From 7fcf6f5aa01d5d60b1f6ef6ce7677cb2a10bf79a Mon Sep 17 00:00:00 2001 From: jkoberg Date: Tue, 1 Mar 2022 11:37:26 +0100 Subject: [PATCH] implement permission unit tests Signed-off-by: jkoberg --- .../pkg/store/metadata/assignments_test.go | 9 +++ settings/pkg/store/metadata/permissions.go | 60 +++++++++++++++++-- .../pkg/store/metadata/permissions_test.go | 27 +++++++++ settings/pkg/store/metadata/store.go | 4 ++ 4 files changed, 95 insertions(+), 5 deletions(-) create mode 100644 settings/pkg/store/metadata/permissions_test.go diff --git a/settings/pkg/store/metadata/assignments_test.go b/settings/pkg/store/metadata/assignments_test.go index a2b56e600a0..5dae88ae945 100644 --- a/settings/pkg/store/metadata/assignments_test.go +++ b/settings/pkg/store/metadata/assignments_test.go @@ -37,20 +37,28 @@ var ( }, Settings: []*settingsmsg.Setting{ { + Id: "updateID", Name: "update", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ Operation: settingsmsg.Permission_OPERATION_UPDATE, }, }, + Resource: &settingsmsg.Resource{ + Type: settingsmsg.Resource_TYPE_SETTING, + }, }, { + Id: "readID", Name: "read", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ Operation: settingsmsg.Permission_OPERATION_READ, }, }, + Resource: &settingsmsg.Resource{ + Type: settingsmsg.Resource_TYPE_BUNDLE, + }, }, }, }, @@ -65,6 +73,7 @@ var ( }, Settings: []*settingsmsg.Setting{ { + Id: "readID", Name: "read", Value: &settingsmsg.Setting_PermissionValue{ PermissionValue: &settingsmsg.Permission{ diff --git a/settings/pkg/store/metadata/permissions.go b/settings/pkg/store/metadata/permissions.go index 0a6133deb69..50ebe12a532 100644 --- a/settings/pkg/store/metadata/permissions.go +++ b/settings/pkg/store/metadata/permissions.go @@ -1,22 +1,72 @@ package store import ( - "errors" - settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" + "github.com/owncloud/ocis/settings/pkg/settings" + "github.com/owncloud/ocis/settings/pkg/util" ) // ListPermissionsByResource collects all permissions from the provided roleIDs that match the requested resource func (s *Store) ListPermissionsByResource(resource *settingsmsg.Resource, roleIDs []string) ([]*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + records := make([]*settingsmsg.Permission, 0) + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + records = append(records, extractPermissionsByResource(resource, role)...) + } + return records, nil } // ReadPermissionByID finds the permission in the roles, specified by the provided roleIDs func (s *Store) ReadPermissionByID(permissionID string, roleIDs []string) (*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + for _, permission := range role.Settings { + if permission.Id == permissionID { + if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok { + return value.PermissionValue, nil + } + } + } + } + return nil, nil } // ReadPermissionByName finds the permission in the roles, specified by the provided roleIDs func (s *Store) ReadPermissionByName(name string, roleIDs []string) (*settingsmsg.Permission, error) { - return nil, errors.New("not implemented") + for _, roleID := range roleIDs { + role, err := s.ReadBundle(roleID) + if err != nil { + s.Logger.Debug().Str("roleID", roleID).Msg("role not found, skipping") + continue + } + for _, permission := range role.Settings { + if permission.Name == name { + if value, ok := permission.Value.(*settingsmsg.Setting_PermissionValue); ok { + return value.PermissionValue, nil + } + } + } + } + return nil, settings.ErrPermissionNotFound +} + +// extractPermissionsByResource collects all permissions from the provided role that match the requested resource +func extractPermissionsByResource(resource *settingsmsg.Resource, role *settingsmsg.Bundle) []*settingsmsg.Permission { + permissions := make([]*settingsmsg.Permission, 0) + for _, setting := range role.Settings { + if value, ok := setting.Value.(*settingsmsg.Setting_PermissionValue); ok { + if util.IsResourceMatched(setting.Resource, resource) { + permissions = append(permissions, value.PermissionValue) + } + } + } + return permissions } diff --git a/settings/pkg/store/metadata/permissions_test.go b/settings/pkg/store/metadata/permissions_test.go new file mode 100644 index 00000000000..db3283cb461 --- /dev/null +++ b/settings/pkg/store/metadata/permissions_test.go @@ -0,0 +1,27 @@ +package store + +import ( + "testing" + + settingsmsg "github.com/owncloud/ocis/protogen/gen/ocis/messages/settings/v0" + "github.com/stretchr/testify/require" +) + +func TestPermission(t *testing.T) { + // bunldes are initialized within init func + p, err := s.ReadPermissionByID("readID", []string{"f36db5e6-a03c-40df-8413-711c67e40b47"}) + require.NoError(t, err) + require.Equal(t, settingsmsg.Permission_OPERATION_READ, p.Operation) + + p, err = s.ReadPermissionByName("read", []string{"f36db5e6-a03c-40df-8413-711c67e40b47"}) + require.NoError(t, err) + require.Equal(t, settingsmsg.Permission_OPERATION_READ, p.Operation) + + pms, err := s.ListPermissionsByResource(&settingsmsg.Resource{ + Type: settingsmsg.Resource_TYPE_BUNDLE, + }, []string{"f36db5e6-a03c-40df-8413-711c67e40b47"}) + require.NoError(t, err) + require.Len(t, pms, 1) + require.Equal(t, settingsmsg.Permission_OPERATION_READ, pms[0].Operation) + +} diff --git a/settings/pkg/store/metadata/store.go b/settings/pkg/store/metadata/store.go index b77a6770fec..f7d987eecd2 100644 --- a/settings/pkg/store/metadata/store.go +++ b/settings/pkg/store/metadata/store.go @@ -50,6 +50,10 @@ func (s *Store) Init() { s.l.Lock() defer s.l.Unlock() + if s.mdc != nil { + return + } + var err error //s.init.Do(func() { //b := backoff.NewExponentialBackOff()