3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-10 07:37:33 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: hide impersonation form from non-admin users (#979)

Browse source 
Fixes #881
This commit is contained in:
Cuong Manh Le 2020-06-23 22:09:33 +07:00 committed by GitHub
parent fa40ff1f77
commit fb4dfaea44
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 47 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

28
authenticate/authenticate_test.go
View file

@ -3,6 +3,9 @@ package authenticate
import (
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/pomerium/pomerium/config"
)
@ -133,3 +136,28 @@ func TestNew(t *testing.T) {
})
}
}
func TestIsAdmin(t *testing.T) {
tests := []struct {
name string
user string
admins []string
isAdmin bool
}{
{"Is admin", "foo@bar.com", []string{"foo@bar.com"}, true},
{"Is not admin", "foo@bar.com", []string{"baz@bar.com"}, false},
{"Empty admin groups", "foo@bar.com", []string{}, false},
{"Empty user", "", []string{"foo@bar.com"}, false},
}
for _, tc := range tests {
tc := tc
t.Run(tc.name, func(t *testing.T) {
t.Parallel()
opts := newTestOptions(t)
opts.Administrators = tc.admins
a, err := New(*opts)
require.NoError(t, err)
assert.True(t, a.isAdmin(tc.user) == tc.isAdmin)
})
}
}