updates audit endpoints test

This commit is contained in:
Patrick Barker 2018-11-01 15:56:50 -06:00
parent 7e102de723
commit 5a84453e4e

View File

@ -42,7 +42,10 @@ type fakeAuditSink struct {
func (s *fakeAuditSink) ProcessEvents(evs ...*auditinternal.Event) { func (s *fakeAuditSink) ProcessEvents(evs ...*auditinternal.Event) {
s.lock.Lock() s.lock.Lock()
defer s.lock.Unlock() defer s.lock.Unlock()
s.events = append(s.events, evs...) for _, ev := range evs {
e := ev.DeepCopy()
s.events = append(s.events, e)
}
} }
func (s *fakeAuditSink) Events() []*auditinternal.Event { func (s *fakeAuditSink) Events() []*auditinternal.Event {
@ -90,6 +93,9 @@ func TestAudit(t *testing.T) {
} }
requestBodyMatches := func(i int, pattern string) eventCheck { requestBodyMatches := func(i int, pattern string) eventCheck {
return func(events []*auditinternal.Event) error { return func(events []*auditinternal.Event) error {
if events[i].RequestObject == nil {
return fmt.Errorf("expected non nil request object")
}
if matched, _ := regexp.Match(pattern, events[i].RequestObject.Raw); !matched { if matched, _ := regexp.Match(pattern, events[i].RequestObject.Raw); !matched {
return fmt.Errorf("expected RequestBody to match %q, but didn't: %q", pattern, string(events[i].RequestObject.Raw)) return fmt.Errorf("expected RequestBody to match %q, but didn't: %q", pattern, string(events[i].RequestObject.Raw))
} }
@ -106,6 +112,9 @@ func TestAudit(t *testing.T) {
} }
responseBodyMatches := func(i int, pattern string) eventCheck { responseBodyMatches := func(i int, pattern string) eventCheck {
return func(events []*auditinternal.Event) error { return func(events []*auditinternal.Event) error {
if events[i].ResponseObject == nil {
return fmt.Errorf("expected non nil response object")
}
if matched, _ := regexp.Match(pattern, events[i].ResponseObject.Raw); !matched { if matched, _ := regexp.Match(pattern, events[i].ResponseObject.Raw); !matched {
return fmt.Errorf("expected ResponseBody to match %q, but didn't: %q", pattern, string(events[i].ResponseObject.Raw)) return fmt.Errorf("expected ResponseBody to match %q, but didn't: %q", pattern, string(events[i].ResponseObject.Raw))
} }
@ -122,6 +131,19 @@ func TestAudit(t *testing.T) {
return nil return nil
} }
} }
expectedStages := func(stages ...auditinternal.Stage) eventCheck {
return func(events []*auditinternal.Event) error {
if len(stages) != len(events) {
return fmt.Errorf("expected %d stages, but got %d events", len(stages), len(events))
}
for i, stage := range stages {
if events[i].Stage != stage {
return fmt.Errorf("expected stage %q, got %q", stage, events[i].Stage)
}
}
return nil
}
}
for _, test := range []struct { for _, test := range []struct {
desc string desc string
@ -140,8 +162,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
noRequestBody(0), noRequestBody(1),
responseBodyMatches(0, `{.*"name":"c".*}`), responseBodyMatches(1, `{.*"name":"c".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -157,8 +180,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
noRequestBody(0), noRequestBody(1),
responseBodyMatches(0, `{.*"name":"a".*"name":"b".*}`), responseBodyMatches(1, `{.*"name":"a".*"name":"b".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -170,8 +194,9 @@ func TestAudit(t *testing.T) {
201, 201,
2, 2,
[]eventCheck{ []eventCheck{
requestBodyIs(0, string(simpleFooJSON)), requestBodyIs(1, string(simpleFooJSON)),
responseBodyMatches(0, `{.*"foo".*}`), responseBodyMatches(1, `{.*"foo".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -183,8 +208,9 @@ func TestAudit(t *testing.T) {
405, 405,
2, 2,
[]eventCheck{ []eventCheck{
noRequestBody(0), // the 405 is thrown long before the create handler would be executed noRequestBody(1), // the 405 is thrown long before the create handler would be executed
noResponseBody(0), // the 405 is thrown long before the create handler would be executed noResponseBody(1), // the 405 is thrown long before the create handler would be executed
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -196,8 +222,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
noRequestBody(0), noRequestBody(1),
responseBodyMatches(0, `{.*"kind":"Status".*"status":"Success".*}`), responseBodyMatches(1, `{.*"kind":"Status".*"status":"Success".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -209,8 +236,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
requestBodyMatches(0, "DeleteOptions"), requestBodyMatches(1, "DeleteOptions"),
responseBodyMatches(0, `{.*"kind":"Status".*"status":"Success".*}`), responseBodyMatches(1, `{.*"kind":"Status".*"status":"Success".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -222,8 +250,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
requestBodyIs(0, string(simpleCPrimeJSON)), requestBodyIs(1, string(simpleCPrimeJSON)),
responseBodyMatches(0, `{.*"bla".*}`), responseBodyMatches(1, `{.*"bla".*}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -235,8 +264,9 @@ func TestAudit(t *testing.T) {
400, 400,
2, 2,
[]eventCheck{ []eventCheck{
requestBodyIs(0, string(simpleCPrimeJSON)), requestBodyIs(1, string(simpleCPrimeJSON)),
responseBodyMatches(0, `"Status".*"status":"Failure".*"code":400}`), responseBodyMatches(1, `"Status".*"status":"Failure".*"code":400}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -255,8 +285,9 @@ func TestAudit(t *testing.T) {
200, 200,
2, 2,
[]eventCheck{ []eventCheck{
requestBodyIs(0, `{"labels":{"foo":"bar"}}`), requestBodyIs(1, `{"labels":{"foo":"bar"}}`),
responseBodyMatches(0, `"name":"c".*"labels":{"foo":"bar"}`), responseBodyMatches(1, `"name":"c".*"labels":{"foo":"bar"}`),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseComplete),
}, },
}, },
{ {
@ -272,8 +303,9 @@ func TestAudit(t *testing.T) {
200, 200,
3, 3,
[]eventCheck{ []eventCheck{
noRequestBody(0), noRequestBody(2),
noResponseBody(0), noResponseBody(2),
expectedStages(auditinternal.StageRequestReceived, auditinternal.StageResponseStarted, auditinternal.StageResponseComplete),
}, },
}, },
} { } {