Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/server/mapping_test.go

392 lines
9.7 KiB
Go
Raw Blame History

package server_test
import (
"testing"
"github.com/google/go-cmp/cmp"
"github.com/influxdata/chronograf"
"github.com/influxdata/chronograf/oauth2"
"github.com/influxdata/chronograf/roles"
"github.com/influxdata/chronograf/server"
)
func TestMappedRole(t *testing.T) {
type args struct {
org chronograf.Organization
principal oauth2.Principal
}
type wants struct {
role *chronograf.Role
}
tests := []struct {
name string
args args
wants wants
}{
{
name: "single mapping all wildcards",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.ViewerRoleName,
Organization: "cool",
},
},
},
{
name: "two mapping all wildcards",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.EditorRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.EditorRoleName,
Organization: "cool",
},
},
},
{
name: "two mapping all wildcards, different order",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.EditorRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.EditorRoleName,
Organization: "cool",
},
},
},
{
name: "two mappings with explicit principal",
args: args{
principal: oauth2.Principal{
Subject: "billieta@influxdata.com",
Issuer: "google",
Group: "influxdata.com",
},
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: "oauth2",
Group: chronograf.MappingWildcard,
GrantedRole: roles.MemberRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.MemberRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.MemberRoleName,
Organization: "cool",
},
},
},
{
name: "different two mapping all wildcards",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.MemberRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.ViewerRoleName,
Organization: "cool",
},
},
},
{
name: "different two mapping all wildcards, different ordering",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.MemberRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.ViewerRoleName,
Organization: "cool",
},
},
},
{
name: "three mapping all wildcards",
args: args{
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.EditorRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.ViewerRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.AdminRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.AdminRoleName,
Organization: "cool",
},
},
},
{
name: "three mapping only one match",
args: args{
principal: oauth2.Principal{
Subject: "billieta@influxdata.com",
Issuer: "google",
Group: "influxdata.com",
},
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: "google",
Scheme: chronograf.MappingWildcard,
Group: "influxdata.com",
GrantedRole: roles.EditorRoleName,
},
chronograf.Mapping{
Provider: "google",
Scheme: chronograf.MappingWildcard,
Group: "not_influxdata",
GrantedRole: roles.AdminRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: "ldap",
Group: chronograf.MappingWildcard,
GrantedRole: roles.AdminRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.EditorRoleName,
Organization: "cool",
},
},
},
{
name: "three mapping only two matches",
args: args{
principal: oauth2.Principal{
Subject: "billieta@influxdata.com",
Issuer: "google",
Group: "influxdata.com",
},
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: "google",
Scheme: chronograf.MappingWildcard,
Group: "influxdata.com",
GrantedRole: roles.AdminRoleName,
},
chronograf.Mapping{
Provider: "google",
Scheme: chronograf.MappingWildcard,
Group: chronograf.MappingWildcard,
GrantedRole: roles.EditorRoleName,
},
chronograf.Mapping{
Provider: chronograf.MappingWildcard,
Scheme: "ldap",
Group: chronograf.MappingWildcard,
GrantedRole: roles.AdminRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.AdminRoleName,
Organization: "cool",
},
},
},
{
name: "missing provider",
args: args{
principal: oauth2.Principal{
Subject: "billieta@influxdata.com",
Issuer: "google",
Group: "influxdata.com",
},
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: "",
Scheme: "ldap",
Group: chronograf.MappingWildcard,
GrantedRole: roles.AdminRoleName,
},
},
},
},
wants: wants{
role: nil,
},
},
{
name: "user is in multiple github groups",
args: args{
principal: oauth2.Principal{
Subject: "billieta@influxdata.com",
Issuer: "github",
Group: "influxdata,another,mimi",
},
org: chronograf.Organization{
ID: "cool",
Name: "Cool Org",
Mappings: []chronograf.Mapping{
chronograf.Mapping{
Provider: "github",
Scheme: chronograf.MappingWildcard,
Group: "influxdata",
GrantedRole: roles.MemberRoleName,
},
chronograf.Mapping{
Provider: "github",
Scheme: chronograf.MappingWildcard,
Group: "mimi",
GrantedRole: roles.EditorRoleName,
},
chronograf.Mapping{
Provider: "github",
Scheme: chronograf.MappingWildcard,
Group: "another",
GrantedRole: roles.AdminRoleName,
},
},
},
},
wants: wants{
role: &chronograf.Role{
Name: roles.AdminRoleName,
Organization: "cool",
},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
role := server.MappedRole(tt.args.org, tt.args.principal)
if diff := cmp.Diff(role, tt.wants.role); diff != "" {
t.Errorf("%q. MappedRole():\n-got/+want\ndiff %s", tt.name, diff)
}
})
}
}
Reference in New Issue View Git Blame Copy Permalink