1 #include "privileges.hpp" 2 3 #include <boost/beast/http/verb.hpp> 4 5 #include <array> 6 7 #include <gmock/gmock.h> // IWYU pragma: keep 8 #include <gtest/gtest.h> // IWYU pragma: keep 9 10 // IWYU pragma: no_include <gtest/gtest-message.h> 11 // IWYU pragma: no_include <gtest/gtest-test-part.h> 12 // IWYU pragma: no_include "gtest/gtest_pred_impl.h" 13 // IWYU pragma: no_include <gmock/gmock-matchers.h> 14 // IWYU pragma: no_include <gmock/gmock-more-matchers.h> 15 16 namespace redfish 17 { 18 namespace 19 { 20 21 using ::testing::IsEmpty; 22 using ::testing::UnorderedElementsAre; 23 24 TEST(PrivilegeTest, PrivilegeConstructor) 25 { 26 Privileges privileges{"Login", "ConfigureManager"}; 27 28 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE), 29 UnorderedElementsAre("Login", "ConfigureManager")); 30 } 31 32 TEST(PrivilegeTest, PrivilegeCheckForNoPrivilegesRequired) 33 { 34 Privileges userPrivileges{"Login"}; 35 36 OperationMap entityPrivileges{{boost::beast::http::verb::get, {{"Login"}}}}; 37 38 EXPECT_TRUE(isMethodAllowedWithPrivileges( 39 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 40 } 41 42 TEST(PrivilegeTest, PrivilegeCheckForSingleCaseSuccess) 43 { 44 auto userPrivileges = Privileges{"Login"}; 45 OperationMap entityPrivileges{{boost::beast::http::verb::get, {}}}; 46 47 EXPECT_TRUE(isMethodAllowedWithPrivileges( 48 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 49 } 50 51 TEST(PrivilegeTest, PrivilegeCheckForSingleCaseFailure) 52 { 53 auto userPrivileges = Privileges{"Login"}; 54 OperationMap entityPrivileges{ 55 {boost::beast::http::verb::get, {{"ConfigureManager"}}}}; 56 57 EXPECT_FALSE(isMethodAllowedWithPrivileges( 58 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 59 } 60 61 TEST(PrivilegeTest, PrivilegeCheckForANDCaseSuccess) 62 { 63 auto userPrivileges = Privileges{"Login", "ConfigureManager", 64 "ConfigureSelf"}; 65 OperationMap entityPrivileges{ 66 {boost::beast::http::verb::get, 67 {{"Login", "ConfigureManager", "ConfigureSelf"}}}}; 68 69 EXPECT_TRUE(isMethodAllowedWithPrivileges( 70 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 71 } 72 73 TEST(PrivilegeTest, PrivilegeCheckForANDCaseFailure) 74 { 75 auto userPrivileges = Privileges{"Login", "ConfigureManager"}; 76 OperationMap entityPrivileges{ 77 {boost::beast::http::verb::get, 78 {{"Login", "ConfigureManager", "ConfigureSelf"}}}}; 79 80 EXPECT_FALSE(isMethodAllowedWithPrivileges( 81 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 82 } 83 84 TEST(PrivilegeTest, PrivilegeCheckForORCaseSuccess) 85 { 86 auto userPrivileges = Privileges{"ConfigureManager"}; 87 OperationMap entityPrivileges{ 88 {boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}}; 89 90 EXPECT_TRUE(isMethodAllowedWithPrivileges( 91 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 92 } 93 94 TEST(PrivilegeTest, PrivilegeCheckForORCaseFailure) 95 { 96 auto userPrivileges = Privileges{"ConfigureComponents"}; 97 OperationMap entityPrivileges = OperationMap( 98 {{boost::beast::http::verb::get, {{"Login"}, {"ConfigureManager"}}}}); 99 100 EXPECT_FALSE(isMethodAllowedWithPrivileges( 101 boost::beast::http::verb::get, entityPrivileges, userPrivileges)); 102 } 103 104 TEST(PrivilegeTest, DefaultPrivilegeBitsetsAreEmpty) 105 { 106 Privileges privileges; 107 108 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE), 109 IsEmpty()); 110 111 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM), 112 IsEmpty()); 113 } 114 115 TEST(PrivilegeTest, GetActivePrivilegeNames) 116 { 117 Privileges privileges; 118 119 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::BASE), 120 IsEmpty()); 121 122 std::array<const char*, 5> expectedPrivileges{ 123 "Login", "ConfigureManager", "ConfigureUsers", "ConfigureComponents", 124 "ConfigureSelf"}; 125 126 for (const auto& privilege : expectedPrivileges) 127 { 128 EXPECT_TRUE(privileges.setSinglePrivilege(privilege)); 129 } 130 131 EXPECT_THAT( 132 privileges.getActivePrivilegeNames(PrivilegeType::BASE), 133 UnorderedElementsAre(expectedPrivileges[0], expectedPrivileges[1], 134 expectedPrivileges[2], expectedPrivileges[3], 135 expectedPrivileges[4])); 136 } 137 138 TEST(PrivilegeTest, PrivilegeHostConsoleConstructor) 139 { 140 Privileges privileges{"OpenBMCHostConsole"}; 141 142 EXPECT_THAT(privileges.getActivePrivilegeNames(PrivilegeType::OEM), 143 UnorderedElementsAre("OpenBMCHostConsole")); 144 } 145 146 } // namespace 147 } // namespace redfish 148