(t *testing.T)
| 71 | } |
| 72 | |
| 73 | func TestRoleAPI(t *testing.T) { |
| 74 | e, _ := NewEnforcer("examples/rbac_model.conf", "examples/rbac_policy.csv") |
| 75 | |
| 76 | testGetRoles(t, e, []string{"data2_admin"}, "alice") |
| 77 | testGetRoles(t, e, []string{}, "bob") |
| 78 | testGetRoles(t, e, []string{}, "data2_admin") |
| 79 | testGetRoles(t, e, []string{}, "non_exist") |
| 80 | |
| 81 | testHasRole(t, e, "alice", "data1_admin", false) |
| 82 | testHasRole(t, e, "alice", "data2_admin", true) |
| 83 | |
| 84 | _, _ = e.AddRoleForUser("alice", "data1_admin") |
| 85 | |
| 86 | testGetRoles(t, e, []string{"data1_admin", "data2_admin"}, "alice") |
| 87 | testGetRoles(t, e, []string{}, "bob") |
| 88 | testGetRoles(t, e, []string{}, "data2_admin") |
| 89 | |
| 90 | _, _ = e.DeleteRoleForUser("alice", "data1_admin") |
| 91 | |
| 92 | testGetRoles(t, e, []string{"data2_admin"}, "alice") |
| 93 | testGetRoles(t, e, []string{}, "bob") |
| 94 | testGetRoles(t, e, []string{}, "data2_admin") |
| 95 | |
| 96 | _, _ = e.DeleteRolesForUser("alice") |
| 97 | |
| 98 | testGetRoles(t, e, []string{}, "alice") |
| 99 | testGetRoles(t, e, []string{}, "bob") |
| 100 | testGetRoles(t, e, []string{}, "data2_admin") |
| 101 | |
| 102 | _, _ = e.AddRoleForUser("alice", "data1_admin") |
| 103 | _, _ = e.DeleteUser("alice") |
| 104 | |
| 105 | testGetRoles(t, e, []string{}, "alice") |
| 106 | testGetRoles(t, e, []string{}, "bob") |
| 107 | testGetRoles(t, e, []string{}, "data2_admin") |
| 108 | |
| 109 | _, _ = e.AddRoleForUser("alice", "data2_admin") |
| 110 | |
| 111 | testEnforce(t, e, "alice", "data1", "read", false) |
| 112 | testEnforce(t, e, "alice", "data1", "write", false) |
| 113 | testEnforce(t, e, "alice", "data2", "read", true) |
| 114 | testEnforce(t, e, "alice", "data2", "write", true) |
| 115 | testEnforce(t, e, "bob", "data1", "read", false) |
| 116 | testEnforce(t, e, "bob", "data1", "write", false) |
| 117 | testEnforce(t, e, "bob", "data2", "read", false) |
| 118 | testEnforce(t, e, "bob", "data2", "write", true) |
| 119 | |
| 120 | _, _ = e.DeleteRole("data2_admin") |
| 121 | |
| 122 | testEnforce(t, e, "alice", "data1", "read", false) |
| 123 | testEnforce(t, e, "alice", "data1", "write", false) |
| 124 | testEnforce(t, e, "alice", "data2", "read", false) |
| 125 | testEnforce(t, e, "alice", "data2", "write", false) |
| 126 | testEnforce(t, e, "bob", "data1", "read", false) |
| 127 | testEnforce(t, e, "bob", "data1", "write", false) |
| 128 | testEnforce(t, e, "bob", "data2", "read", false) |
| 129 | testEnforce(t, e, "bob", "data2", "write", true) |
| 130 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…