From 8dcfca0097c37a21c077e127d76696bf73b60c23 Mon Sep 17 00:00:00 2001
From: wafuwafu13 <mariobaske@i.softbank.jp>
Date: Thu, 15 Dec 2022 21:41:55 +0900
Subject: [PATCH] tests(etcdserver): add server_access_control_test.go

Signed-off-by: wafuwafu13 <mariobaske@i.softbank.jp>
---
 .../etcdserver/server_access_control_test.go  | 119 ++++++++++++++++++
 1 file changed, 119 insertions(+)
 create mode 100644 server/etcdserver/server_access_control_test.go

diff --git a/server/etcdserver/server_access_control_test.go b/server/etcdserver/server_access_control_test.go
new file mode 100644
index 000000000..2d7a6cdc5
--- /dev/null
+++ b/server/etcdserver/server_access_control_test.go
@@ -0,0 +1,119 @@
+// Copyright 2016 The etcd Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package etcdserver
+
+import "testing"
+
+func TestOriginAllowed(t *testing.T) {
+	tests := []struct {
+		accessController *AccessController
+		origin           string
+		allowed          bool
+	}{
+		{
+			&AccessController{
+				CORS: map[string]struct{}{},
+			},
+			"https://example.com",
+			true,
+		},
+		{
+			&AccessController{
+				CORS: map[string]struct{}{"*": {}},
+			},
+			"https://example.com",
+			true,
+		},
+		{
+			&AccessController{
+				CORS: map[string]struct{}{"https://example.com": {}, "http://example.org": {}},
+			},
+			"https://example.com",
+			true,
+		},
+		{
+			&AccessController{
+				CORS: map[string]struct{}{"http://example.org": {}},
+			},
+			"https://example.com",
+			false,
+		},
+		{
+			&AccessController{
+				CORS: map[string]struct{}{"*": {}, "http://example.org/": {}},
+			},
+			"https://example.com",
+			true,
+		},
+	}
+
+	for i, tt := range tests {
+		allowed := tt.accessController.OriginAllowed(tt.origin)
+		if allowed != tt.allowed {
+			t.Fatalf("#%d: allowd = %t, want %t", i, allowed, tt.allowed)
+		}
+	}
+}
+
+func TestIsHostWhitelisted(t *testing.T) {
+	tests := []struct{
+		accessController *AccessController
+		host             string
+		whitelisted      bool
+	}{
+		{
+			&AccessController{
+				HostWhitelist: map[string]struct{}{},
+			},
+			"example.com",
+			true,
+		},
+		{
+			&AccessController{
+				HostWhitelist: map[string]struct{}{"*": {}},
+			},
+			"example.com",
+			true,
+		},
+		{
+			&AccessController{
+				HostWhitelist: map[string]struct{}{"example.com": {}, "example.org": {}},
+			},
+			"example.com",
+			true,
+		},
+		{
+			&AccessController{
+				HostWhitelist: map[string]struct{}{"example.org": {}},
+			},
+			"example.com",
+			false,
+		},
+		{
+			&AccessController{
+				HostWhitelist: map[string]struct{}{"*": {}, "example.org/": {}},
+			},
+			"example.com",
+			true,
+		},
+	}
+
+	for i, tt := range tests {
+		whitelisted := tt.accessController.IsHostWhitelisted(tt.host)
+		if whitelisted != tt.whitelisted {
+			t.Fatalf("#%d:whitelisted = %t, want %t", i, whitelisted, tt.whitelisted)
+		}
+	}
+}