(t *testing.T)
| 179 | } |
| 180 | |
| 181 | func TestRBACModelWithDomainsAtRuntime(t *testing.T) { |
| 182 | e, _ := NewEnforcer("examples/rbac_with_domains_model.conf") |
| 183 | |
| 184 | _, _ = e.AddPolicy("admin", "domain1", "data1", "read") |
| 185 | _, _ = e.AddPolicy("admin", "domain1", "data1", "write") |
| 186 | _, _ = e.AddPolicy("admin", "domain2", "data2", "read") |
| 187 | _, _ = e.AddPolicy("admin", "domain2", "data2", "write") |
| 188 | |
| 189 | _, _ = e.AddGroupingPolicy("alice", "admin", "domain1") |
| 190 | _, _ = e.AddGroupingPolicy("bob", "admin", "domain2") |
| 191 | |
| 192 | testDomainEnforce(t, e, "alice", "domain1", "data1", "read", true) |
| 193 | testDomainEnforce(t, e, "alice", "domain1", "data1", "write", true) |
| 194 | testDomainEnforce(t, e, "alice", "domain1", "data2", "read", false) |
| 195 | testDomainEnforce(t, e, "alice", "domain1", "data2", "write", false) |
| 196 | testDomainEnforce(t, e, "bob", "domain2", "data1", "read", false) |
| 197 | testDomainEnforce(t, e, "bob", "domain2", "data1", "write", false) |
| 198 | testDomainEnforce(t, e, "bob", "domain2", "data2", "read", true) |
| 199 | testDomainEnforce(t, e, "bob", "domain2", "data2", "write", true) |
| 200 | |
| 201 | // Remove all policy rules related to domain1 and data1. |
| 202 | _, _ = e.RemoveFilteredPolicy(1, "domain1", "data1") |
| 203 | |
| 204 | testDomainEnforce(t, e, "alice", "domain1", "data1", "read", false) |
| 205 | testDomainEnforce(t, e, "alice", "domain1", "data1", "write", false) |
| 206 | testDomainEnforce(t, e, "alice", "domain1", "data2", "read", false) |
| 207 | testDomainEnforce(t, e, "alice", "domain1", "data2", "write", false) |
| 208 | testDomainEnforce(t, e, "bob", "domain2", "data1", "read", false) |
| 209 | testDomainEnforce(t, e, "bob", "domain2", "data1", "write", false) |
| 210 | testDomainEnforce(t, e, "bob", "domain2", "data2", "read", true) |
| 211 | testDomainEnforce(t, e, "bob", "domain2", "data2", "write", true) |
| 212 | |
| 213 | // Remove the specified policy rule. |
| 214 | _, _ = e.RemovePolicy("admin", "domain2", "data2", "read") |
| 215 | |
| 216 | testDomainEnforce(t, e, "alice", "domain1", "data1", "read", false) |
| 217 | testDomainEnforce(t, e, "alice", "domain1", "data1", "write", false) |
| 218 | testDomainEnforce(t, e, "alice", "domain1", "data2", "read", false) |
| 219 | testDomainEnforce(t, e, "alice", "domain1", "data2", "write", false) |
| 220 | testDomainEnforce(t, e, "bob", "domain2", "data1", "read", false) |
| 221 | testDomainEnforce(t, e, "bob", "domain2", "data1", "write", false) |
| 222 | testDomainEnforce(t, e, "bob", "domain2", "data2", "read", false) |
| 223 | testDomainEnforce(t, e, "bob", "domain2", "data2", "write", true) |
| 224 | } |
| 225 | |
| 226 | func TestRBACModelWithDomainsAtRuntimeMockAdapter(t *testing.T) { |
| 227 | adapter := fileadapter.NewAdapterMock("examples/rbac_with_domains_policy.csv") |
nothing calls this directly
no test coverage detected
searching dependent graphs…