2023-03-28 18:39:22 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
2023-08-11 13:12:13 +00:00
|
|
|
// SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 18:39:22 +00:00
|
|
|
|
2018-10-19 16:04:07 +00:00
|
|
|
package structs
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/require"
|
2022-04-05 21:10:06 +00:00
|
|
|
|
|
|
|
"github.com/hashicorp/consul/acl"
|
2018-10-19 16:04:07 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestStructs_ACLCaches(t *testing.T) {
|
|
|
|
|
|
|
|
t.Run("New", func(t *testing.T) {
|
|
|
|
|
|
|
|
t.Run("Valid Sizes", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
2019-04-15 20:43:19 +00:00
|
|
|
config := ACLCachesConfig{2, 2, 2, 2, 2}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
require.NotNil(t, cache.identities)
|
|
|
|
require.NotNil(t, cache.policies)
|
|
|
|
require.NotNil(t, cache.parsedPolicies)
|
|
|
|
require.NotNil(t, cache.authorizers)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Zero Sizes", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
2019-04-15 20:43:19 +00:00
|
|
|
config := ACLCachesConfig{0, 0, 0, 0, 0}
|
2018-10-19 16:04:07 +00:00
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
require.Nil(t, cache.identities)
|
|
|
|
require.Nil(t, cache.policies)
|
|
|
|
require.Nil(t, cache.parsedPolicies)
|
|
|
|
require.Nil(t, cache.authorizers)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Identities", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
|
|
|
config := ACLCachesConfig{Identities: 4}
|
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
|
2022-05-04 16:38:45 +00:00
|
|
|
cache.PutIdentity("foo", &ACLToken{})
|
2018-10-19 16:04:07 +00:00
|
|
|
entry := cache.GetIdentity("foo")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Identity)
|
2022-05-04 16:38:45 +00:00
|
|
|
|
|
|
|
cache.PutIdentityWithSecretToken("secret", &ACLToken{})
|
|
|
|
entry = cache.GetIdentityWithSecretToken("secret")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Identity)
|
|
|
|
cache.RemoveIdentityWithSecretToken("secret")
|
|
|
|
entry = cache.GetIdentityWithSecretToken("secret")
|
|
|
|
require.Nil(t, entry)
|
2018-10-19 16:04:07 +00:00
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Policies", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
|
|
|
config := ACLCachesConfig{Policies: 4}
|
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
|
|
|
|
cache.PutPolicy("foo", &ACLPolicy{})
|
|
|
|
entry := cache.GetPolicy("foo")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Policy)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("ParsedPolicies", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
|
|
|
config := ACLCachesConfig{ParsedPolicies: 4}
|
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
|
|
|
|
cache.PutParsedPolicy("foo", &acl.Policy{})
|
|
|
|
entry := cache.GetParsedPolicy("foo")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Policy)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Authorizers", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
|
|
|
config := ACLCachesConfig{Authorizers: 4}
|
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
|
|
|
|
cache.PutAuthorizer("foo", acl.DenyAll())
|
|
|
|
entry := cache.GetAuthorizer("foo")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Authorizer)
|
|
|
|
require.True(t, entry.Authorizer == acl.DenyAll())
|
|
|
|
})
|
2019-04-15 20:43:19 +00:00
|
|
|
|
|
|
|
t.Run("Roles", func(t *testing.T) {
|
|
|
|
// 1 isn't valid due to a bug in golang-lru library
|
|
|
|
config := ACLCachesConfig{Roles: 4}
|
|
|
|
|
|
|
|
cache, err := NewACLCaches(&config)
|
|
|
|
require.NoError(t, err)
|
|
|
|
require.NotNil(t, cache)
|
|
|
|
|
|
|
|
cache.PutRole("foo", &ACLRole{})
|
2019-04-26 17:49:28 +00:00
|
|
|
|
2019-04-15 20:43:19 +00:00
|
|
|
entry := cache.GetRole("foo")
|
|
|
|
require.NotNil(t, entry)
|
|
|
|
require.NotNil(t, entry.Role)
|
|
|
|
})
|
2018-10-19 16:04:07 +00:00
|
|
|
}
|