MCPcopy Index your code
hub / github.com/apache/casbin / TestGetImplicitUsersForResourceWithResourceRoles

Function TestGetImplicitUsersForResourceWithResourceRoles

rbac_api_test.go:638–673  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

636}
637
638func TestGetImplicitUsersForResourceWithResourceRoles(t *testing.T) {
639 e, _ := NewEnforcer("examples/rbac_with_resource_roles_model.conf", "examples/rbac_with_resource_roles_policy.csv")
640
641 // Test data1 resource - should return users who have access through g2 relationships
642 data1Users, err := e.GetNamedImplicitUsersForResource("g2", "data1")
643 if err != nil {
644 t.Fatalf("GetNamedImplicitUsersForResource failed: %v", err)
645 }
646
647 expectedData1Users := 2 // [alice data1 read] + [alice data_group write]
648 if len(data1Users) != expectedData1Users {
649 t.Errorf("Expected %d users for data1 resource, got %d: %v", expectedData1Users, len(data1Users), data1Users)
650 }
651
652 // Test data2 resource - should return users who have access through g2 relationships
653 data2Users, err := e.GetNamedImplicitUsersForResource("g2", "data2")
654 if err != nil {
655 t.Fatalf("GetNamedImplicitUsersForResource failed: %v", err)
656 }
657
658 expectedData2Users := 2 // [bob data2 write] + [alice data_group write]
659 if len(data2Users) != expectedData2Users {
660 t.Errorf("Expected %d users for data2 resource, got %d: %v", expectedData2Users, len(data2Users), data2Users)
661 }
662
663 // Test with "g" policy type - should return users who have access through g relationships
664 data1UsersG, err := e.GetNamedImplicitUsersForResource("g", "data1")
665 if err != nil {
666 t.Fatalf("GetNamedImplicitUsersForResource with g failed: %v", err)
667 }
668
669 expectedData1UsersG := 1 // [alice data1 read] only
670 if len(data1UsersG) != expectedData1UsersG {
671 t.Errorf("Expected %d users for data1 resource with g policy, got %d: %v", expectedData1UsersG, len(data1UsersG), data1UsersG)
672 }
673}
674
675func testGetImplicitUsersForResourceByDomain(t *testing.T, e *Enforcer, res [][]string, resource string, domain string) {
676 t.Helper()

Callers

nothing calls this directly

Calls 2

NewEnforcerFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…