2 * Copyright (c) 2014 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file test_cases.cpp
19 * @author Aleksander Zdyb <a.zdyb@partner.samsung.com>
20 * @author Marcin Niesluchowski <m.niesluchow@samsung.com>
21 * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
23 * @brief Tests for libcynara-client and libcynara-admin
26 #include <cynara_test_commons.h>
28 #include <tests_common.h>
29 #include <cynara_test_client.h>
30 #include <cynara_test_admin.h>
34 using namespace CynaraTestAdmin;
35 using namespace CynaraTestClient;
37 void tc01_cynara_initialize_func()
42 void tc02_admin_initialize_func()
47 void tc03_cynara_check_invalid_params_func()
51 const char *client = "client03";
52 const char *user = "user03";
53 const char *privilege = "privilege03";
54 const char *session = "session03";
56 cynara.check(nullptr, session, user, privilege, CYNARA_API_INVALID_PARAM);
57 cynara.check(client, nullptr, user, privilege, CYNARA_API_INVALID_PARAM);
58 cynara.check(client, session, nullptr, privilege, CYNARA_API_INVALID_PARAM);
59 cynara.check(client, session, user, nullptr, CYNARA_API_INVALID_PARAM);
62 void checkInvalidPolicy(Admin &admin,
66 const char *privilege,
68 const char *resultExtra)
70 CynaraPoliciesContainer cp;
71 cp.add(bucket, client, user, privilege, result, resultExtra);
73 admin.setPolicies(cp, CYNARA_API_INVALID_PARAM);
76 void tc04_admin_set_policies_invalid_params_func()
80 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
81 const char *client = "client04";
82 const char *user = "user04";
83 const char *privilege = "privilege04";
84 const int resultAllow = CYNARA_ADMIN_ALLOW;
85 const int resultBucket = CYNARA_ADMIN_BUCKET;
86 const int resultNone = CYNARA_ADMIN_NONE;
87 const char *resultExtra = nullptr;
89 checkInvalidPolicy(admin, nullptr, client, user, privilege, resultAllow, resultExtra);
90 checkInvalidPolicy(admin, bucket, nullptr, user, privilege, resultAllow, resultExtra);
91 checkInvalidPolicy(admin, bucket, client, nullptr, privilege, resultAllow, resultExtra);
92 checkInvalidPolicy(admin, bucket, client, user, nullptr, resultAllow, resultExtra);
93 checkInvalidPolicy(admin, bucket, client, user, privilege, INT_MAX, resultExtra);
94 checkInvalidPolicy(admin, bucket, client, user, privilege, resultBucket, nullptr );
95 checkInvalidPolicy(admin, bucket, client, user, privilege, resultNone, resultExtra);
98 void tc05_admin_set_bucket_invalid_params_func()
102 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
103 const int operationAllow = CYNARA_ADMIN_ALLOW;
104 const int operationDelete = CYNARA_ADMIN_DELETE;
105 const int operationNone = CYNARA_ADMIN_NONE;
106 const char *extra = nullptr;
108 admin.setBucket(nullptr, operationAllow, extra, CYNARA_API_INVALID_PARAM);
109 admin.setBucket(bucket, INT_MAX, extra, CYNARA_API_INVALID_PARAM);
110 admin.setBucket(bucket, operationDelete, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
111 admin.setBucket(bucket, operationNone, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
114 void tc06_cynara_check_empty_admin1_func()
118 const char *client = "client06_1";
119 const char *session = "session06_1";
120 const char *user = "user06_1";
121 const char *privilege = "privilege06_1";
123 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
126 void tc06_cynara_check_empty_admin2_func()
130 const char *client = CYNARA_ADMIN_WILDCARD;
131 const char *session = "session06_2";
132 const char *user = CYNARA_ADMIN_WILDCARD;
133 const char *privilege = CYNARA_ADMIN_WILDCARD;
135 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
138 void tc07_admin_set_bucket_admin_allow_deny_func()
143 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
144 const char *client = "client07";
145 const char *session = "session07";
146 const char *user = "user07";
147 const char *privilege = "privilege07";
148 const char *extra = nullptr;
150 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
152 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
154 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
156 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
159 void tc08_admin_set_policies_allow_remove1_func()
164 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
165 const char *session = "session08_1";
166 const int resultAllow = CYNARA_ADMIN_ALLOW;
167 const int resultDelete = CYNARA_ADMIN_DELETE;
168 const char *resultExtra = nullptr;
170 const std::vector< std::vector<const char *> > data = {
171 { "client08_1_a", "user08_1_a", "privilege08_1_a" },
172 { "client08_1_b", "user08_1_b", "privilege08_1_b" },
175 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
176 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
178 // allow first policy
180 CynaraPoliciesContainer cp;
181 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
182 admin.setPolicies(cp);
184 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
185 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
187 // allow second policy
189 CynaraPoliciesContainer cp;
190 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
191 admin.setPolicies(cp);
193 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
194 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
196 // delete first policy
198 CynaraPoliciesContainer cp;
199 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
200 admin.setPolicies(cp);
202 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
203 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
205 // delete second policy
207 CynaraPoliciesContainer cp;
208 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
209 admin.setPolicies(cp);
211 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
212 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
215 void tc08_admin_set_policies_allow_remove2_func()
220 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
221 const char *session = "session08_2";
222 const int resultAllow = CYNARA_ADMIN_ALLOW;
223 const int resultDelete = CYNARA_ADMIN_DELETE;
224 const char *resultExtra = nullptr;
226 const std::vector< std::vector<const char *> > data = {
227 { "client08_2_a", "user08_2_a", "privilege08_2_a" },
228 { "client08_2_b", "user08_2_b", "privilege08_2_b" },
231 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
232 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
234 // allow first policy
236 CynaraPoliciesContainer cp;
237 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
238 admin.setPolicies(cp);
240 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
241 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
243 // delete first, allow second policy
245 CynaraPoliciesContainer cp;
246 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
247 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
248 admin.setPolicies(cp);
250 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
251 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
253 // delete second policy
255 CynaraPoliciesContainer cp;
256 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
257 admin.setPolicies(cp);
260 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
261 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
264 void tc08_admin_set_policies_allow_remove3_func()
269 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
270 const char *session = "session08_3";
271 const int resultAllow = CYNARA_ADMIN_ALLOW;
272 const int resultDelete = CYNARA_ADMIN_DELETE;
273 const char *resultExtra = nullptr;
275 const std::vector< std::vector<const char *> > data = {
276 { "client08_3_a", "user08_3_a", "privilege08_3_a" },
277 { "client08_3_b", "user08_3_b", "privilege08_3_b" },
280 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
281 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
283 // allow first and second policy
285 CynaraPoliciesContainer cp;
286 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
287 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
288 admin.setPolicies(cp);
290 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
291 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
293 // delete first and second policy
295 CynaraPoliciesContainer cp;
296 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
297 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
298 admin.setPolicies(cp);
301 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
302 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
305 void checkAllDeny(const std::vector< std::vector<const char *> > &data,
310 for (auto it = data.begin(); it != data.end(); ++it) {
311 RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
314 for (auto itClient = data.begin(); itClient != data.end(); ++itClient) {
315 for (auto itUser = data.begin(); itUser != data.end(); ++itUser) {
316 for (auto itPrivilege = data.begin(); itPrivilege != data.end(); ++itPrivilege) {
317 cynara.check(itClient->at(0), session, itUser->at(1), itPrivilege->at(2), CYNARA_API_ACCESS_DENIED);
323 void checkSingleWildcardData(const std::vector< std::vector<const char *> > &data)
325 RUNNER_ASSERT_MSG(data.size() == 3, "Wrong test data size");
326 for (auto it = data.begin(); it != data.end(); ++it) {
327 RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
331 void checkSingleWildcardAllowRestDeny(const std::vector< std::vector<const char *> > &data,
336 checkSingleWildcardData(data);
338 for (size_t c = 0; c < data.size(); ++c) {
339 for (size_t u = 0; u < data.size(); ++u) {
340 for (size_t p = 0; p < data.size(); ++p) {
341 if ((u == 0 && p == 0)
342 || (c == 1 && p == 1)
343 || (c == 2 && u == 2)) {
344 cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_ALLOWED);
346 cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_DENIED);
353 void setSingleWildcardPolicies(const char *bucket,
354 const std::vector< std::vector<const char *> > &data,
355 const int result, const char* resultExtra)
358 CynaraPoliciesContainer cp;
360 checkSingleWildcardData(data);
363 CYNARA_ADMIN_WILDCARD, data[0][1], data[0][2],
364 result, resultExtra);
366 data[1][0], CYNARA_ADMIN_WILDCARD, data[1][2],
367 result, resultExtra);
369 data[2][0], data[2][1], CYNARA_ADMIN_WILDCARD,
370 result, resultExtra);
372 admin.setPolicies(cp);
375 void tc09_admin_set_policies_wildcard_accesses_func()
377 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
378 const char *session = "session09";
379 const char *resultExtra = nullptr;
381 const std::vector< std::vector<const char *> > data = {
382 { "client09_a", "user09_a", "privilege09_a" },
383 { "client09_b", "user09_b", "privilege09_b" },
384 { "client09_c", "user09_c", "privilege09_c" }
387 checkAllDeny(data, session);
389 setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_ALLOW, resultExtra);
391 checkSingleWildcardAllowRestDeny(data, session);
393 setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_DELETE, resultExtra);
395 checkAllDeny(data, session);
398 void tc10_admin_change_extra_bucket_func()
403 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
404 const char *bucket = "bucket10";
405 const char *session = "session10";
406 const char *extra = nullptr;
407 const char *extraResult = nullptr;
410 const std::vector< std::vector<const char *> > data = {
411 { "client10_a", "user10_a", "privilege10_a" },
412 { "client10_b", "user10_b", "privilege10_b" }
415 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
416 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
418 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
420 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
421 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
424 CynaraPoliciesContainer cp;
425 cp.add(bucketDefault,
426 data[0][0], data[0][1], data[0][2],
427 CYNARA_ADMIN_BUCKET, bucket);
428 admin.setPolicies(cp);
431 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
432 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
434 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
436 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
437 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
439 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
441 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
442 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
445 CynaraPoliciesContainer cp;
446 cp.add(bucketDefault,
447 data[0][0], data[0][1], data[0][2],
448 CYNARA_ADMIN_DELETE, extraResult);
449 admin.setPolicies(cp);
452 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
453 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
455 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
458 void tc11_admin_bucket_not_found_func()
463 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
464 const char *bucket = "bucket11";
465 const char *client = "client11";
466 const char *session = "session11";
467 const char *user = "user11";
468 const char *privilege = "privilege11";
470 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
473 CynaraPoliciesContainer cp;
474 cp.add(bucketDefault,
475 client, user, privilege,
476 CYNARA_ADMIN_BUCKET, bucket);
477 admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
479 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
482 void tc12_admin_delete_bucket_with_policies_pointing_to_it_func()
487 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
488 const char *bucket = "bucket12";
489 const char *client = "client12";
490 const char *session = "session12";
491 const char *user = "user12";
492 const char *privilege = "privilege12";
493 const char *extra = nullptr;
495 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
498 CynaraPoliciesContainer cp;
499 cp.add(bucketDefault,
500 client, user, privilege,
501 CYNARA_ADMIN_BUCKET, bucket);
502 admin.setPolicies(cp);
504 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
506 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
507 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
509 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
510 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
512 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
513 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
516 void tc13_admin_set_policies_to_extra_bucket_func()
521 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
522 const char *bucket = "bucket13";
523 const char *client = "client13";
524 const char *session = "session13";
525 const char *user = "user13";
526 const char *privilege = "privilege13";
527 const char *extra = nullptr;
528 const char *extraResult = nullptr;
530 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
531 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
534 CynaraPoliciesContainer cp;
535 cp.add(bucketDefault,
536 client, user, privilege,
537 CYNARA_ADMIN_BUCKET, bucket);
539 client, user, privilege,
540 CYNARA_ADMIN_ALLOW, extraResult);
541 admin.setPolicies(cp);
543 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
545 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
546 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
549 void tc14_admin_set_policies_integrity_func()
551 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
552 const char *bucket = "bucket14";
553 const char *client = "client14";
554 const char *session = "session14";
555 const char *user = "user14";
556 const char *privilege = "privilege14";
557 const char *extraResult = nullptr;
561 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
566 CynaraPoliciesContainer cp;
567 cp.add(bucketDefault,
568 client, user, privilege,
569 CYNARA_ADMIN_ALLOW, extraResult);
571 client, user, privilege,
572 CYNARA_ADMIN_ALLOW, extraResult);
573 admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
578 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
582 void tc15_admin_set_bucket_admin_none1_func()
587 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
588 const char *bucket = "bucket15_1";
589 const char *client = "client15_1";
590 const char *session = "session15_1";
591 const char *user = "user15_1";
592 const char *privilege = "privilege15_1";
593 const char *extra = nullptr;
594 const char *extraResult = nullptr;
596 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
599 CynaraPoliciesContainer cp;
600 cp.add(bucketDefault,
601 client, user, privilege,
602 CYNARA_ADMIN_BUCKET, bucket);
604 client, user, privilege,
605 CYNARA_ADMIN_ALLOW, extraResult);
606 admin.setPolicies(cp);
608 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
611 void tc15_admin_set_bucket_admin_none2_func()
616 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
617 const char *bucket = "bucket15_2";
618 const char *client = "client15_2";
619 const char *session = "session15_2";
620 const char *user = "user15_2";
621 const char *privilege = "privilege15_2";
622 const char *extra = nullptr;
624 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
627 CynaraPoliciesContainer cp;
628 cp.add(bucketDefault,
629 client, user, privilege,
630 CYNARA_ADMIN_BUCKET, bucket);
631 admin.setPolicies(cp);
633 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
636 void tc15_admin_set_bucket_admin_none3_func()
641 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
642 const char *bucket = "bucket15_3";
643 const char *client = "client15_3";
644 const char *session = "session15_3";
645 const char *user = "user15_3";
646 const char *privilege = "privilege15_3";
647 const char *extra = nullptr;
648 const char *extraResult = nullptr;
650 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
653 CynaraPoliciesContainer cp;
654 cp.add(bucketDefault,
655 client, user, privilege,
656 CYNARA_ADMIN_BUCKET, bucket);
657 cp.add(bucketDefault,
658 client, user, CYNARA_ADMIN_WILDCARD,
659 CYNARA_ADMIN_ALLOW, extraResult);
660 admin.setPolicies(cp);
662 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
665 void tc16_admin_check_single_bucket_func()
667 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
668 const char *client = "client16";
669 const char *user = "user16";
670 const char *privilege = "privilege16";
671 const char *extraResult = nullptr;
673 int notrecursive = 0;
677 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
678 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
679 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
680 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
682 CynaraPoliciesContainer cp;
683 cp.add(bucketDefault,
684 client, user, privilege,
685 CYNARA_ADMIN_ALLOW, extraResult);
686 admin.setPolicies(cp);
688 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
689 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
690 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
691 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
694 void tc17_admin_check_nested_bucket_func()
696 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
697 const char *bucket = "bucket17";
698 const char *client = "client17";
699 const char *user = "user17";
700 const char *privilege = "privilege17";
701 const char *extra = nullptr;
702 const char *extraResult = nullptr;
704 int notrecursive = 0;
707 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
709 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
710 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
711 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
712 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
713 admin.adminCheck(bucket, recursive, client, user, privilege,
714 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
715 admin.adminCheck(bucket, notrecursive, client, user, privilege,
716 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
719 CynaraPoliciesContainer cp;
720 cp.add(bucketDefault,
721 client, user, privilege,
722 CYNARA_ADMIN_BUCKET, bucket);
724 client, user, privilege,
725 CYNARA_ADMIN_ALLOW, extraResult);
726 admin.setPolicies(cp);
729 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
730 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
731 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
732 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
733 admin.adminCheck(bucket, recursive, client, user, privilege,
734 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
735 admin.adminCheck(bucket, notrecursive, client, user, privilege,
736 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
739 void tc18_admin_check_multiple_matches_func()
741 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
742 const char *client = "client18";
743 const char *user = "user18";
744 const char *privilege = "privilege18";
745 const char *wildcard = CYNARA_ADMIN_WILDCARD;
746 const char *extra = nullptr;
747 const char *extraResult = nullptr;
749 int notrecursive = 0;
753 auto check = [&](int expected_result)
755 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
756 expected_result, nullptr, CYNARA_API_SUCCESS);
757 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
758 expected_result, nullptr, CYNARA_API_SUCCESS);
761 check(CYNARA_ADMIN_DENY);
764 CynaraPoliciesContainer cp;
765 cp.add(bucketDefault,
766 client, user, privilege,
767 CYNARA_ADMIN_ALLOW, extraResult);
768 admin.setPolicies(cp);
771 check(CYNARA_ADMIN_ALLOW);
774 CynaraPoliciesContainer cp;
775 cp.add(bucketDefault,
776 wildcard, user, privilege,
777 CYNARA_ADMIN_DENY, extraResult);
778 admin.setPolicies(cp);
781 check(CYNARA_ADMIN_DENY);
783 admin.setBucket(bucketDefault, CYNARA_ADMIN_ALLOW, extra);
785 check(CYNARA_ADMIN_DENY);
788 CynaraPoliciesContainer cp;
789 cp.add(bucketDefault,
790 client, user, privilege,
791 CYNARA_ADMIN_DELETE, extraResult);
792 admin.setPolicies(cp);
795 check(CYNARA_ADMIN_DENY);
798 CynaraPoliciesContainer cp;
799 cp.add(bucketDefault,
800 wildcard, user, privilege,
801 CYNARA_ADMIN_DELETE, extraResult);
802 admin.setPolicies(cp);
805 check(CYNARA_ADMIN_ALLOW);
808 void tc19_admin_check_none_bucket_func()
810 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
811 const char *bucket1 = "bucket19_a";
812 const char *bucket2 = "bucket19_b";
813 const char *client = "client19";
814 const char *user = "user19";
815 const char *privilege = "privilege19";
816 const char *extra = nullptr;
818 int notrecursive = 0;
821 admin.setBucket(bucket1, CYNARA_ADMIN_NONE, extra);
822 admin.setBucket(bucket2, CYNARA_ADMIN_ALLOW, extra);
824 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
825 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
826 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
827 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
828 admin.adminCheck(bucket1, recursive, client, user, privilege,
829 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
830 admin.adminCheck(bucket1, notrecursive, client, user, privilege,
831 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
832 admin.adminCheck(bucket2, recursive, client, user, privilege,
833 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
834 admin.adminCheck(bucket2, notrecursive, client, user, privilege,
835 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
838 CynaraPoliciesContainer cp;
839 cp.add(bucketDefault,
840 client, user, privilege,
841 CYNARA_ADMIN_BUCKET, bucket1);
843 client, user, privilege,
844 CYNARA_ADMIN_BUCKET, bucket2);
845 admin.setPolicies(cp);
848 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
849 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
850 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
851 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
852 admin.adminCheck(bucket1, recursive, client, user, privilege,
853 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
854 admin.adminCheck(bucket1, notrecursive, client, user, privilege,
855 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
856 admin.adminCheck(bucket2, recursive, client, user, privilege,
857 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
858 admin.adminCheck(bucket2, notrecursive, client, user, privilege,
859 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
862 RUNNER_TEST_GROUP_INIT(cynara_tests)
864 RUN_CYNARA_TEST(tc01_cynara_initialize)
865 RUN_CYNARA_TEST(tc02_admin_initialize)
866 RUN_CYNARA_TEST(tc03_cynara_check_invalid_params)
867 RUN_CYNARA_TEST(tc04_admin_set_policies_invalid_params)
868 RUN_CYNARA_TEST(tc05_admin_set_bucket_invalid_params)
869 RUN_CYNARA_TEST(tc06_cynara_check_empty_admin1)
870 RUN_CYNARA_TEST(tc06_cynara_check_empty_admin2)
871 RUN_CYNARA_TEST(tc07_admin_set_bucket_admin_allow_deny)
872 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove1)
873 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove2)
874 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove3)
875 RUN_CYNARA_TEST(tc09_admin_set_policies_wildcard_accesses)
876 RUN_CYNARA_TEST(tc10_admin_change_extra_bucket)
877 RUN_CYNARA_TEST(tc11_admin_bucket_not_found)
878 RUN_CYNARA_TEST(tc12_admin_delete_bucket_with_policies_pointing_to_it)
879 RUN_CYNARA_TEST(tc13_admin_set_policies_to_extra_bucket)
880 RUN_CYNARA_TEST(tc14_admin_set_policies_integrity)
881 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none1)
882 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none2)
883 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none3)
884 RUN_CYNARA_TEST(tc16_admin_check_single_bucket)
885 RUN_CYNARA_TEST(tc17_admin_check_nested_bucket)
886 RUN_CYNARA_TEST(tc18_admin_check_multiple_matches)
887 RUN_CYNARA_TEST(tc19_admin_check_none_bucket)