/* * Copyright 2024 The Dragonfly Authors * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package handlers import ( "net/http" "net/http/httptest" "strings" "testing" "github.com/gin-gonic/gin" "github.com/stretchr/testify/assert" "go.uber.org/mock/gomock" "d7y.io/dragonfly/v2/manager/permission/rbac" "d7y.io/dragonfly/v2/manager/service/mocks" "d7y.io/dragonfly/v2/manager/types" ) var ( mockRoleReqBody = ` { "permissions": [ { "action": "read", "object": "object" } ], "role": "maintainer" }` mockPermissionForRoleReqBody = ` { "action": "read", "object": "object" }` mockCreateRoleRequest = types.CreateRoleRequest{ Role: "maintainer", Permissions: []rbac.Permission{{Object: "object", Action: "read"}}, } ) func mockRoleRouter(h *Handlers) *gin.Engine { r := gin.Default() apiv1 := r.Group("/api/v1") re := apiv1.Group("/roles") re.POST("", h.CreateRole) re.DELETE(":role", h.DestroyRole) re.GET(":role", h.GetRole) re.GET("", h.GetRoles) re.POST(":role/permissions", h.AddPermissionForRole) re.DELETE(":role/permissions", h.DeletePermissionForRole) return r } func TestHandlers_CreateRole(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "unprocessable entity", req: httptest.NewRequest(http.MethodPost, "/api/v1/roles", nil), mock: func(ms *mocks.MockServiceMockRecorder) {}, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusUnprocessableEntity, w.Code) }, }, { name: "success", req: httptest.NewRequest(http.MethodPost, "/api/v1/roles", strings.NewReader(mockRoleReqBody)), mock: func(ms *mocks.MockServiceMockRecorder) { ms.CreateRole(gomock.Any(), gomock.Eq(mockCreateRoleRequest)).Return(nil).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } } func TestHandlers_DestroyRole(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "success", req: httptest.NewRequest(http.MethodDelete, "/api/v1/roles/maintainer", nil), mock: func(ms *mocks.MockServiceMockRecorder) { ms.DestroyRole(gomock.Any(), "maintainer").Return(true, nil).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } } func TestHandlers_GetRole(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "success", req: httptest.NewRequest(http.MethodGet, "/api/v1/roles/maintainer", nil), mock: func(ms *mocks.MockServiceMockRecorder) { ms.GetRole(gomock.Any(), "maintainer").Return([][]string{{"maintainer"}}).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) assert.Equal(w.Body.String(), `[["maintainer"]]`) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } } func TestHandlers_GetRoles(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "success", req: httptest.NewRequest(http.MethodGet, "/api/v1/roles", nil), mock: func(ms *mocks.MockServiceMockRecorder) { ms.GetRoles(gomock.Any()).Return([]string{"maintainer"}).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) assert.Equal(w.Body.String(), `["maintainer"]`) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } } func TestHandlers_AddPermissionForRole(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "unprocessable entity caused by body", req: httptest.NewRequest(http.MethodPost, "/api/v1/roles/maintainer/permissions", nil), mock: func(ms *mocks.MockServiceMockRecorder) {}, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusUnprocessableEntity, w.Code) }, }, { name: "success", req: httptest.NewRequest(http.MethodPost, "/api/v1/roles/maintainer/permissions", strings.NewReader(mockPermissionForRoleReqBody)), mock: func(ms *mocks.MockServiceMockRecorder) { ms.AddPermissionForRole(gomock.Any(), "maintainer", gomock.Eq(types.AddPermissionForRoleRequest{ Permission: rbac.Permission{Object: "object", Action: "read"}, })).Return(true, nil).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } } func TestHandlers_DeletePermissionForRole(t *testing.T) { tests := []struct { name string req *http.Request mock func(ms *mocks.MockServiceMockRecorder) expect func(t *testing.T, w *httptest.ResponseRecorder) }{ { name: "unprocessable entity caused by body", req: httptest.NewRequest(http.MethodDelete, "/api/v1/roles/maintainer/permissions", nil), mock: func(ms *mocks.MockServiceMockRecorder) {}, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusUnprocessableEntity, w.Code) }, }, { name: "success", req: httptest.NewRequest(http.MethodDelete, "/api/v1/roles/maintainer/permissions", strings.NewReader(mockPermissionForRoleReqBody)), mock: func(ms *mocks.MockServiceMockRecorder) { ms.DeletePermissionForRole(gomock.Any(), "maintainer", gomock.Eq(types.DeletePermissionForRoleRequest{ Permission: rbac.Permission{Object: "object", Action: "read"}, })).Return(true, nil).Times(1) }, expect: func(t *testing.T, w *httptest.ResponseRecorder) { assert := assert.New(t) assert.Equal(http.StatusOK, w.Code) }, }, } for _, tc := range tests { t.Run(tc.name, func(t *testing.T) { ctl := gomock.NewController(t) defer ctl.Finish() svc := mocks.NewMockService(ctl) w := httptest.NewRecorder() h := New(svc) mockRouter := mockRoleRouter(h) tc.mock(svc.EXPECT()) mockRouter.ServeHTTP(w, tc.req) tc.expect(t, w) }) } }