Add tests for both rbac and basic model

Sefriol · Oct 29, 2019 · b81c054 · b81c054
1 parent 314987b
commit b81c054
Show file tree

Hide file tree

Showing 6 changed files with 91 additions and 18 deletions.
diff --git a/test/fixtures/basic_model.conf b/test/fixtures/basic_model.conf
@@ -4,9 +4,6 @@ r = sub, obj, act
 [policy_definition]
 p = sub, obj, act
 
-[role_definition]
-g = _, _
-
 [policy_effect]
 e = some(where (p.eft == allow))
 

diff --git a/test/fixtures/basic_policy.csv b/test/fixtures/basic_policy.csv
@@ -0,0 +1,2 @@
+p, alice, data1, read
+p, bob, data2, write
diff --git a/test/fixtures/rbac_model.conf b/test/fixtures/rbac_model.conf
@@ -0,0 +1,14 @@
+[request_definition]
+r = sub, obj, act
+
+[policy_definition]
+p = sub, obj, act
+
+[role_definition]
+g = _, _
+
+[policy_effect]
+e = some(where (p.eft == allow))
+
+[matchers]
+m = r.sub == p.sub && r.obj == p.obj && r.act == p.act
diff --git a/test/fixtures/policy.csv → test/fixtures/rbac_policy.csv b/test/fixtures/policy.csv → test/fixtures/rbac_policy.csv
diff --git a/test/helpers/helpers.js b/test/helpers/helpers.js
@@ -15,15 +15,17 @@
 const path = require('path');
 const { newEnforcer } = require('casbin');
 const MongooseAdapter = require('../../src/adapter');
-const model = path.resolve(__dirname, '../fixtures/basic_model.conf');
-const policy = path.resolve(__dirname, '../fixtures/policy.csv');
+const basicModel = path.resolve(__dirname, '../fixtures/basic_model.conf');
+const basicPolicy = path.resolve(__dirname, '../fixtures/basic_policy.csv');
+const rbacModel = path.resolve(__dirname, '../fixtures/rbac_model.conf');
+const rbacPolicy = path.resolve(__dirname, '../fixtures/rbac_policy.csv');
 
 const MONGOOSE_OPTIONS = { useNewUrlParser: true, useCreateIndex: true, useUnifiedTopology: true };
 
 async function createEnforcer () {
   const adapter = await MongooseAdapter.newAdapter('mongodb://localhost:27017/casbin', MONGOOSE_OPTIONS);
 
-  return newEnforcer(model, adapter);
+  return newEnforcer(basicModel, adapter);
 };
 
 async function createAdapter (useTransaction = false) {
@@ -34,4 +36,4 @@ async function createDisconnectedAdapter () {
   return new MongooseAdapter('mongodb://localhost:27017/casbin', MONGOOSE_OPTIONS);
 };
 
-module.exports = { createEnforcer, createAdapter, createDisconnectedAdapter, model, policy };
+module.exports = { createEnforcer, createAdapter, createDisconnectedAdapter, basicModel, basicPolicy, rbacModel, rbacPolicy };
diff --git a/test/integration/adapter.test.js b/test/integration/adapter.test.js
@@ -13,7 +13,7 @@
 // limitations under the License.
 
 const { assert } = require('chai');
-const { createEnforcer, createAdapter, createDisconnectedAdapter, model, policy } = require('../helpers/helpers');
+const { createEnforcer, createAdapter, createDisconnectedAdapter, basicModel, basicPolicy, rbacModel, rbacPolicy } = require('../helpers/helpers');
 const { newEnforcer } = require('casbin');
 const CasbinRule = require('../../src/model');
 
@@ -49,7 +49,7 @@ describe('MongooseAdapter', () => {
     const a = await createAdapter();
     // Because the DB is empty at first,
     // so we need to load the policy from the file adapter (.CSV) first.
-    let e = await newEnforcer(model, policy);
+    let e = await newEnforcer(rbacModel, rbacPolicy);
 
     const rulesBefore = await CasbinRule.find({});
     assert.equal(rulesBefore.length, 0);
@@ -84,7 +84,7 @@ describe('MongooseAdapter', () => {
     // Now the DB has policy, so we can provide a normal use case.
     // Create an adapter and an enforcer.
     // newEnforcer() will load the policy automatically.
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), [
       ['alice', 'data1', 'read'],
       ['bob', 'data2', 'write'],
@@ -93,7 +93,7 @@ describe('MongooseAdapter', () => {
 
     // Add policy to DB
     await a.addPolicy('', 'p', ['role', 'res', 'action']);
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), [
       ['alice', 'data1', 'read'],
       ['bob', 'data2', 'write'],
@@ -102,19 +102,77 @@ describe('MongooseAdapter', () => {
       ['role', 'res', 'action']]);
     // Remove policy from DB
     await a.removePolicy('', 'p', ['role', 'res', 'action']);
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), [
       ['alice', 'data1', 'read'],
       ['bob', 'data2', 'write'],
       ['data2_admin', 'data2', 'read'],
       ['data2_admin', 'data2', 'write']]);
   });
 
+  it('Empty Role Definition should not raise an error', async () => {
+    const a = await createAdapter();
+    // Because the DB is empty at first,
+    // so we need to load the policy from the file adapter (.CSV) first.
+    let e = await newEnforcer(basicModel, basicPolicy);
+
+    const rulesBefore = await CasbinRule.find({});
+    assert.equal(rulesBefore.length, 0);
+
+    // This is a trick to save the current policy to the DB.
+    // We can't call e.savePolicy() because the adapter in the enforcer is still the file adapter.
+    // The current policy means the policy in the Node-Casbin enforcer (aka in memory).
+    await a.savePolicy(e.getModel());
+    const rulesAfter = await CasbinRule.find({});
+    assert.deepEqual(rulesAfter.map(rule => [rule.p_type, rule.v0, rule.v1, rule.v2]), [
+      ['p', 'alice', 'data1', 'read'],
+      ['p', 'bob', 'data2', 'write']
+    ]);
+
+    // Clear the current policy.
+    e.clearPolicy();
+    assert.deepEqual(e.getPolicy(), []);
+
+    // Load the policy from DB.
+    await a.loadPolicy(e.getModel());
+    assert.deepEqual(e.getPolicy(), [
+      ['alice', 'data1', 'read'],
+      ['bob', 'data2', 'write']
+    ]);
+
+    // Note: you don't need to look at the above code
+    // if you already have a working DB with policy inside.
+
+    // Now the DB has policy, so we can provide a normal use case.
+    // Create an adapter and an enforcer.
+    // newEnforcer() will load the policy automatically.
+    e = await newEnforcer(basicModel, a);
+    assert.deepEqual(e.getPolicy(), [
+      ['alice', 'data1', 'read'],
+      ['bob', 'data2', 'write']
+    ]);
+
+    // Add policy to DB
+    await a.addPolicy('', 'p', ['role', 'res', 'action']);
+    e = await newEnforcer(basicModel, a);
+    assert.deepEqual(e.getPolicy(), [
+      ['alice', 'data1', 'read'],
+      ['bob', 'data2', 'write'],
+      ['role', 'res', 'action']]);
+    // Remove policy from DB
+    await a.removePolicy('', 'p', ['role', 'res', 'action']);
+    e = await newEnforcer(basicModel, a);
+    assert.deepEqual(e.getPolicy(), [
+      ['alice', 'data1', 'read'],
+      ['bob', 'data2', 'write']
+    ]);
+  });
+
   it('Should not store new policy rules if one of them fails', async () => {
     const a = await createAdapter();
     // Because the DB is empty at first,
     // so we need to load the policy from the file adapter (.CSV) first.
-    const e = await newEnforcer(model, policy);
+    const e = await newEnforcer(rbacModel, rbacPolicy);
     const rulesBefore = await CasbinRule.find({});
     assert.equal(rulesBefore.length, 0);
 
@@ -139,7 +197,7 @@ describe('MongooseAdapter', () => {
     const a = await createAdapter(true);
     // Because the DB is empty at first,
     // so we need to load the policy from the file adapter (.CSV) first.
-    const e = await newEnforcer(model, policy);
+    const e = await newEnforcer(rbacModel, rbacPolicy);
 
     const rulesBefore = await CasbinRule.find({});
     assert.equal(rulesBefore.length, 0);
@@ -171,7 +229,7 @@ describe('MongooseAdapter', () => {
     const a = await createAdapter();
     // Because the DB is empty at first,
     // so we need to load the policy from the file adapter (.CSV) first.
-    let e = await newEnforcer(model, policy);
+    let e = await newEnforcer(rbacModel, rbacPolicy);
 
     const rulesBefore = await CasbinRule.find({});
     assert.equal(rulesBefore.length, 0);
@@ -196,7 +254,7 @@ describe('MongooseAdapter', () => {
       ['p', 'alice', 'data1', 'read'],
       ['p', 'bob', 'data2', 'write'],
       ['g', 'alice', 'data2_admin', undefined]]);
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), [['alice', 'data1', 'read'], ['bob', 'data2', 'write']]);
 
     // Remove 'data1' related policy rules via a filter.
@@ -206,7 +264,7 @@ describe('MongooseAdapter', () => {
     assert.deepEqual(rulesAfter.map(rule => [rule.p_type, rule.v0, rule.v1, rule.v2]), [
       ['p', 'bob', 'data2', 'write'],
       ['g', 'alice', 'data2_admin', undefined]]);
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), [['bob', 'data2', 'write']]);
 
     // Remove 'write' related policy rules via a filter.
@@ -215,7 +273,7 @@ describe('MongooseAdapter', () => {
     rulesAfter = await CasbinRule.find({});
     assert.deepEqual(rulesAfter.map(rule => [rule.p_type, rule.v0, rule.v1, rule.v2]), [
       ['g', 'alice', 'data2_admin', undefined]]);
-    e = await newEnforcer(model, a);
+    e = await newEnforcer(rbacModel, a);
     assert.deepEqual(e.getPolicy(), []);
   });