}
static PolicyPtr bucketWithKey(const PolicyKey &key, const PolicyBucketId &bucketId) {
- auto result = PolicyResult(PolicyType::BUCKET, bucketId);
+ auto result = PolicyResult(PredefinedPolicyType::BUCKET, bucketId);
return std::make_shared<Policy>(key, result);
}
class PolicyBucket {
public:
- PolicyBucket() : m_defaultPolicy(PolicyResult(PolicyType::DENY)) {}
+ PolicyBucket() : m_defaultPolicy(PolicyResult(PredefinedPolicyType::DENY)) {}
PolicyBucket(const PolicyCollection &policies)
: m_policyCollection(policies),
- m_defaultPolicy(PolicyResult(PolicyType::DENY)) {}
+ m_defaultPolicy(PolicyResult(PredefinedPolicyType::DENY)) {}
PolicyBucket filtered(const PolicyKey &key) const;
*/
/*
* @file PolicyType.h
- * @author Lukasz Wojciechowski <l.wojciechowski@partner.samsung.com>
+ * @author Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
* @author Aleksander Zdyb <a.zdyb@partner.samsung.com>
* @version 1.0
* @brief This file defines PolicyType e.g. ALLOW or DENY
*/
-#ifndef CYNARA_COMMON_TYPES_POLICYTYPE_H
-#define CYNARA_COMMON_TYPES_POLICYTYPE_H
+#ifndef SRC_COMMON_TYPES_POLICYTYPE_H_
+#define SRC_COMMON_TYPES_POLICYTYPE_H_
+
+#include <cstdint>
+#include <string>
namespace Cynara {
-enum class PolicyType : std::uint16_t {
- DENY = 0,
- BUCKET = 0xFFFE,
- ALLOW = 0xFFFF
+typedef std::uint16_t PolicyType;
+
+namespace PredefinedPolicyType {
+ const PolicyType DENY = 0;
+ const PolicyType BUCKET = 0xFFFE;
+ const PolicyType ALLOW = 0xFFFF;
};
} // namespace Cynara
-#endif /* CYNARA_COMMON_TYPES_POLICYTYPE_H */
+#endif /* SRC_COMMON_TYPES_POLICYTYPE_H_ */
// Check bucket id only if policy is a bucket policy
// TODO: Maybe move the test to PolicyResult
- if (policyResult.policyType() == PolicyType::BUCKET) {
+ if (policyResult.policyType() == PredefinedPolicyType::BUCKET) {
return policyResult.metadata() == bucketId;
}
return false;
auto proposeMinimal = [&minimal, &hasMinimal](const PolicyResult &candidate) {
if(hasMinimal == false) {
minimal = candidate;
- } else if(candidate < minimal) {
+ } else if (candidate < minimal) {
minimal = candidate;
}
hasMinimal = true;
};
- for(const auto &policyRecord : policies) {
+ for (const auto &policyRecord : policies) {
const auto &policyResult = policyRecord->result();
- switch(policyResult.policyType()) {
- case PolicyType::DENY:
+ switch (policyResult.policyType()) {
+ case PredefinedPolicyType::DENY:
return policyResult; // Do not expect lower value than DENY
break;
- case PolicyType::BUCKET: {
+ case PredefinedPolicyType::BUCKET: {
auto bucketResults = m_backend.searchBucket(policyResult.metadata(),
policyRecord->key());
auto minimumOfBucket = minimalPolicy(bucketResults);
continue;
}
break;
- case PolicyType::ALLOW:
+ case PredefinedPolicyType::ALLOW:
default:
break;
}
EXPECT_CALL(backend, buckets())
.WillOnce(ReturnRef(m_buckets));
- PolicyResult defaultPolicy(PolicyType::ALLOW);
+ PolicyResult defaultPolicy(PredefinedPolicyType::ALLOW);
PolicyBucketId bucketId = "new-bucket";
backend.createBucket(bucketId, defaultPolicy);
auto filteredBucket = backend.searchDefaultBucket(Helpers::generatePolicyKey());
auto defaultPolicy = filteredBucket.defaultPolicy();
- ASSERT_EQ(PolicyType::DENY, defaultPolicy.policyType());
+ ASSERT_EQ(PredefinedPolicyType::DENY, defaultPolicy.policyType());
}
TEST_F(InMemeoryStorageBackendFixture, deleteLinking) {
const PolicyBucketId testBucket3 = "test-bucket-3";
// Create 2 buckets
- for(const auto &bucketId : { testBucket1, testBucket2, testBucket3 }) {
- PolicyResult defaultPolicy(PolicyType::DENY);
+ for (const auto &bucketId : { testBucket1, testBucket2, testBucket3 }) {
+ PolicyResult defaultPolicy(PredefinedPolicyType::DENY);
backend.createBucket(bucketId, defaultPolicy);
}
// These policies do not link to buckets, so should stay untouched
PolicyCollection policiesToStay = {
- Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PolicyType::DENY),
- Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PolicyType::DENY),
- Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PolicyType::ALLOW),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PredefinedPolicyType::DENY),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PredefinedPolicyType::DENY),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PredefinedPolicyType::ALLOW),
};
// Add some policies to 1st bucket, which link to 2nd bucket
PolicyBucketId bucketId = "test-bucket";
createBucket(bucketId);
- auto policyToAdd = Policy::simpleWithKey(Helpers::generatePolicyKey(), PolicyType::ALLOW);
+ auto policyToAdd = Policy::simpleWithKey(Helpers::generatePolicyKey(), PredefinedPolicyType::ALLOW);
backend.insertPolicy(bucketId, policyToAdd);
ASSERT_THAT(m_buckets.at(bucketId).policyCollection(), UnorderedElementsAre(policyToAdd));
PolicyBucketId bucketId = "test-bucket";
createBucket(bucketId);
- auto policyToDelete = Policy::simpleWithKey(Helpers::generatePolicyKey(), PolicyType::ALLOW);
+ auto policyToDelete = Policy::simpleWithKey(Helpers::generatePolicyKey(), PredefinedPolicyType::ALLOW);
PolicyCollection otherPolicies = {
- Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-1"), PolicyType::ALLOW),
- Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-2"), PolicyType::ALLOW),
- Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-3"), PolicyType::ALLOW),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-1"), PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-2"), PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(Helpers::generatePolicyKey("other-policy-3"), PredefinedPolicyType::ALLOW),
};
addToBucket(bucketId, {
const auto &defaultBucket = createBucket(defaultPolicyBucketId);
addToBucket(defaultPolicyBucketId, {
- Policy::simpleWithKey(pk1, PolicyType::ALLOW),
- Policy::simpleWithKey(pk2, PolicyType::DENY),
- Policy::simpleWithKey(pk1, PolicyType::DENY),
+ Policy::simpleWithKey(pk1, PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(pk2, PredefinedPolicyType::DENY),
+ Policy::simpleWithKey(pk1, PredefinedPolicyType::DENY),
});
// Just override buckets() accessor
Cynara::Storage storage(backend);
PolicyBucketId bucketId = "test-bucket";
- PolicyResult defaultPolicy(PolicyType::DENY);
+ PolicyResult defaultPolicy(PredefinedPolicyType::DENY);
EXPECT_CALL(backend, createBucket(bucketId, defaultPolicy));
TEST(storage, addDefaultBucket) {
FakeStorageBackend backend;
Cynara::Storage storage(backend);
- PolicyResult defaultPolicy(PolicyType::DENY);
+ PolicyResult defaultPolicy(PredefinedPolicyType::DENY);
ASSERT_THROW(
storage.createBucket(defaultPolicyBucketId, defaultPolicy),
// Default bucket empty -- return DENY
auto policyAnswer = storage.checkPolicy(pk);
- ASSERT_EQ(PolicyType::DENY, policyAnswer.policyType());
+ ASSERT_EQ(PredefinedPolicyType::DENY, policyAnswer.policyType());
}
TEST(storage, checkSimple) {
.WillRepeatedly(ReturnPointee(&bucket));
// Default bucket empty -- return DENY
- ASSERT_EQ(PolicyType::DENY, storage.checkPolicy(pk).policyType());
+ ASSERT_EQ(PredefinedPolicyType::DENY, storage.checkPolicy(pk).policyType());
// Add ALLOW to default bucket -- return ALLOW
- bucket.policyCollection().push_back(Policy::simpleWithKey(pk, PolicyType::ALLOW));
- ASSERT_EQ(PolicyType::ALLOW, storage.checkPolicy(pk).policyType());
+ bucket.policyCollection().push_back(Policy::simpleWithKey(pk, PredefinedPolicyType::ALLOW));
+ ASSERT_EQ(PredefinedPolicyType::ALLOW, storage.checkPolicy(pk).policyType());
// Add DENY to default bucket -- return DENY
- bucket.policyCollection().push_back(Policy::simpleWithKey(pk, PolicyType::DENY));
- ASSERT_EQ(PolicyType::DENY, storage.checkPolicy(pk).policyType());
+ bucket.policyCollection().push_back(Policy::simpleWithKey(pk, PredefinedPolicyType::DENY));
+ ASSERT_EQ(PredefinedPolicyType::DENY, storage.checkPolicy(pk).policyType());
}
TEST(storage, checkBucket) {
PolicyKey pk = Helpers::generatePolicyKey();
PolicyBucket defaultBucket(PolicyCollection({
- Policy::simpleWithKey(pk, PolicyType::ALLOW),
+ Policy::simpleWithKey(pk, PredefinedPolicyType::ALLOW),
Policy::bucketWithKey(pk, additionalBucketId)
}));
// Bucket empty -- should return DENY as default bucket value
- ASSERT_EQ(PolicyType::DENY, storage.checkPolicy(pk).policyType());
+ ASSERT_EQ(PredefinedPolicyType::DENY, storage.checkPolicy(pk).policyType());
// Add ALLOW to bucket, so return ALLOW
- additionalBucket.policyCollection().push_back(Policy::simpleWithKey(pk, PolicyType::ALLOW));
- ASSERT_EQ(PolicyType::ALLOW, storage.checkPolicy(pk).policyType());
+ additionalBucket.policyCollection().push_back(Policy::simpleWithKey(pk, PredefinedPolicyType::ALLOW));
+ ASSERT_EQ(PredefinedPolicyType::ALLOW, storage.checkPolicy(pk).policyType());
// Add DENY to default bucket -- return DENY, even though ALLOW in other bucket
- defaultBucket.policyCollection().push_back(Policy::simpleWithKey(pk, PolicyType::DENY));
- ASSERT_EQ(PolicyType::DENY, storage.checkPolicy(pk).policyType());
+ defaultBucket.policyCollection().push_back(Policy::simpleWithKey(pk, PredefinedPolicyType::DENY));
+ ASSERT_EQ(PredefinedPolicyType::DENY, storage.checkPolicy(pk).policyType());
}
PolicyBucketId testBucket2 = "test-bucket-2";
std::vector<Storage::PolicyPolicyBucket> policiesToInsert = {
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PolicyType::ALLOW), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PolicyType::DENY), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("3"), PolicyType::DENY), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("4"), PolicyType::ALLOW), testBucket2),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("5"), PolicyType::ALLOW), testBucket2),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PredefinedPolicyType::ALLOW), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PredefinedPolicyType::DENY), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("3"), PredefinedPolicyType::DENY), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("4"), PredefinedPolicyType::ALLOW), testBucket2),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("5"), PredefinedPolicyType::ALLOW), testBucket2),
};
- for(const auto &policy : policiesToInsert) {
+ for (const auto &policy : policiesToInsert) {
PolicyBucketId bucketId;
PolicyPtr policyPtr;
std::tie(policyPtr, bucketId) = policy;
PolicyBucketId testBucket2 = "test-bucket-2";
std::vector<Storage::PolicyPolicyBucket> policiesToInsert = {
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PolicyType::ALLOW), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PolicyType::DENY), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("3"), PolicyType::DENY), testBucket1),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("4"), PolicyType::ALLOW), testBucket2),
- std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("5"), PolicyType::ALLOW), testBucket2),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("1"), PredefinedPolicyType::ALLOW), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("2"), PredefinedPolicyType::DENY), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("3"), PredefinedPolicyType::DENY), testBucket1),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("4"), PredefinedPolicyType::ALLOW), testBucket2),
+ std::make_tuple(Policy::simpleWithKey(Helpers::generatePolicyKey("5"), PredefinedPolicyType::ALLOW), testBucket2),
};
PolicyCollection pc({std::get<0>(policiesToInsert.at(0))});
- for(const auto &policy : policiesToInsert) {
+ for (const auto &policy : policiesToInsert) {
PolicyBucketId bucketId;
PolicyPtr policyPtr;
std::tie(policyPtr, bucketId) = policy;
projects / platform / core / security / cynara.git / commitdiff