3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-05 12:23:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: bypass data in rego for databroker data (#2041)

Browse source
This commit is contained in:
Caleb Doxsey 2021-03-30 14:14:32 -06:00 committed by GitHub
parent 76bc7a7e9a
commit 4218f49741
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 141 additions and 139 deletions
Download patch file Download diff file Expand all files Collapse all files

27
authorize/evaluator/store_test.go
View file

@ -1,22 +1,17 @@
package evaluator
import (
"context"
"testing"
"time"
"github.com/golang/protobuf/ptypes"
"github.com/open-policy-agent/opa/storage"
"github.com/stretchr/testify/assert"
"google.golang.org/protobuf/types/known/anypb"
"google.golang.org/protobuf/types/known/timestamppb"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/pomerium/pkg/grpc/user"
)
func TestStore(t *testing.T) {
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*10)
defer clearTimeout()
s := NewStore()
t.Run("records", func(t *testing.T) {
u := &user.User{
@ -25,7 +20,7 @@ func TestStore(t *testing.T) {
Name: "name",
Email: "name@example.com",
}
any, _ := ptypes.MarshalAny(u)
any, _ := anypb.New(u)
s.UpdateRecord(&databroker.Record{
Version: 1,
Type: any.GetTypeUrl(),
@ -33,25 +28,23 @@ func TestStore(t *testing.T) {
Data: any,
})
v, err := storage.ReadOne(ctx, s.opaStore, storage.MustParsePath("/databroker_data/type.googleapis.com/user.User/u1"))
assert.NoError(t, err)
v := s.GetRecordData(any.GetTypeUrl(), u.GetId())
assert.Equal(t, map[string]interface{}{
"version": "v1",
"id": "u1",
"name": "name",
"email": "name@example.com",
}, v)
}, toMap(v))
s.UpdateRecord(&databroker.Record{
Version: 2,
Type: any.GetTypeUrl(),
Id: u.GetId(),
Data: any,
DeletedAt: ptypes.TimestampNow(),
DeletedAt: timestamppb.Now(),
})
v, err = storage.ReadOne(ctx, s.opaStore, storage.MustParsePath("/databroker_data/type.googleapis.com/user.User/u1"))
assert.Error(t, err)
v = s.GetRecordData(any.GetTypeUrl(), u.GetId())
assert.Nil(t, v)
s.UpdateRecord(&databroker.Record{
@ -61,13 +54,11 @@ func TestStore(t *testing.T) {
Data: any,
})
v, err = storage.ReadOne(ctx, s.opaStore, storage.MustParsePath("/databroker_data/type.googleapis.com/user.User/u1"))
assert.NoError(t, err)
v = s.GetRecordData(any.GetTypeUrl(), u.GetId())
assert.NotNil(t, v)
s.ClearRecords()
v, err = storage.ReadOne(ctx, s.opaStore, storage.MustParsePath("/databroker_data/type.googleapis.com/user.User/u1"))
assert.Error(t, err)
v = s.GetRecordData(any.GetTypeUrl(), u.GetId())
assert.Nil(t, v)
})
}