cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
}
+void tc16_admin_check_single_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *client = "client16";
+ const char *user = "user16";
+ const char *privilege = "privilege16";
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ CynaraTestAdmin admin;
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+}
+
+void tc17_admin_check_nested_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket = "bucket17";
+ const char *client = "client17";
+ const char *user = "user17";
+ const char *privilege = "privilege17";
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ CynaraTestAdmin admin;
+ admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket);
+ cp.add(bucket,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+}
+
+void tc18_admin_check_multiple_matches_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *client = "client18";
+ const char *user = "user18";
+ const char *privilege = "privilege18";
+ const char *wildcard = CYNARA_ADMIN_WILDCARD;
+ const char *extra = nullptr;
+ const char *extraResult = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ CynaraTestAdmin admin;
+
+ auto check = [&](int expected_result)
+ {
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ expected_result, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ expected_result, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ };
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_ALLOW, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_ALLOW);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ wildcard, user, privilege,
+ CYNARA_ADMIN_DENY, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_DENY);
+
+ admin.setBucket(bucketDefault, CYNARA_ADMIN_ALLOW, extra);
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_DELETE, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_DENY);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ wildcard, user, privilege,
+ CYNARA_ADMIN_DELETE, extraResult);
+ admin.setPolicies(cp);
+ }
+
+ check(CYNARA_ADMIN_ALLOW);
+}
+
+void tc19_admin_check_none_bucket_func()
+{
+ const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+ const char *bucket1 = "bucket19_a";
+ const char *bucket2 = "bucket19_b";
+ const char *client = "client19";
+ const char *user = "user19";
+ const char *privilege = "privilege19";
+ const char *extra = nullptr;
+ int recursive = 1;
+ int notrecursive = 0;
+
+ CynaraTestAdmin admin;
+ admin.setBucket(bucket1, CYNARA_ADMIN_NONE, extra);
+ admin.setBucket(bucket2, CYNARA_ADMIN_ALLOW, extra);
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket1, recursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket1, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket2, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket2, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+
+ {
+ CynaraPoliciesContainer cp;
+ cp.add(bucketDefault,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket1);
+ cp.add(bucket1,
+ client, user, privilege,
+ CYNARA_ADMIN_BUCKET, bucket2);
+ admin.setPolicies(cp);
+ }
+
+ admin.adminCheck(bucketDefault, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucketDefault, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_DENY, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket1, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket1, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_NONE, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket2, recursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+ admin.adminCheck(bucket2, notrecursive, client, user, privilege,
+ CYNARA_ADMIN_ALLOW, nullptr, CYNARA_ADMIN_API_SUCCESS);
+}
+
RUNNER_TEST_GROUP_INIT(cynara_tests)
RUN_CYNARA_TEST(tc01_cynara_initialize)
RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none1)
RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none2)
RUN_CYNARA_TEST(tc15_admin_set_bucket_admin_none3)
+RUN_CYNARA_TEST(tc16_admin_check_single_bucket)
+RUN_CYNARA_TEST(tc17_admin_check_nested_bucket)
+RUN_CYNARA_TEST(tc18_admin_check_multiple_matches)
+RUN_CYNARA_TEST(tc19_admin_check_none_bucket)