3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 18:36:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/authorize/evaluator/custom_test.go
Caleb Doxsey 858077b3b6
authorize: custom rego policies (#1123) 
* add support for custom rego policies

* add support for passing custom policies
2020-07-21 12:09:26 -06:00

57 lines
1.2 KiB
Go
Raw Permalink Blame History

package evaluator
import (
"context"
"testing"
"time"
"github.com/stretchr/testify/assert"
)
func TestCustomEvaluator(t *testing.T) {
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*10)
defer clearTimeout()
store := NewStore()
t.Run("bool deny", func(t *testing.T) {
ce := NewCustomEvaluator(store.opaStore)
res, err := ce.Evaluate(ctx, &CustomEvaluatorRequest{
RegoPolicy: `
package pomerium.custom_policy
deny = true
`,
})
if !assert.NoError(t, err) {
return
}
assert.Equal(t, true, res.Denied)
assert.Empty(t, res.Reason)
})
t.Run("set deny", func(t *testing.T) {
ce := NewCustomEvaluator(store.opaStore)
res, err := ce.Evaluate(ctx, &CustomEvaluatorRequest{
RegoPolicy: `
package pomerium.custom_policy
deny["test"] = true
`,
})
if !assert.NoError(t, err) {
return
}
assert.Equal(t, true, res.Denied)
assert.Equal(t, "test", res.Reason)
})
t.Run("missing package", func(t *testing.T) {
ce := NewCustomEvaluator(store.opaStore)
res, err := ce.Evaluate(ctx, &CustomEvaluatorRequest{
RegoPolicy: `allow = true`,
})
if !assert.NoError(t, err) {
return
}
assert.NotNil(t, res)
})
}
Reference in a new issue View git blame Copy permalink