(t *testing.T)
| 713 | } |
| 714 | |
| 715 | func TestMaxHierarchyLevelConsistency(t *testing.T) { |
| 716 | // Test consistency behavior under different maxHierarchyLevel values |
| 717 | testCases := []struct { |
| 718 | maxLevel int |
| 719 | name string |
| 720 | }{ |
| 721 | {1, "maxHierarchyLevel=1"}, |
| 722 | {2, "maxHierarchyLevel=2"}, |
| 723 | {3, "maxHierarchyLevel=3"}, |
| 724 | } |
| 725 | |
| 726 | for _, tc := range testCases { |
| 727 | t.Run(tc.name, func(t *testing.T) { |
| 728 | // Use model files from examples |
| 729 | e, err := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv") |
| 730 | if err != nil { |
| 731 | t.Fatalf("Failed to create enforcer: %v", err) |
| 732 | } |
| 733 | |
| 734 | // Set the maximum hierarchy level for role manager |
| 735 | rm := defaultrolemanager.NewRoleManager(tc.maxLevel) |
| 736 | e.SetRoleManager(rm) |
| 737 | |
| 738 | // Add role hierarchy: level0 -> level1 -> level2 -> level3 -> level4 |
| 739 | _, err = e.AddRoleForUser("level0", "level1") |
| 740 | if err != nil { |
| 741 | t.Fatalf("Failed to add role for user: %v", err) |
| 742 | } |
| 743 | _, err = e.AddRoleForUser("level1", "level2") |
| 744 | if err != nil { |
| 745 | t.Fatalf("Failed to add role for user: %v", err) |
| 746 | } |
| 747 | _, err = e.AddRoleForUser("level2", "level3") |
| 748 | if err != nil { |
| 749 | t.Fatalf("Failed to add role for user: %v", err) |
| 750 | } |
| 751 | _, err = e.AddRoleForUser("level3", "level4") |
| 752 | if err != nil { |
| 753 | t.Fatalf("Failed to add role for user: %v", err) |
| 754 | } |
| 755 | |
| 756 | // Test HasLink method |
| 757 | t.Run("HasLink", func(t *testing.T) { |
| 758 | for i := 1; i <= 4; i++ { |
| 759 | hasLink, err := rm.HasLink("level0", fmt.Sprintf("level%d", i)) |
| 760 | if err != nil { |
| 761 | t.Fatalf("HasLink error: %v", err) |
| 762 | } |
| 763 | expected := i <= tc.maxLevel |
| 764 | if hasLink != expected { |
| 765 | t.Errorf("HasLink(level0, level%d): got %v, want %v", i, hasLink, expected) |
| 766 | } |
| 767 | } |
| 768 | }) |
| 769 | |
| 770 | // Test GetImplicitRolesForUser method |
| 771 | t.Run("GetImplicitRolesForUser", func(t *testing.T) { |
| 772 | implicitRoles, err := e.GetImplicitRolesForUser("level0") |
nothing calls this directly
no test coverage detected
searching dependent graphs…