-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcasbinrest_test.go
132 lines (109 loc) · 3.34 KB
/
casbinrest_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package casbinrest_test
import (
"fmt"
"net/http"
"net/http/httptest"
"testing"
"github.com/casbin/casbin/v2"
"github.com/labstack/echo/v4"
"github.com/prongbang/casbinrest"
"github.com/stretchr/testify/assert"
)
type redisDataSource struct {
}
func NewRedisDataSource() casbinrest.DataSource {
return &redisDataSource{}
}
const mockAdminToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
func (r *redisDataSource) GetRoleByToken(reqToken string) string {
role := "anonymous"
if reqToken == mockAdminToken {
role = "admin"
} else if reqToken == "TOKEN_DBA" {
role = "dba"
}
return role
}
var redisSource casbinrest.DataSource
func init() {
redisSource = NewRedisDataSource()
}
func TestRoleAdminStatusOK(t *testing.T) {
// Given
ce, _ := casbin.NewEnforcer("example/auth_model.conf", "example/policy.csv")
e := echo.New()
e.Use(casbinrest.Middleware(ce, redisSource))
e.GET("/", func(c echo.Context) error {
return c.JSON(http.StatusOK, "OK")
})
req := httptest.NewRequest(http.MethodGet, "/", nil)
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", mockAdminToken))
rec := httptest.NewRecorder()
// When
e.ServeHTTP(rec, req)
// Then
assert.Equal(t, http.StatusOK, rec.Code)
}
func TestRoleDbaStatusOK(t *testing.T) {
// Given
ce, _ := casbin.NewEnforcer("example/auth_model.conf", "example/policy.csv")
e := echo.New()
e.Use(casbinrest.Middleware(ce, redisSource))
e.POST("/dba", func(c echo.Context) error {
return c.JSON(http.StatusOK, "OK")
})
req := httptest.NewRequest(http.MethodPost, "/dba", nil)
req.Header.Set("Authorization", "Bearer TOKEN_DBA")
rec := httptest.NewRecorder()
// When
e.ServeHTTP(rec, req)
// Then
assert.Equal(t, http.StatusOK, rec.Code)
}
func TestRoleAdminStatusForbidden(t *testing.T) {
// Given
ce, _ := casbin.NewEnforcer("example/auth_model.conf", "example/policy.csv")
e := echo.New()
e.Use(casbinrest.Middleware(ce, redisSource))
e.GET("/", func(c echo.Context) error {
return c.JSON(http.StatusOK, "OK")
})
req := httptest.NewRequest(http.MethodGet, "/", nil)
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", "Mock Token"))
rec := httptest.NewRecorder()
// When
e.ServeHTTP(rec, req)
// Then
assert.Equal(t, http.StatusForbidden, rec.Code)
}
func TestRoleAnonymousWithoutTokenStatusForbidden(t *testing.T) {
// Given
ce, _ := casbin.NewEnforcer("example/auth_model.conf", "example/policy.csv")
e := echo.New()
e.Use(casbinrest.Middleware(ce, redisSource))
e.GET("/logout", func(c echo.Context) error {
return c.JSON(http.StatusOK, "OK")
})
req := httptest.NewRequest(http.MethodGet, "/logout", nil)
rec := httptest.NewRecorder()
// When
e.ServeHTTP(rec, req)
// Then
assert.Equal(t, http.StatusForbidden, rec.Code)
}
func TestRoleAnonymousTokenStatusOK(t *testing.T) {
// Given
ce, _ := casbin.NewEnforcer("example/auth_model.conf", "example/policy.csv")
e := echo.New()
e.Use(casbinrest.Middleware(ce, redisSource))
e.GET("/login", func(c echo.Context) error {
return c.JSON(http.StatusOK, "OK")
})
req := httptest.NewRequest(http.MethodGet, "/login", nil)
req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", "Mock Token"))
rec := httptest.NewRecorder()
// When
e.ServeHTTP(rec, req)
// Then
assert.Equal(t, http.StatusOK, rec.Code)
}