added one more test

This commit is contained in:
0xdcarns 2022-02-25 15:22:46 -05:00
parent 68c7014802
commit 9668a84cd0
3 changed files with 36 additions and 7 deletions

View file

@ -1 +1,2 @@
10.0.0.2 testnode.skynet myhost.skynet
10.0.0.1 testnode.skynet
10.0.0.2 myhost.skynet

View file

@ -183,10 +183,26 @@ func TestNodeACLs(t *testing.T) {
assert.Nil(t, err)
assert.NotNil(t, node1ACL)
assert.NotNil(t, node2ACL)
currentACL, err := nodeacls.ChangeNodesAccess(nodeacls.NetworkID(node1.Network), nodeacls.NodeID(node1.ID), nodeacls.NodeID(node2.ID), acls.NotAllowed)
currentACL, err := nodeacls.DisallowNodes(nodeacls.NetworkID(node1.Network), nodeacls.NodeID(node1.ID), nodeacls.NodeID(node2.ID))
assert.Nil(t, err)
assert.Equal(t, acls.NotAllowed, currentACL[acls.AclID(node1.ID)][acls.AclID(node2.ID)])
assert.Equal(t, acls.NotAllowed, currentACL[acls.AclID(node2.ID)][acls.AclID(node1.ID)])
currentACL.Save(acls.ContainerID(node1.Network))
})
t.Run("node acls correct after add new node not allowed", func(t *testing.T) {
node3 := models.Node{PublicKey: "DM5qhLAE20FG7BbfBCger+Ac9D2NDOwCtY1rbYDXv24=", Name: "testnode3", Endpoint: "10.0.0.100", MacAddress: "01:02:03:04:05:07", Password: "password", Network: "skynet", OS: "linux"}
logic.CreateNode(&node3)
var currentACL, err = nodeacls.FetchAllACLs(nodeacls.NetworkID(node3.Network))
assert.Nil(t, err)
assert.NotNil(t, currentACL)
assert.Equal(t, acls.NotPresent, currentACL[acls.AclID(node1.ID)][acls.AclID(node3.ID)])
nodeACL, err := nodeacls.CreateNodeACL(nodeacls.NetworkID(node3.Network), nodeacls.NodeID(node3.ID), acls.NotAllowed)
assert.Nil(t, err)
nodeACL.Save(acls.ContainerID(node3.Network), acls.AclID(node3.ID))
currentACL, err = nodeacls.FetchAllACLs(nodeacls.NetworkID(node3.Network))
assert.Nil(t, err)
assert.Equal(t, acls.NotAllowed, currentACL[acls.AclID(node1.ID)][acls.AclID(node3.ID)])
assert.Equal(t, acls.NotAllowed, currentACL[acls.AclID(node2.ID)][acls.AclID(node3.ID)])
})
t.Run("node acls removed", func(t *testing.T) {
retNetworkACL, err := nodeacls.RemoveNodeACL(nodeacls.NetworkID(node1.Network), nodeacls.NodeID(node1.ID))

View file

@ -34,14 +34,26 @@ func CreateNodeACL(networkID NetworkID, nodeID NodeID, defaultVal byte) (acls.AC
return retNetworkACL[acls.AclID(nodeID)], nil
}
// ChangeNodesAccess - changes relationship between two individual nodes in given network in memory
func ChangeNodesAccess(networkID NetworkID, node1, node2 NodeID, value byte) (acls.ACLContainer, error) {
var currentNetworkACL, err = FetchAllACLs(networkID)
// AllowNode - allow access between two nodes in memory
func AllowNodes(networkID NetworkID, node1, node2 NodeID) (acls.ACLContainer, error) {
container, err := FetchAllACLs(networkID)
if err != nil {
return nil, err
}
currentNetworkACL.ChangeAccess(acls.AclID(node1), acls.AclID(node2), value)
return currentNetworkACL, nil
container[acls.AclID(node1)].Allow(acls.AclID(node2))
container[acls.AclID(node2)].Allow(acls.AclID(node1))
return container, nil
}
// DisallowNodes - deny access between two nodes
func DisallowNodes(networkID NetworkID, node1, node2 NodeID) (acls.ACLContainer, error) {
container, err := FetchAllACLs(networkID)
if err != nil {
return nil, err
}
container[acls.AclID(node1)].Disallow(acls.AclID(node2))
container[acls.AclID(node2)].Disallow(acls.AclID(node1))
return container, nil
}
// UpdateNodeACL - updates a node's ACL in state