fysmtkhc
/
grafana-jool
forked from grafana.jool/grafana-jool
0
1
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
1 Tag
74 MiB
 
 
 
 
 
 
Tree: 559e74f3e5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '559e74f3e5'
${ noResults }
grafana-jool/pkg/services/accesscontrol/resourcepermissions/service_test.go

155 lines
4.1 KiB
Raw Blame History

package resourcepermissions
import (
"context"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/grafana/grafana/pkg/api/routing"
"github.com/grafana/grafana/pkg/models"
"github.com/grafana/grafana/pkg/services/accesscontrol"
"github.com/grafana/grafana/pkg/services/accesscontrol/database"
accesscontrolmock "github.com/grafana/grafana/pkg/services/accesscontrol/mock"
"github.com/grafana/grafana/pkg/services/sqlstore"
)
type setUserPermissionTest struct {
desc string
callHook bool
}
func TestService_SetUserPermission(t *testing.T) {
tests := []setUserPermissionTest{
{
desc: "should call hook when updating user permissions",
callHook: true,
},
{
desc: "should not call hook when updating user permissions",
callHook: false,
},
}
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, sql := setupTestEnvironment(t, []*accesscontrol.Permission{}, Options{
Resource: "dashboards",
Assignments: Assignments{Users: true},
PermissionsToActions: nil,
})
// seed user
user, err := sql.CreateUser(context.Background(), models.CreateUserCommand{Login: "test", OrgId: 1})
require.NoError(t, err)
var hookCalled bool
if tt.callHook {
service.options.OnSetUser = func(ctx context.Context, orgID, userID int64, resourceID, permission string) error {
hookCalled = true
return nil
}
}
_, err = service.SetUserPermission(context.Background(), user.OrgId, user.Id, "1", []string{})
require.NoError(t, err)
assert.Equal(t, tt.callHook, hookCalled)
})
}
}
type setTeamPermissionTest struct {
desc string
callHook bool
}
func TestService_SetTeamPermission(t *testing.T) {
tests := []setTeamPermissionTest{
{
desc: "should call hook when updating user permissions",
callHook: true,
},
{
desc: "should not call hook when updating user permissions",
callHook: false,
},
}
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, sql := setupTestEnvironment(t, []*accesscontrol.Permission{}, Options{
Resource: "dashboards",
Assignments: Assignments{Teams: true},
PermissionsToActions: nil,
})
// seed team
team, err := sql.CreateTeam("test", "test@test.com", 1)
require.NoError(t, err)
var hookCalled bool
if tt.callHook {
service.options.OnSetTeam = func(ctx context.Context, orgID, teamID int64, resourceID, permission string) error {
hookCalled = true
return nil
}
}
_, err = service.SetTeamPermission(context.Background(), team.OrgId, team.Id, "1", []string{})
require.NoError(t, err)
assert.Equal(t, tt.callHook, hookCalled)
})
}
}
type setBuiltInRolePermissionTest struct {
desc string
callHook bool
}
func TestService_SetBuiltInRolePermission(t *testing.T) {
tests := []setBuiltInRolePermissionTest{
{
desc: "should call hook when updating user permissions",
callHook: true,
},
{
desc: "should not call hook when updating user permissions",
callHook: false,
},
}
for _, tt := range tests {
t.Run(tt.desc, func(t *testing.T) {
service, _ := setupTestEnvironment(t, []*accesscontrol.Permission{}, Options{
Resource: "dashboards",
Assignments: Assignments{BuiltInRoles: true},
PermissionsToActions: nil,
})
var hookCalled bool
if tt.callHook {
service.options.OnSetBuiltInRole = func(ctx context.Context, orgID int64, builtInRole, resourceID, permission string) error {
hookCalled = true
return nil
}
}
_, err := service.SetBuiltInRolePermission(context.Background(), 1, "Viewer", "1", []string{})
require.NoError(t, err)
assert.Equal(t, tt.callHook, hookCalled)
})
}
}
func setupTestEnvironment(t *testing.T, permissions []*accesscontrol.Permission, ops Options) (*Service, *sqlstore.SQLStore) {
t.Helper()
sql := sqlstore.InitTestDB(t)
store := database.ProvideService(sql)
service, err := New(ops, routing.NewRouteRegister(), accesscontrolmock.New().WithPermissions(permissions), store)
require.NoError(t, err)
return service, sql
}