Strona główna Odkrywaj Pomoc
Zaloguj się
github-mirrors
/
mirror-seaweedfs
2
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: b64ada08bd
Gałęzie Tagi
mirror-seaweedf...
/
weed
/
iamapi
/
iamapi_management_handlers_test.go

iamapi_management_handlers_test.go 2.0 KB
Historia Czysty

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. package iamapi
    2. 

  2. 

  3. import (
    4. 

  4. 	"testing"
    5. 

  5. 

  6. 	"github.com/seaweedfs/seaweedfs/weed/s3api/policy_engine"
    7. 

  7. 	"github.com/stretchr/testify/assert"
    8. 

  8. )
    9. 

  9. 

  10. func TestGetActionsUserPath(t *testing.T) {
    11. 

  11. 

  12. 	policyDocument := policy_engine.PolicyDocument{
    13. 

  13. 		Version: "2012-10-17",
    14. 

  14. 		Statement: []policy_engine.PolicyStatement{
    15. 

  15. 			{
    16. 

  16. 				Effect:   policy_engine.PolicyEffectAllow,
    17. 

  17. 				Action:   policy_engine.NewStringOrStringSlice("s3:Put*", "s3:PutBucketAcl", "s3:Get*", "s3:GetBucketAcl", "s3:List*", "s3:Tagging*", "s3:DeleteBucket*"),
    18. 

  18. 				Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::shared/user-Alice/*"),
    19. 

  19. 			},
    20. 

  20. 		},
    21. 

  21. 	}
    22. 

  22. 

  23. 	actions, _ := GetActions(&policyDocument)
    24. 

  24. 

  25. 	expectedActions := []string{
    26. 

  26. 		"Write:shared/user-Alice/*",
    27. 

  27. 		"WriteAcp:shared/user-Alice/*",
    28. 

  28. 		"Read:shared/user-Alice/*",
    29. 

  29. 		"ReadAcp:shared/user-Alice/*",
    30. 

  30. 		"List:shared/user-Alice/*",
    31. 

  31. 		"Tagging:shared/user-Alice/*",
    32. 

  32. 		"DeleteBucket:shared/user-Alice/*",
    33. 

  33. 	}
    34. 

  34. 	assert.Equal(t, expectedActions, actions)
    35. 

  35. }
    36. 

  36. 

  37. func TestGetActionsWildcardPath(t *testing.T) {
    38. 

  38. 

  39. 	policyDocument := policy_engine.PolicyDocument{
    40. 

  40. 		Version: "2012-10-17",
    41. 

  41. 		Statement: []policy_engine.PolicyStatement{
    42. 

  42. 			{
    43. 

  43. 				Effect:   policy_engine.PolicyEffectAllow,
    44. 

  44. 				Action:   policy_engine.NewStringOrStringSlice("s3:Get*", "s3:PutBucketAcl"),
    45. 

  45. 				Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::*"),
    46. 

  46. 			},
    47. 

  47. 		},
    48. 

  48. 	}
    49. 

  49. 

  50. 	actions, _ := GetActions(&policyDocument)
    51. 

  51. 

  52. 	expectedActions := []string{
    53. 

  53. 		"Read",
    54. 

  54. 		"WriteAcp",
    55. 

  55. 	}
    56. 

  56. 	assert.Equal(t, expectedActions, actions)
    57. 

  57. }
    58. 

  58. 

  59. func TestGetActionsInvalidAction(t *testing.T) {
    60. 

  60. 	policyDocument := policy_engine.PolicyDocument{
    61. 

  61. 		Version: "2012-10-17",
    62. 

  62. 		Statement: []policy_engine.PolicyStatement{
    63. 

  63. 			{
    64. 

  64. 				Effect:   policy_engine.PolicyEffectAllow,
    65. 

  65. 				Action:   policy_engine.NewStringOrStringSlice("s3:InvalidAction"),
    66. 

  66. 				Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::shared/user-Alice/*"),
    67. 

  67. 			},
    68. 

  68. 		},
    69. 

  69. 	}
    70. 

  70. 

  71. 	_, err := GetActions(&policyDocument)
    72. 

  72. 	assert.NotNil(t, err)
    73. 

  73. 	assert.Equal(t, "not a valid action: 'InvalidAction'", err.Error())
    74. 

  74. }
    75.