-
Notifications
You must be signed in to change notification settings - Fork 1.2k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
dashboard/app: unit test accessLevel
- Loading branch information
1 parent
fc67a39
commit cd6fc0a
Showing
3 changed files
with
161 additions
and
14 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -429,3 +429,147 @@ func TestAccess(t *testing.T) { | |
} | ||
} | ||
} | ||
|
||
type UserAuthorizationLevel int | ||
|
||
const ( | ||
BadAuthDomain UserAuthorizationLevel = iota | ||
Regular | ||
Authenticated | ||
AuthorizedAccessPublic | ||
AuthorizedUser | ||
AuthorizedAdmin | ||
) | ||
|
||
func makeUser(a UserAuthorizationLevel) *user.User { | ||
u := &user.User{} | ||
switch a { | ||
case BadAuthDomain: | ||
u.AuthDomain = "public.com" | ||
case Regular: | ||
u = nil | ||
case Authenticated: | ||
u.Email = "[email protected]" | ||
case AuthorizedAccessPublic: | ||
u.Email = "[email protected]" | ||
case AuthorizedUser: | ||
u.Email = "[email protected]" | ||
case AuthorizedAdmin: | ||
u.Email = "[email protected]" | ||
u.Admin = true | ||
} | ||
return u | ||
} | ||
|
||
func TestUserAccessLevel(t *testing.T) { | ||
tests := []struct { | ||
name string | ||
u *user.User | ||
enforcedAccessLevel string | ||
config *GlobalConfig | ||
wantAccessLevel AccessLevel | ||
}{ | ||
{ | ||
name: "wrong auth domain", | ||
u: makeUser(BadAuthDomain), | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "regular not authenticated user", | ||
u: makeUser(Regular), | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "regular not authenticated user wants to be an admin", | ||
u: makeUser(Regular), | ||
enforcedAccessLevel: "admin", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "regular not authenticated user wants to be a user", | ||
u: makeUser(Regular), | ||
enforcedAccessLevel: "user", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authenticated, not authorized user", | ||
u: makeUser(Authenticated), | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authenticated, not authorized user wants to be an admin", | ||
u: makeUser(Authenticated), | ||
enforcedAccessLevel: "admin", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authenticated, not authorized user wants to be a user", | ||
u: makeUser(Authenticated), | ||
enforcedAccessLevel: "user", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authorized for AccessPublic user", | ||
u: makeUser(AuthorizedAccessPublic), | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authorized for AccessPublic user wants to be an admin", | ||
u: makeUser(AuthorizedAccessPublic), | ||
enforcedAccessLevel: "admin", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authorized for AccessPublic user wants to be a user", | ||
u: makeUser(AuthorizedAccessPublic), | ||
enforcedAccessLevel: "user", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authorized for AccessUser user", | ||
u: makeUser(AuthorizedUser), | ||
config: testConfig, | ||
wantAccessLevel: AccessUser, | ||
}, | ||
{ | ||
name: "authorized for AccessUser user wants to be an admin", | ||
u: makeUser(AuthorizedUser), | ||
enforcedAccessLevel: "admin", | ||
config: testConfig, | ||
wantAccessLevel: AccessUser, | ||
}, | ||
{ | ||
name: "authorized admin wants AccessAdmin", | ||
u: makeUser(AuthorizedAdmin), | ||
config: testConfig, | ||
wantAccessLevel: AccessAdmin, | ||
}, | ||
{ | ||
name: "authorized admin wants AccessPublic", | ||
u: makeUser(AuthorizedAdmin), | ||
enforcedAccessLevel: "public", | ||
config: testConfig, | ||
wantAccessLevel: AccessPublic, | ||
}, | ||
{ | ||
name: "authorized admin wants AccessUser", | ||
u: makeUser(AuthorizedAdmin), | ||
enforcedAccessLevel: "user", | ||
config: testConfig, | ||
wantAccessLevel: AccessUser, | ||
}, | ||
} | ||
for _, test := range tests { | ||
t.Run(test.name, func(t *testing.T) { | ||
assert.Equal(t, test.wantAccessLevel, userAccessLevel(test.u, test.enforcedAccessLevel, test.config)) | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters