MCPcopy
hub / github.com/apache/casbin / TestRBACModelInMemory2

Function TestRBACModelInMemory2

enforcer_test.go:147–186  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

145}
146
147func TestRBACModelInMemory2(t *testing.T) {
148 text :=
149 `
150[request_definition]
151r = sub, obj, act
152
153[policy_definition]
154p = sub, obj, act
155
156[role_definition]
157g = _, _
158
159[policy_effect]
160e = some(where (p.eft == allow))
161
162[matchers]
163m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
164`
165 m, _ := model.NewModelFromString(text)
166 // The above is the same as:
167 // m := NewModel()
168 // m.LoadModelFromText(text)
169
170 e, _ := NewEnforcer(m)
171
172 _, _ = e.AddPermissionForUser("alice", "data1", "read")
173 _, _ = e.AddPermissionForUser("bob", "data2", "write")
174 _, _ = e.AddPermissionForUser("data2_admin", "data2", "read")
175 _, _ = e.AddPermissionForUser("data2_admin", "data2", "write")
176 _, _ = e.AddRoleForUser("alice", "data2_admin")
177
178 testEnforce(t, e, "alice", "data1", "read", true)
179 testEnforce(t, e, "alice", "data1", "write", false)
180 testEnforce(t, e, "alice", "data2", "read", true)
181 testEnforce(t, e, "alice", "data2", "write", true)
182 testEnforce(t, e, "bob", "data1", "read", false)
183 testEnforce(t, e, "bob", "data1", "write", false)
184 testEnforce(t, e, "bob", "data2", "read", false)
185 testEnforce(t, e, "bob", "data2", "write", true)
186}
187
188func TestNotUsedRBACModelInMemory(t *testing.T) {
189 m := model.NewModel()

Callers

nothing calls this directly

Calls 5

AddPermissionForUserMethod · 0.95
AddRoleForUserMethod · 0.95
NewModelFromStringFunction · 0.92
NewEnforcerFunction · 0.85
testEnforceFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…