Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 23a21a1cbed23ace4174664950e595df961e9e69 / . / redfish-core / ut / privileges_test.cpp
blob: 1613fbb8cfdd99257383d4c41bd5fc0ab6d73a8c [file] [log] [blame]
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]1#include "nlohmann/json.hpp"
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]2#include "privileges.hpp"
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]3
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]4#include <fstream>
5#include <string>
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]6
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]7#include "gmock/gmock.h"
8
9using namespace redfish;
10
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]11TEST(PrivilegeTest, PrivilegeConstructor)
12{
13 Privileges privileges{"Login", "ConfigureManager"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]14
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]15 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
Ed Tanous23a21a12020-07-25 04:45:05 +0000[diff] [blame^]16 ::testing::UnorderedElementsAre("Login", "ConfigureManager"));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]17}
18
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]19TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired)
20{
21 Privileges userPrivileges{"Login"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]22
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]23 OperationMap entityPrivileges{{boost::beast::http::verb::get, {{"Login"}}}};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]24
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]25 EXPECT_TRUE(isMethodAllowedWithPrivileges(
26 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]27}
28
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]29TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess)
30{
31 auto userPrivileges = Privileges{"Login"};
32 OperationMap entityPrivileges{{boost::beast::http::verb::get, {}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]33
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]34 EXPECT_TRUE(isMethodAllowedWithPrivileges(
35 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]36}
37
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]38TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure)
39{
40 auto userPrivileges = Privileges{"Login"};
41 OperationMap entityPrivileges{
42 {boost::beast::http::verb::get, {{"ConfigureManager"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]43
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]44 EXPECT_FALSE(isMethodAllowedWithPrivileges(
45 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]46}
47
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]48TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess)
49{
50 auto userPrivileges =
51 Privileges{"Login", "ConfigureManager", "ConfigureSelf"};
52 OperationMap entityPrivileges{
53 {boost::beast::http::verb::get,
54 {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]55
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]56 EXPECT_TRUE(isMethodAllowedWithPrivileges(
57 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]58}
59
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]60TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure)
61{
62 auto userPrivileges = Privileges{"Login", "ConfigureManager"};
63 OperationMap entityPrivileges{
64 {boost::beast::http::verb::get,
65 {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]66
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]67 EXPECT_FALSE(isMethodAllowedWithPrivileges(
68 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]69}
70
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]71TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess)
72{
73 auto userPrivileges = Privileges{"ConfigureManager"};
74 OperationMap entityPrivileges{
75 {boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}};
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]76
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]77 EXPECT_TRUE(isMethodAllowedWithPrivileges(
78 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]79}
80
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]81TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure)
82{
83 auto userPrivileges = Privileges{"ConfigureComponents"};
84 OperationMap entityPrivileges = OperationMap(
85 {{boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}});
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]86
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]87 EXPECT_FALSE(isMethodAllowedWithPrivileges(
88 boost::beast::http::verb::get, entityPrivileges, userPrivileges));
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]89}
90
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]91TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty)
92{
93 Privileges privileges;
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]94
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]95 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
96 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]97
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]98 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
99 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]100}
101
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]102TEST(PrivilegeTest, GetActivePrivilegeNames)
103{
104 Privileges privileges;
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]105
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]106 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
107 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]108
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]109 std::array<const char*, 5> expectedPrivileges{
110 "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
111 "ConfigureSelf"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]112
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]113 for (const auto& privilege : expectedPrivileges)
114 {
115 EXPECT_TRUE(privileges.setSinglePrivilege(privilege));
116 }
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]117
Ed Tanous1abe55e2018-09-05 08:30:59 -0700[diff] [blame]118 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
119 ::testing::UnorderedElementsAre(
Ed Tanous23a21a12020-07-25 04:45:05 +0000[diff] [blame^]120 expectedPrivileges[0], expectedPrivileges[1],
121 expectedPrivileges[2], expectedPrivileges[3],
122 expectedPrivileges[4]));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]123}