From 253ab240932aadbdd557235b1504e0709bcece75 Mon Sep 17 00:00:00 2001 From: DivyPatel9881 Date: Sun, 12 Jul 2020 02:00:13 +0530 Subject: [PATCH] feat: add management api tests and fix enforcer warnings. Signed-off-by: DivyPatel9881 --- casbin/enforcer.cpp | 4 +- casbin/model/assertion.cpp | 2 +- test/test.vcxproj | 1 + test/test.vcxproj.filters | 3 + test/test_management_api.cpp | 285 +++++++++++++++++++++++++++++++++++ 5 files changed, 292 insertions(+), 3 deletions(-) create mode 100644 test/test_management_api.cpp diff --git a/casbin/enforcer.cpp b/casbin/enforcer.cpp index 6205bc72..26c5c23c 100644 --- a/casbin/enforcer.cpp +++ b/casbin/enforcer.cpp @@ -483,8 +483,8 @@ bool Enforcer::EnforceWithMatcher(string matcher, string sub, string dom, string bool Enforcer::EnforceWithMatcher(string matcher, vector params) { vector r_tokens = this->model->m["r"].assertion_map["r"]->tokens; - int r_cnt = r_tokens.size(); - int cnt = params.size(); + int r_cnt = int(r_tokens.size()); + int cnt = int(params.size()); if (cnt != r_cnt) return false; diff --git a/casbin/model/assertion.cpp b/casbin/model/assertion.cpp index 464ef546..ade15f2d 100644 --- a/casbin/model/assertion.cpp +++ b/casbin/model/assertion.cpp @@ -77,5 +77,5 @@ void Assertion :: BuildRoleLinks(RoleManager* rm) { // LogUtil :: LogPrint("Role links for: " + Key); - this->rm->PrintRoles(); + //this->rm->PrintRoles(); } \ No newline at end of file diff --git a/test/test.vcxproj b/test/test.vcxproj index 277f9779..9ea8e002 100644 --- a/test/test.vcxproj +++ b/test/test.vcxproj @@ -168,6 +168,7 @@ + diff --git a/test/test.vcxproj.filters b/test/test.vcxproj.filters index 39d8390e..49da0fa1 100644 --- a/test/test.vcxproj.filters +++ b/test/test.vcxproj.filters @@ -39,6 +39,9 @@ Source Files + + Source Files + diff --git a/test/test_management_api.cpp b/test/test_management_api.cpp new file mode 100644 index 00000000..46074518 --- /dev/null +++ b/test/test_management_api.cpp @@ -0,0 +1,285 @@ +#pragma once + +#include "pch.h" + +#include +#include +#include + +#include +#include +#include +#include +#include + +using namespace std; + +namespace test_management_api +{ + TEST_CLASS(TestManagementAPI) + { + public: + + string basic_example; + Config* basic_config; + + TEST_METHOD_INITIALIZE(InitializeBasicConfig) { + basic_example = filePath("../examples/basic_model.conf"); + basic_config = Config::NewConfig(basic_example); + } + + string filePath(string filepath) { + char* root = _getcwd(NULL, 0); + string rootStr = string(root); + + vector directories = Split(rootStr, "\\", -1); + vector::iterator it = find(directories.begin(), directories.end(), "x64"); + vector left{ *(it - 1) }; + it = find_end(directories.begin(), directories.end(), left.begin(), left.end()); + int index = int(directories.size() + (it - directories.end())); + + vector finalDirectories(directories.begin(), directories.begin() + index + 1); + + vector userD = Split(filepath, "/", -1); + for (int i = 1; i < userD.size(); i++) + finalDirectories.push_back(userD[i]); + + string filepath1 = finalDirectories[0]; + for (int i = 1; i < finalDirectories.size(); i++) + filepath1 = filepath1 + "/" + finalDirectories[i]; + return filepath1; + } + + TEST_METHOD(TestGetList) { + string model = filePath("../examples/rbac_model.conf"); + string policy = filePath("../examples/rbac_policy.csv"); + Enforcer* e = Enforcer :: NewEnforcer(model, policy); + + Assert::IsTrue(ArrayEquals(vector{ "alice", "bob", "data2_admin" }, e->GetAllSubjects())); + Assert::IsTrue(ArrayEquals(vector{ "data1", "data2" }, e->GetAllObjects())); + Assert::IsTrue(ArrayEquals(vector{ "read", "write" }, e->GetAllActions())); + Assert::IsTrue(ArrayEquals(vector{ "data2_admin" }, e->GetAllRoles())); + } + + void TestGetPolicy(Enforcer* e, vector> res) { + vector> my_res; + my_res = e->GetPolicy(); + + int count = 0; + for (int i = 0; i < my_res.size(); i++) { + for (int j = 0; j < res.size(); j++) { + if (ArrayEquals(my_res[i], res[j])) + count++; + } + } + + if (count == res.size()) + Assert::IsTrue(true); + } + + void TestGetFilteredPolicy(Enforcer* e, int field_index, vector> res, vector field_values) { + vector> my_res = e->GetFilteredPolicy(field_index, field_values); + for (int i = 0; i < res.size(); i++) { + Assert::IsTrue(ArrayEquals(my_res[i], res[i])); + } + } + + void TestGetGroupingPolicy(Enforcer* e, vector> res) { + vector> my_res = e->GetGroupingPolicy(); + + for (int i = 0; i < my_res.size(); i++) { + Assert::IsTrue(ArrayEquals(my_res[i], res[i])); + } + } + + void TestGetFilteredGroupingPolicy(Enforcer* e, int field_index, vector> res, vector field_values) { + vector> my_res = e->GetFilteredGroupingPolicy(field_index, field_values); + + for (int i = 0; i < my_res.size(); i++) { + Assert::IsTrue(ArrayEquals(my_res[i], res[i])); + } + } + + void TestHasPolicy(Enforcer* e, vector policy, bool res) { + bool my_res = e->HasPolicy(policy); + Assert::AreEqual(res, my_res); + } + + void TestHasGroupingPolicy(Enforcer* e, vector policy, bool res) { + bool my_res = e->HasGroupingPolicy(policy); + Assert::AreEqual(res, my_res); + } + + TEST_METHOD(TestGetPolicyAPI) { + string model = filePath("../examples/rbac_model.conf"); + string policy = filePath("../examples/rbac_policy.csv"); + Enforcer* e = Enforcer::NewEnforcer(model, policy); + + TestGetPolicy(e, vector>{ + {"alice", "data1", "read"}, + { "bob", "data2", "write" }, + { "data2_admin", "data2", "read" }, + { "data2_admin", "data2", "write" }}); + + TestGetFilteredPolicy(e, 0, vector>{ {"alice", "data1", "read"} }, vector{"alice"}); + TestGetFilteredPolicy(e, 0, vector>{ {"bob", "data2", "write"}}, vector{"bob"}); + TestGetFilteredPolicy(e, 0, vector>{ {"data2_admin", "data2", "read"}, { "data2_admin", "data2", "write" }}, vector{"data2_admin"}); + TestGetFilteredPolicy(e, 1, vector>{ {"alice", "data1", "read"}}, vector{"data1"}); + TestGetFilteredPolicy(e, 1, vector>{ {"bob", "data2", "write"}, { "data2_admin", "data2", "read" }, { "data2_admin", "data2", "write" }}, vector{"data2"}); + TestGetFilteredPolicy(e, 2, vector>{ {"alice", "data1", "read"}, { "data2_admin", "data2", "read" }}, vector{"read"}); + TestGetFilteredPolicy(e, 2, vector>{ {"bob", "data2", "write"}, { "data2_admin", "data2", "write" }}, vector{"write"}); + + TestGetFilteredPolicy(e, 0, vector>{ {"data2_admin", "data2", "read"}, { "data2_admin", "data2", "write" }}, vector{"data2_admin", "data2"}); + // Note: "" (empty string) in fieldValues means matching all values. + TestGetFilteredPolicy(e, 0, vector>{ {"data2_admin", "data2", "read"}}, vector{"data2_admin", "", "read"}); + TestGetFilteredPolicy(e, 1, vector>{ {"bob", "data2", "write"}, { "data2_admin", "data2", "write" }}, vector{"data2", "write"}); + + TestHasPolicy(e, vector{"alice", "data1", "read"}, true); + TestHasPolicy(e, vector{"bob", "data2", "write"}, true); + TestHasPolicy(e, vector{"alice", "data2", "read"}, false); + TestHasPolicy(e, vector{"bob", "data3", "write"}, false); + + TestGetGroupingPolicy(e, vector>{ {"alice", "data2_admin"}}); + + TestGetFilteredGroupingPolicy(e, 0, vector>{ {"alice", "data2_admin"}}, vector < string>{"alice"}); + TestGetFilteredGroupingPolicy(e, 0, vector>{}, vector < string>{"bob"}); + TestGetFilteredGroupingPolicy(e, 1, vector>{}, vector{"data1_admin"}); + TestGetFilteredGroupingPolicy(e, 1, vector>{ {"alice", "data2_admin"}}, vector{"data2_admin"}); + // Note: "" (empty string) in fieldValues means matching all values. + TestGetFilteredGroupingPolicy(e, 0, vector>{ {"alice", "data2_admin"}}, vector{"", "data2_admin"}); + + TestHasGroupingPolicy(e, vector{"alice", "data2_admin"}, true); + TestHasGroupingPolicy(e, vector{"bob", "data2_admin"}, false); + } + + + TEST_METHOD(TestModifyPolicyAPI) { + string model = filePath("../examples/rbac_model.conf"); + string policy = filePath("../examples/rbac_policy.csv"); + Adapter* adapter = BatchFileAdapter::NewAdapter(policy); + Enforcer* e = Enforcer::NewEnforcer(model, adapter); + + TestGetPolicy(e, vector>{ + {"alice", "data1", "read"}, + { "bob", "data2", "write" }, + { "data2_admin", "data2", "read" }, + { "data2_admin", "data2", "write" }}); + + e->RemovePolicy(vector{"alice", "data1", "read"}); + e->RemovePolicy(vector{"bob", "data2", "write"}); + e->RemovePolicy(vector{"alice", "data1", "read"}); + e->AddPolicy(vector{"eve", "data3", "read"}); + e->AddPolicy(vector{"eve", "data3", "read"}); + + vector>rules{ + {"jack", "data4", "read"}, + {"katy", "data4", "write"}, + {"leyo", "data4", "read"}, + {"ham", "data4", "write"}, + }; + + e->AddPolicies(rules); + e->AddPolicies(rules); + + TestGetPolicy(e, vector>{ + {"data2_admin", "data2", "read"}, + { "data2_admin", "data2", "write" }, + { "eve", "data3", "read" }, + { "jack", "data4", "read" }, + { "katy", "data4", "write" }, + { "leyo", "data4", "read" }, + { "ham", "data4", "write" }}); + + e->RemovePolicies(rules); + e->RemovePolicies(rules); + + vectornamed_policy{ "eve", "data3", "read" }; + e->RemoveNamedPolicy("p", named_policy); + e->AddNamedPolicy("p", named_policy); + + TestGetPolicy(e, vector>{ + {"data2_admin", "data2", "read"}, + { "data2_admin", "data2", "write" }, + { "eve", "data3", "read" }}); + + e->RemoveFilteredPolicy(1, vector{"data2"}); + + TestGetPolicy(e, vector>{ {"eve", "data3", "read"}}); + } + + TEST_METHOD(TestModifyGroupingPolicyAPI) { + string model = filePath("../examples/rbac_model.conf"); + string policy = filePath("../examples/rbac_policy.csv"); + Adapter* adapter = BatchFileAdapter::NewAdapter(policy); + Enforcer* e = Enforcer::NewEnforcer(model, adapter); + + Assert::IsTrue(ArrayEquals(vector{"data2_admin"}, e->GetRolesForUser("alice", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("bob", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("eve", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("non_exist", vector{}))); + + e->RemoveGroupingPolicy(vector{"alice", "data2_admin"}); + e->AddGroupingPolicy(vector{"bob", "data1_admin"}); + e->AddGroupingPolicy(vector{"eve", "data3_admin"}); + + vector> grouping_rules{ + {"ham", "data4_admin"}, + {"jack", "data5_admin"}, + }; + + e->AddGroupingPolicies(grouping_rules); + Assert::IsTrue(ArrayEquals(vector{"data4_admin"}, e->GetRolesForUser("ham", vector{}))); + Assert::IsTrue(ArrayEquals(vector{"data5_admin"}, e->GetRolesForUser("jack", vector{}))); + e->RemoveGroupingPolicies(grouping_rules); + + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("alice", vector{}))); + vector named_grouping_policy{ "alice", "data2_admin" }; + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("alice", vector{}))); + e->AddNamedGroupingPolicy("g", named_grouping_policy); + Assert::IsTrue(ArrayEquals(vector{"data2_admin"}, e->GetRolesForUser("alice", vector{}))); + e->RemoveNamedGroupingPolicy("g", named_grouping_policy); + + e->AddNamedGroupingPolicies("g", grouping_rules); + e->AddNamedGroupingPolicies("g", grouping_rules); + Assert::IsTrue(ArrayEquals(vector{"data4_admin"}, e->GetRolesForUser("ham", vector{}))); + Assert::IsTrue(ArrayEquals(vector{"data5_admin"}, e->GetRolesForUser("jack", vector{}))); + e->RemoveNamedGroupingPolicies("g", grouping_rules); + e->RemoveNamedGroupingPolicies("g", grouping_rules); + + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("alice", vector{}))); + Assert::IsTrue(ArrayEquals(vector{"data1_admin"}, e->GetRolesForUser("bob", vector{}))); + Assert::IsTrue(ArrayEquals(vector{"data3_admin"}, e->GetRolesForUser("eve", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("non_exist", vector{}))); + + Assert::IsTrue(ArrayEquals(vector{"bob"}, e->GetUsersForRole("data1_admin", vector{}))); + try { + e->GetUsersForRole("data2_admin", vector{}); + } + catch (CasbinRBACException e) { + Assert::IsTrue(true); + } + Assert::IsTrue(ArrayEquals(vector{"eve"}, e->GetUsersForRole("data3_admin", vector{}))); + + e->RemoveFilteredGroupingPolicy(0, vector{"bob"}); + + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("alice", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("bob", vector{}))); + Assert::IsTrue(ArrayEquals(vector{"data3_admin"}, e->GetRolesForUser("eve", vector{}))); + Assert::IsTrue(ArrayEquals(vector{}, e->GetRolesForUser("non_exist", vector{}))); + + try { + e->GetUsersForRole("data1_admin", vector{}); + } + catch (CasbinRBACException e) { + Assert::IsTrue(true); + } + try { + e->GetUsersForRole("data2_admin", vector{}); + } + catch (CasbinRBACException e) { + Assert::IsTrue(true); + } + Assert::IsTrue(ArrayEquals(vector{"eve"}, e->GetUsersForRole("data3_admin", vector{}))); + } + }; +} \ No newline at end of file