diff options
| author | Chris Lu <chrislusf@users.noreply.github.com> | 2025-07-13 16:21:36 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-07-13 16:21:36 -0700 |
| commit | 7cb1ca13082568bfdcdab974d8cefddf650443c5 (patch) | |
| tree | 573b5e15d080d37b9312cade4151da9e3fb7ddee /weed/iamapi/iamapi_management_handlers_test.go | |
| parent | 1549ee2e154ab040e211ac7b3bc361272069abef (diff) | |
| download | seaweedfs-7cb1ca13082568bfdcdab974d8cefddf650443c5.tar.xz seaweedfs-7cb1ca13082568bfdcdab974d8cefddf650443c5.zip | |
Add policy engine (#6970)
Diffstat (limited to 'weed/iamapi/iamapi_management_handlers_test.go')
| -rw-r--r-- | weed/iamapi/iamapi_management_handlers_test.go | 50 |
1 files changed, 16 insertions, 34 deletions
diff --git a/weed/iamapi/iamapi_management_handlers_test.go b/weed/iamapi/iamapi_management_handlers_test.go index eac82caa7..5bc8eff67 100644 --- a/weed/iamapi/iamapi_management_handlers_test.go +++ b/weed/iamapi/iamapi_management_handlers_test.go @@ -3,28 +3,19 @@ package iamapi import ( "testing" + "github.com/seaweedfs/seaweedfs/weed/s3api/policy_engine" "github.com/stretchr/testify/assert" ) func TestGetActionsUserPath(t *testing.T) { - policyDocument := PolicyDocument{ + policyDocument := policy_engine.PolicyDocument{ Version: "2012-10-17", - Statement: []*Statement{ + Statement: []policy_engine.PolicyStatement{ { - Effect: "Allow", - Action: []string{ - "s3:Put*", - "s3:PutBucketAcl", - "s3:Get*", - "s3:GetBucketAcl", - "s3:List*", - "s3:Tagging*", - "s3:DeleteBucket*", - }, - Resource: []string{ - "arn:aws:s3:::shared/user-Alice/*", - }, + Effect: policy_engine.PolicyEffectAllow, + Action: policy_engine.NewStringOrStringSlice("s3:Put*", "s3:PutBucketAcl", "s3:Get*", "s3:GetBucketAcl", "s3:List*", "s3:Tagging*", "s3:DeleteBucket*"), + Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::shared/user-Alice/*"), }, }, } @@ -45,18 +36,13 @@ func TestGetActionsUserPath(t *testing.T) { func TestGetActionsWildcardPath(t *testing.T) { - policyDocument := PolicyDocument{ + policyDocument := policy_engine.PolicyDocument{ Version: "2012-10-17", - Statement: []*Statement{ + Statement: []policy_engine.PolicyStatement{ { - Effect: "Allow", - Action: []string{ - "s3:Get*", - "s3:PutBucketAcl", - }, - Resource: []string{ - "arn:aws:s3:::*", - }, + Effect: policy_engine.PolicyEffectAllow, + Action: policy_engine.NewStringOrStringSlice("s3:Get*", "s3:PutBucketAcl"), + Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::*"), }, }, } @@ -71,17 +57,13 @@ func TestGetActionsWildcardPath(t *testing.T) { } func TestGetActionsInvalidAction(t *testing.T) { - policyDocument := PolicyDocument{ + policyDocument := policy_engine.PolicyDocument{ Version: "2012-10-17", - Statement: []*Statement{ + Statement: []policy_engine.PolicyStatement{ { - Effect: "Allow", - Action: []string{ - "s3:InvalidAction", - }, - Resource: []string{ - "arn:aws:s3:::shared/user-Alice/*", - }, + Effect: policy_engine.PolicyEffectAllow, + Action: policy_engine.NewStringOrStringSlice("s3:InvalidAction"), + Resource: policy_engine.NewStringOrStringSlice("arn:aws:s3:::shared/user-Alice/*"), }, }, } |