MCPcopy
hub / github.com/apache/casbin / TestImplicitPermissionAPI

Function TestImplicitPermissionAPI

rbac_api_test.go:359–389  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

357}
358
359func TestImplicitPermissionAPI(t *testing.T) {
360 e, _ := NewEnforcer("examples/rbac_model.conf", "examples/rbac_with_hierarchy_policy.csv")
361
362 testGetPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}})
363 testGetPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}})
364
365 testGetImplicitPermissions(t, e, "alice", [][]string{{"alice", "data1", "read"}, {"data1_admin", "data1", "read"}, {"data1_admin", "data1", "write"}, {"data2_admin", "data2", "read"}, {"data2_admin", "data2", "write"}})
366 testGetImplicitPermissions(t, e, "bob", [][]string{{"bob", "data2", "write"}})
367
368 e, _ = NewEnforcer("examples/rbac_with_domain_pattern_model.conf", "examples/rbac_with_domain_pattern_policy.csv")
369 e.AddNamedDomainMatchingFunc("g", "KeyMatch", util.KeyMatch)
370
371 testGetImplicitPermissions(t, e, "admin", [][]string{{"admin", "domain1", "data1", "read"}, {"admin", "domain1", "data1", "write"}, {"admin", "domain1", "data3", "read"}}, "domain1")
372
373 _, err := e.GetImplicitPermissionsForUser("admin", "domain1", "domain2")
374 if err == nil {
375 t.Error("GetImplicitPermissionsForUser should not support multiple domains")
376 }
377
378 testGetImplicitPermissions(t, e, "alice",
379 [][]string{{"admin", "domain2", "data2", "read"}, {"admin", "domain2", "data2", "write"}, {"admin", "domain2", "data3", "read"}},
380 "domain2")
381
382 e, _ = NewEnforcer("examples/rbac_with_multiple_policy_model.conf", "examples/rbac_with_multiple_policy_policy.csv")
383
384 testGetNamedImplicitPermissions(t, e, "p", "g", "alice", [][]string{{"user", "/data", "GET"}, {"admin", "/data", "POST"}})
385 testGetNamedImplicitPermissions(t, e, "p2", "g", "alice", [][]string{{"user", "view"}, {"admin", "create"}})
386
387 testGetNamedImplicitPermissions(t, e, "p", "g2", "alice", [][]string{{"user", "/data", "GET"}})
388 testGetNamedImplicitPermissions(t, e, "p2", "g2", "alice", [][]string{{"user", "view"}})
389}
390
391func TestImplicitPermissionAPIWithDomain(t *testing.T) {
392 e, _ := NewEnforcer("examples/rbac_with_domains_model.conf", "examples/rbac_with_hierarchy_with_domains_policy.csv")

Callers

nothing calls this directly

Calls 7

NewEnforcerFunction · 0.85
testGetPermissionsFunction · 0.85
ErrorMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…