本文整理汇总了Golang中github.com/tsuru/tsuru/permission.NewRole函数的典型用法代码示例。如果您正苦于以下问题:Golang NewRole函数的具体用法?Golang NewRole怎么用?Golang NewRole使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了NewRole函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。
示例1: TestUserAddRole
func (s *S) TestUserAddRole(c *check.C) {
_, err := permission.NewRole("r1", "app")
c.Assert(err, check.IsNil)
_, err = permission.NewRole("r2", "app")
c.Assert(err, check.IsNil)
u := User{Email: "[email protected]", Password: "123"}
err = u.Create()
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "c1")
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "c2")
c.Assert(err, check.IsNil)
err = u.AddRole("r2", "x")
c.Assert(err, check.IsNil)
err = u.AddRole("r2", "x")
c.Assert(err, check.IsNil)
err = u.AddRole("r3", "a")
c.Assert(err, check.Equals, permission.ErrRoleNotFound)
expected := []RoleInstance{
{Name: "r1", ContextValue: "c1"},
{Name: "r1", ContextValue: "c2"},
{Name: "r2", ContextValue: "x"},
}
sort.Sort(roleInstanceList(expected))
sort.Sort(roleInstanceList(u.Roles))
c.Assert(u.Roles, check.DeepEquals, expected)
uDB, err := GetUserByEmail("[email protected]")
c.Assert(err, check.IsNil)
sort.Sort(roleInstanceList(uDB.Roles))
c.Assert(uDB.Roles, check.DeepEquals, expected)
}示例2: TestAddDefaultRole
func (s *S) TestAddDefaultRole(c *check.C) {
_, err := permission.NewRole("r1", "team")
c.Assert(err, check.IsNil)
_, err = permission.NewRole("r2", "team")
c.Assert(err, check.IsNil)
_, err = permission.NewRole("r3", "global")
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
body := bytes.NewBufferString("team-create=r1&team-create=r2&user-create=r3")
req, err := http.NewRequest("POST", "/role/default", body)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleDefaultCreate,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r1, err := permission.FindRole("r1")
c.Assert(err, check.IsNil)
c.Assert(r1.Events, check.DeepEquals, []string{permission.RoleEventTeamCreate.String()})
r2, err := permission.FindRole("r2")
c.Assert(err, check.IsNil)
c.Assert(r2.Events, check.DeepEquals, []string{permission.RoleEventTeamCreate.String()})
r3, err := permission.FindRole("r3")
c.Assert(err, check.IsNil)
c.Assert(r3.Events, check.DeepEquals, []string{permission.RoleEventUserCreate.String()})
}示例3: TestUserPermissionsWithRemovedRole
func (s *S) TestUserPermissionsWithRemovedRole(c *check.C) {
role, err := permission.NewRole("test", "team")
c.Assert(err, check.IsNil)
u := User{Email: "[email protected]", Password: "123"}
err = u.Create()
c.Assert(err, check.IsNil)
err = u.AddRole(role.Name, "team")
c.Assert(err, check.IsNil)
conn, err := db.Conn()
c.Assert(err, check.IsNil)
defer conn.Close()
err = conn.Roles().RemoveId(role.Name)
c.Assert(err, check.IsNil)
perms, err := u.Permissions()
c.Assert(err, check.IsNil)
c.Assert(perms, check.IsNil)
r1, err := permission.NewRole("r1", "app")
c.Assert(err, check.IsNil)
err = r1.AddPermissions("app.update.env", "app.deploy")
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "myapp")
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "myapp2")
c.Assert(err, check.IsNil)
perms, err = u.Permissions()
c.Assert(err, check.IsNil)
c.Assert(perms, check.DeepEquals, []permission.Permission{
{Scheme: permission.PermAppDeploy, Context: permission.Context(permission.CtxApp, "myapp")},
{Scheme: permission.PermAppUpdateEnv, Context: permission.Context(permission.CtxApp, "myapp")},
{Scheme: permission.PermAppDeploy, Context: permission.Context(permission.CtxApp, "myapp2")},
{Scheme: permission.PermAppUpdateEnv, Context: permission.Context(permission.CtxApp, "myapp2")},
})
}示例4: TestAddDefaultRole
func (s *S) TestAddDefaultRole(c *check.C) {
_, err := permission.NewRole("r1", "team", "")
c.Assert(err, check.IsNil)
_, err = permission.NewRole("r2", "team", "")
c.Assert(err, check.IsNil)
_, err = permission.NewRole("r3", "global", "")
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
body := bytes.NewBufferString("team-create=r1&team-create=r2&user-create=r3")
req, err := http.NewRequest("POST", "/role/default", body)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleDefaultCreate,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r1, err := permission.FindRole("r1")
c.Assert(err, check.IsNil)
c.Assert(r1.Events, check.DeepEquals, []string{permission.RoleEventTeamCreate.String()})
r2, err := permission.FindRole("r2")
c.Assert(err, check.IsNil)
c.Assert(r2.Events, check.DeepEquals, []string{permission.RoleEventTeamCreate.String()})
r3, err := permission.FindRole("r3")
c.Assert(err, check.IsNil)
c.Assert(r3.Events, check.DeepEquals, []string{permission.RoleEventUserCreate.String()})
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "r1"},
Owner: token.GetUserName(),
Kind: "role.default.create",
StartCustomData: []map[string]interface{}{
{"name": "team-create", "value": []string{"r1", "r2"}},
{"name": "user-create", "value": "r3"},
},
}, eventtest.HasEvent)
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "r2"},
Owner: token.GetUserName(),
Kind: "role.default.create",
StartCustomData: []map[string]interface{}{
{"name": "team-create", "value": []string{"r1", "r2"}},
{"name": "user-create", "value": "r3"},
},
}, eventtest.HasEvent)
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "r3"},
Owner: token.GetUserName(),
Kind: "role.default.create",
StartCustomData: []map[string]interface{}{
{"name": "team-create", "value": []string{"r1", "r2"}},
{"name": "user-create", "value": "r3"},
},
}, eventtest.HasEvent)
}示例5: TestDissociateRole
func (s *S) TestDissociateRole(c *check.C) {
_, err := permission.NewRole("test", "team")
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleUpdateDissociate,
Context: permission.Context(permission.CtxGlobal, ""),
})
u, err := auth.GetUserByEmail("[email protected]")
c.Assert(err, check.IsNil)
err = u.AddRole("test", "myteam")
c.Assert(err, check.IsNil)
c.Assert(u.Roles, check.HasLen, 2)
req, err := http.NewRequest("DELETE", "/roles/test/user/[email protected]?context=myteam", nil)
c.Assert(err, check.IsNil)
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
recorder := httptest.NewRecorder()
server := RunServer(true)
server.ServeHTTP(recorder, req)
c.Assert(err, check.IsNil)
c.Assert(recorder.Code, check.Equals, http.StatusOK)
u, err = auth.GetUserByEmail("[email protected]")
c.Assert(err, check.IsNil)
c.Assert(u.Roles, check.HasLen, 1)
}示例6: TestRemoveDefaultRole
func (s *S) TestRemoveDefaultRole(c *check.C) {
r1, err := permission.NewRole("r1", "team", "")
c.Assert(err, check.IsNil)
err = r1.AddEvent(permission.RoleEventTeamCreate.String())
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
req, err := http.NewRequest("DELETE", "/role/default?team-create=r1", nil)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleDefaultDelete,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r1, err = permission.FindRole("r1")
c.Assert(err, check.IsNil)
c.Assert(r1.Events, check.DeepEquals, []string{})
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "r1"},
Owner: token.GetUserName(),
Kind: "role.default.delete",
StartCustomData: []map[string]interface{}{
{"name": "team-create", "value": "r1"},
},
}, eventtest.HasEvent)
}示例7: TestRemoveRole
func (s *S) TestRemoveRole(c *check.C) {
s.conn.Roles().DropCollection()
_, err := permission.NewRole("test", "app")
c.Assert(err, check.IsNil)
req, err := http.NewRequest("DELETE", "/roles/test", nil)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleDelete,
Context: permission.Context(permission.CtxGlobal, ""),
})
user, err := token.User()
c.Assert(err, check.IsNil)
err = user.AddRole("test", "app")
c.Assert(err, check.IsNil)
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
recorder := httptest.NewRecorder()
server := RunServer(true)
server.ServeHTTP(recorder, req)
c.Assert(recorder.Code, check.Equals, http.StatusOK)
roles, err := permission.ListRoles()
c.Assert(err, check.IsNil)
c.Assert(roles, check.HasLen, 1)
user, err = token.User()
c.Assert(err, check.IsNil)
c.Assert(user.Roles, check.HasLen, 1)
}示例8: TestAssignRoleCheckGandalf
func (s *S) TestAssignRoleCheckGandalf(c *check.C) {
role, err := permission.NewRole("test", "app", "")
c.Assert(err, check.IsNil)
err = role.AddPermissions("app.deploy")
c.Assert(err, check.IsNil)
emptyToken := customUserWithPermission(c, "user2")
a := app.App{Name: "myapp", TeamOwner: s.team.Name}
err = app.CreateApp(&a, s.user)
c.Assert(err, check.IsNil)
roleBody := bytes.NewBufferString(fmt.Sprintf("email=%s&context=myapp", emptyToken.GetUserName()))
req, err := http.NewRequest("POST", "/roles/test/user", roleBody)
c.Assert(err, check.IsNil)
token := customUserWithPermission(c, "user1", permission.Permission{
Scheme: permission.PermRoleUpdateAssign,
Context: permission.Context(permission.CtxGlobal, ""),
}, permission.Permission{
Scheme: permission.PermAppDeploy,
Context: permission.Context(permission.CtxApp, "myapp"),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
recorder := httptest.NewRecorder()
server := RunServer(true)
server.ServeHTTP(recorder, req)
c.Assert(err, check.IsNil)
c.Assert(recorder.Code, check.Equals, http.StatusOK)
emptyUser, err := emptyToken.User()
c.Assert(err, check.IsNil)
users, err := repositorytest.Granted("myapp")
c.Assert(err, check.IsNil)
c.Assert(users, check.DeepEquals, []string{s.user.Email, emptyToken.GetUserName()})
c.Assert(emptyUser.Roles, check.HasLen, 1)
}示例9: benchmarkAddPermissionToRole
func (s *S) benchmarkAddPermissionToRole(c *check.C, body string) []string {
c.StopTimer()
a := app.App{Name: "myapp", TeamOwner: s.team.Name}
err := app.CreateApp(&a, s.user)
c.Assert(err, check.IsNil)
role, err := permission.NewRole("test", "team")
c.Assert(err, check.IsNil)
err = role.AddPermissions("app.create")
c.Assert(err, check.IsNil)
nUsers := 100
var userEmails []string
for i := 0; i < nUsers; i++ {
email := fmt.Sprintf("user-%[email protected]", i)
userEmails = append(userEmails, email)
user := &auth.User{Email: email, Password: "123456"}
_, err = nativeScheme.Create(user)
c.Assert(err, check.IsNil)
err = user.AddRole("test", s.team.Name)
c.Assert(err, check.IsNil)
}
recorder := httptest.NewRecorder()
m := RunServer(true)
c.StartTimer()
for i := 0; i < c.N; i++ {
b := bytes.NewBufferString(body)
request, err := http.NewRequest("POST", "/roles/test/permissions", b)
c.Assert(err, check.IsNil)
request.Header.Add("Authorization", "bearer "+s.token.GetValue())
request.Header.Set("Content-Type", "application/x-www-form-urlencoded")
m.ServeHTTP(recorder, request)
}
c.StopTimer()
c.Assert(recorder.Code, check.Equals, http.StatusOK)
return userEmails
}示例10: TestRemovePermissionsFromRole
func (s *S) TestRemovePermissionsFromRole(c *check.C) {
r, err := permission.NewRole("test", "team", "")
c.Assert(err, check.IsNil)
defer permission.DestroyRole(r.Name)
err = r.AddPermissions("app.update")
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
req, err := http.NewRequest("DELETE", "/roles/test/permissions/app.update", nil)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleUpdate,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r, err = permission.FindRole("test")
c.Assert(err, check.IsNil)
c.Assert(r.SchemeNames, check.DeepEquals, []string{})
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "test"},
Owner: token.GetUserName(),
Kind: "role.update.permission.remove",
StartCustomData: []map[string]interface{}{
{"name": ":name", "value": "test"},
{"name": ":permission", "value": "app.update"},
},
}, eventtest.HasEvent)
}示例11: TestAddPermissionsToARole
func (s *S) TestAddPermissionsToARole(c *check.C) {
_, err := permission.NewRole("test", "team", "")
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
b := bytes.NewBufferString(`permission=app.update&permission=app.deploy`)
req, err := http.NewRequest("POST", "/roles/test/permissions", b)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleUpdate,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r, err := permission.FindRole("test")
c.Assert(err, check.IsNil)
sort.Strings(r.SchemeNames)
c.Assert(r.SchemeNames, check.DeepEquals, []string{"app.deploy", "app.update"})
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "test"},
Owner: token.GetUserName(),
Kind: "role.update.permission.add",
StartCustomData: []map[string]interface{}{
{"name": "permission", "value": []string{"app.update", "app.deploy"}},
},
}, eventtest.HasEvent)
}示例12: TestRemoveRole
func (s *S) TestRemoveRole(c *check.C) {
s.conn.Roles().DropCollection()
_, err := permission.NewRole("test", "app", "")
c.Assert(err, check.IsNil)
req, err := http.NewRequest("DELETE", "/roles/test", nil)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleDelete,
Context: permission.Context(permission.CtxGlobal, ""),
})
user, err := token.User()
c.Assert(err, check.IsNil)
err = user.AddRole("test", "app")
c.Assert(err, check.IsNil)
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
recorder := httptest.NewRecorder()
server := RunServer(true)
server.ServeHTTP(recorder, req)
c.Assert(recorder.Code, check.Equals, http.StatusOK)
roles, err := permission.ListRoles()
c.Assert(err, check.IsNil)
c.Assert(roles, check.HasLen, 1)
user, err = token.User()
c.Assert(err, check.IsNil)
c.Assert(user.Roles, check.HasLen, 1)
c.Assert(eventtest.EventDesc{
Target: event.Target{Type: event.TargetTypeRole, Value: "test"},
Owner: token.GetUserName(),
Kind: "role.delete",
StartCustomData: []map[string]interface{}{
{"name": ":name", "value": "test"},
},
}, eventtest.HasEvent)
}示例13: TestAssignRoleNotAuthorized
func (s *S) TestAssignRoleNotAuthorized(c *check.C) {
role, err := permission.NewRole("test", "team")
c.Assert(err, check.IsNil)
err = role.AddPermissions("app.create")
c.Assert(err, check.IsNil)
emptyToken := customUserWithPermission(c, "user2")
roleBody := bytes.NewBufferString(fmt.Sprintf("email=%s&context=myteam", emptyToken.GetUserName()))
req, err := http.NewRequest("POST", "/roles/test/user", roleBody)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleUpdateAssign,
Context: permission.Context(permission.CtxGlobal, ""),
}, permission.Permission{
Scheme: permission.PermAppCreate,
Context: permission.Context(permission.CtxTeam, "otherteam"),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
recorder := httptest.NewRecorder()
server := RunServer(true)
server.ServeHTTP(recorder, req)
c.Assert(err, check.IsNil)
c.Assert(recorder.Code, check.Equals, http.StatusForbidden)
c.Assert(recorder.Body.String(), check.Equals, "User not authorized to use permission app.create(team myteam)\n")
emptyUser, err := emptyToken.User()
c.Assert(err, check.IsNil)
c.Assert(emptyUser.Roles, check.HasLen, 0)
}示例14: TestRemovePermissionsFromRoleSyncGitRepository
func (s *S) TestRemovePermissionsFromRoleSyncGitRepository(c *check.C) {
r, err := permission.NewRole("test", "team")
c.Assert(err, check.IsNil)
defer permission.DestroyRole(r.Name)
err = r.AddPermissions("app.deploy")
c.Assert(err, check.IsNil)
user := &auth.User{Email: "[email protected]", Password: "123456"}
_, err = nativeScheme.Create(user)
c.Assert(err, check.IsNil)
err = user.AddRole("test", s.team.Name)
c.Assert(err, check.IsNil)
a := app.App{Name: "myapp", TeamOwner: s.team.Name}
err = app.CreateApp(&a, s.user)
err = repository.Manager().GrantAccess(a.Name, user.Email)
c.Assert(err, check.IsNil)
rec := httptest.NewRecorder()
req, err := http.NewRequest("DELETE", "/roles/test/permissions/app.deploy", nil)
c.Assert(err, check.IsNil)
token := userWithPermission(c, permission.Permission{
Scheme: permission.PermRoleUpdate,
Context: permission.Context(permission.CtxGlobal, ""),
})
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.Header.Set("Authorization", "bearer "+token.GetValue())
server := RunServer(true)
server.ServeHTTP(rec, req)
c.Assert(rec.Code, check.Equals, http.StatusOK)
r, err = permission.FindRole("test")
c.Assert(err, check.IsNil)
c.Assert(r.SchemeNames, check.DeepEquals, []string{})
users, err := repositorytest.Granted(a.Name)
c.Assert(err, check.IsNil)
c.Assert(users, check.DeepEquals, []string{s.user.Email})
}示例15: TestUserPermissions
func (s *S) TestUserPermissions(c *check.C) {
u := User{Email: "[email protected]", Password: "123"}
err := u.Create()
c.Assert(err, check.IsNil)
perms, err := u.Permissions()
c.Assert(err, check.IsNil)
c.Assert(perms, check.DeepEquals, []permission.Permission{
{Scheme: permission.PermUser, Context: permission.Context(permission.CtxUser, u.Email)},
})
r1, err := permission.NewRole("r1", "app", "")
c.Assert(err, check.IsNil)
err = r1.AddPermissions("app.update.env", "app.deploy")
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "myapp")
c.Assert(err, check.IsNil)
err = u.AddRole("r1", "myapp2")
c.Assert(err, check.IsNil)
perms, err = u.Permissions()
c.Assert(err, check.IsNil)
c.Assert(perms, check.DeepEquals, []permission.Permission{
{Scheme: permission.PermUser, Context: permission.Context(permission.CtxUser, u.Email)},
{Scheme: permission.PermAppDeploy, Context: permission.Context(permission.CtxApp, "myapp")},
{Scheme: permission.PermAppUpdateEnv, Context: permission.Context(permission.CtxApp, "myapp")},
{Scheme: permission.PermAppDeploy, Context: permission.Context(permission.CtxApp, "myapp2")},
{Scheme: permission.PermAppUpdateEnv, Context: permission.Context(permission.CtxApp, "myapp2")},
})
}