-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathsubject_test.go
77 lines (63 loc) · 2.24 KB
/
subject_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
// Copyright (c) Jeevanandam M. (https://github.com/jeevatkm)
// go-aah/security source code and usage is governed by a MIT style
// license that can be found in the LICENSE file.
package security
import (
"strings"
"testing"
"aahframework.org/config.v0"
"aahframework.org/security.v0/authc"
"aahframework.org/security.v0/authz"
"aahframework.org/security.v0/session"
"aahframework.org/test.v0/assert"
)
func TestSecuritySubject(t *testing.T) {
authcInfo := authc.NewAuthenticationInfo()
authcInfo.Principals = append(authcInfo.Principals, &authc.Principal{Value: "user@sample.com", IsPrimary: true})
authzInfo := authz.NewAuthorizationInfo().
AddRole("role1", "role2", "role3", "role4").
AddPermissionString("newsletter:read,write")
cfg, _ := config.ParseString(`
security {
session {
}
}
`)
sessionManager, err := session.NewManager(cfg)
assert.FailNowOnError(t, err, "unexpected")
sub := AcquireSubject()
sub.AuthenticationInfo = authcInfo
sub.AuthorizationInfo = authzInfo
sub.Session = sessionManager.NewSession()
sub.Session.IsAuthenticated = true
// AuthenticationInfo
p := sub.PrimaryPrincipal()
assert.NotNil(t, p)
assert.Equal(t, "user@sample.com", p.Value)
assert.True(t, p.IsPrimary)
assert.Equal(t, "principal(realm: isprimary:true claim: value:user@sample.com)", p.String())
all := sub.AllPrincipals()
assert.NotNil(t, all)
assert.True(t, len(all) == 1)
//AuthorizationInfo
assert.True(t, sub.IsPermitted("newsletter:read"))
assert.True(t, sub.IsPermittedAll("newsletter:read", "newsletter:write"))
assert.True(t, sub.HasRole("role3"))
assert.True(t, sub.HasAnyRole("one", "two", "role2"))
assert.True(t, sub.HasAllRoles("role1", "role3", "role4"))
assert.False(t, sub.HasRole("one"))
assert.False(t, sub.HasAnyRole("one", "two", "three"))
assert.False(t, sub.HasAllRoles("one", "two", "three"))
str := sub.String()
assert.True(t, strings.Contains(str, "user@sample.com"))
assert.True(t, strings.Contains(str, "role1, role2, role3, role4"))
assert.True(t, strings.Contains(str, "newsletter:read,write"))
// Session
assert.True(t, sub.IsAuthenticated())
sub.Logout()
sub.Reset()
assert.False(t, sub.IsAuthenticated())
str = sub.String()
assert.Equal(t, "<nil>, <nil>, <nil>", str)
ReleaseSubject(sub)
}