mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-09 22:51:12 +02:00
e6fba7d3bc
Updates: * pkgs v1.3.0-alpha.0-33-g8fe5cbc * tools v1.3.0-alpha.0-20-g3b5f89a * aws-sdk-go v1.44.120 * docker v20.10.20+incompatible * fsnotify v1.6.0 * nftables v0.0.0-20221015190445-4f5cd5826fbd * gen v0.4.0 * grpc-proxy v0.4.0 * spf13/cobra v1.6.0 * u-root v0.10.0 * x/net v0.1.0 * x/sync v0.1.0 * x/sys v0.1.0 * x/term v0.1.0 * x/time v0.1.0 * grpc v1.50.1 * genproto v0.0.0-20221018160656-63c7b68cfc55 * Linux kernel 5.15.74 Signed-off-by: Tim Jones <tim.jones@siderolabs.com>
71 lines
2.3 KiB
Go
71 lines
2.3 KiB
Go
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
package backend_test
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"google.golang.org/grpc/metadata"
|
|
|
|
"github.com/talos-systems/talos/pkg/grpc/middleware/authz"
|
|
"github.com/talos-systems/talos/pkg/grpc/proxy/backend"
|
|
"github.com/talos-systems/talos/pkg/machinery/role"
|
|
)
|
|
|
|
func TestLocalGetConnection(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
l := backend.NewLocal("test", "/tmp/test.sock")
|
|
|
|
md1 := metadata.New(nil)
|
|
md1.Set("key", "value1", "value2")
|
|
ctx1 := metadata.NewIncomingContext(authz.ContextWithRoles(context.Background(), role.MakeSet(role.Admin)), md1)
|
|
|
|
outCtx1, conn1, err1 := l.GetConnection(ctx1, "")
|
|
assert.NoError(t, err1)
|
|
assert.NotNil(t, conn1)
|
|
assert.Equal(t, role.MakeSet(role.Admin), authz.GetRoles(outCtx1))
|
|
|
|
mdOut1, ok1 := metadata.FromOutgoingContext(outCtx1)
|
|
assert.True(t, ok1)
|
|
assert.Equal(t, []string{"value1", "value2"}, mdOut1.Get("key"))
|
|
assert.Equal(t, []string{"os:admin"}, mdOut1.Get("talos-role"))
|
|
|
|
t.Run("Same context", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
ctx2 := ctx1
|
|
outCtx2, conn2, err2 := l.GetConnection(ctx2, "")
|
|
assert.NoError(t, err2)
|
|
assert.Equal(t, conn1, conn2) // connection is cached
|
|
assert.Equal(t, role.MakeSet(role.Admin), authz.GetRoles(outCtx2))
|
|
|
|
mdOut2, ok2 := metadata.FromOutgoingContext(outCtx2)
|
|
assert.True(t, ok2)
|
|
assert.Equal(t, []string{"value1", "value2"}, mdOut2.Get("key"))
|
|
assert.Equal(t, []string{"os:admin"}, mdOut2.Get("talos-role"))
|
|
})
|
|
|
|
t.Run("Other context", func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
md3 := metadata.New(nil)
|
|
md3.Set("key", "value3", "value4")
|
|
ctx3 := metadata.NewIncomingContext(authz.ContextWithRoles(context.Background(), role.MakeSet(role.Reader)), md3)
|
|
|
|
outCtx3, conn3, err3 := l.GetConnection(ctx3, "")
|
|
assert.NoError(t, err3)
|
|
assert.Equal(t, conn1, conn3) // connection is cached
|
|
assert.Equal(t, role.MakeSet(role.Reader), authz.GetRoles(outCtx3))
|
|
|
|
mdOut3, ok3 := metadata.FromOutgoingContext(outCtx3)
|
|
assert.True(t, ok3)
|
|
assert.Equal(t, []string{"value3", "value4"}, mdOut3.Get("key"))
|
|
assert.Equal(t, []string{"os:reader"}, mdOut3.Get("talos-role"))
|
|
})
|
|
}
|