func (ss *ServerSuite) SetUpTest(c *C) { s := server.NewAuthServer(mem.NewStore()) s.Schemes.Register(&MockScheme{}) s.HandleFunc("/whoami", func(w http.ResponseWriter, r *http.Request) { user, err := s.Authenticate(r) if err == ErrUnauthorized { http.Error(w, err.Error(), http.StatusUnauthorized) return } else if err != nil { http.Error(w, "Server error", http.StatusInternalServerError) return } fmt.Fprintf(w, "%s", user.String()) }) ss.Server = httptest.NewServer(s) }
func ExampleAccess(t *testing.T) { // Let's set up an RBAC store. We'll use the in-memory store // for this example. You should use something more permanent like the Mongo store. store := mem.NewStore() // Admin lets us grant and revoke roles admin := rbac.NewAdmin(store, MessageBoardRoles) // Anonymous scheme users can lurk and that's all admin.Grant(User{Identity: Identity{"anon", "*"}}, LurkerRole, MessageBoardResource) // Verified Gooble users can post admin.Grant(User{Identity: Identity{"gooble", "*"}}, PosterRole, MessageBoardResource) // A wild anon appears anon := User{Identity: Identity{"anon", "10.55.61.128"}} // Connect to the message board service as this user // In a web application, you'll likely derive the user from http.Request, using // OAuth, OpenID, cookies, etc. mb := &mbConn{&rbac.Access{store, MessageBoardRoles}, anon} // Print the first page of the message board. The MessageBoard will check // Access.Can(user, ListPerm, MessageBoardResource). content, err := mb.Lurk(0) if err != nil { panic(err) } fmt.Println(content) // A tame authenticated user appears. Reattach as tame user now. // In real life, this would likely be in a distinct http.Handler with its own session. tame := User{Identity: Identity{"gooble", "YourRealName"}} mb = &mbConn{&rbac.Access{store, MessageBoardRoles}, tame} // Post a message. _, err = mb.Post("check 'em") if err != nil { panic(err) } }
func (s *AffinitySuite) SetUpTest(c *C) { s.StoreSuite = testing.NewStoreSuite(mem.NewStore()) s.StoreSuite.SetUp(c) s.RbacSuite = testing.NewRbacSuite(mem.NewStore()) s.RbacSuite.SetUp(c) }