MCPcopy
hub / github.com/apache/casbin / TestConstraintRoleMax

Function TestConstraintRoleMax

constraint_test.go:125–176  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

123}
124
125func TestConstraintRoleMax(t *testing.T) {
126 modelText := `
127[request_definition]
128r = sub, obj, act
129
130[policy_definition]
131p = sub, obj, act
132
133[role_definition]
134g = _, _
135
136[constraint_definition]
137c = roleMax("admin", 2)
138
139[policy_effect]
140e = some(where (p.eft == allow))
141
142[matchers]
143m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
144`
145
146 m, err := model.NewModelFromString(modelText)
147 if err != nil {
148 t.Fatalf("Failed to create model: %v", err)
149 }
150
151 e, err := NewEnforcer(m)
152 if err != nil {
153 t.Fatalf("Failed to create enforcer: %v", err)
154 }
155
156 // Add first user to admin role should succeed
157 _, err = e.AddRoleForUser("alice", "admin")
158 if err != nil {
159 t.Fatalf("Failed to add admin to alice: %v", err)
160 }
161
162 // Add second user to admin role should succeed
163 _, err = e.AddRoleForUser("bob", "admin")
164 if err != nil {
165 t.Fatalf("Failed to add admin to bob: %v", err)
166 }
167
168 // Try to add third user to admin role should fail (exceeds max)
169 _, err = e.AddRoleForUser("charlie", "admin")
170 if err == nil {
171 t.Fatal("Expected constraint violation error, got nil")
172 }
173 if !strings.Contains(err.Error(), "constraint violation") {
174 t.Fatalf("Expected constraint violation error, got: %v", err)
175 }
176}
177
178func TestConstraintRolePre(t *testing.T) {
179 modelText := `

Callers

nothing calls this directly

Calls 4

AddRoleForUserMethod · 0.95
NewModelFromStringFunction · 0.92
NewEnforcerFunction · 0.85
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…