add or test

CleverCloud · Apr 2, 2024 · dd08815 · dd08815
1 parent 7d4ede9
commit dd08815
Showing 1 changed file with 27 additions and 0 deletions.
diff --git a/src/test/java/com/clevercloud/biscuitpulsar/AuthorizationProviderBiscuitTest.java b/src/test/java/com/clevercloud/biscuitpulsar/AuthorizationProviderBiscuitTest.java
@@ -105,6 +105,33 @@ public void testProduceAndNotConsumeOnTopic() throws Exception {
         assertFalse(authorizationProvider.allowTopicOperationAsync(TopicName.get(tenant + "/" + namespace + "/" + topic), authedBiscuit, TopicOperation.CONSUME, null).get());
     }
 
+    @Test
+    public void testProduceAndConsumeOnDifferentNamespacesTopics() throws Exception {
+        SecureRandom rng = new SecureRandom();
+        KeyPair root = new KeyPair(rng);
+        SymbolTable symbols = Biscuit.default_symbol_table();
+
+        String tenant = "tenantTest";
+        String namespace1 = "ns1";
+        String namespace2 = "ns2";
+        String topic = "topicTest";
+
+        Block block0 = new Block(0, symbols);
+        block0.add_fact(adminFact);
+        String ns1Consume = topicOperation(TopicName.get(tenant + "/" + namespace1 + "/" + topic), TopicOperation.CONSUME);
+        String ns2Produce = topicOperation(TopicName.get(tenant + "/" + namespace2 + "/" + topic), TopicOperation.PRODUCE);
+        block0.add_check(String.format("check if %s or %s", ns1Consume, ns2Produce));
+        Biscuit biscuit = Biscuit.make(rng, root, symbols, block0.build());
+
+        String authedBiscuit = authedBiscuit(root, biscuit);
+        AuthorizationProviderBiscuit authorizationProvider = new AuthorizationProviderBiscuit();
+        log.debug(biscuit.print());
+        assertTrue(authorizationProvider.allowTopicOperationAsync(TopicName.get(tenant + "/" + namespace1 + "/" + topic), authedBiscuit, TopicOperation.CONSUME, null).get());
+        assertTrue(authorizationProvider.allowTopicOperationAsync(TopicName.get(tenant + "/" + namespace2 + "/" + topic), authedBiscuit, TopicOperation.PRODUCE, null).get());
+        assertFalse(authorizationProvider.allowTopicOperationAsync(TopicName.get(tenant + "/" + namespace1 + "/" + topic), authedBiscuit, TopicOperation.PRODUCE, null).get());
+        assertFalse(authorizationProvider.allowTopicOperationAsync(TopicName.get(tenant + "/" + namespace2 + "/" + topic), authedBiscuit, TopicOperation.CONSUME, null).get());
+    }
+
     @Test
     public void testProduceAndNotConsumeAttenuatedOnTopic() throws Exception {
         SecureRandom rng = new SecureRandom();