3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-25 20:49:30 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/pkg/policy/criteria/domains_test.go
Caleb Doxsey 96b9702ee3
ppl: add data type, implement string and list matchers (#2228) 
* ppl: add data type, implement string and list matchers

* update policy converter
2021-05-21 11:28:41 -06:00

70 lines
1.5 KiB
Go
Raw Blame History

package criteria
import (
"testing"
"github.com/stretchr/testify/require"
"google.golang.org/protobuf/proto"
"github.com/pomerium/pomerium/pkg/grpc/session"
"github.com/pomerium/pomerium/pkg/grpc/user"
)
func TestDomains(t *testing.T) {
t.Run("no session", func(t *testing.T) {
res, err := evaluate(t, `
allow:
and:
- domain:
is: example.com
`, []dataBrokerRecord{}, Input{Session: InputSession{ID: "SESSION_ID"}})
require.NoError(t, err)
require.Equal(t, false, res["allow"])
require.Equal(t, false, res["deny"])
})
t.Run("by domain", func(t *testing.T) {
res, err := evaluate(t, `
allow:
and:
- domain:
is: example.com
`,
[]dataBrokerRecord{
&session.Session{
Id: "SESSION_ID",
UserId: "USER_ID",
},
&user.User{
Id: "USER_ID",
Email: "test@example.com",
},
},
Input{Session: InputSession{ID: "SESSION_ID"}})
require.NoError(t, err)
require.Equal(t, true, res["allow"])
require.Equal(t, false, res["deny"])
})
t.Run("by impersonate email", func(t *testing.T) {
res, err := evaluate(t, `
allow:
and:
- domain:
is: example.com
`,
[]dataBrokerRecord{
&session.Session{
Id: "SESSION_ID",
UserId: "USER_ID",
ImpersonateEmail: proto.String("test2@example.com"),
},
&user.User{
Id: "USER_ID",
Email: "test1@example.com",
},
},
Input{Session: InputSession{ID: "SESSION_ID"}})
require.NoError(t, err)
require.Equal(t, true, res["allow"])
require.Equal(t, false, res["deny"])
})
}
Reference in a new issue View git blame Copy permalink