1package rpc
 2
 3import (
 4	"net"
 5	"testing"
 6
 7	"github.com/stretchr/testify/assert"
 8	"github.com/stretchr/testify/require"
 9	grpc "google.golang.org/grpc"
10	"google.golang.org/grpc/credentials/insecure"
11)
12
13func TestServer(t *testing.T) {
14	listener, err := net.Listen("tcp", "localhost:0")
15	require.NoError(t, err)
16	defer listener.Close()
17
18	server := New()
19	defer server.Stop()
20
21	go func() {
22		require.NoError(t, server.Serve(listener))
23	}()
24
25	connection, err := grpc.NewClient(
26		listener.Addr().String(),
27		grpc.WithTransportCredentials(insecure.NewCredentials()),
28	)
29	require.NoError(t, err)
30
31	defer connection.Close()
32	client := NewAbilityClient(connection)
33
34	t.Run("forbids", func(t *testing.T) {
35		reply, err := client.Allowed(t.Context(), &AllowRequest{
36			Subject:    "",
37			Permission: "",
38			Resource:   "",
39		})
40		require.NoError(t, err)
41		assert.False(t, reply.Result)
42	})
43
44	t.Run("allows alice:view:jane_vacation", func(t *testing.T) {
45		reply, err := client.Allowed(t.Context(), &AllowRequest{
46			Subject:    "gid://example/User/alice",
47			Permission: "view",
48			Resource:   "gid://example/Album/jane_vacation",
49		})
50		require.NoError(t, err)
51		assert.True(t, reply.Result)
52	})
53
54	t.Run("allows gid://User/1 read gid://Organization/2", func(t *testing.T) {
55		reply, err := client.Allowed(t.Context(), &AllowRequest{
56			Subject:    "gid://example/User/1",
57			Permission: "read",
58			Resource:   "gid://example/Organization/2",
59		})
60		require.NoError(t, err)
61		assert.True(t, reply.Result)
62	})
63}