99 lines
2.4 KiB
Go
99 lines
2.4 KiB
Go
package rbac
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"tss-rocks-be/ent/enttest"
|
|
"tss-rocks-be/ent/role"
|
|
|
|
_ "github.com/mattn/go-sqlite3"
|
|
)
|
|
|
|
func TestInitializeRBAC(t *testing.T) {
|
|
// Create an in-memory SQLite client for testing
|
|
client := enttest.Open(t, "sqlite3", "file:ent?mode=memory&cache=shared&_fk=1")
|
|
defer client.Close()
|
|
|
|
ctx := context.Background()
|
|
|
|
// Test initialization
|
|
err := InitializeRBAC(ctx, client)
|
|
if err != nil {
|
|
t.Fatalf("Failed to initialize RBAC: %v", err)
|
|
}
|
|
|
|
// Verify roles were created
|
|
for roleName := range DefaultRoles {
|
|
r, err := client.Role.Query().Where(role.Name(roleName)).Only(ctx)
|
|
if err != nil {
|
|
t.Errorf("Role %s was not created: %v", roleName, err)
|
|
}
|
|
|
|
// Verify permissions for each role
|
|
perms, err := r.QueryPermissions().All(ctx)
|
|
if err != nil {
|
|
t.Errorf("Failed to query permissions for role %s: %v", roleName, err)
|
|
}
|
|
|
|
expectedPerms := DefaultRoles[roleName]
|
|
permCount := 0
|
|
for _, actions := range expectedPerms {
|
|
permCount += len(actions)
|
|
}
|
|
|
|
if len(perms) != permCount {
|
|
t.Errorf("Role %s has %d permissions, expected %d", roleName, len(perms), permCount)
|
|
}
|
|
}
|
|
}
|
|
|
|
func TestAssignRoleToUser(t *testing.T) {
|
|
// Create an in-memory SQLite client for testing
|
|
client := enttest.Open(t, "sqlite3", "file:ent?mode=memory&cache=shared&_fk=1")
|
|
defer client.Close()
|
|
|
|
ctx := context.Background()
|
|
|
|
// Initialize RBAC
|
|
err := InitializeRBAC(ctx, client)
|
|
if err != nil {
|
|
t.Fatalf("Failed to initialize RBAC: %v", err)
|
|
}
|
|
|
|
// Create a test user
|
|
user, err := client.User.Create().
|
|
SetEmail("test@example.com").
|
|
SetUsername("testuser").
|
|
SetPasswordHash("$2a$10$hzLdXMZEIzgr8eGXL0YoCOIIrQhqEj6N.S3.wY1Jx5.4vWm1ZyHyy").
|
|
Save(ctx)
|
|
if err != nil {
|
|
t.Fatalf("Failed to create test user: %v", err)
|
|
}
|
|
|
|
// Test assigning role to user
|
|
err = AssignRoleToUser(ctx, client, user.ID, "editor")
|
|
if err != nil {
|
|
t.Fatalf("Failed to assign role to user: %v", err)
|
|
}
|
|
|
|
// Verify role assignment
|
|
assignedRoles, err := user.QueryRoles().All(ctx)
|
|
if err != nil {
|
|
t.Fatalf("Failed to query user roles: %v", err)
|
|
}
|
|
|
|
if len(assignedRoles) != 1 {
|
|
t.Errorf("Expected 1 role, got %d", len(assignedRoles))
|
|
}
|
|
|
|
if assignedRoles[0].Name != "editor" {
|
|
t.Errorf("Expected role name 'editor', got '%s'", assignedRoles[0].Name)
|
|
}
|
|
|
|
// Test assigning non-existent role
|
|
err = AssignRoleToUser(ctx, client, user.ID, "nonexistent")
|
|
if err == nil {
|
|
t.Error("Expected error when assigning non-existent role, got nil")
|
|
}
|
|
}
|