Example #1
0
func (ss *ServerSuite) SetUpTest(c *C) {
	s := server.NewAuthServer(mem.NewStore())
	s.Schemes.Register(&MockScheme{})
	s.HandleFunc("/whoami", func(w http.ResponseWriter, r *http.Request) {
		user, err := s.Authenticate(r)
		if err == ErrUnauthorized {
			http.Error(w, err.Error(), http.StatusUnauthorized)
			return
		} else if err != nil {
			http.Error(w, "Server error", http.StatusInternalServerError)
			return
		}
		fmt.Fprintf(w, "%s", user.String())
	})
	ss.Server = httptest.NewServer(s)
}
func ExampleAccess(t *testing.T) {
	// Let's set up an RBAC store. We'll use the in-memory store
	// for this example. You should use something more permanent like the Mongo store.
	store := mem.NewStore()
	// Admin lets us grant and revoke roles
	admin := rbac.NewAdmin(store, MessageBoardRoles)
	// Anonymous scheme users can lurk and that's all
	admin.Grant(User{Identity: Identity{"anon", "*"}}, LurkerRole, MessageBoardResource)
	// Verified Gooble users can post
	admin.Grant(User{Identity: Identity{"gooble", "*"}}, PosterRole, MessageBoardResource)

	// A wild anon appears
	anon := User{Identity: Identity{"anon", "10.55.61.128"}}

	// Connect to the message board service as this user
	// In a web application, you'll likely derive the user from http.Request, using
	// OAuth, OpenID, cookies, etc.
	mb := &mbConn{&rbac.Access{store, MessageBoardRoles}, anon}

	// Print the first page of the message board. The MessageBoard will check
	// Access.Can(user, ListPerm, MessageBoardResource).
	content, err := mb.Lurk(0)
	if err != nil {
		panic(err)
	}
	fmt.Println(content)

	// A tame authenticated user appears. Reattach as tame user now.
	// In real life, this would likely be in a distinct http.Handler with its own session.
	tame := User{Identity: Identity{"gooble", "YourRealName"}}
	mb = &mbConn{&rbac.Access{store, MessageBoardRoles}, tame}

	// Post a message.
	_, err = mb.Post("check 'em")
	if err != nil {
		panic(err)
	}
}
Example #3
0
func (s *AffinitySuite) SetUpTest(c *C) {
	s.StoreSuite = testing.NewStoreSuite(mem.NewStore())
	s.StoreSuite.SetUp(c)
	s.RbacSuite = testing.NewRbacSuite(mem.NewStore())
	s.RbacSuite.SetUp(c)
}