1c33a039bSNan Zhou #include "privileges.hpp"
2c33a039bSNan Zhou 
3c33a039bSNan Zhou #include <boost/beast/http/verb.hpp>
4c33a039bSNan Zhou 
5c33a039bSNan Zhou #include <array>
6c33a039bSNan Zhou 
7*478b7adfSEd Tanous #include <gmock/gmock.h>
8*478b7adfSEd Tanous #include <gtest/gtest.h>
9c33a039bSNan Zhou 
10c33a039bSNan Zhou namespace redfish
11c33a039bSNan Zhou {
12c33a039bSNan Zhou namespace
13c33a039bSNan Zhou {
14c33a039bSNan Zhou 
15c33a039bSNan Zhou using ::testing::IsEmpty;
16c33a039bSNan Zhou using ::testing::UnorderedElementsAre;
17c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeConstructor)18c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeConstructor)
19c33a039bSNan Zhou {
20c33a039bSNan Zhou     Privileges privileges{"Login", "ConfigureManager"};
21c33a039bSNan Zhou 
22c33a039bSNan Zhou     EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
23c33a039bSNan Zhou                 UnorderedElementsAre("Login", "ConfigureManager"));
24c33a039bSNan Zhou }
25c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForNoPrivilegesRequired)26c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired)
27c33a039bSNan Zhou {
28c33a039bSNan Zhou     Privileges userPrivileges{"Login"};
29c33a039bSNan Zhou 
30c33a039bSNan Zhou     OperationMap entityPrivileges{{boost::beast::http::verb::get, {{"Login"}}}};
31c33a039bSNan Zhou 
32c33a039bSNan Zhou     EXPECT_TRUE(isMethodAllowedWithPrivileges(
33c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
34c33a039bSNan Zhou }
35c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForSingleCaseSuccess)36c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess)
37c33a039bSNan Zhou {
38c33a039bSNan Zhou     auto userPrivileges = Privileges{"Login"};
39c33a039bSNan Zhou     OperationMap entityPrivileges{{boost::beast::http::verb::get, {}}};
40c33a039bSNan Zhou 
41c33a039bSNan Zhou     EXPECT_TRUE(isMethodAllowedWithPrivileges(
42c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
43c33a039bSNan Zhou }
44c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForSingleCaseFailure)45c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure)
46c33a039bSNan Zhou {
47c33a039bSNan Zhou     auto userPrivileges = Privileges{"Login"};
48c33a039bSNan Zhou     OperationMap entityPrivileges{
49c33a039bSNan Zhou         {boost::beast::http::verb::get, {{"ConfigureManager"}}}};
50c33a039bSNan Zhou 
51c33a039bSNan Zhou     EXPECT_FALSE(isMethodAllowedWithPrivileges(
52c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
53c33a039bSNan Zhou }
54c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForANDCaseSuccess)55c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess)
56c33a039bSNan Zhou {
57bd79bce8SPatrick Williams     auto userPrivileges =
58bd79bce8SPatrick Williams         Privileges{"Login", "ConfigureManager", "ConfigureSelf"};
59c33a039bSNan Zhou     OperationMap entityPrivileges{
60c33a039bSNan Zhou         {boost::beast::http::verb::get,
61c33a039bSNan Zhou          {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
62c33a039bSNan Zhou 
63c33a039bSNan Zhou     EXPECT_TRUE(isMethodAllowedWithPrivileges(
64c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
65c33a039bSNan Zhou }
66c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForANDCaseFailure)67c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure)
68c33a039bSNan Zhou {
69c33a039bSNan Zhou     auto userPrivileges = Privileges{"Login", "ConfigureManager"};
70c33a039bSNan Zhou     OperationMap entityPrivileges{
71c33a039bSNan Zhou         {boost::beast::http::verb::get,
72c33a039bSNan Zhou          {{"Login", "ConfigureManager", "ConfigureSelf"}}}};
73c33a039bSNan Zhou 
74c33a039bSNan Zhou     EXPECT_FALSE(isMethodAllowedWithPrivileges(
75c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
76c33a039bSNan Zhou }
77c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForORCaseSuccess)78c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess)
79c33a039bSNan Zhou {
80c33a039bSNan Zhou     auto userPrivileges = Privileges{"ConfigureManager"};
81c33a039bSNan Zhou     OperationMap entityPrivileges{
82c33a039bSNan Zhou         {boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}};
83c33a039bSNan Zhou 
84c33a039bSNan Zhou     EXPECT_TRUE(isMethodAllowedWithPrivileges(
85c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
86c33a039bSNan Zhou }
87c33a039bSNan Zhou 
TEST(PrivilegeTest,PrivilegeCheckForORCaseFailure)88c33a039bSNan Zhou TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure)
89c33a039bSNan Zhou {
90c33a039bSNan Zhou     auto userPrivileges = Privileges{"ConfigureComponents"};
91c33a039bSNan Zhou     OperationMap entityPrivileges = OperationMap(
92c33a039bSNan Zhou         {{boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}});
93c33a039bSNan Zhou 
94c33a039bSNan Zhou     EXPECT_FALSE(isMethodAllowedWithPrivileges(
95c33a039bSNan Zhou         boost::beast::http::verb::get, entityPrivileges, userPrivileges));
96c33a039bSNan Zhou }
97c33a039bSNan Zhou 
TEST(PrivilegeTest,DefaultPrivilegeBitsetsAreEmpty)98c33a039bSNan Zhou TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty)
99c33a039bSNan Zhou {
100c33a039bSNan Zhou     Privileges privileges;
101c33a039bSNan Zhou 
102c33a039bSNan Zhou     EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
103c33a039bSNan Zhou                 IsEmpty());
104c33a039bSNan Zhou 
105c33a039bSNan Zhou     EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
106c33a039bSNan Zhou                 IsEmpty());
107c33a039bSNan Zhou }
108c33a039bSNan Zhou 
TEST(PrivilegeTest,GetActivePrivilegeNames)109c33a039bSNan Zhou TEST(PrivilegeTest, GetActivePrivilegeNames)
110c33a039bSNan Zhou {
111c33a039bSNan Zhou     Privileges privileges;
112c33a039bSNan Zhou 
113c33a039bSNan Zhou     EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE),
114c33a039bSNan Zhou                 IsEmpty());
115c33a039bSNan Zhou 
116c33a039bSNan Zhou     std::array<const char*, 5> expectedPrivileges{
117c33a039bSNan Zhou         "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents",
118c33a039bSNan Zhou         "ConfigureSelf"};
119c33a039bSNan Zhou 
120c33a039bSNan Zhou     for (const auto& privilege : expectedPrivileges)
121c33a039bSNan Zhou     {
122c33a039bSNan Zhou         EXPECT_TRUE(privileges.setSinglePrivilege(privilege));
123c33a039bSNan Zhou     }
124c33a039bSNan Zhou 
125c33a039bSNan Zhou     EXPECT_THAT(
126c33a039bSNan Zhou         privileges.getActivePrivilegeNames(PrivilegeType::BASE),
127c33a039bSNan Zhou         UnorderedElementsAre(expectedPrivileges[0], expectedPrivileges[1],
128c33a039bSNan Zhou                              expectedPrivileges[2], expectedPrivileges[3],
129c33a039bSNan Zhou                              expectedPrivileges[4]));
130c33a039bSNan Zhou }
1313e72c202SNinad Palsule 
TEST(PrivilegeTest,PrivilegeHostConsoleConstructor)1323e72c202SNinad Palsule TEST(PrivilegeTest, PrivilegeHostConsoleConstructor)
1333e72c202SNinad Palsule {
1343e72c202SNinad Palsule     Privileges privileges{"OpenBMCHostConsole"};
1353e72c202SNinad Palsule 
1363e72c202SNinad Palsule     EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM),
1373e72c202SNinad Palsule                 UnorderedElementsAre("OpenBMCHostConsole"));
1383e72c202SNinad Palsule }
1393e72c202SNinad Palsule 
140c33a039bSNan Zhou } // namespace
141c33a039bSNan Zhou } // namespace redfish
142