Add extra bucket cynara tests

Change-Id: I195ac63e423b79b422978003892d78b863cfc2e0

diff --git a/tests/cynara-tests/test_cases.cpp b/tests/cynara-tests/test_cases.cpp
index 59191a2..e52332e 100644 (file)
--- a/tests/cynara-tests/test_cases.cpp
+++ b/tests/cynara-tests/test_cases.cpp
@@ -381,3 +381,154 @@ RUNNER_TEST(tc09_admin_set_policies_wildcard_accesses)
 
     checkAllDeny(data, session);
 }
+
+RUNNER_TEST(tc10_admin_change_extra_bucket)
+{
+    CynaraTestAdmin admin;
+    CynaraTestClient cynara;
+
+    const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+    const char *bucket = "bucket10";
+    const char *session = "session10";
+    const char *extra = nullptr;
+    const char *extraResult = nullptr;
+
+
+    const std::vector< std::vector<const char *> > data = {
+        { "client10_a", "user10_a", "privilege10_a" },
+        { "client10_b", "user10_b", "privilege10_b" }
+    };
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    {
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               data[0][0], data[0][1], data[0][2],
+               CYNARA_ADMIN_BUCKET, bucket);
+        admin.setPolicies(cp);
+    }
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_SUCCESS);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    {
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               data[0][0], data[0][1], data[0][2],
+               CYNARA_ADMIN_DELETE, extraResult);
+        admin.setPolicies(cp);
+    }
+
+    cynara.check(data[0][0], session, data[0][1], data[0][2], CYNARA_API_ACCESS_DENIED);
+    cynara.check(data[1][0], session, data[1][1], data[1][2], CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
+}
+
+RUNNER_TEST(tc11_admin_bucket_not_found)
+{
+    CynaraTestAdmin admin;
+    CynaraTestClient cynara;
+
+    const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+    const char *bucket = "bucket11";
+    const char *client = "client11";
+    const char *session = "session11";
+    const char *user = "user11";
+    const char *privilege = "privilege11";
+
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+
+    {
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               client, user, privilege,
+               CYNARA_ADMIN_BUCKET, bucket);
+        admin.setPolicies(cp, CYNARA_ADMIN_API_BUCKET_NOT_FOUND);
+    }
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+}
+
+RUNNER_TEST(tc12_admin_delete_bucket_with_policies_pointing_to_it)
+{
+    CynaraTestAdmin admin;
+    CynaraTestClient cynara;
+
+    const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+    const char *bucket = "bucket12";
+    const char *client = "client12";
+    const char *session = "session12";
+    const char *user = "user12";
+    const char *privilege = "privilege12";
+    const char *extra = nullptr;
+
+    admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+
+    {
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               client, user, privilege,
+               CYNARA_ADMIN_BUCKET, bucket);
+        admin.setPolicies(cp);
+    }
+    cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra);
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+}
+
+RUNNER_TEST(tc13_admin_set_policies_to_extra_bucket)
+{
+    CynaraTestAdmin admin;
+    CynaraTestClient cynara;
+
+    const char *bucketDefault = CYNARA_ADMIN_DEFAULT_BUCKET;
+    const char *bucket = "bucket13";
+    const char *client = "client13";
+    const char *session = "session13";
+    const char *user = "user13";
+    const char *privilege = "privilege13";
+    const char *extra = nullptr;
+    const char *extraResult = nullptr;
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DENY, extra);
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+
+    {
+        CynaraPoliciesContainer cp;
+        cp.add(bucketDefault,
+               client, user, privilege,
+               CYNARA_ADMIN_BUCKET, bucket);
+        cp.add(bucket,
+               client, user, privilege,
+               CYNARA_ADMIN_ALLOW, extraResult);
+        admin.setPolicies(cp);
+    }
+    cynara.check(client, session, user, privilege, CYNARA_API_SUCCESS);
+
+    admin.setBucket(bucket, CYNARA_ADMIN_DELETE, extra);
+    cynara.check(client, session, user, privilege, CYNARA_API_ACCESS_DENIED);
+}