRole("b", "permission2")
328 return perms
329 },
330 },
331 {
332 name: "add when other users exists",
333 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
334 roles: []Role{"a"},
335 setup: func() *BasicPermissions {
336 perms := NewBasicPermissions(commondao.New())
337 perms.AddRole("a", "permission1")
338 perms.SetUserRoles(cross, "g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "a")
339 perms.SetUserRoles(cross, "g1w4ek2u3jta047h6lta047h6lta047h6l9huexc")
340 return perms
341 },
342 },
343 {
344 name: "update user roles",
345 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
346 roles: []Role{"a", "b"},
347 setup: func() *BasicPermissions {
348 perms := NewBasicPermissions(commondao.New())
349 perms.AddRole("a", "permission1")
350 perms.AddRole("b", "permission2")
351 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "a")
352 return perms
353 },
354 },
355 {
356 name: "clear user roles",
357 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
358 roles: []Role{},
359 setup: func() *BasicPermissions {
360 perms := NewBasicPermissions(commondao.New())
361 perms.AddRole("a", "permission1")
362 perms.AddRole("b", "permission2")
363 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "a", "b")
364 return perms
365 },
366 },
367 {
368 name: "set invalid role",
369 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
370 roles: []Role{"a", "foo"},
371 setup: func() *BasicPermissions {
372 perms := NewBasicPermissions(commondao.New())
373 perms.AddRole("a", "permission1")
374 return perms
375 },
376 err: "invalid role: foo",
377 },
378 }
379
380 for _, tc := range cases {
381 t.Run(tc.name, func(t *testing.T) {
382 perms := tc.setup()
383
384 setUserRoles := func() {
385 perms.SetUserRoles(cross, tc.user, tc.roles...)
386 }
387
388 if tc.err != "" {
389 urequire.AbortsWithMessage(t, tc.err, setUserRoles, "expected an error")
390 return
391 } else {
392 urequire.NotAborts(t, setUserRoles, "expected no error")
393 }
394
395 roles := perms.GetUserRoles(tc.user)
396 uassert.Equal(t, len(tc.roles), len(roles))
397 for i, r := range roles {
398 urequire.Equal(t, string(tc.roles[i]), string(r))
399 }
400 })
401 }
402}
403
404func TestBasicPermissionsRemoveUser(t *testing.T) {
405 cases := []struct {
406 name string
407 user address
408 setup func() *BasicPermissions
409 want bool
410 }{
411 {
412 name: "ok",
413 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
414 setup: func() *BasicPermissions {
415 perms := NewBasicPermissions(commondao.New())
416 perms.SetUserRoles(cross, "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
417 return perms
418 },
419 want: true,
420 },
421 {
422 name: "user not found",
423 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
424 setup: func() *BasicPermissions {
425 return NewBasicPermissions(commondao.New())
426 },
427 },
428 }
429
430 for _, tc := range cases {
431 t.Run(tc.name, func(t *testing.T) {
432 perms := tc.setup()
433 got := perms.RemoveUser(cross, tc.user)
434 uassert.Equal(t, tc.want, got)
435 })
436 }
437}
438
439func TestBasicPermissionsIterateUsers(t *testing.T) {
440 users := []User{
441 {
442 Address: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
443 Roles: []Role{"foo"},
444 },
445 {
446 Address: "g1us8428u2a5satrlxzagqqa5m6vmuze025anjlj",
447 Roles: []Role{"foo", "bar"},
448 },
449 {
450 Address: "g1vh7krmmzfua5xjmkatvmx09z37w34lsvd2mxa5",
451 Roles: []Role{"bar"},
452 },
453 }
454
455 perms := NewBasicPermissions(commondao.New())
456 perms.AddRole("foo", "perm1")
457 perms.AddRole("bar", "perm2")
458 for _, u := range users {
459 perms.SetUserRoles(cross, u.Address, u.Roles...)
460 }
461
462 cases := []struct {
463 name string
464 start, count, want int
465 }{
466 {
467 name: "exceed users count",
468 count: 50,
469 want: 3,
470 },
471 {
472 name: "exact users count",
473 count: 3,
474 want: 3,
475 },
476 {
477 name: "two users",
478 start: 1,
479 count: 2,
480 want: 2,
481 },
482 {
483 name: "one user",
484 start: 1,
485 count: 1,
486 want: 1,
487 },
488 {
489 name: "no iteration",
490 start: 50,
491 },
492 }
493
494 for _, tc := range cases {
495 t.Run(tc.name, func(t *testing.T) {
496 var i int
497 perms.IterateUsers(0, len(users), func(u User) bool {
498 urequire.True(t, i < len(users), "expect iterator to respect number of users")
499 uassert.Equal(t, users[i].Address, u.Address)
500
501 urequire.Equal(t, len(users[i].Roles), len(u.Roles), "expect number of roles to match")
502 for j := range u.Roles {
503 uassert.Equal(t, string(users[i].Roles[j]), string(u.Roles[j]))
504 }
505
506 i++
507 return false
508 })
509
510 uassert.Equal(t, i, len(users), "expect iterator to iterate all users")
511 })
512 }
513}
