53 lines
1.3 KiB
Go
53 lines
1.3 KiB
Go
|
package permmatch
|
||
|
|
|
||
|
|
import "testing"
|
||
|
|
|
||
|
|
func TestMethodAllowed(t *testing.T) {
|
||
|
|
if !MethodAllowed("GET|POST", "get") {
|
||
|
|
t.Fatal("expected GET")
|
||
|
|
}
|
||
|
|
if MethodAllowed("GET|POST", "PATCH") {
|
||
|
|
t.Fatal("expected no PATCH")
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestPathAllowed(t *testing.T) {
|
||
|
|
if !PathAllowed("/api/v1/jobs/*", "/api/v1/jobs/abc/cancel") {
|
||
|
|
t.Fatal("expected wildcard match")
|
||
|
|
}
|
||
|
|
if PathAllowed("/api/v1/jobs/*", "/api/v1/job/schedules") {
|
||
|
|
t.Fatal("expected no match")
|
||
|
|
}
|
||
|
|
if !PathAllowed("/api/v1/members/me", "/api/v1/members/me") {
|
||
|
|
t.Fatal("expected exact match")
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestRequestAllowed(t *testing.T) {
|
||
|
|
perms := map[string]string{
|
||
|
|
"/api/v1/members/me": "GET|PATCH",
|
||
|
|
"/api/v1/jobs/*": "GET|POST",
|
||
|
|
}
|
||
|
|
if !RequestAllowed(perms, "GET", "/api/v1/members/me") {
|
||
|
|
t.Fatal("expected member me")
|
||
|
|
}
|
||
|
|
if RequestAllowed(perms, "DELETE", "/api/v1/members/me") {
|
||
|
|
t.Fatal("expected deny delete")
|
||
|
|
}
|
||
|
|
if !RequestAllowed(perms, "POST", "/api/v1/jobs/x/cancel") {
|
||
|
|
t.Fatal("expected job cancel")
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
func TestPathAllowedListRoot(t *testing.T) {
|
||
|
|
for _, path := range []string{"/api/v1/personas", "/api/v1/jobs", "/api/v1/brands"} {
|
||
|
|
pattern := path + "/*"
|
||
|
|
if !PathAllowed(pattern, path) {
|
||
|
|
t.Fatalf("expected list root match for %s", path)
|
||
|
|
}
|
||
|
|
}
|
||
|
|
if PathAllowed("/api/v1/jobs/*", "/api/v1/job/schedules") {
|
||
|
|
t.Fatal("expected schedules path to stay blocked")
|
||
|
|
}
|
||
|
|
}
|