(t *testing.T)
| 515 | } |
| 516 | |
| 517 | func TestCustomizedFieldIndex(t *testing.T) { |
| 518 | e, _ := NewEnforcer("examples/priority_model_explicit_customized.conf", |
| 519 | "examples/priority_policy_explicit_customized.csv") |
| 520 | |
| 521 | // Due to the customized priority token, the enforcer failed to handle the priority. |
| 522 | testEnforce(t, e, "bob", "data2", "read", true) |
| 523 | |
| 524 | // set PriorityIndex and reload |
| 525 | e.SetFieldIndex("p", constant.PriorityIndex, 0) |
| 526 | err := e.LoadPolicy() |
| 527 | if err != nil { |
| 528 | t.Fatalf("LoadPolicy: %v", err) |
| 529 | } |
| 530 | testEnforce(t, e, "bob", "data2", "read", false) |
| 531 | |
| 532 | testEnforce(t, e, "bob", "data2", "write", true) |
| 533 | _, err = e.AddPolicy("1", "data2", "write", "deny", "bob") |
| 534 | if err != nil { |
| 535 | t.Fatalf("AddPolicy: %v", err) |
| 536 | } |
| 537 | testEnforce(t, e, "bob", "data2", "write", false) |
| 538 | |
| 539 | // Due to the customized subject token, the enforcer will raise an error before SetFieldIndex. |
| 540 | _, err = e.DeletePermissionsForUser("bob") |
| 541 | if err == nil { |
| 542 | t.Fatalf("Failed to warning SetFieldIndex") |
| 543 | } |
| 544 | |
| 545 | e.SetFieldIndex("p", constant.SubjectIndex, 4) |
| 546 | |
| 547 | _, err = e.DeletePermissionsForUser("bob") |
| 548 | if err != nil { |
| 549 | t.Fatalf("DeletePermissionForUser: %v", err) |
| 550 | } |
| 551 | testEnforce(t, e, "bob", "data2", "write", true) |
| 552 | |
| 553 | _, err = e.DeleteRole("data2_allow_group") |
| 554 | if err != nil { |
| 555 | t.Fatalf("DeleteRole: %v", err) |
| 556 | } |
| 557 | testEnforce(t, e, "bob", "data2", "write", false) |
| 558 | } |
| 559 | |
| 560 | func testGetAllowedObjectConditions(t *testing.T, e *Enforcer, user string, act string, prefix string, res []string, expectedErr error) { |
| 561 | myRes, actualErr := e.GetAllowedObjectConditions(user, act, prefix) |
nothing calls this directly
no test coverage detected
searching dependent graphs…