1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21#include "qemu/osdep.h"
22
23#include "authz/list.h"
24
25static void test_authz_default_deny(void)
26{
27 QAuthZList *auth = qauthz_list_new("auth0",
28 QAUTHZ_LIST_POLICY_DENY,
29 &error_abort);
30
31 g_assert(!qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
32
33 object_unparent(OBJECT(auth));
34}
35
36static void test_authz_default_allow(void)
37{
38 QAuthZList *auth = qauthz_list_new("auth0",
39 QAUTHZ_LIST_POLICY_ALLOW,
40 &error_abort);
41
42 g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
43
44 object_unparent(OBJECT(auth));
45}
46
47static void test_authz_explicit_deny(void)
48{
49 QAuthZList *auth = qauthz_list_new("auth0",
50 QAUTHZ_LIST_POLICY_ALLOW,
51 &error_abort);
52
53 qauthz_list_append_rule(auth, "fred", QAUTHZ_LIST_POLICY_DENY,
54 QAUTHZ_LIST_FORMAT_EXACT, &error_abort);
55
56 g_assert(!qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
57
58 object_unparent(OBJECT(auth));
59}
60
61static void test_authz_explicit_allow(void)
62{
63 QAuthZList *auth = qauthz_list_new("auth0",
64 QAUTHZ_LIST_POLICY_DENY,
65 &error_abort);
66
67 qauthz_list_append_rule(auth, "fred", QAUTHZ_LIST_POLICY_ALLOW,
68 QAUTHZ_LIST_FORMAT_EXACT, &error_abort);
69
70 g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
71
72 object_unparent(OBJECT(auth));
73}
74
75
76static void test_authz_complex(void)
77{
78 QAuthZList *auth = qauthz_list_new("auth0",
79 QAUTHZ_LIST_POLICY_DENY,
80 &error_abort);
81
82 qauthz_list_append_rule(auth, "fred", QAUTHZ_LIST_POLICY_ALLOW,
83 QAUTHZ_LIST_FORMAT_EXACT, &error_abort);
84 qauthz_list_append_rule(auth, "bob", QAUTHZ_LIST_POLICY_ALLOW,
85 QAUTHZ_LIST_FORMAT_EXACT, &error_abort);
86 qauthz_list_append_rule(auth, "dan", QAUTHZ_LIST_POLICY_DENY,
87 QAUTHZ_LIST_FORMAT_EXACT, &error_abort);
88 qauthz_list_append_rule(auth, "dan*", QAUTHZ_LIST_POLICY_ALLOW,
89 QAUTHZ_LIST_FORMAT_GLOB, &error_abort);
90
91 g_assert(qauthz_is_allowed(QAUTHZ(auth), "fred", &error_abort));
92 g_assert(qauthz_is_allowed(QAUTHZ(auth), "bob", &error_abort));
93 g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
94 g_assert(qauthz_is_allowed(QAUTHZ(auth), "danb", &error_abort));
95
96 object_unparent(OBJECT(auth));
97}
98
99static void test_authz_add_remove(void)
100{
101 QAuthZList *auth = qauthz_list_new("auth0",
102 QAUTHZ_LIST_POLICY_ALLOW,
103 &error_abort);
104
105 g_assert_cmpint(qauthz_list_append_rule(auth, "fred",
106 QAUTHZ_LIST_POLICY_ALLOW,
107 QAUTHZ_LIST_FORMAT_EXACT,
108 &error_abort),
109 ==, 0);
110 g_assert_cmpint(qauthz_list_append_rule(auth, "bob",
111 QAUTHZ_LIST_POLICY_ALLOW,
112 QAUTHZ_LIST_FORMAT_EXACT,
113 &error_abort),
114 ==, 1);
115 g_assert_cmpint(qauthz_list_append_rule(auth, "dan",
116 QAUTHZ_LIST_POLICY_DENY,
117 QAUTHZ_LIST_FORMAT_EXACT,
118 &error_abort),
119 ==, 2);
120 g_assert_cmpint(qauthz_list_append_rule(auth, "frank",
121 QAUTHZ_LIST_POLICY_DENY,
122 QAUTHZ_LIST_FORMAT_EXACT,
123 &error_abort),
124 ==, 3);
125
126 g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
127
128 g_assert_cmpint(qauthz_list_delete_rule(auth, "dan"),
129 ==, 2);
130
131 g_assert(qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
132
133 g_assert_cmpint(qauthz_list_insert_rule(auth, "dan",
134 QAUTHZ_LIST_POLICY_DENY,
135 QAUTHZ_LIST_FORMAT_EXACT,
136 2,
137 &error_abort),
138 ==, 2);
139
140 g_assert(!qauthz_is_allowed(QAUTHZ(auth), "dan", &error_abort));
141
142 object_unparent(OBJECT(auth));
143}
144
145int main(int argc, char **argv)
146{
147 g_test_init(&argc, &argv, NULL);
148
149 module_call_init(MODULE_INIT_QOM);
150
151 g_test_add_func("/auth/list/default/deny", test_authz_default_deny);
152 g_test_add_func("/auth/list/default/allow", test_authz_default_allow);
153 g_test_add_func("/auth/list/explicit/deny", test_authz_explicit_deny);
154 g_test_add_func("/auth/list/explicit/allow", test_authz_explicit_allow);
155 g_test_add_func("/auth/list/complex", test_authz_complex);
156 g_test_add_func("/auth/list/add-remove", test_authz_add_remove);
157
158 return g_test_run();
159}
160