tokenserver/appengine/impl/serviceaccounts/config_test.go - Issue 2997433002: tokenserver: Validate and parse service_accounts.cfg rules.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: tokenserver/appengine/impl/serviceaccounts/config_test.go

Issue 2997433002: tokenserver: Validate and parse service_accounts.cfg rules. (Closed)

Patch Set: set order Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « tokenserver/appengine/impl/serviceaccounts/config.go ('k') | tokenserver/appengine/impl/serviceaccounts/config_validation.go » ('j') | tokenserver/appengine/impl/serviceaccounts/config_validation.go » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: tokenserver/appengine/impl/serviceaccounts/config_test.go

diff --git a/tokenserver/appengine/impl/serviceaccounts/config_test.go b/tokenserver/appengine/impl/serviceaccounts/config_test.go

index 22b1c698172cb300318d6861a1f4d8898cab11fc..b076691c7a3598377f01457faa547ee9bdb91831 100644

--- a/tokenserver/appengine/impl/serviceaccounts/config_test.go

+++ b/tokenserver/appengine/impl/serviceaccounts/config_test.go

@@ -15,6 +15,7 @@

package serviceaccounts

import (

+ "sort"

"testing"

"github.com/golang/protobuf/proto"

@@ -34,15 +35,46 @@ func TestRules(t *testing.T) {

name: "rule 1"

owner: "developer@example.com"

service_account: "abc@robots.com"

- allowed_scope: "https://scope"

+ service_account: "def@robots.com"

+ allowed_scope: "https://www.googleapis.com/scope1"

+ allowed_scope: "https://www.googleapis.com/scope2"

end_user: "user:abc@example.com"

end_user: "group:group-name"

proxy: "user:proxy@example.com"

- max_grant_validity_duration: 3600

+ proxy: "group:zzz"

smut 2017/08/04 23:07:36 Can you make this group:proxy-group or something,

Vadim Sh. 2017/08/04 23:37:52 Done.

+ }

+ rules {

+ name: "rule 2"

+ service_account: "xyz@robots.com"

}

So(err, ShouldBeNil)

So(cfg, ShouldNotBeNil)

+ rule := cfg.Rule("abc@robots.com")

+ So(rule, ShouldNotBeNil)

+ So(rule.Rule.Name, ShouldEqual, "rule 1")

+ scopes := rule.AllowedScopes.ToSlice()

+ sort.Strings(scopes)

+ So(scopes, ShouldResemble, []string{

+ "https://www.googleapis.com/scope1",

+ "https://www.googleapis.com/scope2",

+ })

+ So(rule.EndUsers.ToStrings(), ShouldResemble, []string{

+ "group:group-name",

+ "user:abc@example.com",

+ })

+ So(rule.Proxies.ToStrings(), ShouldResemble, []string{

+ "group:zzz",

+ "user:proxy@example.com",

+ })

+ So(rule.Rule.MaxGrantValidityDuration, ShouldEqual, 24*3600)

+ So(cfg.Rule("def@robots.com").Rule.Name, ShouldEqual, "rule 1")

+ So(cfg.Rule("xyz@robots.com").Rule.Name, ShouldEqual, "rule 2")

+ So(cfg.Rule("unknown@robots.com"), ShouldBeNil)

})

}