1package acl 2 3import ( 4 "testing" 5) 6 7func TestStaticAuthorizer(t *testing.T) { 8 t.Run("AllowAll", func(t *testing.T) { 9 authz := AllowAll() 10 checkDenyACLRead(t, authz, "foo", nil) 11 checkDenyACLWrite(t, authz, "foo", nil) 12 checkAllowAgentRead(t, authz, "foo", nil) 13 checkAllowAgentWrite(t, authz, "foo", nil) 14 checkAllowEventRead(t, authz, "foo", nil) 15 checkAllowEventWrite(t, authz, "foo", nil) 16 checkAllowIntentionDefaultAllow(t, authz, "foo", nil) 17 checkAllowIntentionRead(t, authz, "foo", nil) 18 checkAllowIntentionWrite(t, authz, "foo", nil) 19 checkAllowKeyRead(t, authz, "foo", nil) 20 checkAllowKeyList(t, authz, "foo", nil) 21 checkAllowKeyringRead(t, authz, "foo", nil) 22 checkAllowKeyringWrite(t, authz, "foo", nil) 23 checkAllowKeyWrite(t, authz, "foo", nil) 24 checkAllowKeyWritePrefix(t, authz, "foo", nil) 25 checkAllowNodeRead(t, authz, "foo", nil) 26 checkAllowNodeWrite(t, authz, "foo", nil) 27 checkAllowOperatorRead(t, authz, "foo", nil) 28 checkAllowOperatorWrite(t, authz, "foo", nil) 29 checkAllowPreparedQueryRead(t, authz, "foo", nil) 30 checkAllowPreparedQueryWrite(t, authz, "foo", nil) 31 checkAllowServiceRead(t, authz, "foo", nil) 32 checkAllowServiceWrite(t, authz, "foo", nil) 33 checkAllowSessionRead(t, authz, "foo", nil) 34 checkAllowSessionWrite(t, authz, "foo", nil) 35 checkDenySnapshot(t, authz, "foo", nil) 36 }) 37 38 t.Run("DenyAll", func(t *testing.T) { 39 authz := DenyAll() 40 checkDenyACLRead(t, authz, "foo", nil) 41 checkDenyACLWrite(t, authz, "foo", nil) 42 checkDenyAgentRead(t, authz, "foo", nil) 43 checkDenyAgentWrite(t, authz, "foo", nil) 44 checkDenyEventRead(t, authz, "foo", nil) 45 checkDenyEventWrite(t, authz, "foo", nil) 46 checkDenyIntentionDefaultAllow(t, authz, "foo", nil) 47 checkDenyIntentionRead(t, authz, "foo", nil) 48 checkDenyIntentionWrite(t, authz, "foo", nil) 49 checkDenyKeyRead(t, authz, "foo", nil) 50 checkDenyKeyList(t, authz, "foo", nil) 51 checkDenyKeyringRead(t, authz, "foo", nil) 52 checkDenyKeyringWrite(t, authz, "foo", nil) 53 checkDenyKeyWrite(t, authz, "foo", nil) 54 checkDenyKeyWritePrefix(t, authz, "foo", nil) 55 checkDenyNodeRead(t, authz, "foo", nil) 56 checkDenyNodeWrite(t, authz, "foo", nil) 57 checkDenyOperatorRead(t, authz, "foo", nil) 58 checkDenyOperatorWrite(t, authz, "foo", nil) 59 checkDenyPreparedQueryRead(t, authz, "foo", nil) 60 checkDenyPreparedQueryWrite(t, authz, "foo", nil) 61 checkDenyServiceRead(t, authz, "foo", nil) 62 checkDenyServiceWrite(t, authz, "foo", nil) 63 checkDenySessionRead(t, authz, "foo", nil) 64 checkDenySessionWrite(t, authz, "foo", nil) 65 checkDenySnapshot(t, authz, "foo", nil) 66 }) 67 68 t.Run("ManageAll", func(t *testing.T) { 69 authz := ManageAll() 70 checkAllowACLRead(t, authz, "foo", nil) 71 checkAllowACLWrite(t, authz, "foo", nil) 72 checkAllowAgentRead(t, authz, "foo", nil) 73 checkAllowAgentWrite(t, authz, "foo", nil) 74 checkAllowEventRead(t, authz, "foo", nil) 75 checkAllowEventWrite(t, authz, "foo", nil) 76 checkAllowIntentionDefaultAllow(t, authz, "foo", nil) 77 checkAllowIntentionRead(t, authz, "foo", nil) 78 checkAllowIntentionWrite(t, authz, "foo", nil) 79 checkAllowKeyRead(t, authz, "foo", nil) 80 checkAllowKeyList(t, authz, "foo", nil) 81 checkAllowKeyringRead(t, authz, "foo", nil) 82 checkAllowKeyringWrite(t, authz, "foo", nil) 83 checkAllowKeyWrite(t, authz, "foo", nil) 84 checkAllowKeyWritePrefix(t, authz, "foo", nil) 85 checkAllowNodeRead(t, authz, "foo", nil) 86 checkAllowNodeWrite(t, authz, "foo", nil) 87 checkAllowOperatorRead(t, authz, "foo", nil) 88 checkAllowOperatorWrite(t, authz, "foo", nil) 89 checkAllowPreparedQueryRead(t, authz, "foo", nil) 90 checkAllowPreparedQueryWrite(t, authz, "foo", nil) 91 checkAllowServiceRead(t, authz, "foo", nil) 92 checkAllowServiceWrite(t, authz, "foo", nil) 93 checkAllowSessionRead(t, authz, "foo", nil) 94 checkAllowSessionWrite(t, authz, "foo", nil) 95 checkAllowSnapshot(t, authz, "foo", nil) 96 }) 97} 98