fix review

Signed-off-by: Marcondes Viana <marju10@gmail.com>
2024-09-27 06:25:44 +00:00 · 2023-04-16 17:40:33 -03:00
parent 8fb839eac1
commit a1a2f43f2f
1 changed files with 189 additions and 15 deletions
--- a/server/etcdserver/txn/txn_test.go
+++ b/server/etcdserver/txn/txn_test.go
@@ -159,7 +159,7 @@ func TestCheckTxnAuth(t *testing.T) {
 		err        error
 	}{
 		{
-			name: "Out of range compare is unathorized",
+			name: "Out of range compare is unauthorized",
 			txnRequest: &pb.TxnRequest{
 				Compare: []*pb.Compare{
 					{
@@ -170,6 +170,18 @@ func TestCheckTxnAuth(t *testing.T) {
 			},
 			err: auth.ErrPermissionDenied,
 		},
+		{
+			name: "In range compare is authorized",
+			txnRequest: &pb.TxnRequest{
+				Compare: []*pb.Compare{
+					{
+						Key: []byte("foo"),
+					},
+				},
+				Success: []*pb.RequestOp{},
+			},
+			err: nil,
+		},
 		{
 			name: "Nil request range is always authorized",
 			txnRequest: &pb.TxnRequest{
@@ -184,7 +196,7 @@ func TestCheckTxnAuth(t *testing.T) {
 			err: nil,
 		},
 		{
-			name: "Range request in range is authorised",
+			name: "Range request in range is authorized",
 			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
 					{
@@ -196,11 +208,21 @@ func TestCheckTxnAuth(t *testing.T) {
 						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestRange{
+							RequestRange: &pb.RangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+							},
+						},
+					},
+				},
 			},
 			err: nil,
 		},
 		{
-			name: "Range request out of range is unauthorized",
+			name: "Range request out of range success case is unauthorized",
 			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
 					{
@@ -212,11 +234,47 @@ func TestCheckTxnAuth(t *testing.T) {
 						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestRange{
+							RequestRange: &pb.RangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+							},
+						},
+					},
+				},
+			},
+			err: auth.ErrPermissionDenied,
+		},
+		{
+			name: "Range request out of range failure case is unauthorized",
+			txnRequest: &pb.TxnRequest{
+				Success: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestRange{
+							RequestRange: &pb.RangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+							},
+						},
+					},
+				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestRange{
+							RequestRange: &pb.RangeRequest{
+								Key:      []byte("boo"),
+								RangeEnd: []byte("zoo"),
+							},
+						},
+					},
+				},
 			},
 			err: auth.ErrPermissionDenied,
 		},
 		{
-			name: "Nil Put request is authorized",
+			name: "Nil Put request is always authorized",
 			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
 					{
@@ -240,11 +298,20 @@ func TestCheckTxnAuth(t *testing.T) {
 						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestPut{
+							RequestPut: &pb.PutRequest{
+								Key: []byte("foo"),
+							},
+						},
+					},
+				},
 			},
 			err: nil,
 		},
 		{
-			name: "Put request out of range is unauthorized",
+			name: "Put request out of range success case is unauthorized",
 			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
 					{
@@ -255,6 +322,39 @@ func TestCheckTxnAuth(t *testing.T) {
 						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestPut{
+							RequestPut: &pb.PutRequest{
+								Key: []byte("foo"),
+							},
+						},
+					},
+				},
+			},
+			err: auth.ErrPermissionDenied,
+		},
+		{
+			name: "Put request out of range failure case is unauthorized",
+			txnRequest: &pb.TxnRequest{
+				Success: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestPut{
+							RequestPut: &pb.PutRequest{
+								Key: []byte("foo"),
+							},
+						},
+					},
+				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestPut{
+							RequestPut: &pb.PutRequest{
+								Key: []byte("boo"),
+							},
+						},
+					},
+				},
 			},
 			err: auth.ErrPermissionDenied,
 		},
@@ -272,14 +372,20 @@ func TestCheckTxnAuth(t *testing.T) {
 			err: nil,
 		},
 		{
-			name: "Authorize delete range in range compare and rerquest",
+			name: "Delete range request in range is authorized",
 			txnRequest: &pb.TxnRequest{
-				Compare: []*pb.Compare{
+				Success: []*pb.RequestOp{
 					{
-						Key: []byte("foo"),
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
 					},
 				},
-				Success: []*pb.RequestOp{
+				Failure: []*pb.RequestOp{
 					{
 						Request: &pb.RequestOp_RequestDeleteRange{
 							RequestDeleteRange: &pb.DeleteRangeRequest{
@@ -294,14 +400,48 @@ func TestCheckTxnAuth(t *testing.T) {
 			err: nil,
 		},
 		{
-			name: "Unauthorize delete range out of range keys",
+			name: "Delete range request out of range success case is unauthorized",
 			txnRequest: &pb.TxnRequest{
-				Compare: []*pb.Compare{
+				Success: []*pb.RequestOp{
 					{
-						Key: []byte("foo"),
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("boo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
+					},
+				},
+			},
+			err: auth.ErrPermissionDenied,
+		},
+		{
+			name: "Delete range request out of range failure case is unauthorized",
+			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
+					},
+				},
+				Failure: []*pb.RequestOp{
 					{
 						Request: &pb.RequestOp_RequestDeleteRange{
 							RequestDeleteRange: &pb.DeleteRangeRequest{
@@ -316,14 +456,48 @@ func TestCheckTxnAuth(t *testing.T) {
 			err: auth.ErrPermissionDenied,
 		},
 		{
-			name: "Unauthorize delete range out of range keys and PrevKv false",
+			name: "Delete range request out of range and PrevKv false success case is unauthorized",
 			txnRequest: &pb.TxnRequest{
-				Compare: []*pb.Compare{
+				Success: []*pb.RequestOp{
 					{
-						Key: []byte("foo"),
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("boo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   false,
+							},
+						},
 					},
 				},
+				Failure: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
+					},
+				},
+			},
+			err: auth.ErrPermissionDenied,
+		},
+		{
+			name: "Delete range request out of range and PrevKv false failure case is unauthorized",
+			txnRequest: &pb.TxnRequest{
 				Success: []*pb.RequestOp{
+					{
+						Request: &pb.RequestOp_RequestDeleteRange{
+							RequestDeleteRange: &pb.DeleteRangeRequest{
+								Key:      []byte("foo"),
+								RangeEnd: []byte("zoo"),
+								PrevKv:   true,
+							},
+						},
+					},
+				},
+				Failure: []*pb.RequestOp{
 					{
 						Request: &pb.RequestOp_RequestDeleteRange{
 							RequestDeleteRange: &pb.DeleteRangeRequest{