2 * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 * @file test_cases.cpp
19 * @author Aleksander Zdyb <a.zdyb@partner.samsung.com>
20 * @author Marcin Niesluchowski <m.niesluchow@samsung.com>
21 * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
23 * @brief Tests for libcynara-client and libcynara-admin
26 #include <cynara_test_commons.h>
28 #include <tests_common.h>
29 #include <cynara_test_client.h>
30 #include <cynara_test_admin.h>
31 #include <cynara_test_env.h>
36 using namespace CynaraTestAdmin;
37 using namespace CynaraTestClient;
39 void tc01_cynara_initialize_func()
44 void tc02_admin_initialize_func()
49 void tc03_cynara_check_invalid_params_func()
53 const char *client = "client03";
54 const char *user = "user03";
55 const char *privilege = "privilege03";
56 const char *session = "session03";
58 cynara.check(nullptr, session, user, privilege, CYNARA_API_INVALID_PARAM);
59 cynara.check(client, nullptr, user, privilege, CYNARA_API_INVALID_PARAM);
60 cynara.check(client, session, nullptr, privilege, CYNARA_API_INVALID_PARAM);
61 cynara.check(client, session, user, nullptr, CYNARA_API_INVALID_PARAM);
64 void checkInvalidPolicy(Admin &admin,
68 const char *privilege,
70 const char *resultExtra)
72 CynaraPoliciesContainer cp;
73 cp.add(bucket, client, user, privilege, result, resultExtra);
75 admin.setPolicies(cp, CYNARA_API_INVALID_PARAM);
78 void tc04_admin_set_policies_invalid_params_func()
82 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
83 const char *client = "client04";
84 const char *user = "user04";
85 const char *privilege = "privilege04";
86 const int resultAllow = CYNARA_ADMIN_ALLOW;
87 const int resultBucket = CYNARA_ADMIN_BUCKET;
88 const int resultNone = CYNARA_ADMIN_NONE;
89 const char *resultExtra = nullptr;
91 checkInvalidPolicy(admin, nullptr, client, user, privilege, resultAllow, resultExtra);
92 checkInvalidPolicy(admin, bucket, nullptr, user, privilege, resultAllow, resultExtra);
93 checkInvalidPolicy(admin, bucket, client, nullptr, privilege, resultAllow, resultExtra);
94 checkInvalidPolicy(admin, bucket, client, user, nullptr, resultAllow, resultExtra);
95 checkInvalidPolicy(admin, bucket, client, user, privilege, INT_MAX, resultExtra);
96 checkInvalidPolicy(admin, bucket, client, user, privilege, resultBucket, nullptr );
97 checkInvalidPolicy(admin, bucket, client, user, privilege, resultNone, resultExtra);
100 void tc05_admin_set_bucket_invalid_params_func()
104 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
105 const int operationAllow = CYNARA_ADMIN_ALLOW;
106 const int operationDelete = CYNARA_ADMIN_DELETE;
107 const int operationNone = CYNARA_ADMIN_NONE;
108 const char *extra = nullptr;
110 admin.setBucket(nullptr, operationAllow, extra, CYNARA_API_INVALID_PARAM);
111 admin.setBucket(bucket, INT_MAX, extra, CYNARA_API_INVALID_PARAM);
112 admin.setBucket(bucket, operationDelete, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
113 admin.setBucket(bucket, operationNone, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
116 void tc06_cynara_check_empty_admin1_func()
120 const char *client = "client06_1";
121 const char *session = "session06_1";
122 const char *user = "user06_1";
123 const char *privilege = "privilege06_1";
125 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
128 void tc06_cynara_check_empty_admin2_func()
132 const char *client = CYNARA_ADMIN_WILDCARD;
133 const char *session = "session06_2";
134 const char *user = CYNARA_ADMIN_WILDCARD;
135 const char *privilege = CYNARA_ADMIN_WILDCARD;
137 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
140 void tc07_admin_set_bucket_admin_allow_deny_func()
145 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
146 const char *client = "client07";
147 const char *session = "session07";
148 const char *user = "user07";
149 const char *privilege = "privilege07";
150 const char *extra = nullptr;
152 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
154 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
156 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
158 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
161 void tc08_admin_set_policies_allow_remove1_func()
166 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
167 const char *session = "session08_1";
168 const int resultAllow = CYNARA_ADMIN_ALLOW;
169 const int resultDelete = CYNARA_ADMIN_DELETE;
170 const char *resultExtra = nullptr;
172 const std::vector< std::vector<const char *> > data = {
173 { "client08_1_a", "user08_1_a", "privilege08_1_a" },
174 { "client08_1_b", "user08_1_b", "privilege08_1_b" },
177 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
178 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
180 // allow first policy
182 CynaraPoliciesContainer cp;
183 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
184 admin.setPolicies(cp);
186 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
187 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
189 // allow second policy
191 CynaraPoliciesContainer cp;
192 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
193 admin.setPolicies(cp);
195 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
196 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
198 // delete first policy
200 CynaraPoliciesContainer cp;
201 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
202 admin.setPolicies(cp);
204 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
205 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
207 // delete second policy
209 CynaraPoliciesContainer cp;
210 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
211 admin.setPolicies(cp);
213 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
214 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
217 void tc08_admin_set_policies_allow_remove2_func()
222 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
223 const char *session = "session08_2";
224 const int resultAllow = CYNARA_ADMIN_ALLOW;
225 const int resultDelete = CYNARA_ADMIN_DELETE;
226 const char *resultExtra = nullptr;
228 const std::vector< std::vector<const char *> > data = {
229 { "client08_2_a", "user08_2_a", "privilege08_2_a" },
230 { "client08_2_b", "user08_2_b", "privilege08_2_b" },
233 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
234 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
236 // allow first policy
238 CynaraPoliciesContainer cp;
239 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
240 admin.setPolicies(cp);
242 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
243 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
245 // delete first, allow second policy
247 CynaraPoliciesContainer cp;
248 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
249 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
250 admin.setPolicies(cp);
252 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
253 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
255 // delete second policy
257 CynaraPoliciesContainer cp;
258 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
259 admin.setPolicies(cp);
262 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
263 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
266 void tc08_admin_set_policies_allow_remove3_func()
271 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
272 const char *session = "session08_3";
273 const int resultAllow = CYNARA_ADMIN_ALLOW;
274 const int resultDelete = CYNARA_ADMIN_DELETE;
275 const char *resultExtra = nullptr;
277 const std::vector< std::vector<const char *> > data = {
278 { "client08_3_a", "user08_3_a", "privilege08_3_a" },
279 { "client08_3_b", "user08_3_b", "privilege08_3_b" },
282 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
283 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
285 // allow first and second policy
287 CynaraPoliciesContainer cp;
288 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
289 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
290 admin.setPolicies(cp);
292 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
293 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
295 // delete first and second policy
297 CynaraPoliciesContainer cp;
298 cp.add(bucket, data[0][0], data[0][1], data[0][2], resultDelete, resultExtra);
299 cp.add(bucket, data[1][0], data[1][1], data[1][2], resultDelete, resultExtra);
300 admin.setPolicies(cp);
303 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
304 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
307 void checkAllDeny(const std::vector< std::vector<const char *> > &data,
312 for (auto it = data.begin(); it != data.end(); ++it) {
313 RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
316 for (auto itClient = data.begin(); itClient != data.end(); ++itClient) {
317 for (auto itUser = data.begin(); itUser != data.end(); ++itUser) {
318 for (auto itPrivilege = data.begin(); itPrivilege != data.end(); ++itPrivilege) {
319 cynara.check(itClient->at(0), session, itUser->at(1), itPrivilege->at(2), CYNARA_API_ACCESS_DENIED);
325 void checkSingleWildcardData(const std::vector< std::vector<const char *> > &data)
327 RUNNER_ASSERT_MSG(data.size() == 3, "Wrong test data size");
328 for (auto it = data.begin(); it != data.end(); ++it) {
329 RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
333 void checkSingleWildcardAllowRestDeny(const std::vector< std::vector<const char *> > &data,
338 checkSingleWildcardData(data);
340 for (size_t c = 0; c < data.size(); ++c) {
341 for (size_t u = 0; u < data.size(); ++u) {
342 for (size_t p = 0; p < data.size(); ++p) {
343 if ((u == 0 && p == 0)
344 || (c == 1 && p == 1)
345 || (c == 2 && u == 2)) {
346 cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_ALLOWED);
348 cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_DENIED);
355 void setSingleWildcardPolicies(const char *bucket,
356 const std::vector< std::vector<const char *> > &data,
357 const int result, const char* resultExtra)
360 CynaraPoliciesContainer cp;
362 checkSingleWildcardData(data);
365 CYNARA_ADMIN_WILDCARD, data[0][1], data[0][2],
366 result, resultExtra);
368 data[1][0], CYNARA_ADMIN_WILDCARD, data[1][2],
369 result, resultExtra);
371 data[2][0], data[2][1], CYNARA_ADMIN_WILDCARD,
372 result, resultExtra);
374 admin.setPolicies(cp);
377 void tc09_admin_set_policies_wildcard_accesses_func()
379 const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
380 const char *session = "session09";
381 const char *resultExtra = nullptr;
383 const std::vector< std::vector<const char *> > data = {
384 { "client09_a", "user09_a", "privilege09_a" },
385 { "client09_b", "user09_b", "privilege09_b" },
386 { "client09_c", "user09_c", "privilege09_c" }
389 checkAllDeny(data, session);
391 setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_ALLOW, resultExtra);
393 checkSingleWildcardAllowRestDeny(data, session);
395 setSingleWildcardPolicies(bucket, data, CYNARA_ADMIN_DELETE, resultExtra);
397 checkAllDeny(data, session);
400 void tc10_admin_change_extra_bucket_func()
405 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
406 const char *bucket = "bucket10";
407 const char *session = "session10";
408 const char *extra = nullptr;
409 const char *extraResult = nullptr;
412 const std::vector< std::vector<const char *> > data = {
413 { "client10_a", "user10_a", "privilege10_a" },
414 { "client10_b", "user10_b", "privilege10_b" }
417 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
418 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
420 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
422 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
423 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
426 CynaraPoliciesContainer cp;
427 cp.add(bucketDefault,
428 data[0][0], data[0][1], data[0][2],
429 CYNARA_ADMIN_BUCKET, bucket);
430 admin.setPolicies(cp);
433 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
434 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
436 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
438 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
439 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
441 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
443 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
444 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
447 CynaraPoliciesContainer cp;
448 cp.add(bucketDefault,
449 data[0][0], data[0][1], data[0][2],
450 CYNARA_ADMIN_DELETE, extraResult);
451 admin.setPolicies(cp);
454 cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
455 cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
457 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
460 void tc11_admin_bucket_not_found_func()
465 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
466 const char *bucket = "bucket11";
467 const char *client = "client11";
468 const char *session = "session11";
469 const char *user = "user11";
470 const char *privilege = "privilege11";
472 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
475 CynaraPoliciesContainer cp;
476 cp.add(bucketDefault,
477 client, user, privilege,
478 CYNARA_ADMIN_BUCKET, bucket);
479 admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
481 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
484 void tc12_admin_delete_bucket_with_policies_pointing_to_it_func()
489 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
490 const char *bucket = "bucket12";
491 const char *client = "client12";
492 const char *session = "session12";
493 const char *user = "user12";
494 const char *privilege = "privilege12";
495 const char *extra = nullptr;
497 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
500 CynaraPoliciesContainer cp;
501 cp.add(bucketDefault,
502 client, user, privilege,
503 CYNARA_ADMIN_BUCKET, bucket);
504 admin.setPolicies(cp);
506 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
508 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
509 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
511 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
512 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
514 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
515 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
518 void tc13_admin_set_policies_to_extra_bucket_func()
523 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
524 const char *bucket = "bucket13";
525 const char *client = "client13";
526 const char *session = "session13";
527 const char *user = "user13";
528 const char *privilege = "privilege13";
529 const char *extra = nullptr;
530 const char *extraResult = nullptr;
532 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
533 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
536 CynaraPoliciesContainer cp;
537 cp.add(bucketDefault,
538 client, user, privilege,
539 CYNARA_ADMIN_BUCKET, bucket);
541 client, user, privilege,
542 CYNARA_ADMIN_ALLOW, extraResult);
543 admin.setPolicies(cp);
545 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
547 admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
548 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
551 void tc14_admin_set_policies_integrity_func()
553 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
554 const char *bucket = "bucket14";
555 const char *client = "client14";
556 const char *session = "session14";
557 const char *user = "user14";
558 const char *privilege = "privilege14";
559 const char *extraResult = nullptr;
563 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
568 CynaraPoliciesContainer cp;
569 cp.add(bucketDefault,
570 client, user, privilege,
571 CYNARA_ADMIN_ALLOW, extraResult);
573 client, user, privilege,
574 CYNARA_ADMIN_ALLOW, extraResult);
575 admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
580 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
584 void tc15_admin_set_bucket_admin_none1_func()
589 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
590 const char *bucket = "bucket15_1";
591 const char *client = "client15_1";
592 const char *session = "session15_1";
593 const char *user = "user15_1";
594 const char *privilege = "privilege15_1";
595 const char *extra = nullptr;
596 const char *extraResult = nullptr;
598 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
601 CynaraPoliciesContainer cp;
602 cp.add(bucketDefault,
603 client, user, privilege,
604 CYNARA_ADMIN_BUCKET, bucket);
606 client, user, privilege,
607 CYNARA_ADMIN_ALLOW, extraResult);
608 admin.setPolicies(cp);
610 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
613 void tc15_admin_set_bucket_admin_none2_func()
618 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
619 const char *bucket = "bucket15_2";
620 const char *client = "client15_2";
621 const char *session = "session15_2";
622 const char *user = "user15_2";
623 const char *privilege = "privilege15_2";
624 const char *extra = nullptr;
626 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
629 CynaraPoliciesContainer cp;
630 cp.add(bucketDefault,
631 client, user, privilege,
632 CYNARA_ADMIN_BUCKET, bucket);
633 admin.setPolicies(cp);
635 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
638 void tc15_admin_set_bucket_admin_none3_func()
643 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
644 const char *bucket = "bucket15_3";
645 const char *client = "client15_3";
646 const char *session = "session15_3";
647 const char *user = "user15_3";
648 const char *privilege = "privilege15_3";
649 const char *extra = nullptr;
650 const char *extraResult = nullptr;
652 admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
655 CynaraPoliciesContainer cp;
656 cp.add(bucketDefault,
657 client, user, privilege,
658 CYNARA_ADMIN_BUCKET, bucket);
659 cp.add(bucketDefault,
660 client, user, CYNARA_ADMIN_WILDCARD,
661 CYNARA_ADMIN_ALLOW, extraResult);
662 admin.setPolicies(cp);
664 cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
667 void tc16_admin_check_single_bucket_func()
669 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
670 const char *client = "client16";
671 const char *user = "user16";
672 const char *privilege = "privilege16";
673 const char *extraResult = nullptr;
675 int notrecursive = 0;
679 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
680 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
681 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
682 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
684 CynaraPoliciesContainer cp;
685 cp.add(bucketDefault,
686 client, user, privilege,
687 CYNARA_ADMIN_ALLOW, extraResult);
688 admin.setPolicies(cp);
690 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
691 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
692 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
693 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
696 void tc17_admin_check_nested_bucket_func()
698 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
699 const char *bucket = "bucket17";
700 const char *client = "client17";
701 const char *user = "user17";
702 const char *privilege = "privilege17";
703 const char *extra = nullptr;
704 const char *extraResult = nullptr;
706 int notrecursive = 0;
709 admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
711 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
712 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
713 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
714 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
715 admin.adminCheck(bucket, recursive, client, user, privilege,
716 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
717 admin.adminCheck(bucket, notrecursive, client, user, privilege,
718 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
721 CynaraPoliciesContainer cp;
722 cp.add(bucketDefault,
723 client, user, privilege,
724 CYNARA_ADMIN_BUCKET, bucket);
726 client, user, privilege,
727 CYNARA_ADMIN_ALLOW, extraResult);
728 admin.setPolicies(cp);
731 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
732 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
733 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
734 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
735 admin.adminCheck(bucket, recursive, client, user, privilege,
736 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
737 admin.adminCheck(bucket, notrecursive, client, user, privilege,
738 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
741 void tc18_admin_check_multiple_matches_func()
743 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
744 const char *client = "client18";
745 const char *user = "user18";
746 const char *privilege = "privilege18";
747 const char *wildcard = CYNARA_ADMIN_WILDCARD;
748 const char *extra = nullptr;
749 const char *extraResult = nullptr;
751 int notrecursive = 0;
755 auto check = [&](int expected_result)
757 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
758 expected_result, nullptr, CYNARA_API_SUCCESS);
759 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
760 expected_result, nullptr, CYNARA_API_SUCCESS);
763 check(CYNARA_ADMIN_DENY);
766 CynaraPoliciesContainer cp;
767 cp.add(bucketDefault,
768 client, user, privilege,
769 CYNARA_ADMIN_ALLOW, extraResult);
770 admin.setPolicies(cp);
773 check(CYNARA_ADMIN_ALLOW);
776 CynaraPoliciesContainer cp;
777 cp.add(bucketDefault,
778 wildcard, user, privilege,
779 CYNARA_ADMIN_DENY, extraResult);
780 admin.setPolicies(cp);
783 check(CYNARA_ADMIN_DENY);
785 admin.setBucket(bucketDefault, CYNARA_ADMIN_ALLOW, extra);
787 check(CYNARA_ADMIN_DENY);
790 CynaraPoliciesContainer cp;
791 cp.add(bucketDefault,
792 client, user, privilege,
793 CYNARA_ADMIN_DELETE, extraResult);
794 admin.setPolicies(cp);
797 check(CYNARA_ADMIN_DENY);
800 CynaraPoliciesContainer cp;
801 cp.add(bucketDefault,
802 wildcard, user, privilege,
803 CYNARA_ADMIN_DELETE, extraResult);
804 admin.setPolicies(cp);
807 check(CYNARA_ADMIN_ALLOW);
810 void tc19_admin_check_none_bucket_func()
812 const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
813 const char *bucket1 = "bucket19_a";
814 const char *bucket2 = "bucket19_b";
815 const char *client = "client19";
816 const char *user = "user19";
817 const char *privilege = "privilege19";
818 const char *extra = nullptr;
820 int notrecursive = 0;
823 admin.setBucket(bucket1, CYNARA_ADMIN_NONE, extra);
824 admin.setBucket(bucket2, CYNARA_ADMIN_ALLOW, extra);
826 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
827 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
828 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
829 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
830 admin.adminCheck(bucket1, recursive, client, user, privilege,
831 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
832 admin.adminCheck(bucket1, notrecursive, client, user, privilege,
833 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
834 admin.adminCheck(bucket2, recursive, client, user, privilege,
835 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
836 admin.adminCheck(bucket2, notrecursive, client, user, privilege,
837 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
840 CynaraPoliciesContainer cp;
841 cp.add(bucketDefault,
842 client, user, privilege,
843 CYNARA_ADMIN_BUCKET, bucket1);
845 client, user, privilege,
846 CYNARA_ADMIN_BUCKET, bucket2);
847 admin.setPolicies(cp);
850 admin.adminCheck(bucketDefault, recursive, client, user, privilege,
851 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
852 admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
853 CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
854 admin.adminCheck(bucket1, recursive, client, user, privilege,
855 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
856 admin.adminCheck(bucket1, notrecursive, client, user, privilege,
857 CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
858 admin.adminCheck(bucket2, recursive, client, user, privilege,
859 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
860 admin.adminCheck(bucket2, notrecursive, client, user, privilege,
861 CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
864 void tc20_admin_list_empty_bucket_func()
866 const char *emptyBucket = "empty_bucket20";
867 const char *client = "client20";
868 const char *user = "user20";
869 const char *privilege = "privilege20";
870 const char *extra = nullptr;
873 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
875 CynaraPoliciesContainer emptyPolicies;
877 admin.listPolicies(emptyBucket, client, user, privilege, emptyPolicies);
880 void tc21_admin_list_no_bucket_func()
882 const char *emptyBucket = "empty_bucket21";
883 const char *notExistingBucket = "not_existing_bucket21";
884 const char *client = "client21";
885 const char *user = "user21";
886 const char *privilege = "privilege21";
887 const char *extra = nullptr;
890 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
892 CynaraPoliciesContainer emptyPolicies;
894 admin.listPolicies(notExistingBucket, client, user, privilege, emptyPolicies,
895 CYNARA_API_BUCKET_NOT_FOUND);
898 void tc22_admin_list_bucket_func()
900 const char *bucket = "bucket22";
901 const char *emptyBucket = "empty_bucket22";
902 const char *client = "client22";
903 const char *user = "user22";
904 const char *privilege = "privilege22";
905 const char *client2 = "client22_2";
906 const char *user2 = "user22_2";
907 const char *privilege2 = "privilege22_2";
908 const char *wildcard = CYNARA_ADMIN_WILDCARD;
909 const char *any = CYNARA_ADMIN_ANY;
911 const char *extra = nullptr;
914 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
915 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
918 CynaraPoliciesContainer cp;
919 cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
920 cp.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
921 cp.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
922 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
923 cp.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
924 cp.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
925 cp.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
926 cp.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
927 cp.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
928 cp.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
929 cp.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
930 cp.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
931 cp.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
932 cp.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
933 cp.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
934 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
935 cp.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
936 cp.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
937 cp.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
938 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
939 cp.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
940 cp.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
941 cp.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
942 cp.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
943 cp.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
944 cp.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
945 cp.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
946 admin.setPolicies(cp);
949 CynaraPoliciesContainer expectedPolicies;
950 expectedPolicies.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
951 expectedPolicies.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
952 expectedPolicies.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
954 admin.listPolicies(bucket, client, wildcard, any, expectedPolicies);
957 void tc23_admin_erase_empty_bucket_func()
959 const char *emptyBucket = "empty_bucket23";
960 const char *client = "client23";
961 const char *user = "user23";
962 const char *privilege = "privilege23";
963 const char *extra = nullptr;
967 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
969 admin.erasePolicies(emptyBucket, recursive, client, user, privilege);
972 void tc24_admin_erase_no_bucket_func()
974 const char *emptyBucket = "empty_bucket24";
975 const char *notExistingBucket = "not_existing_bucket24";
976 const char *client = "client24";
977 const char *user = "user24";
978 const char *privilege = "privilege24";
979 const char *extra = nullptr;
983 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
985 admin.erasePolicies(notExistingBucket, recursive, client, user, privilege,
986 CYNARA_API_BUCKET_NOT_FOUND);
989 void tc25_admin_erase_single_bucket_func()
991 const char *bucket = "bucket25";
992 const char *emptyBucket = "empty_bucket25";
993 const char *client = "client25";
994 const char *user = "user25";
995 const char *privilege = "privilege25";
996 const char *client2 = "client25_2";
997 const char *user2 = "user25_2";
998 const char *privilege2 = "privilege25_2";
999 const char *wildcard = CYNARA_ADMIN_WILDCARD;
1000 const char *any = CYNARA_ADMIN_ANY;
1001 const char *extra = nullptr;
1005 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
1006 admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
1009 CynaraPoliciesContainer cp;
1010 cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1011 cp.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1012 cp.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1013 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1014 cp.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1015 cp.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
1016 cp.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1017 cp.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
1018 cp.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1019 cp.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
1020 cp.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1021 cp.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1022 cp.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1023 cp.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1024 cp.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1025 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1026 cp.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1027 cp.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
1028 cp.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1029 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1030 cp.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1031 cp.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
1032 cp.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1033 cp.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
1034 cp.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1035 cp.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
1036 cp.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1037 admin.setPolicies(cp);
1040 admin.erasePolicies(bucket, recursive, client, wildcard, any);
1043 CynaraPoliciesContainer expPolicies;
1044 expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1045 expPolicies.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1046 expPolicies.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1047 expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1048 expPolicies.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1049 expPolicies.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
1050 expPolicies.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1051 expPolicies.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
1052 expPolicies.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1053 // WAS ERASED (bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
1054 expPolicies.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1055 // WAS ERASED (bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1056 // WAS ERASED (bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1057 expPolicies.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
1058 expPolicies.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1059 expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1060 expPolicies.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1061 expPolicies.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
1062 expPolicies.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
1063 expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1064 expPolicies.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1065 expPolicies.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
1066 expPolicies.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1067 expPolicies.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
1068 expPolicies.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1069 expPolicies.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
1070 expPolicies.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
1071 admin.listPolicies(bucket, any, any, any, expPolicies);
1074 CynaraPoliciesContainer expPolicies;
1075 admin.listPolicies(emptyBucket, any, any, any, expPolicies);
1079 void tc26_admin_erase_recursive_not_linked_buckets_func()
1081 const char *bucket = "bucket26";
1082 const char *subBucket = "sub_bucket26";
1083 const char *client = "client26";
1084 const char *user = "user26";
1085 const char *privilege = "privilege26";
1086 const char *wildcard = CYNARA_ADMIN_WILDCARD;
1087 const char *any = CYNARA_ADMIN_ANY;
1088 const char *extra = nullptr;
1092 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
1093 admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
1096 CynaraPoliciesContainer cp;
1097 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1098 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1099 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1101 cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1102 cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1103 cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1104 admin.setPolicies(cp);
1107 admin.erasePolicies(bucket, recursive, any, user, wildcard);
1110 CynaraPoliciesContainer expPolicies;
1111 expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1112 admin.listPolicies(bucket, any, any, any, expPolicies);
1115 CynaraPoliciesContainer expPolicies;
1116 expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1117 expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1118 expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1119 admin.listPolicies(subBucket, any, any, any, expPolicies);
1123 void tc27_admin_erase_recursive_linked_buckets_func()
1125 const char *bucket = "bucket27";
1126 const char *subBucket = "sub_bucket27";
1127 const char *client = "client27";
1128 const char *user = "user27";
1129 const char *privilege = "privilege27";
1130 const char *wildcard = CYNARA_ADMIN_WILDCARD;
1131 const char *any = CYNARA_ADMIN_ANY;
1132 const char *extra = nullptr;
1136 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
1137 admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
1140 CynaraPoliciesContainer cp;
1141 cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1143 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1144 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1145 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1147 cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1148 cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1149 cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1150 admin.setPolicies(cp);
1153 admin.erasePolicies(bucket, recursive, any, user, wildcard);
1156 CynaraPoliciesContainer expPolicies;
1157 expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1158 expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1159 admin.listPolicies(bucket, any, any, any, expPolicies);
1162 CynaraPoliciesContainer expPolicies;
1163 expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1164 admin.listPolicies(subBucket, any, any, any, expPolicies);
1168 void tc28_admin_erase_non_recursive_linked_buckets_func()
1170 const char *bucket = "bucket28";
1171 const char *subBucket = "sub_bucket28";
1172 const char *client = "client28";
1173 const char *user = "user28";
1174 const char *privilege = "privilege28";
1175 const char *wildcard = CYNARA_ADMIN_WILDCARD;
1176 const char *any = CYNARA_ADMIN_ANY;
1177 const char *extra = nullptr;
1181 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
1182 admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
1185 CynaraPoliciesContainer cp;
1186 cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1188 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1189 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1190 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1192 cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1193 cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1194 cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1195 admin.setPolicies(cp);
1198 admin.erasePolicies(bucket, recursive, any, user, wildcard);
1201 CynaraPoliciesContainer expPolicies;
1202 expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1203 expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1204 admin.listPolicies(bucket, any, any, any, expPolicies);
1207 CynaraPoliciesContainer expPolicies;
1208 expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1209 expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1210 expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1211 admin.listPolicies(subBucket, any, any, any, expPolicies);
1215 void tc29_admin_erase_recursive_from_sub_bucket_func()
1217 const char *bucket = "bucket29";
1218 const char *subBucket = "sub_bucket29";
1219 const char *client = "client29";
1220 const char *user = "user29";
1221 const char *privilege = "privilege29";
1222 const char *wildcard = CYNARA_ADMIN_WILDCARD;
1223 const char *any = CYNARA_ADMIN_ANY;
1224 const char *extra = nullptr;
1228 admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
1229 admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
1232 CynaraPoliciesContainer cp;
1233 cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1235 cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1236 cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1237 cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1239 cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1240 cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1241 cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1242 admin.setPolicies(cp);
1245 admin.erasePolicies(subBucket, recursive, any, user, wildcard);
1248 CynaraPoliciesContainer expPolicies;
1249 expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
1250 expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
1251 expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
1252 expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1253 admin.listPolicies(bucket, any, any, any, expPolicies);
1256 CynaraPoliciesContainer expPolicies;
1257 expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
1258 admin.listPolicies(subBucket, any, any, any, expPolicies);
1262 void testPlugins(const std::vector<std::string> &plugins)
1264 using namespace CynaraTestPlugins;
1266 DirectoryPaths paths;
1267 Descriptions expectedDescriptions(POLICY_DESCRIPTIONS.at(DEFAULT_POLICY));
1269 for (auto &plugin : plugins) {
1270 paths.push_back(TEST_PLUGIN_PATH + plugin);
1272 const Descriptions &pluginDescriptions = POLICY_DESCRIPTIONS.at(plugin);
1273 expectedDescriptions.insert(expectedDescriptions.end(),
1274 pluginDescriptions.begin(), pluginDescriptions.end());
1277 loadServicePlugins(paths);
1280 admin.listPoliciesDescriptions(expectedDescriptions);
1283 void tc30_admin_list_descriptions_no_plugins_func()
1288 void tc31_admin_list_descriptions_1_plugin_single_policy_func()
1290 testPlugins({CynaraTestPlugins::SINGLE_POLICY});
1293 void tc32_admin_list_descriptions_1_plugin_multiple_policy_func()
1295 testPlugins({CynaraTestPlugins::MULTIPLE_POLICY});
1298 void tc33_admin_list_descriptions_multiple_plugins_func()
1300 testPlugins({CynaraTestPlugins::SINGLE_POLICY,
1301 CynaraTestPlugins::MULTIPLE_POLICY});
1304 RUNNER_TEST_GROUP_INIT(cynara_tests)
1306 RUN_CYNARA_TEST(tc01_cynara_initialize)
1307 RUN_CYNARA_TEST(tc02_admin_initialize)
1308 RUN_CYNARA_TEST(tc03_cynara_check_invalid_params)
1309 RUN_CYNARA_TEST(tc04_admin_set_policies_invalid_params)
1310 RUN_CYNARA_TEST(tc05_admin_set_bucket_invalid_params)
1311 RUN_CYNARA_TEST(tc06_cynara_check_empty_admin1)
1312 RUN_CYNARA_TEST(tc06_cynara_check_empty_admin2)
1313 RUN_CYNARA_TEST(tc07_admin_set_bucket_admin_allow_deny)
1314 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove1)
1315 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove2)
1316 RUN_CYNARA_TEST(tc08_admin_set_policies_allow_remove3)
1317 RUN_CYNARA_TEST(tc09_admin_set_policies_wildcard_accesses)
1318 RUN_CYNARA_TEST(tc10_admin_change_extra_bucket)
1319 RUN_CYNARA_TEST(tc11_admin_bucket_not_found)
1320 RUN_CYNARA_TEST(tc12_admin_delete_bucket_with_policies_pointing_to_it)
1321 RUN_CYNARA_TEST(tc13_admin_set_policies_to_extra_bucket)
1322 RUN_CYNARA_TEST(tc14_admin_set_policies_integrity)
1323 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none1)
1324 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none2)
1325 RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none3)
1326 RUN_CYNARA_TEST(tc16_admin_check_single_bucket)
1327 RUN_CYNARA_TEST(tc17_admin_check_nested_bucket)
1328 RUN_CYNARA_TEST(tc18_admin_check_multiple_matches)
1329 RUN_CYNARA_TEST(tc19_admin_check_none_bucket)
1330 RUN_CYNARA_TEST(tc20_admin_list_empty_bucket)
1331 RUN_CYNARA_TEST(tc21_admin_list_no_bucket)
1332 RUN_CYNARA_TEST(tc22_admin_list_bucket)
1333 RUN_CYNARA_TEST(tc23_admin_erase_empty_bucket)
1334 RUN_CYNARA_TEST(tc24_admin_erase_no_bucket)
1335 RUN_CYNARA_TEST(tc25_admin_erase_single_bucket)
1336 RUN_CYNARA_TEST(tc26_admin_erase_recursive_not_linked_buckets)
1337 RUN_CYNARA_TEST(tc27_admin_erase_recursive_linked_buckets)
1338 RUN_CYNARA_TEST(tc28_admin_erase_non_recursive_linked_buckets)
1339 RUN_CYNARA_TEST(tc29_admin_erase_recursive_from_sub_bucket)
1340 RUN_CYNARA_TEST(tc30_admin_list_descriptions_no_plugins)
1341 RUN_CYNARA_TEST(tc31_admin_list_descriptions_1_plugin_single_policy)
1342 RUN_CYNARA_TEST(tc32_admin_list_descriptions_1_plugin_multiple_policy)
1343 RUN_CYNARA_TEST(tc33_admin_list_descriptions_multiple_plugins)
projects / platform / core / test / security-tests.git / blob