Exemplo n.º 1
0
func (s *S) TestRemoveRole(c *check.C) {
	s.conn.Roles().DropCollection()
	_, err := permission.NewRole("test", "app")
	c.Assert(err, check.IsNil)
	req, err := http.NewRequest("DELETE", "/roles/test", nil)
	c.Assert(err, check.IsNil)
	token := userWithPermission(c, permission.Permission{
		Scheme:  permission.PermRoleDelete,
		Context: permission.Context(permission.CtxGlobal, ""),
	})
	user, err := token.User()
	c.Assert(err, check.IsNil)
	err = user.AddRole("test", "app")
	c.Assert(err, check.IsNil)
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "bearer "+token.GetValue())
	recorder := httptest.NewRecorder()
	server := RunServer(true)
	server.ServeHTTP(recorder, req)
	c.Assert(recorder.Code, check.Equals, http.StatusOK)
	roles, err := permission.ListRoles()
	c.Assert(err, check.IsNil)
	c.Assert(roles, check.HasLen, 1)
	user, err = token.User()
	c.Assert(err, check.IsNil)
	c.Assert(user.Roles, check.HasLen, 1)
}
Exemplo n.º 2
0
func (s *S) TestAddRole(c *check.C) {
	s.conn.Roles().DropCollection()
	role := bytes.NewBufferString("name=test&context=global")
	req, err := http.NewRequest("POST", "/roles", role)
	c.Assert(err, check.IsNil)
	token := userWithPermission(c, permission.Permission{
		Scheme:  permission.PermRoleCreate,
		Context: permission.Context(permission.CtxGlobal, ""),
	})
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "bearer "+token.GetValue())
	recorder := httptest.NewRecorder()
	server := RunServer(true)
	server.ServeHTTP(recorder, req)
	c.Assert(err, check.IsNil)
	c.Assert(recorder.Code, check.Equals, http.StatusCreated)
	roles, err := permission.ListRoles()
	c.Assert(err, check.IsNil)
	c.Assert(roles, check.HasLen, 2)
	c.Assert(eventtest.EventDesc{
		Target: event.Target{Type: event.TargetTypeRole, Value: "test"},
		Owner:  token.GetUserName(),
		Kind:   "role.create",
		StartCustomData: []map[string]interface{}{
			{"name": "name", "value": "test"},
			{"name": "context", "value": "global"},
		},
	}, eventtest.HasEvent)
}
Exemplo n.º 3
0
func (s *S) TestRemoveRole(c *check.C) {
	s.conn.Roles().DropCollection()
	_, err := permission.NewRole("test", "app", "")
	c.Assert(err, check.IsNil)
	req, err := http.NewRequest("DELETE", "/roles/test", nil)
	c.Assert(err, check.IsNil)
	token := userWithPermission(c, permission.Permission{
		Scheme:  permission.PermRoleDelete,
		Context: permission.Context(permission.CtxGlobal, ""),
	})
	user, err := token.User()
	c.Assert(err, check.IsNil)
	err = user.AddRole("test", "app")
	c.Assert(err, check.IsNil)
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "bearer "+token.GetValue())
	recorder := httptest.NewRecorder()
	server := RunServer(true)
	server.ServeHTTP(recorder, req)
	c.Assert(recorder.Code, check.Equals, http.StatusOK)
	roles, err := permission.ListRoles()
	c.Assert(err, check.IsNil)
	c.Assert(roles, check.HasLen, 1)
	user, err = token.User()
	c.Assert(err, check.IsNil)
	c.Assert(user.Roles, check.HasLen, 1)
	c.Assert(eventtest.EventDesc{
		Target: event.Target{Type: event.TargetTypeRole, Value: "test"},
		Owner:  token.GetUserName(),
		Kind:   "role.delete",
		StartCustomData: []map[string]interface{}{
			{"name": ":name", "value": "test"},
		},
	}, eventtest.HasEvent)
}
Exemplo n.º 4
0
func listRoles(w http.ResponseWriter, r *http.Request, t auth.Token) error {
	roles, err := permission.ListRoles()
	if err != nil {
		return err
	}
	b, err := json.Marshal(roles)
	if err != nil {
		return err
	}
	_, err = w.Write(b)
	return err
}
Exemplo n.º 5
0
func (s *S) TestAddRole(c *check.C) {
	s.conn.Roles().DropCollection()
	role := bytes.NewBufferString("name=test&context=global")
	req, err := http.NewRequest("POST", "/roles", role)
	c.Assert(err, check.IsNil)
	token := userWithPermission(c, permission.Permission{
		Scheme:  permission.PermRoleCreate,
		Context: permission.Context(permission.CtxGlobal, ""),
	})
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Authorization", "bearer "+token.GetValue())
	recorder := httptest.NewRecorder()
	server := RunServer(true)
	server.ServeHTTP(recorder, req)
	c.Assert(err, check.IsNil)
	c.Assert(recorder.Code, check.Equals, http.StatusCreated)
	roles, err := permission.ListRoles()
	c.Assert(err, check.IsNil)
	c.Assert(roles, check.HasLen, 2)
}
Exemplo n.º 6
0
// title: role list
// path: /roles
// method: GET
// produce: application/json
// responses:
//   200: OK
//   401: Unauthorized
func listRoles(w http.ResponseWriter, r *http.Request, t auth.Token) error {
	if !(permission.Check(t, permission.PermRoleUpdate) ||
		permission.Check(t, permission.PermRoleUpdateAssign) ||
		permission.Check(t, permission.PermRoleUpdateDissociate) ||
		permission.Check(t, permission.PermRoleCreate) ||
		permission.Check(t, permission.PermRoleDelete)) {
		return permission.ErrUnauthorized
	}
	roles, err := permission.ListRoles()
	if err != nil {
		return err
	}
	b, err := json.Marshal(roles)
	if err != nil {
		return err
	}
	w.Header().Set("Content-Type", "application/json")
	_, err = w.Write(b)
	return err
}