IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

RBAC: Rewrite ldap rbac tests (#61743)

Browse Source
This commit is contained in:
Karl Persson 2023-01-19 11:09:26 +01:00 committed by GitHub
parent c10713ea76
commit f5397a7c31
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 26 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
pkg/api/ldap_debug_test.go
View File

@ -26,6 +26,7 @@ import (
"github.com/grafana/grafana/pkg/services/user" "github.com/grafana/grafana/pkg/services/user"
"github.com/grafana/grafana/pkg/services/user/usertest" "github.com/grafana/grafana/pkg/services/user/usertest"
"github.com/grafana/grafana/pkg/setting" "github.com/grafana/grafana/pkg/setting"
"github.com/grafana/grafana/pkg/web/webtest"
) )
type LDAPMock struct { type LDAPMock struct {
@ -514,7 +515,14 @@ func TestPostSyncUserWithLDAPAPIEndpoint_WhenUserNotInLDAP(t *testing.T) {
// *** // ***
func TestLDAP_AccessControl(t *testing.T) { func TestLDAP_AccessControl(t *testing.T) {
tests := []accessControlTestCase{ type testCase struct {
desc string
method string
url string
expectedCode int
permissions []accesscontrol.Permission
}
tests := []testCase{
{ {
url: "/api/admin/ldap/reload", url: "/api/admin/ldap/reload",
method: http.MethodPost, method: http.MethodPost,
@ -589,8 +597,8 @@ func TestLDAP_AccessControl(t *testing.T) {
}, },
} }
for _, test := range tests { for _, tt := range tests {
t.Run(test.desc, func(t *testing.T) { t.Run(tt.desc, func(t *testing.T) {
enabled := setting.LDAPEnabled enabled := setting.LDAPEnabled
configFile := setting.LDAPConfigFile configFile := setting.LDAPConfigFile
@ -604,18 +612,17 @@ func TestLDAP_AccessControl(t *testing.T) {
assert.NoError(t, err) assert.NoError(t, err)
setting.LDAPConfigFile = path setting.LDAPConfigFile = path
cfg := setting.NewCfg() server := SetupAPITestServer(t, func(hs *HTTPServer) {
cfg.LDAPEnabled = true cfg := setting.NewCfg()
sc, hs := setupAccessControlScenarioContext(t, cfg, test.url, test.permissions) cfg.LDAPEnabled = true
hs.SQLStore = dbtest.NewFakeDB() hs.Cfg = cfg
hs.userService = &usertest.FakeUserService{ExpectedUser: &user.User{}} hs.SQLStore = dbtest.NewFakeDB()
hs.authInfoService = &logintest.AuthInfoServiceFake{} hs.orgService = orgtest.NewOrgServiceFake()
hs.Login = &loginservice.LoginServiceMock{} hs.userService = &usertest.FakeUserService{ExpectedUser: &user.User{}}
hs.orgService = &orgtest.FakeOrgService{} hs.ldapGroups = &ldap.OSSGroups{}
sc.resp = httptest.NewRecorder() hs.Login = &loginservice.LoginServiceMock{}
sc.req, err = http.NewRequest(test.method, test.url, nil) hs.authInfoService = &logintest.AuthInfoServiceFake{}
assert.NoError(t, err) })
// Add minimal setup to pass handler // Add minimal setup to pass handler
userSearchResult = &models.ExternalUserInfo{} userSearchResult = &models.ExternalUserInfo{}
userSearchError = nil userSearchError = nil
@ -623,8 +630,10 @@ func TestLDAP_AccessControl(t *testing.T) {
return &LDAPMock{} return &LDAPMock{}
} }
sc.exec() res, err := server.Send(webtest.RequestWithSignedInUser(server.NewRequest(tt.method, tt.url, nil), userWithPermissions(1, tt.permissions)))
assert.Equal(t, test.expectedCode, sc.resp.Code) require.NoError(t, err)
assert.Equal(t, tt.expectedCode, res.StatusCode)
require.NoError(t, res.Body.Close())
}) })
} }
} }