MCPcopy
hub / github.com/apache/casbin / TestPermissionAPI

Function TestPermissionAPI

rbac_api_test.go:234–288  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

232}
233
234func TestPermissionAPI(t *testing.T) {
235 e, _ := NewEnforcer("examples/basic_without_resources_model.conf", "examples/basic_without_resources_policy.csv")
236
237 testEnforceWithoutUsers(t, e, "alice", "read", true)
238 testEnforceWithoutUsers(t, e, "alice", "write", false)
239 testEnforceWithoutUsers(t, e, "bob", "read", false)
240 testEnforceWithoutUsers(t, e, "bob", "write", true)
241
242 testGetPermissions(t, e, "alice", [][]string{{"alice", "read"}})
243 testGetPermissions(t, e, "bob", [][]string{{"bob", "write"}})
244
245 testHasPermission(t, e, "alice", []string{"read"}, true)
246 testHasPermission(t, e, "alice", []string{"write"}, false)
247 testHasPermission(t, e, "bob", []string{"read"}, false)
248 testHasPermission(t, e, "bob", []string{"write"}, true)
249
250 _, _ = e.DeletePermission("read")
251
252 testEnforceWithoutUsers(t, e, "alice", "read", false)
253 testEnforceWithoutUsers(t, e, "alice", "write", false)
254 testEnforceWithoutUsers(t, e, "bob", "read", false)
255 testEnforceWithoutUsers(t, e, "bob", "write", true)
256
257 _, _ = e.AddPermissionForUser("bob", "read")
258
259 testEnforceWithoutUsers(t, e, "alice", "read", false)
260 testEnforceWithoutUsers(t, e, "alice", "write", false)
261 testEnforceWithoutUsers(t, e, "bob", "read", true)
262 testEnforceWithoutUsers(t, e, "bob", "write", true)
263
264 _, _ = e.AddPermissionsForUser("jack",
265 []string{"read"},
266 []string{"write"})
267
268 testEnforceWithoutUsers(t, e, "jack", "read", true)
269 testEnforceWithoutUsers(t, e, "bob", "write", true)
270
271 _, _ = e.DeletePermissionForUser("bob", "read")
272
273 testEnforceWithoutUsers(t, e, "alice", "read", false)
274 testEnforceWithoutUsers(t, e, "alice", "write", false)
275 testEnforceWithoutUsers(t, e, "bob", "read", false)
276 testEnforceWithoutUsers(t, e, "bob", "write", true)
277
278 _, _ = e.DeletePermissionsForUser("bob")
279
280 testEnforceWithoutUsers(t, e, "alice", "read", false)
281 testEnforceWithoutUsers(t, e, "alice", "write", false)
282 testEnforceWithoutUsers(t, e, "bob", "read", false)
283 testEnforceWithoutUsers(t, e, "bob", "write", false)
284
285 e, _ = NewEnforcer("examples/rbac_with_multiple_policy_model.conf", "examples/rbac_with_multiple_policy_policy.csv")
286 testGetNamedPermissionsForUser(t, e, "p", "user", [][]string{{"user", "/data", "GET"}})
287 testGetNamedPermissionsForUser(t, e, "p2", "user", [][]string{{"user", "view"}})
288}
289
290func testGetImplicitRoles(t *testing.T, e *Enforcer, name string, res []string) {
291 t.Helper()

Callers

nothing calls this directly

Calls 10

DeletePermissionMethod · 0.95
AddPermissionForUserMethod · 0.95
AddPermissionsForUserMethod · 0.95
NewEnforcerFunction · 0.85
testEnforceWithoutUsersFunction · 0.85
testGetPermissionsFunction · 0.85
testHasPermissionFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…