MCPcopy
hub / github.com/apache/casbin / TestConstraintSODMax

Function TestConstraintSODMax

constraint_test.go:78–123  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

76}
77
78func TestConstraintSODMax(t *testing.T) {
79 modelText := `
80[request_definition]
81r = sub, obj, act
82
83[policy_definition]
84p = sub, obj, act
85
86[role_definition]
87g = _, _
88
89[constraint_definition]
90c = sodMax(["role1", "role2", "role3"], 1)
91
92[policy_effect]
93e = some(where (p.eft == allow))
94
95[matchers]
96m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
97`
98
99 m, err := model.NewModelFromString(modelText)
100 if err != nil {
101 t.Fatalf("Failed to create model: %v", err)
102 }
103
104 e, err := NewEnforcer(m)
105 if err != nil {
106 t.Fatalf("Failed to create enforcer: %v", err)
107 }
108
109 // Add user to one role should succeed
110 _, err = e.AddRoleForUser("alice", "role1")
111 if err != nil {
112 t.Fatalf("Failed to add role1 to alice: %v", err)
113 }
114
115 // Try to add user to another role from the set should fail
116 _, err = e.AddRoleForUser("alice", "role2")
117 if err == nil {
118 t.Fatal("Expected constraint violation error, got nil")
119 }
120 if !strings.Contains(err.Error(), "constraint violation") {
121 t.Fatalf("Expected constraint violation error, got: %v", err)
122 }
123}
124
125func TestConstraintRoleMax(t *testing.T) {
126 modelText := `

Callers

nothing calls this directly

Calls 4

AddRoleForUserMethod · 0.95
NewModelFromStringFunction · 0.92
NewEnforcerFunction · 0.85
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…