Index: milo/appengine/common/acl_test.go |
diff --git a/milo/appengine/common/acl_test.go b/milo/appengine/common/acl_test.go |
deleted file mode 100644 |
index e7168c7293f53b0c7bf98583dfe92dbe5a548ad6..0000000000000000000000000000000000000000 |
--- a/milo/appengine/common/acl_test.go |
+++ /dev/null |
@@ -1,100 +0,0 @@ |
-// Copyright 2016 The LUCI Authors. All rights reserved. |
-// Use of this source code is governed under the Apache License, Version 2.0 |
-// that can be found in the LICENSE file. |
- |
-package common |
- |
-import ( |
- "testing" |
- |
- "github.com/luci/gae/impl/memory" |
- memcfg "github.com/luci/luci-go/common/config/impl/memory" |
- "github.com/luci/luci-go/common/logging/gologger" |
- "github.com/luci/luci-go/luci_config/server/cfgclient/backend/testconfig" |
- "github.com/luci/luci-go/server/auth" |
- "github.com/luci/luci-go/server/auth/authtest" |
- "github.com/luci/luci-go/server/auth/identity" |
- "golang.org/x/net/context" |
- |
- . "github.com/smartystreets/goconvey/convey" |
-) |
- |
-func TestACL(t *testing.T) { |
- t.Parallel() |
- |
- Convey("Test Environment", t, func() { |
- c := memory.UseWithAppID(context.Background(), "dev~luci-milo") |
- c = gologger.StdConfig.Use(c) |
- |
- Convey("Set up projects", func() { |
- c = testconfig.WithCommonClient(c, memcfg.New(aclConfgs)) |
- err := UpdateProjectConfigs(c) |
- So(err, ShouldBeNil) |
- |
- Convey("Anon wants to...", func() { |
- c = auth.WithState(c, &authtest.FakeState{ |
- Identity: identity.AnonymousIdentity, |
- IdentityGroups: []string{"all"}, |
- }) |
- Convey("Read public project", func() { |
- ok, err := IsAllowed(c, "opensource") |
- So(ok, ShouldEqual, true) |
- So(err, ShouldBeNil) |
- }) |
- Convey("Read private project", func() { |
- ok, err := IsAllowed(c, "secret") |
- So(ok, ShouldEqual, false) |
- So(err, ShouldBeNil) |
- }) |
- |
- }) |
- Convey("alicebob@google.com wants to...", func() { |
- c = auth.WithState(c, &authtest.FakeState{ |
- Identity: "user:alicebob@google.com", |
- IdentityGroups: []string{"googlers", "all"}, |
- }) |
- Convey("Read private project", func() { |
- ok, err := IsAllowed(c, "secret") |
- So(ok, ShouldEqual, true) |
- So(err, ShouldBeNil) |
- }) |
- }) |
- |
- Convey("eve@notgoogle.com wants to...", func() { |
- c = auth.WithState(c, &authtest.FakeState{ |
- Identity: "user:eve@notgoogle.com", |
- IdentityGroups: []string{"all"}, |
- }) |
- Convey("Read public project", func() { |
- ok, err := IsAllowed(c, "opensource") |
- So(ok, ShouldEqual, true) |
- So(err, ShouldBeNil) |
- }) |
- Convey("Read private project", func() { |
- ok, err := IsAllowed(c, "secret") |
- So(ok, ShouldEqual, false) |
- So(err, ShouldBeNil) |
- }) |
- }) |
- }) |
- }) |
-} |
- |
-var secretProjectCfg = ` |
-name: "secret" |
-access: "group:googlers" |
-` |
- |
-var publicProjectCfg = ` |
-name: "opensource" |
-access: "group:all" |
-` |
- |
-var aclConfgs = map[string]memcfg.ConfigSet{ |
- "projects/secret": { |
- "project.cfg": secretProjectCfg, |
- }, |
- "projects/opensource": { |
- "project.cfg": publicProjectCfg, |
- }, |
-} |