permissions_basic_test.gno
12.95 Kb · 522 lines
1package boards2
2
3import (
4 "testing"
5
6 "gno.land/p/nt/commondao"
7 "gno.land/p/nt/uassert"
8 "gno.land/p/nt/urequire"
9)
10
11var _ Permissions = (*BasicPermissions)(nil)
12
13func TestBasicPermissionsWithPermission(t *testing.T) {
14 cases := []struct {
15 name string
16 user address
17 permission Permission
18 args Args
19 setup func() *BasicPermissions
20 err string
21 called bool
22 }{
23 {
24 name: "ok",
25 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
26 permission: "bar",
27 setup: func() *BasicPermissions {
28 perms := NewBasicPermissions(commondao.New())
29 perms.AddRole("foo", "bar")
30 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
31 return perms
32 },
33 called: true,
34 },
35 {
36 name: "ok with arguments",
37 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
38 permission: "bar",
39 args: Args{"a", "b"},
40 setup: func() *BasicPermissions {
41 perms := NewBasicPermissions(commondao.New())
42 perms.AddRole("foo", "bar")
43 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
44 return perms
45 },
46 called: true,
47 },
48 {
49 name: "no permission",
50 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
51 permission: "bar",
52 setup: func() *BasicPermissions {
53 perms := NewBasicPermissions(commondao.New())
54 perms.AddRole("foo", "bar")
55 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
56 return perms
57 },
58 err: "unauthorized",
59 },
60 {
61 name: "is not a DAO member",
62 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
63 permission: "bar",
64 setup: func() *BasicPermissions {
65 return NewBasicPermissions(commondao.New())
66 },
67 err: "unauthorized",
68 },
69 }
70
71 for _, tc := range cases {
72 t.Run(tc.name, func(t *testing.T) {
73 var (
74 called bool
75 args Args
76 )
77
78 perms := tc.setup()
79 callback := func(a Args) {
80 args = a
81 called = true
82 }
83
84 testCaseFn := func() {
85 perms.WithPermission(tc.user, tc.permission, tc.args, callback)
86 }
87
88 if tc.err != "" {
89 urequire.PanicsWithMessage(t, tc.err, testCaseFn, "panic")
90 return
91 } else {
92 urequire.NotPanics(t, testCaseFn, "no panic")
93 }
94
95 urequire.Equal(t, tc.called, called, "callback called")
96 urequire.Equal(t, len(tc.args), len(args), "args count")
97 for i, a := range args {
98 uassert.Equal(t, tc.args[i].(string), a.(string))
99 }
100 })
101 }
102}
103
104func TestBasicPermissionsGetUserRoles(t *testing.T) {
105 cases := []struct {
106 name string
107 user address
108 roles []string
109 setup func() *BasicPermissions
110 }{
111 {
112 name: "single role",
113 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
114 roles: []string{"admin"},
115 setup: func() *BasicPermissions {
116 perms := NewBasicPermissions(commondao.New())
117 perms.AddRole("admin", "x")
118 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
119 return perms
120 },
121 },
122 {
123 name: "multiple roles",
124 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
125 roles: []string{"admin", "foo", "bar"},
126 setup: func() *BasicPermissions {
127 perms := NewBasicPermissions(commondao.New())
128 perms.AddRole("admin", "x")
129 perms.AddRole("foo", "x")
130 perms.AddRole("bar", "x")
131 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin", "foo", "bar")
132 return perms
133 },
134 },
135 {
136 name: "without roles",
137 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
138 setup: func() *BasicPermissions {
139 perms := NewBasicPermissions(commondao.New())
140 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
141 return perms
142 },
143 },
144 {
145 name: "not a user",
146 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
147 setup: func() *BasicPermissions {
148 return NewBasicPermissions(commondao.New())
149 },
150 },
151 {
152 name: "multiple users",
153 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
154 roles: []string{"admin"},
155 setup: func() *BasicPermissions {
156 perms := NewBasicPermissions(commondao.New())
157 perms.AddRole("admin", "x")
158 perms.AddRole("bar", "x")
159 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
160 perms.SetUserRoles("g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "admin")
161 perms.SetUserRoles("g1w4ek2u3jta047h6lta047h6lta047h6l9huexc", "admin", "bar")
162 return perms
163 },
164 },
165 }
166
167 for _, tc := range cases {
168 t.Run(tc.name, func(t *testing.T) {
169 perms := tc.setup()
170 roles := perms.GetUserRoles(tc.user)
171
172 urequire.Equal(t, len(tc.roles), len(roles), "user role count")
173 for i, r := range roles {
174 uassert.Equal(t, tc.roles[i], string(r))
175 }
176 })
177 }
178}
179
180func TestBasicPermissionsHasRole(t *testing.T) {
181 cases := []struct {
182 name string
183 user address
184 role Role
185 setup func() *BasicPermissions
186 want bool
187 }{
188 {
189 name: "ok",
190 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
191 role: "admin",
192 setup: func() *BasicPermissions {
193 perms := NewBasicPermissions(commondao.New())
194 perms.AddRole("admin", "x")
195 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin")
196 return perms
197 },
198 want: true,
199 },
200 {
201 name: "ok with multiple roles",
202 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
203 role: "foo",
204 setup: func() *BasicPermissions {
205 perms := NewBasicPermissions(commondao.New())
206 perms.AddRole("admin", "x")
207 perms.AddRole("foo", "x")
208 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "admin", "foo")
209 return perms
210 },
211 want: true,
212 },
213 {
214 name: "user without roles",
215 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
216 setup: func() *BasicPermissions {
217 perms := NewBasicPermissions(commondao.New())
218 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
219 return perms
220 },
221 },
222 {
223 name: "has no role",
224 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
225 role: "bar",
226 setup: func() *BasicPermissions {
227 perms := NewBasicPermissions(commondao.New())
228 perms.AddRole("foo", "x")
229 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
230 return perms
231 },
232 },
233 }
234
235 for _, tc := range cases {
236 t.Run(tc.name, func(t *testing.T) {
237 perms := tc.setup()
238 got := perms.HasRole(tc.user, tc.role)
239 uassert.Equal(t, got, tc.want)
240 })
241 }
242}
243
244func TestBasicPermissionsHasPermission(t *testing.T) {
245 cases := []struct {
246 name string
247 user address
248 permission Permission
249 setup func() *BasicPermissions
250 want bool
251 }{
252 {
253 name: "ok",
254 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
255 permission: "bar",
256 setup: func() *BasicPermissions {
257 perms := NewBasicPermissions(commondao.New())
258 perms.AddRole("foo", "bar")
259 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
260 return perms
261 },
262 want: true,
263 },
264 {
265 name: "ok with multiple users",
266 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
267 permission: "bar",
268 setup: func() *BasicPermissions {
269 perms := NewBasicPermissions(commondao.New())
270 perms.AddRole("foo", "bar")
271 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
272 perms.SetUserRoles("g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "foo")
273 return perms
274 },
275 want: true,
276 },
277 {
278 name: "ok with multiple roles",
279 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
280 permission: "other",
281 setup: func() *BasicPermissions {
282 perms := NewBasicPermissions(commondao.New())
283 perms.AddRole("foo", "bar")
284 perms.AddRole("baz", "other")
285 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo", "baz")
286 return perms
287 },
288 want: true,
289 },
290 {
291 name: "no permission",
292 user: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
293 permission: "other",
294 setup: func() *BasicPermissions {
295 perms := NewBasicPermissions(commondao.New())
296 perms.AddRole("foo", "bar")
297 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "foo")
298 return perms
299 },
300 },
301 }
302
303 for _, tc := range cases {
304 t.Run(tc.name, func(t *testing.T) {
305 perms := tc.setup()
306 got := perms.HasPermission(tc.user, tc.permission)
307 uassert.Equal(t, got, tc.want)
308 })
309 }
310}
311
312func TestBasicPermissionsSetUserRoles(t *testing.T) {
313 cases := []struct {
314 name string
315 user address
316 roles []Role
317 setup func() *BasicPermissions
318 err string
319 }{
320 {
321 name: "add user",
322 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
323 roles: []Role{"a"},
324 setup: func() *BasicPermissions {
325 perms := NewBasicPermissions(commondao.New())
326 perms.AddRole("a", "permission1")
327 return perms
328 },
329 },
330 {
331 name: "add user with multiple roles",
332 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
333 roles: []Role{"a", "b"},
334 setup: func() *BasicPermissions {
335 perms := NewBasicPermissions(commondao.New())
336 perms.AddRole("a", "permission1")
337 perms.AddRole("b", "permission2")
338 return perms
339 },
340 },
341 {
342 name: "add when other users exists",
343 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
344 roles: []Role{"a"},
345 setup: func() *BasicPermissions {
346 perms := NewBasicPermissions(commondao.New())
347 perms.AddRole("a", "permission1")
348 perms.SetUserRoles("g1w4ek2u33ta047h6lta047h6lta047h6ldvdwpn", "a")
349 perms.SetUserRoles("g1w4ek2u3jta047h6lta047h6lta047h6l9huexc")
350 return perms
351 },
352 },
353 {
354 name: "update user roles",
355 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
356 roles: []Role{"a", "b"},
357 setup: func() *BasicPermissions {
358 perms := NewBasicPermissions(commondao.New())
359 perms.AddRole("a", "permission1")
360 perms.AddRole("b", "permission2")
361 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "a")
362 return perms
363 },
364 },
365 {
366 name: "clear user roles",
367 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
368 roles: []Role{},
369 setup: func() *BasicPermissions {
370 perms := NewBasicPermissions(commondao.New())
371 perms.AddRole("a", "permission1")
372 perms.AddRole("b", "permission2")
373 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5", "a", "b")
374 return perms
375 },
376 },
377 {
378 name: "set invalid role",
379 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
380 roles: []Role{"a", "foo"},
381 setup: func() *BasicPermissions {
382 perms := NewBasicPermissions(commondao.New())
383 perms.AddRole("a", "permission1")
384 return perms
385 },
386 err: "invalid role: foo",
387 },
388 }
389
390 for _, tc := range cases {
391 t.Run(tc.name, func(t *testing.T) {
392 perms := tc.setup()
393
394 err := perms.SetUserRoles(tc.user, tc.roles...)
395
396 if tc.err != "" {
397 urequire.Error(t, err, "expected an error")
398 uassert.Equal(t, tc.err, err.Error())
399 return
400 } else {
401 urequire.NoError(t, err)
402 }
403
404 roles := perms.GetUserRoles(tc.user)
405 uassert.Equal(t, len(tc.roles), len(roles))
406 for i, r := range roles {
407 urequire.Equal(t, string(tc.roles[i]), string(r))
408 }
409 })
410 }
411}
412
413func TestBasicPermissionsRemoveUser(t *testing.T) {
414 cases := []struct {
415 name string
416 user address
417 setup func() *BasicPermissions
418 want bool
419 }{
420 {
421 name: "ok",
422 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
423 setup: func() *BasicPermissions {
424 perms := NewBasicPermissions(commondao.New())
425 perms.SetUserRoles("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5")
426 return perms
427 },
428 want: true,
429 },
430 {
431 name: "user not found",
432 user: address("g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5"),
433 setup: func() *BasicPermissions {
434 return NewBasicPermissions(commondao.New())
435 },
436 },
437 }
438
439 for _, tc := range cases {
440 t.Run(tc.name, func(t *testing.T) {
441 perms := tc.setup()
442 got := perms.RemoveUser(tc.user)
443 uassert.Equal(t, tc.want, got)
444 })
445 }
446}
447
448func TestBasicPermissionsIterateUsers(t *testing.T) {
449 users := []User{
450 {
451 Address: "g1jg8mtutu9khhfwc4nxmuhcpftf0pajdhfvsqf5",
452 Roles: []Role{"foo"},
453 },
454 {
455 Address: "g1us8428u2a5satrlxzagqqa5m6vmuze025anjlj",
456 Roles: []Role{"foo", "bar"},
457 },
458 {
459 Address: "g1vh7krmmzfua5xjmkatvmx09z37w34lsvd2mxa5",
460 Roles: []Role{"bar"},
461 },
462 }
463
464 perms := NewBasicPermissions(commondao.New())
465 perms.AddRole("foo", "perm1")
466 perms.AddRole("bar", "perm2")
467 for _, u := range users {
468 perms.SetUserRoles(u.Address, u.Roles...)
469 }
470
471 cases := []struct {
472 name string
473 start, count, want int
474 }{
475 {
476 name: "exceed users count",
477 count: 50,
478 want: 3,
479 },
480 {
481 name: "exact users count",
482 count: 3,
483 want: 3,
484 },
485 {
486 name: "two users",
487 start: 1,
488 count: 2,
489 want: 2,
490 },
491 {
492 name: "one user",
493 start: 1,
494 count: 1,
495 want: 1,
496 },
497 {
498 name: "no iteration",
499 start: 50,
500 },
501 }
502
503 for _, tc := range cases {
504 t.Run(tc.name, func(t *testing.T) {
505 var i int
506 perms.IterateUsers(0, len(users), func(u User) bool {
507 urequire.True(t, i < len(users), "expect iterator to respect number of users")
508 uassert.Equal(t, users[i].Address, u.Address)
509
510 urequire.Equal(t, len(users[i].Roles), len(u.Roles), "expect number of roles to match")
511 for j := range u.Roles {
512 uassert.Equal(t, string(users[i].Roles[j]), string(u.Roles[j]))
513 }
514
515 i++
516 return false
517 })
518
519 uassert.Equal(t, i, len(users), "expect iterator to iterate all users")
520 })
521 }
522}
