aboutsummaryrefslogtreecommitdiff
path: root/weed/credential/credential_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'weed/credential/credential_test.go')
-rw-r--r--weed/credential/credential_test.go353
1 files changed, 353 insertions, 0 deletions
diff --git a/weed/credential/credential_test.go b/weed/credential/credential_test.go
new file mode 100644
index 000000000..70eeb7b0c
--- /dev/null
+++ b/weed/credential/credential_test.go
@@ -0,0 +1,353 @@
+package credential
+
+import (
+ "context"
+ "testing"
+
+ "github.com/seaweedfs/seaweedfs/weed/pb/iam_pb"
+ "github.com/seaweedfs/seaweedfs/weed/util"
+)
+
+func TestCredentialStoreInterface(t *testing.T) {
+ // Note: This test may fail if run without importing store packages
+ // For full integration testing, see the test/ package
+ if len(Stores) == 0 {
+ t.Skip("No credential stores registered - this is expected when testing the base package without store imports")
+ }
+
+ // Check that expected stores are available
+ storeNames := GetAvailableStores()
+ expectedStores := []string{string(StoreTypeFilerEtc), string(StoreTypeMemory)}
+
+ // Add SQLite and PostgreSQL if they're available (build tags dependent)
+ for _, storeName := range storeNames {
+ found := false
+ for _, expected := range append(expectedStores, string(StoreTypeSQLite), string(StoreTypePostgres)) {
+ if string(storeName) == expected {
+ found = true
+ break
+ }
+ }
+ if !found {
+ t.Errorf("Unexpected store found: %s", storeName)
+ }
+ }
+
+ // Test that filer_etc store is always available
+ filerEtcStoreFound := false
+ memoryStoreFound := false
+ for _, storeName := range storeNames {
+ if string(storeName) == string(StoreTypeFilerEtc) {
+ filerEtcStoreFound = true
+ }
+ if string(storeName) == string(StoreTypeMemory) {
+ memoryStoreFound = true
+ }
+ }
+ if !filerEtcStoreFound {
+ t.Error("FilerEtc store should always be available")
+ }
+ if !memoryStoreFound {
+ t.Error("Memory store should always be available")
+ }
+}
+
+func TestCredentialManagerCreation(t *testing.T) {
+ config := util.GetViper()
+
+ // Test creating credential manager with invalid store
+ _, err := NewCredentialManager(CredentialStoreTypeName("nonexistent"), config, "test.")
+ if err == nil {
+ t.Error("Expected error for nonexistent store")
+ }
+
+ // Skip store-specific tests if no stores are registered
+ if len(Stores) == 0 {
+ t.Skip("No credential stores registered - skipping store-specific tests")
+ }
+
+ // Test creating credential manager with available stores
+ availableStores := GetAvailableStores()
+ if len(availableStores) == 0 {
+ t.Skip("No stores available for testing")
+ }
+
+ // Test with the first available store
+ storeName := availableStores[0]
+ cm, err := NewCredentialManager(storeName, config, "test.")
+ if err != nil {
+ t.Fatalf("Failed to create credential manager with store %s: %v", storeName, err)
+ }
+ if cm == nil {
+ t.Error("Credential manager should not be nil")
+ }
+ defer cm.Shutdown()
+
+ // Test that the store is of the correct type
+ if cm.GetStore().GetName() != storeName {
+ t.Errorf("Expected %s store, got %s", storeName, cm.GetStore().GetName())
+ }
+}
+
+func TestCredentialInterface(t *testing.T) {
+ // Skip if no stores are registered
+ if len(Stores) == 0 {
+ t.Skip("No credential stores registered - for full testing see test/ package")
+ }
+
+ // Test the interface with the first available store
+ availableStores := GetAvailableStores()
+ if len(availableStores) == 0 {
+ t.Skip("No stores available for testing")
+ }
+
+ testCredentialInterfaceWithStore(t, availableStores[0])
+}
+
+func testCredentialInterfaceWithStore(t *testing.T, storeName CredentialStoreTypeName) {
+ // Create a test identity
+ testIdentity := &iam_pb.Identity{
+ Name: "testuser",
+ Actions: []string{"Read", "Write"},
+ Account: &iam_pb.Account{
+ Id: "123456789012",
+ DisplayName: "Test User",
+ EmailAddress: "test@example.com",
+ },
+ Credentials: []*iam_pb.Credential{
+ {
+ AccessKey: "AKIAIOSFODNN7EXAMPLE",
+ SecretKey: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
+ },
+ },
+ }
+
+ // Test the interface methods exist (compile-time check)
+ config := util.GetViper()
+ cm, err := NewCredentialManager(storeName, config, "test.")
+ if err != nil {
+ t.Fatalf("Failed to create credential manager: %v", err)
+ }
+ defer cm.Shutdown()
+
+ ctx := context.Background()
+
+ // Test LoadConfiguration
+ _, err = cm.LoadConfiguration(ctx)
+ if err != nil {
+ t.Fatalf("LoadConfiguration failed: %v", err)
+ }
+
+ // Test CreateUser
+ err = cm.CreateUser(ctx, testIdentity)
+ if err != nil {
+ t.Fatalf("CreateUser failed: %v", err)
+ }
+
+ // Test GetUser
+ user, err := cm.GetUser(ctx, "testuser")
+ if err != nil {
+ t.Fatalf("GetUser failed: %v", err)
+ }
+ if user.Name != "testuser" {
+ t.Errorf("Expected user name 'testuser', got %s", user.Name)
+ }
+
+ // Test ListUsers
+ users, err := cm.ListUsers(ctx)
+ if err != nil {
+ t.Fatalf("ListUsers failed: %v", err)
+ }
+ if len(users) != 1 || users[0] != "testuser" {
+ t.Errorf("Expected ['testuser'], got %v", users)
+ }
+
+ // Test GetUserByAccessKey
+ userByKey, err := cm.GetUserByAccessKey(ctx, "AKIAIOSFODNN7EXAMPLE")
+ if err != nil {
+ t.Fatalf("GetUserByAccessKey failed: %v", err)
+ }
+ if userByKey.Name != "testuser" {
+ t.Errorf("Expected user name 'testuser', got %s", userByKey.Name)
+ }
+}
+
+func TestCredentialManagerIntegration(t *testing.T) {
+ // Skip if no stores are registered
+ if len(Stores) == 0 {
+ t.Skip("No credential stores registered - for full testing see test/ package")
+ }
+
+ // Test with the first available store
+ availableStores := GetAvailableStores()
+ if len(availableStores) == 0 {
+ t.Skip("No stores available for testing")
+ }
+
+ storeName := availableStores[0]
+ config := util.GetViper()
+ cm, err := NewCredentialManager(storeName, config, "test.")
+ if err != nil {
+ t.Fatalf("Failed to create credential manager: %v", err)
+ }
+ defer cm.Shutdown()
+
+ ctx := context.Background()
+
+ // Test complete workflow
+ user1 := &iam_pb.Identity{
+ Name: "user1",
+ Actions: []string{"Read"},
+ Account: &iam_pb.Account{
+ Id: "111111111111",
+ DisplayName: "User One",
+ EmailAddress: "user1@example.com",
+ },
+ Credentials: []*iam_pb.Credential{
+ {
+ AccessKey: "AKIAUSER1",
+ SecretKey: "secret1",
+ },
+ },
+ }
+
+ user2 := &iam_pb.Identity{
+ Name: "user2",
+ Actions: []string{"Write"},
+ Account: &iam_pb.Account{
+ Id: "222222222222",
+ DisplayName: "User Two",
+ EmailAddress: "user2@example.com",
+ },
+ Credentials: []*iam_pb.Credential{
+ {
+ AccessKey: "AKIAUSER2",
+ SecretKey: "secret2",
+ },
+ },
+ }
+
+ // Create users
+ err = cm.CreateUser(ctx, user1)
+ if err != nil {
+ t.Fatalf("Failed to create user1: %v", err)
+ }
+
+ err = cm.CreateUser(ctx, user2)
+ if err != nil {
+ t.Fatalf("Failed to create user2: %v", err)
+ }
+
+ // List users
+ users, err := cm.ListUsers(ctx)
+ if err != nil {
+ t.Fatalf("Failed to list users: %v", err)
+ }
+
+ if len(users) != 2 {
+ t.Errorf("Expected 2 users, got %d", len(users))
+ }
+
+ // Test access key lookup
+ foundUser, err := cm.GetUserByAccessKey(ctx, "AKIAUSER1")
+ if err != nil {
+ t.Fatalf("Failed to get user by access key: %v", err)
+ }
+ if foundUser.Name != "user1" {
+ t.Errorf("Expected user1, got %s", foundUser.Name)
+ }
+
+ // Delete user
+ err = cm.DeleteUser(ctx, "user1")
+ if err != nil {
+ t.Fatalf("Failed to delete user: %v", err)
+ }
+
+ // Verify user is deleted
+ _, err = cm.GetUser(ctx, "user1")
+ if err != ErrUserNotFound {
+ t.Errorf("Expected ErrUserNotFound, got %v", err)
+ }
+
+ // Clean up
+ err = cm.DeleteUser(ctx, "user2")
+ if err != nil {
+ t.Fatalf("Failed to delete user2: %v", err)
+ }
+}
+
+// TestErrorTypes tests that the custom error types are defined correctly
+func TestErrorTypes(t *testing.T) {
+ // Test that error types are defined
+ if ErrUserNotFound == nil {
+ t.Error("ErrUserNotFound should be defined")
+ }
+ if ErrUserAlreadyExists == nil {
+ t.Error("ErrUserAlreadyExists should be defined")
+ }
+ if ErrAccessKeyNotFound == nil {
+ t.Error("ErrAccessKeyNotFound should be defined")
+ }
+
+ // Test error messages
+ if ErrUserNotFound.Error() != "user not found" {
+ t.Errorf("Expected 'user not found', got '%s'", ErrUserNotFound.Error())
+ }
+ if ErrUserAlreadyExists.Error() != "user already exists" {
+ t.Errorf("Expected 'user already exists', got '%s'", ErrUserAlreadyExists.Error())
+ }
+ if ErrAccessKeyNotFound.Error() != "access key not found" {
+ t.Errorf("Expected 'access key not found', got '%s'", ErrAccessKeyNotFound.Error())
+ }
+}
+
+// TestGetAvailableStores tests the store discovery function
+func TestGetAvailableStores(t *testing.T) {
+ stores := GetAvailableStores()
+ if len(stores) == 0 {
+ t.Skip("No stores available for testing")
+ }
+
+ // Convert to strings for comparison
+ storeNames := make([]string, len(stores))
+ for i, store := range stores {
+ storeNames[i] = string(store)
+ }
+
+ t.Logf("Available stores: %v (count: %d)", storeNames, len(storeNames))
+
+ // We expect at least memory and filer_etc stores to be available
+ expectedStores := []string{string(StoreTypeFilerEtc), string(StoreTypeMemory)}
+
+ // Add SQLite and PostgreSQL if they're available (build tags dependent)
+ for _, storeName := range storeNames {
+ found := false
+ for _, expected := range append(expectedStores, string(StoreTypeSQLite), string(StoreTypePostgres)) {
+ if storeName == expected {
+ found = true
+ break
+ }
+ }
+ if !found {
+ t.Errorf("Unexpected store found: %s", storeName)
+ }
+ }
+
+ // Test that filer_etc store is always available
+ filerEtcStoreFound := false
+ memoryStoreFound := false
+ for _, storeName := range storeNames {
+ if storeName == string(StoreTypeFilerEtc) {
+ filerEtcStoreFound = true
+ }
+ if storeName == string(StoreTypeMemory) {
+ memoryStoreFound = true
+ }
+ }
+ if !filerEtcStoreFound {
+ t.Error("FilerEtc store should always be available")
+ }
+ if !memoryStoreFound {
+ t.Error("Memory store should always be available")
+ }
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-20 23:15:32 +0000