/*
- * Copyright (c) 2014 Samsung Electronics Co., Ltd
+ * Copyright (c) 2014-2015 Samsung Electronics Co., Ltd All Rights Reserved
*
- * Licensed under the Apache License, Version 2.0 (the License);
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
*
- * http://www.apache.org/licenses/LICENSE-2.0
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an AS IS BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
*/
/*
* @file test_cases.cpp
* @author Aleksander Zdyb <a.zdyb@partner.samsung.com>
* @author Marcin Niesluchowski <m.niesluchow@samsung.com>
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
* @version 1.1
* @brief Tests for libcynara-client and libcynara-admin
*/
-#include <dpl/exception.h>
+#include <cynara_test_commons.h>
+
#include <tests_common.h>
#include <cynara_test_client.h>
#include <cynara_test_admin.h>
#include <cynara_test_env.h>
+#include <plugins.h>
-#include <functional>
#include <climits>
-void environmentWrap(const char *testName, const std::function<void(void)> &func)
-{
- CynaraTestEnv env(testName);
- env.save();
-
- try {
- func();
- } catch (const DPL::Test::TestRunner::TestFailed &e) {
- env.restore();
- throw e;
- } catch (const DPL::Test::TestRunner::Ignored &e) {
- env.restore();
- throw e;
- } catch (const DPL::Exception &e) {
- env.restore();
- throw e;
- } catch (const std::exception &e) {
- env.restore();
- throw e;
- } catch (...) {
- env.restore();
- throw std::runtime_error("Unknown exception");
- }
- env.restore();
-}
-
-#define RUN_CYNARA_TEST(Proc) \
- RUNNER_TEST(Proc) \
- { \
- environmentWrap(#Proc, Proc##_func); \
- }
+using namespace CynaraTestAdmin;
+using namespace CynaraTestClient;
void tc01_cynara_initialize_func()
{
- CynaraTestClient();
+ Client();
}
void tc02_admin_initialize_func()
{
- CynaraTestAdmin admin;
+ Admin admin;
}
void tc03_cynara_check_invalid_params_func()
{
- CynaraTestClient cynara;
+ Client cynara;
const char *client = "client03";
const char *user = "user03";
cynara.check(client, session, user, nullptr, CYNARA_API_INVALID_PARAM);
}
-void checkInvalidPolicy(CynaraTestAdmin &admin,
+void checkInvalidPolicy(Admin &admin,
const char *bucket,
const char *client,
const char *user,
CynaraPoliciesContainer cp;
cp.add(bucket, client, user, privilege, result, resultExtra);
- admin.setPolicies(cp, CYNARA_ADMIN_API_INVALID_PARAM);
+ admin.setPolicies(cp, CYNARA_API_INVALID_PARAM);
}
void tc04_admin_set_policies_invalid_params_func()
{
- CynaraTestAdmin admin;
+ Admin admin;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *client = "client04";
const char *privilege = "privilege04";
const int resultAllow = CYNARA_ADMIN_ALLOW;
const int resultBucket = CYNARA_ADMIN_BUCKET;
+ const int resultNone = CYNARA_ADMIN_NONE;
const char *resultExtra = nullptr;
checkInvalidPolicy(admin, nullptr, client, user, privilege, resultAllow, resultExtra);
checkInvalidPolicy(admin, bucket, client, user, nullptr, resultAllow, resultExtra);
checkInvalidPolicy(admin, bucket, client, user, privilege, INT_MAX, resultExtra);
checkInvalidPolicy(admin, bucket, client, user, privilege, resultBucket, nullptr );
+ checkInvalidPolicy(admin, bucket, client, user, privilege, resultNone, resultExtra);
}
void tc05_admin_set_bucket_invalid_params_func()
{
- CynaraTestAdmin admin;
+ Admin admin;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const int operationAllow = CYNARA_ADMIN_ALLOW;
const int operationDelete = CYNARA_ADMIN_DELETE;
+ const int operationNone = CYNARA_ADMIN_NONE;
const char *extra = nullptr;
- admin.setBucket(nullptr, operationAllow, extra, CYNARA_ADMIN_API_INVALID_PARAM);
- admin.setBucket(bucket, INT_MAX, extra, CYNARA_ADMIN_API_INVALID_PARAM);
- admin.setBucket(bucket, operationDelete, extra, CYNARA_ADMIN_API_OPERATION_NOT_ALLOWED);
+ admin.setBucket(nullptr, operationAllow, extra, CYNARA_API_INVALID_PARAM);
+ admin.setBucket(bucket, INT_MAX, extra, CYNARA_API_INVALID_PARAM);
+ admin.setBucket(bucket, operationDelete, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
+ admin.setBucket(bucket, operationNone, extra, CYNARA_API_OPERATION_NOT_ALLOWED);
}
void tc06_cynara_check_empty_admin1_func()
{
- CynaraTestClient cynara;
+ Client cynara;
const char *client = "client06_1";
const char *session = "session06_1";
void tc06_cynara_check_empty_admin2_func()
{
- CynaraTestClient cynara;
+ Client cynara;
const char *client = CYNARA_ADMIN_WILDCARD;
const char *session = "session06_2";
void tc07_admin_set_bucket_admin_allow_deny_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *client = "client07";
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
- cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
void tc08_admin_set_policies_allow_remove1_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *session = "session08_1";
cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
admin.setPolicies(cp);
}
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
// allow second policy
cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
admin.setPolicies(cp);
}
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
- cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
// delete first policy
{
admin.setPolicies(cp);
}
cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
- cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_SUCCESS);
+ cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
// delete second policy
{
void tc08_admin_set_policies_allow_remove2_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *session = "session08_2";
cp.add(bucket, data[0][0], data[0][1], data[0][2], resultAllow, resultExtra);
admin.setPolicies(cp);
}
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
// delete first, allow second policy
admin.setPolicies(cp);
}
cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
- cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_SUCCESS);
+ cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
// delete second policy
{
void tc08_admin_set_policies_allow_remove3_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucket = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *session = "session08_3";
cp.add(bucket, data[1][0], data[1][1], data[1][2], resultAllow, resultExtra);
admin.setPolicies(cp);
}
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
- cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
+ cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_ALLOWED);
// delete first and second policy
{
void checkAllDeny(const std::vector< std::vector<const char *> > &data,
const char *session)
{
- CynaraTestClient cynara;
+ Client cynara;
for (auto it = data.begin(); it != data.end(); ++it) {
- RUNNER_ASSERT_MSG_BT(it->size() == 3, "Wrong test data size");
+ RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
}
for (auto itClient = data.begin(); itClient != data.end(); ++itClient) {
void checkSingleWildcardData(const std::vector< std::vector<const char *> > &data)
{
- RUNNER_ASSERT_MSG_BT(data.size() == 3, "Wrong test data size");
+ RUNNER_ASSERT_MSG(data.size() == 3, "Wrong test data size");
for (auto it = data.begin(); it != data.end(); ++it) {
- RUNNER_ASSERT_MSG_BT(it->size() == 3, "Wrong test data size");
+ RUNNER_ASSERT_MSG(it->size() == 3, "Wrong test data size");
}
}
void checkSingleWildcardAllowRestDeny(const std::vector< std::vector<const char *> > &data,
const char *session)
{
- CynaraTestClient cynara;
+ Client cynara;
checkSingleWildcardData(data);
if ((u == 0 && p == 0)
|| (c == 1 && p == 1)
|| (c == 2 && u == 2)) {
- cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_SUCCESS);
+ cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_ALLOWED);
} else {
cynara.check(data[c][0], session, data[u][1], data[p][2], CYNARA_API_ACCESS_DENIED);
}
const std::vector< std::vector<const char *> > &data,
const int result, const char* resultExtra)
{
- CynaraTestAdmin admin;
+ Admin admin;
CynaraPoliciesContainer cp;
checkSingleWildcardData(data);
void tc10_admin_change_extra_bucket_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *bucket = "bucket10";
admin.setPolicies(cp);
}
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
- cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+ cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_ALLOWED);
cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
{
void tc11_admin_bucket_not_found_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *bucket = "bucket11";
cp.add(bucketDefault,
client, user, privilege,
CYNARA_ADMIN_BUCKET, bucket);
- admin.setPolicies(cp, CYNARA_ADMIN_API_BUCKET_NOT_FOUND);
+ admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
}
cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
}
void tc12_admin_delete_bucket_with_policies_pointing_to_it_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *bucket = "bucket12";
CYNARA_ADMIN_BUCKET, bucket);
admin.setPolicies(cp);
}
- cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
void tc13_admin_set_policies_to_extra_bucket_func()
{
- CynaraTestAdmin admin;
- CynaraTestClient cynara;
+ Admin admin;
+ Client cynara;
const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
const char *bucket = "bucket13";
CYNARA_ADMIN_ALLOW, extraResult);
admin.setPolicies(cp);
}
- cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
}
+void tc14_admin_set_policies_integrity_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket14";
+ const char *client = "client14";
+ const char *session = "session14";
+ const char *user = "user14";
+ const char *privilege = "privilege14";
+ const char *extraResult = nullptr;
+
+ {
+ Client cynara;
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+ }
+
+ {
+ Admin admin;
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ cp.add(bucket,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp, CYNARA_API_BUCKET_NOT_FOUND);
+ }
+
+ {
+ Client cynara;
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+ }
+}
+
+void tc15_admin_set_bucket_admin_none1_func()
+{
+ Admin admin;
+ Client cynara;
+
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket15_1";
+ const char *client = "client15_1";
+ const char *session = "session15_1";
+ const char *user = "user15_1";
+ const char *privilege = "privilege15_1";
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+
+ admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket);
+ cp.add(bucket,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
+}
+
+void tc15_admin_set_bucket_admin_none2_func()
+{
+ Admin admin;
+ Client cynara;
+
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket15_2";
+ const char *client = "client15_2";
+ const char *session = "session15_2";
+ const char *user = "user15_2";
+ const char *privilege = "privilege15_2";
+ const char *extra = nullptr;
+
+ admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket);
+ admin.setPolicies(cp);
+ }
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+}
+
+void tc15_admin_set_bucket_admin_none3_func()
+{
+ Admin admin;
+ Client cynara;
+
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket15_3";
+ const char *client = "client15_3";
+ const char *session = "session15_3";
+ const char *user = "user15_3";
+ const char *privilege = "privilege15_3";
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+
+ admin.setBucket(bucket, CYNARA_ADMIN_NONE, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket);
+ cp.add(bucketDefault,
+ client, user, CYNARA_ADMIN_WILDCARD,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+ cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_ALLOWED);
+}
+
+void tc16_admin_check_single_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *client = "client16";
+ const char *user = "user16";
+ const char *privilege = "privilege16";
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ Admin admin;
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+}
+
+void tc17_admin_check_nested_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket17";
+ const char *client = "client17";
+ const char *user = "user17";
+ const char *privilege = "privilege17";
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket);
+ cp.add(bucket,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+}
+
+void tc18_admin_check_multiple_matches_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *client = "client18";
+ const char *user = "user18";
+ const char *privilege = "privilege18";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ Admin admin;
+
+ auto check = [&](int expected_result)
+ {
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ expected_result, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ expected_result, nullptr, CYNARA_API_SUCCESS);
+ };
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_ALLOW);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ wildcard, user, privilege,
+ CYNARA_ADMIN_DENY, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_DENY);
+
+ admin.setBucket(bucketDefault, CYNARA_ADMIN_ALLOW, extra);
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_DELETE, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ wildcard, user, privilege,
+ CYNARA_ADMIN_DELETE, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_ALLOW);
+}
+
+void tc19_admin_check_none_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket1 = "bucket19_a";
+ const char *bucket2 = "bucket19_b";
+ const char *client = "client19";
+ const char *user = "user19";
+ const char *privilege = "privilege19";
+ const char *extra = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ Admin admin;
+ admin.setBucket(bucket1, CYNARA_ADMIN_NONE, extra);
+ admin.setBucket(bucket2, CYNARA_ADMIN_ALLOW, extra);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket1, recursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket1, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket2, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket2, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket1);
+ cp.add(bucket1,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket2);
+ admin.setPolicies(cp);
+ }
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket1, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket1, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket2, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+ admin.adminCheck(bucket2, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_API_SUCCESS);
+}
+
+void tc20_admin_list_empty_bucket_func()
+{
+ const char *emptyBucket = "empty_bucket20";
+ const char *client = "client20";
+ const char *user = "user20";
+ const char *privilege = "privilege20";
+ const char *extra = nullptr;
+
+ Admin admin;
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ CynaraPoliciesContainer emptyPolicies;
+
+ admin.listPolicies(emptyBucket, client, user, privilege, emptyPolicies);
+}
+
+void tc21_admin_list_no_bucket_func()
+{
+ const char *emptyBucket = "empty_bucket21";
+ const char *notExistingBucket = "not_existing_bucket21";
+ const char *client = "client21";
+ const char *user = "user21";
+ const char *privilege = "privilege21";
+ const char *extra = nullptr;
+
+ Admin admin;
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ CynaraPoliciesContainer emptyPolicies;
+
+ admin.listPolicies(notExistingBucket, client, user, privilege, emptyPolicies,
+ CYNARA_API_BUCKET_NOT_FOUND);
+}
+
+void tc22_admin_list_bucket_func()
+{
+ const char *bucket = "bucket22";
+ const char *emptyBucket = "empty_bucket22";
+ const char *client = "client22";
+ const char *user = "user22";
+ const char *privilege = "privilege22";
+ const char *client2 = "client22_2";
+ const char *user2 = "user22_2";
+ const char *privilege2 = "privilege22_2";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+
+ const char *extra = nullptr;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ admin.setPolicies(cp);
+ }
+
+ CynaraPoliciesContainer expectedPolicies;
+ expectedPolicies.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
+ expectedPolicies.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ expectedPolicies.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+
+ admin.listPolicies(bucket, client, wildcard, any, expectedPolicies);
+}
+
+void tc23_admin_erase_empty_bucket_func()
+{
+ const char *emptyBucket = "empty_bucket23";
+ const char *client = "client23";
+ const char *user = "user23";
+ const char *privilege = "privilege23";
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ admin.erasePolicies(emptyBucket, recursive, client, user, privilege);
+}
+
+void tc24_admin_erase_no_bucket_func()
+{
+ const char *emptyBucket = "empty_bucket24";
+ const char *notExistingBucket = "not_existing_bucket24";
+ const char *client = "client24";
+ const char *user = "user24";
+ const char *privilege = "privilege24";
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ admin.erasePolicies(notExistingBucket, recursive, client, user, privilege,
+ CYNARA_API_BUCKET_NOT_FOUND);
+}
+
+void tc25_admin_erase_single_bucket_func()
+{
+ const char *bucket = "bucket25";
+ const char *emptyBucket = "empty_bucket25";
+ const char *client = "client25";
+ const char *user = "user25";
+ const char *privilege = "privilege25";
+ const char *client2 = "client25_2";
+ const char *user2 = "user25_2";
+ const char *privilege2 = "privilege25_2";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ cp.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ admin.setPolicies(cp);
+ }
+
+ admin.erasePolicies(bucket, recursive, client, wildcard, any);
+
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ // WAS ERASED (bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ // WAS ERASED (bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ // WAS ERASED (bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ expPolicies.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket);
+ admin.listPolicies(bucket, any, any, any, expPolicies);
+ }
+ {
+ CynaraPoliciesContainer expPolicies;
+ admin.listPolicies(emptyBucket, any, any, any, expPolicies);
+ }
+}
+
+void tc26_admin_erase_recursive_not_linked_buckets_func()
+{
+ const char *bucket = "bucket26";
+ const char *subBucket = "sub_bucket26";
+ const char *client = "client26";
+ const char *user = "user26";
+ const char *privilege = "privilege26";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+
+ cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.setPolicies(cp);
+ }
+
+ admin.erasePolicies(bucket, recursive, any, user, wildcard);
+
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(bucket, any, any, any, expPolicies);
+ }
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(subBucket, any, any, any, expPolicies);
+ }
+}
+
+void tc27_admin_erase_recursive_linked_buckets_func()
+{
+ const char *bucket = "bucket27";
+ const char *subBucket = "sub_bucket27";
+ const char *client = "client27";
+ const char *user = "user27";
+ const char *privilege = "privilege27";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+
+ cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.setPolicies(cp);
+ }
+
+ admin.erasePolicies(bucket, recursive, any, user, wildcard);
+
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+ admin.listPolicies(bucket, any, any, any, expPolicies);
+ }
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(subBucket, any, any, any, expPolicies);
+ }
+}
+
+void tc28_admin_erase_non_recursive_linked_buckets_func()
+{
+ const char *bucket = "bucket28";
+ const char *subBucket = "sub_bucket28";
+ const char *client = "client28";
+ const char *user = "user28";
+ const char *privilege = "privilege28";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+ const char *extra = nullptr;
+ int recursive = 0;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+
+ cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.setPolicies(cp);
+ }
+
+ admin.erasePolicies(bucket, recursive, any, user, wildcard);
+
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+ admin.listPolicies(bucket, any, any, any, expPolicies);
+ }
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(subBucket, any, any, any, expPolicies);
+ }
+}
+
+void tc29_admin_erase_recursive_from_sub_bucket_func()
+{
+ const char *bucket = "bucket29";
+ const char *subBucket = "sub_bucket29";
+ const char *client = "client29";
+ const char *user = "user29";
+ const char *privilege = "privilege29";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *any = CYNARA_ADMIN_ANY;
+ const char *extra = nullptr;
+ int recursive = 1;
+
+ Admin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+ admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+
+ cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+
+ cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.setPolicies(cp);
+ }
+
+ admin.erasePolicies(subBucket, recursive, any, user, wildcard);
+
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket);
+ expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra);
+ expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(bucket, any, any, any, expPolicies);
+ }
+ {
+ CynaraPoliciesContainer expPolicies;
+ expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra);
+ admin.listPolicies(subBucket, any, any, any, expPolicies);
+ }
+}
+
+void testPlugins(const std::vector<std::string> &plugins)
+{
+ using namespace CynaraTestPlugins;
+
+ DirectoryPaths paths;
+ Descriptions expectedDescriptions(POLICY_DESCRIPTIONS.at(DEFAULT_POLICY));
+
+ for (auto &plugin : plugins) {
+ paths.push_back(TEST_PLUGIN_PATH + plugin);
+
+ const Descriptions &pluginDescriptions = POLICY_DESCRIPTIONS.at(plugin);
+ expectedDescriptions.insert(expectedDescriptions.end(),
+ pluginDescriptions.begin(), pluginDescriptions.end());
+ }
+
+ loadServicePlugins(paths);
+
+ Admin admin;
+ admin.listPoliciesDescriptions(expectedDescriptions);
+}
+
+void tc30_admin_list_descriptions_no_plugins_func()
+{
+ testPlugins({});
+}
+
+void tc31_admin_list_descriptions_1_plugin_single_policy_func()
+{
+ testPlugins({CynaraTestPlugins::SINGLE_POLICY});
+}
+
+void tc32_admin_list_descriptions_1_plugin_multiple_policy_func()
+{
+ testPlugins({CynaraTestPlugins::MULTIPLE_POLICY});
+}
+
+void tc33_admin_list_descriptions_multiple_plugins_func()
+{
+ testPlugins({CynaraTestPlugins::SINGLE_POLICY,
+ CynaraTestPlugins::MULTIPLE_POLICY});
+}
+
RUNNER_TEST_GROUP_INIT(cynara_tests)
RUN_CYNARA_TEST(tc01_cynara_initialize)
RUN_CYNARA_TEST(tc11_admin_bucket_not_found)
RUN_CYNARA_TEST(tc12_admin_delete_bucket_with_policies_pointing_to_it)
RUN_CYNARA_TEST(tc13_admin_set_policies_to_extra_bucket)
+RUN_CYNARA_TEST(tc14_admin_set_policies_integrity)
+RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none1)
+RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none2)
+RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none3)
+RUN_CYNARA_TEST(tc16_admin_check_single_bucket)
+RUN_CYNARA_TEST(tc17_admin_check_nested_bucket)
+RUN_CYNARA_TEST(tc18_admin_check_multiple_matches)
+RUN_CYNARA_TEST(tc19_admin_check_none_bucket)
+RUN_CYNARA_TEST(tc20_admin_list_empty_bucket)
+RUN_CYNARA_TEST(tc21_admin_list_no_bucket)
+RUN_CYNARA_TEST(tc22_admin_list_bucket)
+RUN_CYNARA_TEST(tc23_admin_erase_empty_bucket)
+RUN_CYNARA_TEST(tc24_admin_erase_no_bucket)
+RUN_CYNARA_TEST(tc25_admin_erase_single_bucket)
+RUN_CYNARA_TEST(tc26_admin_erase_recursive_not_linked_buckets)
+RUN_CYNARA_TEST(tc27_admin_erase_recursive_linked_buckets)
+RUN_CYNARA_TEST(tc28_admin_erase_non_recursive_linked_buckets)
+RUN_CYNARA_TEST(tc29_admin_erase_recursive_from_sub_bucket)
+RUN_CYNARA_TEST(tc30_admin_list_descriptions_no_plugins)
+RUN_CYNARA_TEST(tc31_admin_list_descriptions_1_plugin_single_policy)
+RUN_CYNARA_TEST(tc32_admin_list_descriptions_1_plugin_multiple_policy)
+RUN_CYNARA_TEST(tc33_admin_list_descriptions_multiple_plugins)