(t *testing.T)
| 28 | } |
| 29 | |
| 30 | func TestBLPModel(t *testing.T) { |
| 31 | e, _ := NewEnforcer("examples/blp_model.conf") |
| 32 | |
| 33 | // Read operations: subject level >= object level |
| 34 | testEnforceBLP(t, e, "alice", 3, "data1", 1, "read", true) |
| 35 | testEnforceBLP(t, e, "bob", 2, "data2", 2, "read", true) |
| 36 | testEnforceBLP(t, e, "charlie", 1, "data1", 1, "read", true) |
| 37 | |
| 38 | // Read violations: subject level < object level |
| 39 | testEnforceBLP(t, e, "bob", 2, "data3", 3, "read", false) |
| 40 | testEnforceBLP(t, e, "charlie", 1, "data2", 2, "read", false) |
| 41 | |
| 42 | // Write operations: subject level <= object level |
| 43 | testEnforceBLP(t, e, "alice", 3, "data3", 3, "write", true) |
| 44 | testEnforceBLP(t, e, "bob", 2, "data3", 3, "write", true) |
| 45 | testEnforceBLP(t, e, "charlie", 1, "data2", 2, "write", true) |
| 46 | |
| 47 | // Write violations: subject level > object level |
| 48 | testEnforceBLP(t, e, "alice", 3, "data1", 1, "write", false) |
| 49 | testEnforceBLP(t, e, "bob", 2, "data1", 1, "write", false) |
| 50 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…