-
Notifications
You must be signed in to change notification settings - Fork 276
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
executor fixture: query permissions common test
Signed-off-by: Mikhail Boldyrev <miboldyrev@gmail.com>
- Loading branch information
Showing
3 changed files
with
243 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
/** | ||
* Copyright Soramitsu Co., Ltd. All Rights Reserved. | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
#include "integration/executor/query_permission_test.hpp" | ||
|
||
#include "framework/common_constants.hpp" | ||
|
||
using namespace common_constants; | ||
using namespace executor_testing; | ||
|
||
using shared_model::interface::RolePermissionSet; | ||
|
||
enum class SpectatorPermissions : int { | ||
kNone = 0, | ||
kMyself, | ||
kSameDomain, | ||
kEveryone, | ||
kRoot, | ||
|
||
LAST, | ||
FIRST = kNone | ||
}; | ||
|
||
enum class Spectator : int { | ||
kMe = 1, | ||
kSameDomain, | ||
kAnotherDomain, | ||
|
||
LAST, | ||
FIRST = kMe | ||
}; | ||
|
||
template <typename T> | ||
struct EnumHasher { | ||
std::size_t operator()(T t) const { | ||
return static_cast<std::size_t>(t); | ||
} | ||
}; | ||
|
||
template <typename Key, typename Value> | ||
using EnumMap = std::unordered_map<Key, Value, EnumHasher<Key>>; | ||
|
||
static constexpr bool enoughPermissions( | ||
SpectatorPermissions spectator_permissions, Spectator spectator) { | ||
return static_cast<int>(spectator_permissions) >= static_cast<int>(spectator); | ||
} | ||
|
||
std::string makeDescription(SpectatorPermissions spectator_permissions, | ||
Spectator spectator) { | ||
static const EnumMap<SpectatorPermissions, std::string> | ||
kSpectatorPermissionNames{ | ||
{SpectatorPermissions::kNone, "NoPermissions"}, | ||
{SpectatorPermissions::kMyself, "PermissionToQueryMyself"}, | ||
{SpectatorPermissions::kSameDomain, "PermissionToQueryMyDomain"}, | ||
{SpectatorPermissions::kEveryone, "PermissionToQueryEveryone"}, | ||
{SpectatorPermissions::kRoot, "RootPermission"}}; | ||
static const EnumMap<Spectator, std::string> kSpectatorNames{ | ||
{Spectator::kMe, "Myself"}, | ||
{Spectator::kSameDomain, "AnAccountFromMyDomain"}, | ||
{Spectator::kAnotherDomain, "AnAccountFromAnotherDomain"}}; | ||
std::stringstream ss; | ||
ss << "Query" << kSpectatorNames.at(spectator) << "Having" | ||
<< kSpectatorPermissionNames.at(spectator_permissions); | ||
return ss.str(); | ||
} | ||
|
||
template <typename TEnum, typename Callable> | ||
static void iterateEnum(Callable callback) { | ||
using IterType = std::underlying_type_t<TEnum>; | ||
for (IterType it = static_cast<IterType>(TEnum::FIRST); | ||
it < static_cast<IterType>(TEnum::LAST); | ||
++it) { | ||
callback(static_cast<TEnum>(it)); | ||
} | ||
} | ||
|
||
decltype(::testing::Combine( | ||
executor_testing::getExecutorTestParams(), | ||
::testing::ValuesIn( | ||
{query_permission_test::SpecificQueryPermissionTestData{}}))) | ||
query_permission_test::getParams( | ||
RolePermissionSet permission_to_query_myself, | ||
RolePermissionSet permission_to_query_my_domain, | ||
RolePermissionSet permission_to_query_everyone) { | ||
std::vector<SpecificQueryPermissionTestData> perm_params; | ||
shared_model::interface::RolePermissionSet no_permissions; | ||
static const RolePermissionSet kRootPermission( | ||
{shared_model::interface::permissions::Role::kRoot}); | ||
const EnumMap<SpectatorPermissions, const RolePermissionSet &> | ||
spectator_permissions_map{ | ||
{SpectatorPermissions::kNone, no_permissions}, | ||
{SpectatorPermissions::kMyself, permission_to_query_myself}, | ||
{SpectatorPermissions::kSameDomain, permission_to_query_my_domain}, | ||
{SpectatorPermissions::kEveryone, permission_to_query_everyone}, | ||
{SpectatorPermissions::kRoot, kRootPermission}}; | ||
const EnumMap<Spectator, std::string> spectators_map{ | ||
{Spectator::kMe, kUserId}, | ||
{Spectator::kSameDomain, kSameDomainUserId}, | ||
{Spectator::kAnotherDomain, kAnotherDomainUserId}}; | ||
iterateEnum<SpectatorPermissions>( | ||
[&](SpectatorPermissions spectator_permissions) { | ||
iterateEnum<Spectator>([&](Spectator spectator) { | ||
perm_params.emplace_back(SpecificQueryPermissionTestData{ | ||
spectator_permissions_map.at(spectator_permissions), | ||
spectators_map.at(spectator), | ||
enoughPermissions(spectator_permissions, spectator), | ||
makeDescription(spectator_permissions, spectator)}); | ||
}); | ||
}); | ||
return ::testing::Combine(getExecutorTestParams(), | ||
::testing::ValuesIn(std::move(perm_params))); | ||
} | ||
|
||
std::string query_permission_test::paramToString( | ||
testing::TestParamInfo<std::tuple<std::shared_ptr<ExecutorTestParam>, | ||
SpecificQueryPermissionTestData>> param) { | ||
return std::get<0>(param.param)->toString() | ||
+ std::get<1>(param.param).description; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
/** | ||
* Copyright Soramitsu Co., Ltd. All Rights Reserved. | ||
* SPDX-License-Identifier: Apache-2.0 | ||
*/ | ||
|
||
#ifndef EXECUTOR_QUERY_PERMISSION_TEST_HPP | ||
#define EXECUTOR_QUERY_PERMISSION_TEST_HPP | ||
|
||
#include "framework/common_constants.hpp" | ||
#include "framework/executor_itf/executor_itf.hpp" | ||
#include "framework/result_gtest_checkers.hpp" | ||
#include "integration/executor/executor_fixture.hpp" | ||
#include "integration/executor/executor_fixture_param_provider.hpp" | ||
|
||
namespace executor_testing { | ||
namespace query_permission_test { | ||
|
||
struct SpecificQueryPermissionTestData { | ||
shared_model::interface::RolePermissionSet spectator_permissions; | ||
shared_model::interface::types::AccountIdType spectator; | ||
bool enough_permissions; | ||
std::string description; | ||
}; | ||
|
||
decltype(::testing::Combine( | ||
executor_testing::getExecutorTestParams(), | ||
::testing::ValuesIn({SpecificQueryPermissionTestData{}}))) | ||
getParams( | ||
shared_model::interface::RolePermissionSet permission_to_query_myself, | ||
shared_model::interface::RolePermissionSet | ||
permission_to_query_my_domain, | ||
shared_model::interface::RolePermissionSet | ||
permission_to_query_everyone); | ||
|
||
template <typename SpecificQueryFixture> | ||
struct QueryPermissionTest | ||
: public SpecificQueryFixture, | ||
public ::testing::WithParamInterface< | ||
std::tuple<std::shared_ptr<ExecutorTestParam>, | ||
SpecificQueryPermissionTestData>> { | ||
QueryPermissionTest() | ||
: backend_param_(std::get<0>(GetParam())), | ||
permissions_param_(std::get<1>(GetParam())) {} | ||
|
||
iroha::integration_framework::ExecutorItf &getItf() { | ||
return SpecificQueryFixture::getItf(); | ||
} | ||
|
||
/** | ||
* Prepare state of ledger: | ||
* - create accounts of target user, close and remote spectators. Close | ||
* spectator is another user from the same domain as the domain of | ||
* target user account, remote - a user from domain different to domain | ||
* of target user account. | ||
* | ||
* @param target_permissions - set of permissions for target user | ||
*/ | ||
void prepareState( | ||
shared_model::interface::RolePermissionSet target_permissions) { | ||
using namespace common_constants; | ||
using namespace framework::expected; | ||
// create target user | ||
target_permissions |= permissions_param_.spectator_permissions; | ||
assertResultValue(getItf().createUserWithPerms( | ||
kUser, kDomain, kUserKeypair.publicKey(), target_permissions)); | ||
// create spectators | ||
assertResultValue(getItf().createUserWithPerms( | ||
kAnotherUser, | ||
kDomain, | ||
kSameDomainUserKeypair.publicKey(), | ||
permissions_param_.spectator_permissions)); | ||
assertResultValue(getItf().createUserWithPerms( | ||
kAnotherUser, | ||
kSecondDomain, | ||
kAnotherDomainUserKeypair.publicKey(), | ||
permissions_param_.spectator_permissions)); | ||
} | ||
|
||
const shared_model::interface::types::AccountIdType &getSpectator() | ||
const { | ||
return permissions_param_.spectator; | ||
} | ||
|
||
/// Check a response. | ||
template <typename SpecificQueryResponse, | ||
typename SpecificQueryResponseChecker> | ||
void checkResponse(const iroha::ametsuchi::QueryExecutorResult &response, | ||
SpecificQueryResponseChecker checker) { | ||
if (permissions_param_.enough_permissions) { | ||
checkSuccessfulResult<SpecificQueryResponse>(response, checker); | ||
} else { | ||
checkQueryError<shared_model::interface::StatefulFailedErrorResponse>( | ||
response, error_codes::kNoPermissions); | ||
} | ||
} | ||
|
||
protected: | ||
virtual std::shared_ptr<ExecutorTestParam> getBackendParam() { | ||
return backend_param_; | ||
} | ||
|
||
private: | ||
const std::shared_ptr<ExecutorTestParam> &backend_param_; | ||
const SpecificQueryPermissionTestData &permissions_param_; | ||
}; | ||
|
||
std::string paramToString( | ||
testing::TestParamInfo<std::tuple<std::shared_ptr<ExecutorTestParam>, | ||
SpecificQueryPermissionTestData>> | ||
param); | ||
|
||
} // namespace query_permission_test | ||
} // namespace executor_testing | ||
|
||
#endif /* EXECUTOR_QUERY_PERMISSION_TEST_HPP */ |