src/kudu/sentry/sentry_authorizable_scope-test.cc - kudu - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.

 #include "kudu/sentry/sentry_authorizable_scope.h"

 #include <string>
 #include <utility>
 #include <vector>

 #include <gtest/gtest.h>

 #include "kudu/util/status.h"
 #include "kudu/util/test_macros.h"

 using std::pair;
 using std::string;
 using std::vector;

 namespace kudu {

 namespace sentry {

 TEST(SentryAuthorizableScopeTest, TestImplyScope) {
   SentryAuthorizableScope server(SentryAuthorizableScope::Scope::SERVER);
   SentryAuthorizableScope database(SentryAuthorizableScope::Scope::DATABASE);
   SentryAuthorizableScope table(SentryAuthorizableScope::Scope::TABLE);
   SentryAuthorizableScope column(SentryAuthorizableScope::Scope::COLUMN);

   vector<SentryAuthorizableScope> scopes({ column, table, database, server });
   vector<SentryAuthorizableScope> lower_scopes;
   vector<SentryAuthorizableScope> higher_scopes({ server, database, table, column });

   // A higher scope in the hierarchy can imply a lower scope in the hierarchy,
   // not vice versa.
   for (const auto& scope : scopes) {
     lower_scopes.emplace_back(scope);
     higher_scopes.pop_back();
     for (const auto &lower_scope : lower_scopes) {
       ASSERT_TRUE(scope.Implies(lower_scope));
     }
     for (const auto &higher_scope : higher_scopes) {
       ASSERT_FALSE(scope.Implies(higher_scope));
     }
   }
 }

 TEST(SentryAuthorizableScopeTest, TestFromString) {
   const vector<pair<string, SentryAuthorizableScope::Scope>> valid_scopes = {
       {"server", SentryAuthorizableScope::Scope::SERVER},
       {"database", SentryAuthorizableScope::Scope::DATABASE},
       {"table", SentryAuthorizableScope::Scope::TABLE},
       {"column", SentryAuthorizableScope::Scope::COLUMN}
   };
   SentryAuthorizableScope scope;
   for (const auto& valid_scope : valid_scopes) {
     ASSERT_OK(SentryAuthorizableScope::FromString(valid_scope.first, &scope));
     ASSERT_EQ(valid_scope.second, scope.scope());
   }

   // Unsupported scope returns invalid argument error.
   const vector<string> invalid_scopes({ "UNINITIALIZED", "tablecolumn" });
   for (const auto& invalid_scope : invalid_scopes) {
     Status s = SentryAuthorizableScope::FromString(invalid_scope, &scope);
     ASSERT_TRUE(s.IsInvalidArgument()) << s.ToString();
   }
 }

 } // namespace sentry
 } // namespace kudu
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.

	#include "kudu/sentry/sentry_authorizable_scope.h"

	#include <string>
	#include <utility>
	#include <vector>

	#include <gtest/gtest.h>

	#include "kudu/util/status.h"
	#include "kudu/util/test_macros.h"

	using std::pair;
	using std::string;
	using std::vector;

	namespace kudu {

	namespace sentry {

	TEST(SentryAuthorizableScopeTest, TestImplyScope) {
	SentryAuthorizableScope server(SentryAuthorizableScope::Scope::SERVER);
	SentryAuthorizableScope database(SentryAuthorizableScope::Scope::DATABASE);
	SentryAuthorizableScope table(SentryAuthorizableScope::Scope::TABLE);
	SentryAuthorizableScope column(SentryAuthorizableScope::Scope::COLUMN);

	vector<SentryAuthorizableScope> scopes({ column, table, database, server });
	vector<SentryAuthorizableScope> lower_scopes;
	vector<SentryAuthorizableScope> higher_scopes({ server, database, table, column });

	// A higher scope in the hierarchy can imply a lower scope in the hierarchy,
	// not vice versa.
	for (const auto& scope : scopes) {
	lower_scopes.emplace_back(scope);
	higher_scopes.pop_back();
	for (const auto &lower_scope : lower_scopes) {
	ASSERT_TRUE(scope.Implies(lower_scope));
	}
	for (const auto &higher_scope : higher_scopes) {
	ASSERT_FALSE(scope.Implies(higher_scope));
	}
	}
	}

	TEST(SentryAuthorizableScopeTest, TestFromString) {
	const vector<pair<string, SentryAuthorizableScope::Scope>> valid_scopes = {
	{"server", SentryAuthorizableScope::Scope::SERVER},
	{"database", SentryAuthorizableScope::Scope::DATABASE},
	{"table", SentryAuthorizableScope::Scope::TABLE},
	{"column", SentryAuthorizableScope::Scope::COLUMN}
	};
	SentryAuthorizableScope scope;
	for (const auto& valid_scope : valid_scopes) {
	ASSERT_OK(SentryAuthorizableScope::FromString(valid_scope.first, &scope));
	ASSERT_EQ(valid_scope.second, scope.scope());
	}

	// Unsupported scope returns invalid argument error.
	const vector<string> invalid_scopes({ "UNINITIALIZED", "tablecolumn" });
	for (const auto& invalid_scope : invalid_scopes) {
	Status s = SentryAuthorizableScope::FromString(invalid_scope, &scope);
	ASSERT_TRUE(s.IsInvalidArgument()) << s.ToString();
	}
	}

	} // namespace sentry
	} // namespace kudu