From 75bb6f9f62650222c745b161d4d866e4d0c8bc65 Mon Sep 17 00:00:00 2001 From: Lukasz Wojciechowski Date: Fri, 2 Jan 2015 15:28:42 +0100 Subject: [PATCH] Add tests for cynara_admin_erase All tests try erasing policies in different scenarios and then verify if proper policies were removed from proper buckets, but listing what is left and comparing to expected result. There are 7 tests added: * tc23_admin_erase_empty_bucket - erase policies from empty bucket; * tc24_admin_erase_no_bucket - try to erase from not existing bucket; * tc25_admin_erase_single_bucket - check all posibilities of matching policies during erase; * tc26_admin_erase_recursive_not_linked_buckets - erase with recursive flag set to TRUE, but in case where no policy lead to subbucket; * tc27_admin_erase_recursive_linked_buckets - erase with recursive flag set to TRUE with existance of policy leading to subbucket; * tc28_admin_erase_non_recursive_linked_buckets - erase with recursive flag set to FALSE with existance of policy leading to subbucket; * tc29_admin_erase_recursive_from_sub_bucket - start erase test in subbucket and check if parent bucket stays unaffected by erase. Change-Id: Ib712a028d97773e70b98de85c51aff0238bb8586 --- tests/cynara-tests/test_cases.cpp | 312 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 312 insertions(+) diff --git a/tests/cynara-tests/test_cases.cpp b/tests/cynara-tests/test_cases.cpp index 321d621..3b99263 100644 --- a/tests/cynara-tests/test_cases.cpp +++ b/tests/cynara-tests/test_cases.cpp @@ -952,6 +952,311 @@ void tc22_admin_list_bucket_func() admin.listPolicies(bucket, client, wildcard, any, expectedPolicies); } +void tc23_admin_erase_empty_bucket_func() +{ + const char *emptyBucket = "empty_bucket23"; + const char *client = "client23"; + const char *user = "user23"; + const char *privilege = "privilege23"; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra); + + admin.erasePolicies(emptyBucket, recursive, client, user, privilege); +} + +void tc24_admin_erase_no_bucket_func() +{ + const char *emptyBucket = "empty_bucket24"; + const char *notExistingBucket = "not_existing_bucket24"; + const char *client = "client24"; + const char *user = "user24"; + const char *privilege = "privilege24"; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra); + + admin.erasePolicies(notExistingBucket, recursive, client, user, privilege, + CYNARA_API_BUCKET_NOT_FOUND); +} + +void tc25_admin_erase_single_bucket_func() +{ + const char *bucket = "bucket25"; + const char *emptyBucket = "empty_bucket25"; + const char *client = "client25"; + const char *user = "user25"; + const char *privilege = "privilege25"; + const char *client2 = "client25_2"; + const char *user2 = "user25_2"; + const char *privilege2 = "privilege25_2"; + const char *wildcard = CYNARA_ADMIN_WILDCARD; + const char *any = CYNARA_ADMIN_ANY; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra); + admin.setBucket(emptyBucket, CYNARA_ADMIN_ALLOW, extra); + + { + CynaraPoliciesContainer cp; + cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + cp.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + admin.setPolicies(cp); + } + + admin.erasePolicies(bucket, recursive, client, wildcard, any); + + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, wildcard, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, wildcard, user, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, wildcard, user2, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + // WAS ERASED (bucket, client, wildcard, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client2, wildcard, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + // WAS ERASED (bucket, client, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + // WAS ERASED (bucket, client, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client2, wildcard, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client2, wildcard, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client2, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client2, user2, wildcard, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client, user2, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client2, user, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client2, user, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + expPolicies.add(bucket, client2, user2, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client2, user2, privilege2, CYNARA_ADMIN_BUCKET, emptyBucket); + admin.listPolicies(bucket, any, any, any, expPolicies); + } + { + CynaraPoliciesContainer expPolicies; + admin.listPolicies(emptyBucket, any, any, any, expPolicies); + } +} + +void tc26_admin_erase_recursive_not_linked_buckets_func() +{ + const char *bucket = "bucket26"; + const char *subBucket = "sub_bucket26"; + const char *client = "client26"; + const char *user = "user26"; + const char *privilege = "privilege26"; + const char *wildcard = CYNARA_ADMIN_WILDCARD; + const char *any = CYNARA_ADMIN_ANY; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra); + admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra); + + { + CynaraPoliciesContainer cp; + cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + + cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.setPolicies(cp); + } + + admin.erasePolicies(bucket, recursive, any, user, wildcard); + + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(bucket, any, any, any, expPolicies); + } + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(subBucket, any, any, any, expPolicies); + } +} + +void tc27_admin_erase_recursive_linked_buckets_func() +{ + const char *bucket = "bucket27"; + const char *subBucket = "sub_bucket27"; + const char *client = "client27"; + const char *user = "user27"; + const char *privilege = "privilege27"; + const char *wildcard = CYNARA_ADMIN_WILDCARD; + const char *any = CYNARA_ADMIN_ANY; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra); + admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra); + + { + CynaraPoliciesContainer cp; + cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + + cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + + cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.setPolicies(cp); + } + + admin.erasePolicies(bucket, recursive, any, user, wildcard); + + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + admin.listPolicies(bucket, any, any, any, expPolicies); + } + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(subBucket, any, any, any, expPolicies); + } +} + +void tc28_admin_erase_non_recursive_linked_buckets_func() +{ + const char *bucket = "bucket28"; + const char *subBucket = "sub_bucket28"; + const char *client = "client28"; + const char *user = "user28"; + const char *privilege = "privilege28"; + const char *wildcard = CYNARA_ADMIN_WILDCARD; + const char *any = CYNARA_ADMIN_ANY; + const char *extra = nullptr; + int recursive = 0; + + Admin admin; + admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra); + admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra); + + { + CynaraPoliciesContainer cp; + cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + + cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + + cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.setPolicies(cp); + } + + admin.erasePolicies(bucket, recursive, any, user, wildcard); + + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + admin.listPolicies(bucket, any, any, any, expPolicies); + } + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(subBucket, any, any, any, expPolicies); + } +} + +void tc29_admin_erase_recursive_from_sub_bucket_func() +{ + const char *bucket = "bucket29"; + const char *subBucket = "sub_bucket29"; + const char *client = "client29"; + const char *user = "user29"; + const char *privilege = "privilege29"; + const char *wildcard = CYNARA_ADMIN_WILDCARD; + const char *any = CYNARA_ADMIN_ANY; + const char *extra = nullptr; + int recursive = 1; + + Admin admin; + admin.setBucket(bucket, CYNARA_ADMIN_ALLOW, extra); + admin.setBucket(subBucket, CYNARA_ADMIN_ALLOW, extra); + + { + CynaraPoliciesContainer cp; + cp.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + + cp.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + + cp.add(subBucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + cp.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.setPolicies(cp); + } + + admin.erasePolicies(subBucket, recursive, any, user, wildcard); + + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(bucket, wildcard, wildcard, wildcard, CYNARA_ADMIN_BUCKET, subBucket); + expPolicies.add(bucket, client, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, wildcard, user, wildcard, CYNARA_ADMIN_DENY, extra); + expPolicies.add(bucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(bucket, any, any, any, expPolicies); + } + { + CynaraPoliciesContainer expPolicies; + expPolicies.add(subBucket, client, user, privilege, CYNARA_ADMIN_DENY, extra); + admin.listPolicies(subBucket, any, any, any, expPolicies); + } +} + RUNNER_TEST_GROUP_INIT(cynara_tests) RUN_CYNARA_TEST(tc01_cynara_initialize) @@ -981,3 +1286,10 @@ RUN_CYNARA_TEST(tc19_admin_check_none_bucket) RUN_CYNARA_TEST(tc20_admin_list_empty_bucket) RUN_CYNARA_TEST(tc21_admin_list_no_bucket) RUN_CYNARA_TEST(tc22_admin_list_bucket) +RUN_CYNARA_TEST(tc23_admin_erase_empty_bucket) +RUN_CYNARA_TEST(tc24_admin_erase_no_bucket) +RUN_CYNARA_TEST(tc25_admin_erase_single_bucket) +RUN_CYNARA_TEST(tc26_admin_erase_recursive_not_linked_buckets) +RUN_CYNARA_TEST(tc27_admin_erase_recursive_linked_buckets) +RUN_CYNARA_TEST(tc28_admin_erase_non_recursive_linked_buckets) +RUN_CYNARA_TEST(tc29_admin_erase_recursive_from_sub_bucket) -- 2.7.4