mirror of https://github.com/milvus-io/milvus.git
61 lines
2.7 KiB
Go
61 lines
2.7 KiB
Go
// Licensed to the LF AI & Data foundation under one
|
|
// or more contributor license agreements. See the NOTICE file
|
|
// distributed with this work for additional information
|
|
// regarding copyright ownership. The ASF licenses this file
|
|
// to you under the Apache License, Version 2.0 (the
|
|
// "License"); you may not use this file except in compliance
|
|
// with the License. You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package paramtable
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestRbacConfig_Init(t *testing.T) {
|
|
params := ComponentParam{}
|
|
params.Init(NewBaseTable(SkipRemote(true)))
|
|
cfg := ¶ms.RbacConfig
|
|
assert.Equal(t, len(cfg.GetDefaultPrivilegeGroupNames()), 9)
|
|
assert.True(t, cfg.IsCollectionPrivilegeGroup("CollectionReadOnly"))
|
|
assert.False(t, cfg.IsCollectionPrivilegeGroup("DatabaseReadOnly"))
|
|
assert.Equal(t, cfg.Enabled.GetAsBool(), false)
|
|
assert.Equal(t, cfg.ClusterReadOnlyPrivileges.GetAsStrings(), builtinPrivilegeGroups["ClusterReadOnly"])
|
|
assert.Equal(t, cfg.ClusterReadWritePrivileges.GetAsStrings(), builtinPrivilegeGroups["ClusterReadWrite"])
|
|
assert.Equal(t, cfg.ClusterAdminPrivileges.GetAsStrings(), builtinPrivilegeGroups["ClusterAdmin"])
|
|
assert.Equal(t, cfg.DBReadOnlyPrivileges.GetAsStrings(), builtinPrivilegeGroups["DatabaseReadOnly"])
|
|
assert.Equal(t, cfg.DBReadWritePrivileges.GetAsStrings(), builtinPrivilegeGroups["DatabaseReadWrite"])
|
|
assert.Equal(t, cfg.DBAdminPrivileges.GetAsStrings(), builtinPrivilegeGroups["DatabaseAdmin"])
|
|
assert.Equal(t, cfg.CollectionReadOnlyPrivileges.GetAsStrings(), builtinPrivilegeGroups["CollectionReadOnly"])
|
|
assert.Equal(t, cfg.CollectionReadWritePrivileges.GetAsStrings(), builtinPrivilegeGroups["CollectionReadWrite"])
|
|
assert.Equal(t, cfg.CollectionAdminPrivileges.GetAsStrings(), builtinPrivilegeGroups["CollectionAdmin"])
|
|
}
|
|
|
|
func TestRbacConfig_Override(t *testing.T) {
|
|
params := ComponentParam{}
|
|
params.Init(NewBaseTable(SkipRemote(true)))
|
|
|
|
clusterReadWrite := `SelectOwnership,SelectUser,DescribeResourceGroup`
|
|
|
|
params.Save(params.RbacConfig.Enabled.Key, "true")
|
|
params.Save(params.RbacConfig.ClusterReadWritePrivileges.Key, clusterReadWrite)
|
|
|
|
defer func() {
|
|
params.Reset(params.RbacConfig.Enabled.Key)
|
|
params.Reset(params.RbacConfig.ClusterReadWritePrivileges.Key)
|
|
}()
|
|
|
|
group := params.RbacConfig.GetDefaultPrivilegeGroup("ClusterReadWrite")
|
|
assert.Equal(t, len(group.Privileges), 3)
|
|
}
|