range_perm_cache_test.go 3.0 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
  1. // Copyright 2016 The etcd Authors
  2. //
  3. // Licensed under the Apache License, Version 2.0 (the "License");
  4. // you may not use this file except in compliance with the License.
  5. // You may obtain a copy of the License at
  6. //
  7. // http://www.apache.org/licenses/LICENSE-2.0
  8. //
  9. // Unless required by applicable law or agreed to in writing, software
  10. // distributed under the License is distributed on an "AS IS" BASIS,
  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. // See the License for the specific language governing permissions and
  13. // limitations under the License.
  14. package auth
  15. import (
  16. "testing"
  17. "go.etcd.io/etcd/auth/authpb"
  18. "go.etcd.io/etcd/pkg/adt"
  19. "go.uber.org/zap"
  20. )
  21. func TestRangePermission(t *testing.T) {
  22. tests := []struct {
  23. perms []adt.Interval
  24. begin []byte
  25. end []byte
  26. want bool
  27. }{
  28. {
  29. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("c")), adt.NewBytesAffineInterval([]byte("x"), []byte("z"))},
  30. []byte("a"), []byte("z"),
  31. false,
  32. },
  33. {
  34. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("f")), adt.NewBytesAffineInterval([]byte("c"), []byte("d")), adt.NewBytesAffineInterval([]byte("f"), []byte("z"))},
  35. []byte("a"), []byte("z"),
  36. true,
  37. },
  38. {
  39. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("d")), adt.NewBytesAffineInterval([]byte("a"), []byte("b")), adt.NewBytesAffineInterval([]byte("c"), []byte("f"))},
  40. []byte("a"), []byte("f"),
  41. true,
  42. },
  43. }
  44. for i, tt := range tests {
  45. readPerms := adt.NewIntervalTree()
  46. for _, p := range tt.perms {
  47. readPerms.Insert(p, struct{}{})
  48. }
  49. result := checkKeyInterval(zap.NewExample(), &unifiedRangePermissions{readPerms: readPerms}, tt.begin, tt.end, authpb.READ)
  50. if result != tt.want {
  51. t.Errorf("#%d: result=%t, want=%t", i, result, tt.want)
  52. }
  53. }
  54. }
  55. func TestKeyPermission(t *testing.T) {
  56. tests := []struct {
  57. perms []adt.Interval
  58. key []byte
  59. want bool
  60. }{
  61. {
  62. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("c")), adt.NewBytesAffineInterval([]byte("x"), []byte("z"))},
  63. []byte("f"),
  64. false,
  65. },
  66. {
  67. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("f")), adt.NewBytesAffineInterval([]byte("c"), []byte("d")), adt.NewBytesAffineInterval([]byte("f"), []byte("z"))},
  68. []byte("b"),
  69. true,
  70. },
  71. {
  72. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("d")), adt.NewBytesAffineInterval([]byte("a"), []byte("b")), adt.NewBytesAffineInterval([]byte("c"), []byte("f"))},
  73. []byte("d"),
  74. true,
  75. },
  76. {
  77. []adt.Interval{adt.NewBytesAffineInterval([]byte("a"), []byte("d")), adt.NewBytesAffineInterval([]byte("a"), []byte("b")), adt.NewBytesAffineInterval([]byte("c"), []byte("f"))},
  78. []byte("f"),
  79. false,
  80. },
  81. }
  82. for i, tt := range tests {
  83. readPerms := adt.NewIntervalTree()
  84. for _, p := range tt.perms {
  85. readPerms.Insert(p, struct{}{})
  86. }
  87. result := checkKeyPoint(zap.NewExample(), &unifiedRangePermissions{readPerms: readPerms}, tt.key, authpb.READ)
  88. if result != tt.want {
  89. t.Errorf("#%d: result=%t, want=%t", i, result, tt.want)
  90. }
  91. }
  92. }