go-aah/aah#162 added reason struct for authorization failed

go-aah · May 24, 2018 · 1613d94 · 1613d94
1 parent 4c1d753
commit 1613d94
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 18 deletions.
diff --git a/authz/authorization_info.go b/authz/authorization_info.go
@@ -132,24 +132,21 @@ func (a *AuthorizationInfo) IsPermittedAllp(permissions ...*Permission) bool {
 	return true
 }
 
-// String method is stringer interface implementation.
-func (a AuthorizationInfo) String() string {
-	var str string
-	if len(a.roles) > 0 {
-		str += "Roles[" + strings.Join(a.roles, "|") + "]"
-	} else {
-		str += "Roles[]"
-	}
+// Roles method returns roles in the string format.
+func (a *AuthorizationInfo) Roles() string {
+	return strings.Join(a.roles, ", ")
+}
 
-	if len(a.permissions) > 0 {
-		var ps []string
-		for _, p := range a.permissions {
-			ps = append(ps, p.String())
-		}
-		str += " Permissions[" + strings.Join(ps, "|") + "]"
-	} else {
-		str += " Permissions[]"
+// Permissions method returns permissions in the string format.
+func (a *AuthorizationInfo) Permissions() string {
+	var ps []string
+	for _, p := range a.permissions {
+		ps = append(ps, p.String())
 	}
+	return strings.Join(ps, "|")
+}
 
-	return str
+// String method is stringer interface implementation.
+func (a AuthorizationInfo) String() string {
+	return "Roles[" + a.Roles() + "] Permissions[" + a.Permissions() + "]"
 }
diff --git a/authz/authz.go b/authz/authz.go
@@ -6,6 +6,7 @@ package authz
 
 import (
 	"errors"
+	"fmt"
 
 	"aahframework.org/config.v0"
 	"aahframework.org/security.v0/authc"
@@ -27,6 +28,18 @@ type Authorizer interface {
 	GetAuthorizationInfo(authcInfo *authc.AuthenticationInfo) *AuthorizationInfo
 }
 
+// Reason struct used to represent authorization failed details.
+type Reason struct {
+	Func     string
+	Expected string
+	Got      string
+}
+
+// String method is Stringer interface
+func (r Reason) String() string {
+	return fmt.Sprintf("reason(func=%s expected=%s got=%s)", r.Func, r.Expected, r.Got)
+}
+
 //‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾‾
 // Unexported methods
 //___________________________________

diff --git a/subject_test.go b/subject_test.go
@@ -61,7 +61,7 @@ func TestSecuritySubject(t *testing.T) {
 
 	str := sub.String()
 	assert.True(t, strings.Contains(str, "user@sample.com"))
-	assert.True(t, strings.Contains(str, "Roles[role1|role2|role3|role4]"))
+	assert.True(t, strings.Contains(str, "Roles[role1, role2, role3, role4]"))
 	assert.True(t, strings.Contains(str, "Permissions[newsletter:read,write]"))
 
 	// Session