protected:
const PolicyKey pk1 = Helpers::generatePolicyKey("1");
+ const PolicyKey pk2 = Helpers::generatePolicyKey("2");
+ const PolicyKey pk3 = Helpers::generatePolicyKey("3");
const PolicyKey otherPk = Helpers::generatePolicyKey("_");
- const PolicyCollection pk1Policies = {
+ const PolicyCollection pkPolicies = {
Policy::simpleWithKey(pk1, PredefinedPolicyType::ALLOW),
- Policy::simpleWithKey(pk1, PredefinedPolicyType::ALLOW),
- Policy::simpleWithKey(pk1, PredefinedPolicyType::ALLOW)
+ Policy::simpleWithKey(pk2, PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(pk3, PredefinedPolicyType::ALLOW)
};
const PolicyCollection wildcardPolicies = {
- Policy::simpleWithKey(PolicyKey("c1", "u1", "p1"), PredefinedPolicyType::ALLOW),
- Policy::simpleWithKey(PolicyKey("c1", "u1", "p2"), PredefinedPolicyType::ALLOW),
- Policy::simpleWithKey(PolicyKey("c2", "u1", "p1"), PredefinedPolicyType::ALLOW)
+ Policy::simpleWithKey(PolicyKey("c1", "u1", "*"), PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(PolicyKey("*", "u1", "p2"), PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(PolicyKey("*", "*", "p1"), PredefinedPolicyType::ALLOW),
+ Policy::simpleWithKey(PolicyKey("*", "*", "*"), PredefinedPolicyType::ALLOW)
};
PolicyCollection filterHelper(const PolicyCollection &original,
filtered.resize(std::distance(std::begin(filtered), endIt));
return filtered;
}
+
+ PolicyCollection filterHelper(const PolicyCollection &original, std::vector<unsigned> idx) {
+ PolicyCollection filtered;
+ filtered.reserve(idx.size());
+ for (const auto &i : idx) {
+ filtered.push_back(original.at(i));
+ }
+ return filtered;
+ }
};
TEST_F(PolicyBucketFixture, filtered) {
using ::testing::UnorderedElementsAre;
using ::testing::IsEmpty;
- PolicyBucket bucket(pk1Policies);
+ PolicyBucket bucket(pkPolicies);
bucket.setDefaultPolicy(PredefinedPolicyType::DENY);
auto filtered = bucket.filtered(pk1);
// Elements match
- ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAreArray(pk1Policies));
+ ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAre(pkPolicies.at(0)));
// default policy matches
ASSERT_EQ(PredefinedPolicyType::DENY, filtered.defaultPolicy());
using ::testing::UnorderedElementsAre;
using ::testing::IsEmpty;
- PolicyBucket bucket(pk1Policies);
+ PolicyBucket bucket(pkPolicies);
bucket.setDefaultPolicy(PredefinedPolicyType::DENY);
auto filtered = bucket.filtered(otherPk);
ASSERT_EQ(PredefinedPolicyType::DENY, filtered.defaultPolicy());
}
-TEST_F(PolicyBucketFixture, filtered_wildcard_privilege) {
+TEST_F(PolicyBucketFixture, filtered_wildcard_1) {
+ using ::testing::UnorderedElementsAreArray;
+
+ // Leave policies with given client, given user and any privilege
+ auto policiesToStay = filterHelper(wildcardPolicies, { 0, 1, 3 });
+
+ PolicyBucket bucket(wildcardPolicies);
+ auto filtered = bucket.filtered(PolicyKey("c1", "u1", "p2"));
+ ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAreArray(policiesToStay));
+}
+
+TEST_F(PolicyBucketFixture, filtered_wildcard_2) {
using ::testing::UnorderedElementsAreArray;
// Leave policies with given client, given user and any privilege
- auto policiesToStay = filterHelper(wildcardPolicies,
- [] (const PolicyCollection::value_type &privilege) {
- const auto &key = privilege->key();
- return std::tie("c1", "u1") == std::tie(key.client(), key.user());
- });
+ auto policiesToStay = filterHelper(wildcardPolicies, std::vector<unsigned>{ 2, 3 });
PolicyBucket bucket(wildcardPolicies);
- auto filtered = bucket.filtered(PolicyKey("c1", "u1", "*"));
+ auto filtered = bucket.filtered(PolicyKey("cccc", "u1", "p1"));
+
ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAreArray(policiesToStay));
}
-TEST_F(PolicyBucketFixture, filtered_wildcard_client) {
+TEST_F(PolicyBucketFixture, filtered_wildcard_3) {
using ::testing::UnorderedElementsAreArray;
// Leave policies with given client, given user and any privilege
- auto policiesToStay = filterHelper(wildcardPolicies,
- [] (const PolicyCollection::value_type &privilege) {
- const auto &key = privilege->key();
- return std::tie("u1", "p1") == std::tie(key.user(), key.privilege());
- });
+ auto policiesToStay = filterHelper(wildcardPolicies, std::vector<unsigned>{ 0, 3 });
PolicyBucket bucket(wildcardPolicies);
- auto filtered = bucket.filtered(PolicyKey("*", "u1", "p1"));
+ auto filtered = bucket.filtered(PolicyKey("c1", "u1", "pppp"));
ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAreArray(policiesToStay));
}
-TEST_F(PolicyBucketFixture, filtered_wildcard_client_privilege) {
+TEST_F(PolicyBucketFixture, filtered_wildcard_4) {
using ::testing::UnorderedElementsAreArray;
// Leave policies with given client, given user and any privilege
- auto policiesToStay = filterHelper(wildcardPolicies,
- [] (const PolicyCollection::value_type &privilege) {
- const auto &key = privilege->key();
- return key.user() == "u1";
- });
+ auto policiesToStay = filterHelper(wildcardPolicies, std::vector<unsigned>{ 3 });
PolicyBucket bucket(wildcardPolicies);
- auto filtered = bucket.filtered(PolicyKey("*", "u1", "*"));
+ auto filtered = bucket.filtered(PolicyKey("cccc", "uuuu", "pppp"));
ASSERT_THAT(filtered.policyCollection(), UnorderedElementsAreArray(policiesToStay));
}
TEST_F(PolicyBucketFixture, filtered_wildcard_none) {
using ::testing::IsEmpty;
- PolicyBucket bucket(wildcardPolicies);
- auto filtered = bucket.filtered(PolicyKey("*", "u2", "*"));
+ PolicyBucket bucket({ wildcardPolicies.begin(), wildcardPolicies.begin() + 3 });
+ auto filtered = bucket.filtered(PolicyKey("cccc", "uuuu", "pppp"));
ASSERT_THAT(filtered.policyCollection(), IsEmpty());
}