Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / cbbfa9672aed51df7bd2f2d7e08e9f0eb0fdb7ec / . / redfish-core / ut / privileges_test.cpp
blob: 36e02c67f27b82cea283db83204863c84d37b352 [file] [log] [blame]
#include "privileges.hpp"
#include <fstream>
#include <string>
#include "nlohmann/json.hpp"
#include "gmock/gmock.h"
using namespace redfish;
TEST(PrivilegeTest, PrivilegeConstructor) {
Privileges privileges{"Login", "ConfigureManager"};
EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
::testing::UnorderedElementsAre(
::testing::Pointee(&"Login"[0]),
::testing::Pointee(&"ConfigureManager"[0])));
}
TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired) {
Privileges userPrivileges{"Login"};
OperationMap entityPrivileges{{crow::HTTPMethod::GET, {{"Login"}}}};
EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess) {
auto userPrivileges = Privileges{"Login"};
OperationMap entityPrivileges{{crow::HTTPMethod::GET, {}}};
EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure) {
auto userPrivileges = Privileges{"Login"};
OperationMap entityPrivileges{
{crow::HTTPMethod::GET, {{"ConfigureManager"}}}};
EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess) {
auto userPrivileges =
Privileges{"Login", "ConfigureManager", "ConfigureSelf"};
OperationMap entityPrivileges{
{crow::HTTPMethod::GET,
{{"Login", "ConfigureManager", "ConfigureSelf"}}}};
EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure) {
auto userPrivileges = Privileges{"Login", "ConfigureManager"};
OperationMap entityPrivileges{
{crow::HTTPMethod::GET,
{{"Login", "ConfigureManager", "ConfigureSelf"}}}};
EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess) {
auto userPrivileges = Privileges{"ConfigureManager"};
OperationMap entityPrivileges{
{crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}};
EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure) {
auto userPrivileges = Privileges{"ConfigureComponents"};
OperationMap entityPrivileges = OperationMap(
{{crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}});
EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
entityPrivileges, userPrivileges));
}
TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty) {
Privileges privileges;
EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
::testing::IsEmpty());
EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
::testing::IsEmpty());
}
TEST(PrivilegeTest, GetActivePrivilegeNames) {
Privileges privileges;
EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
::testing::IsEmpty());
std::array<const char*, 5> expectedPrivileges{
"Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
"ConfigureSelf"};
for (const auto& privilege : expectedPrivileges) {
EXPECT_TRUE(privileges.setSinglePrivilege(privilege));
}
EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
::testing::UnorderedElementsAre(
::testing::Pointee(expectedPrivileges[0]),
::testing::Pointee(expectedPrivileges[1]),
::testing::Pointee(expectedPrivileges[2]),
::testing::Pointee(expectedPrivileges[3]),
::testing::Pointee(expectedPrivileges[4])));
}