Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / bmcweb / 274fad5ad0e7634d9ed3e174695136e674688e0c / . / redfish-core / ut / privileges_test.cpp
blob: 36e02c67f27b82cea283db83204863c84d37b352 [file] [log] [blame]
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]1#include "privileges.hpp"
2#include <fstream>
3#include <string>
4#include "nlohmann/json.hpp"
5#include "gmock/gmock.h"
6
7using namespace redfish;
8
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]9TEST(PrivilegeTest, PrivilegeConstructor) {
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]10 Privileges privileges{"Login", "ConfigureManager"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]11
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]12 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
13 ::testing::UnorderedElementsAre(
14 ::testing::Pointee(&"Login"[0]),
15 ::testing::Pointee(&"ConfigureManager"[0])));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]16}
17
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]18TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired) {
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]19 Privileges userPrivileges{"Login"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]20
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]21 OperationMap entityPrivileges{{crow::HTTPMethod::GET, {{"Login"}}}};
22
23 EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
24 entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]25}
26
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]27TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess) {
28 auto userPrivileges = Privileges{"Login"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]29 OperationMap entityPrivileges{{crow::HTTPMethod::GET, {}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]30
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]31 EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
32 entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]33}
34
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]35TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure) {
36 auto userPrivileges = Privileges{"Login"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]37 OperationMap entityPrivileges{
38 {crow::HTTPMethod::GET, {{"ConfigureManager"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]39
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]40 EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
41 entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]42}
43
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]44TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess) {
45 auto userPrivileges =
46 Privileges{"Login", "ConfigureManager", "ConfigureSelf"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]47 OperationMap entityPrivileges{
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]48 {crow::HTTPMethod::GET,
49 {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]50
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]51 EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
52 entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]53}
54
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]55TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure) {
56 auto userPrivileges = Privileges{"Login", "ConfigureManager"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]57 OperationMap entityPrivileges{
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]58 {crow::HTTPMethod::GET,
59 {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]60
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]61 EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
62 entityPrivileges, userPrivileges));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]63}
64
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]65TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess) {
66 auto userPrivileges = Privileges{"ConfigureManager"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]67 OperationMap entityPrivileges{
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]68 {crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}};
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]69
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]70 EXPECT_TRUE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
71 entityPrivileges, userPrivileges));
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]72}
73
74TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure) {
75 auto userPrivileges = Privileges{"ConfigureComponents"};
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]76 OperationMap entityPrivileges = OperationMap(
77 {{crow::HTTPMethod::GET, {{"Login"}, {"ConfigureManager"}}}});
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]78
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]79 EXPECT_FALSE(isMethodAllowedWithPrivileges(crow::HTTPMethod::GET,
80 entityPrivileges, userPrivileges));
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]81}
82
83TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty) {
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]84 Privileges privileges;
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]85
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]86 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
87 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]88
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]89 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
90 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]91}
92
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]93TEST(PrivilegeTest, GetActivePrivilegeNames) {
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]94 Privileges privileges;
95
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]96 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
97 ::testing::IsEmpty());
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]98
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]99 std::array<const char*, 5> expectedPrivileges{
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]100 "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
101 "ConfigureSelf"};
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]102
Borawski.Lukasz43a095a2018-02-19 15:39:01 +0100[diff] [blame]103 for (const auto& privilege : expectedPrivileges) {
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]104 EXPECT_TRUE(privileges.setSinglePrivilege(privilege));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]105 }
106
Ed Tanous3ebd75f2018-03-05 18:20:01 -0800[diff] [blame]107 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
108 ::testing::UnorderedElementsAre(
109 ::testing::Pointee(expectedPrivileges[0]),
110 ::testing::Pointee(expectedPrivileges[1]),
111 ::testing::Pointee(expectedPrivileges[2]),
112 ::testing::Pointee(expectedPrivileges[3]),
113 ::testing::Pointee(expectedPrivileges[4])));
Borawski.Lukaszaecb47a2018-01-25 12:14:14 +0100[diff] [blame]114}