acl_test.go 35 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045
  1. // TODO: test acl with glob
  2. package gold
  3. import (
  4. "crypto/rand"
  5. "crypto/tls"
  6. "net/http"
  7. "strings"
  8. "testing"
  9. "github.com/stretchr/testify/assert"
  10. )
  11. const (
  12. aclDir = "/_test/acldir/"
  13. )
  14. func TestACLInit(t *testing.T) {
  15. var err error
  16. user1 = testServer.URL + "/_test/user1#id"
  17. var user1_account = webidAccount{
  18. WebID: user1,
  19. BaseURI: testServer.URL + "/_test/",
  20. PrefURI: testServer.URL + "/_test/Preferences/prefs.ttl",
  21. PubTypeIndex: testServer.URL + "/_test/Preferences/pubTypeIndex.ttl",
  22. PrivTypeIndex: testServer.URL + "/_test/Preferences/privTypeIndex.ttl",
  23. }
  24. user1g := NewWebIDProfile(user1_account)
  25. user1g, user1k, user1p, err = AddProfileKeys(user1, user1g)
  26. user1cert, err = NewRSAcert(user1, "User 1", user1k)
  27. assert.NoError(t, err)
  28. user1h = &http.Client{
  29. Transport: &http.Transport{
  30. TLSClientConfig: &tls.Config{
  31. Certificates: []tls.Certificate{*user1cert},
  32. InsecureSkipVerify: true,
  33. },
  34. },
  35. }
  36. user1n3, err := user1g.Serialize("text/turtle")
  37. assert.NoError(t, err)
  38. req1, err := http.NewRequest("PUT", user1, strings.NewReader(user1n3))
  39. assert.NoError(t, err)
  40. resp1, err := httpClient.Do(req1)
  41. assert.NoError(t, err)
  42. resp1.Body.Close()
  43. assert.Equal(t, 201, resp1.StatusCode)
  44. user2 = testServer.URL + "/_test/user2#id"
  45. var user2_account = webidAccount{
  46. WebID: user2,
  47. BaseURI: testServer.URL + "/_test/",
  48. PrefURI: testServer.URL + "/_test/Preferences/prefs.ttl",
  49. PubTypeIndex: testServer.URL + "/_test/Preferences/pubTypeIndex.ttl",
  50. PrivTypeIndex: testServer.URL + "/_test/Preferences/privTypeIndex.ttl",
  51. }
  52. user2g := NewWebIDProfile(user2_account)
  53. user2g, user2k, user2p, err = AddProfileKeys(user2, user2g)
  54. user2cert, err = NewRSAcert(user2, "User 2", user2k)
  55. assert.NoError(t, err)
  56. user2h = &http.Client{
  57. Transport: &http.Transport{
  58. TLSClientConfig: &tls.Config{
  59. Certificates: []tls.Certificate{*user2cert},
  60. InsecureSkipVerify: true,
  61. Rand: rand.Reader,
  62. },
  63. },
  64. }
  65. user2n3, err := user2g.Serialize("text/turtle")
  66. assert.NoError(t, err)
  67. req2, err := http.NewRequest("PUT", user2, strings.NewReader(user2n3))
  68. assert.NoError(t, err)
  69. resp2, err := httpClient.Do(req2)
  70. assert.NoError(t, err)
  71. resp2.Body.Close()
  72. assert.Equal(t, 201, resp2.StatusCode)
  73. req1, err = http.NewRequest("GET", user1, nil)
  74. assert.NoError(t, err)
  75. resp1, err = user1h.Do(req1)
  76. assert.NoError(t, err)
  77. resp1.Body.Close()
  78. assert.Equal(t, user1, resp1.Header.Get("User"))
  79. req2, err = http.NewRequest("GET", user2, nil)
  80. assert.NoError(t, err)
  81. resp2, err = user2h.Do(req2)
  82. assert.NoError(t, err)
  83. resp2.Body.Close()
  84. assert.Equal(t, user2, resp2.Header.Get("User"))
  85. }
  86. func TestNoACLFile(t *testing.T) {
  87. request, err := http.NewRequest("MKCOL", testServer.URL+aclDir, nil)
  88. assert.NoError(t, err)
  89. response, err := user1h.Do(request)
  90. assert.NoError(t, err)
  91. response.Body.Close()
  92. assert.Equal(t, 201, response.StatusCode)
  93. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  94. assert.NotNil(t, acl)
  95. request, err = http.NewRequest("PUT", acl, strings.NewReader(""))
  96. assert.NoError(t, err)
  97. request.Header.Add("Content-Type", "text/turtle")
  98. response, err = user1h.Do(request)
  99. assert.NoError(t, err)
  100. response.Body.Close()
  101. assert.Equal(t, 201, response.StatusCode)
  102. request, err = http.NewRequest("PUT", testServer.URL+aclDir+"abc", strings.NewReader("<a> <b> <c> ."))
  103. assert.NoError(t, err)
  104. request.Header.Add("Content-Type", "text/turtle")
  105. response, err = user1h.Do(request)
  106. assert.NoError(t, err)
  107. response.Body.Close()
  108. assert.Equal(t, 201, response.StatusCode)
  109. acl = ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  110. assert.NotNil(t, acl)
  111. request, err = http.NewRequest("PUT", acl, strings.NewReader(""))
  112. assert.NoError(t, err)
  113. request.Header.Add("Content-Type", "text/turtle")
  114. response, err = user1h.Do(request)
  115. assert.NoError(t, err)
  116. response.Body.Close()
  117. assert.Equal(t, 201, response.StatusCode)
  118. request, err = http.NewRequest("HEAD", acl, nil)
  119. assert.NoError(t, err)
  120. response, err = user1h.Do(request)
  121. assert.NoError(t, err)
  122. response.Body.Close()
  123. assert.Equal(t, 200, response.StatusCode)
  124. }
  125. func TestResourceKey(t *testing.T) {
  126. key := "aaabbbccc"
  127. request, err := http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  128. assert.NoError(t, err)
  129. response, err := user1h.Do(request)
  130. assert.NoError(t, err)
  131. response.Body.Close()
  132. assert.Equal(t, 200, response.StatusCode)
  133. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  134. body := "<#Owner>" +
  135. " a <http://www.w3.org/ns/auth/acl#Authorization> ;" +
  136. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">, <" + acl + ">;" +
  137. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  138. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  139. "<#PublicWithKey>" +
  140. " a <http://www.w3.org/ns/auth/acl#Authorization> ;" +
  141. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">;" +
  142. " <http://www.w3.org/ns/auth/acl#resourceKey> \"" + key + "\";" +
  143. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> ."
  144. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  145. assert.NoError(t, err)
  146. request.Header.Add("Content-Type", "text/turtle")
  147. response, err = user1h.Do(request)
  148. assert.NoError(t, err)
  149. response.Body.Close()
  150. assert.Equal(t, 200, response.StatusCode)
  151. // user1
  152. request, err = http.NewRequest("HEAD", acl, nil)
  153. assert.NoError(t, err)
  154. response, err = user1h.Do(request)
  155. assert.NoError(t, err)
  156. response.Body.Close()
  157. assert.Equal(t, 200, response.StatusCode)
  158. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  159. assert.NoError(t, err)
  160. response, err = user1h.Do(request)
  161. assert.NoError(t, err)
  162. response.Body.Close()
  163. assert.Equal(t, 200, response.StatusCode)
  164. // user2
  165. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"?key="+key, nil)
  166. assert.NoError(t, err)
  167. response, err = user2h.Do(request)
  168. assert.NoError(t, err)
  169. response.Body.Close()
  170. assert.Equal(t, 200, response.StatusCode)
  171. // agent
  172. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"?key="+key, nil)
  173. assert.NoError(t, err)
  174. response, err = httpClient.Do(request)
  175. assert.NoError(t, err)
  176. response.Body.Close()
  177. assert.Equal(t, 200, response.StatusCode)
  178. }
  179. func TestACLOrigin(t *testing.T) {
  180. origin1 := "http://example.org/"
  181. origin2 := "http://example.com/"
  182. request, err := http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  183. assert.NoError(t, err)
  184. response, err := user1h.Do(request)
  185. assert.NoError(t, err)
  186. response.Body.Close()
  187. assert.Equal(t, 200, response.StatusCode)
  188. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  189. body := "<#Owner>" +
  190. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">, <" + acl + ">;" +
  191. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  192. " <http://www.w3.org/ns/auth/acl#origin> <" + origin1 + ">;" +
  193. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  194. "<#Public>" +
  195. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">;" +
  196. " <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;" +
  197. " <http://www.w3.org/ns/auth/acl#origin> <" + origin1 + ">;" +
  198. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> ."
  199. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  200. assert.NoError(t, err)
  201. request.Header.Add("Content-Type", "text/turtle")
  202. response, err = user1h.Do(request)
  203. assert.NoError(t, err)
  204. response.Body.Close()
  205. assert.Equal(t, 200, response.StatusCode)
  206. // user1
  207. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  208. assert.NoError(t, err)
  209. response, err = user1h.Do(request)
  210. assert.NoError(t, err)
  211. response.Body.Close()
  212. assert.Equal(t, 200, response.StatusCode)
  213. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  214. assert.NoError(t, err)
  215. request.Header.Add("Origin", origin1)
  216. response, err = user1h.Do(request)
  217. assert.NoError(t, err)
  218. response.Body.Close()
  219. assert.Equal(t, 200, response.StatusCode)
  220. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  221. assert.NoError(t, err)
  222. request.Header.Add("Origin", origin2)
  223. response, err = user1h.Do(request)
  224. assert.NoError(t, err)
  225. response.Body.Close()
  226. assert.Equal(t, 403, response.StatusCode)
  227. // agent
  228. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  229. assert.NoError(t, err)
  230. response, err = httpClient.Do(request)
  231. assert.NoError(t, err)
  232. response.Body.Close()
  233. assert.Equal(t, 200, response.StatusCode)
  234. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  235. assert.NoError(t, err)
  236. request.Header.Add("Origin", origin1)
  237. response, err = httpClient.Do(request)
  238. assert.NoError(t, err)
  239. response.Body.Close()
  240. assert.Equal(t, 200, response.StatusCode)
  241. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  242. assert.NoError(t, err)
  243. request.Header.Add("Origin", origin2)
  244. response, err = httpClient.Do(request)
  245. assert.NoError(t, err)
  246. response.Body.Close()
  247. assert.Equal(t, 401, response.StatusCode)
  248. }
  249. func TestACLOwnerOnly(t *testing.T) {
  250. request, err := http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  251. assert.NoError(t, err)
  252. response, err := user1h.Do(request)
  253. assert.NoError(t, err)
  254. response.Body.Close()
  255. assert.Equal(t, 200, response.StatusCode)
  256. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  257. assert.NoError(t, err)
  258. response, err = user2h.Do(request)
  259. assert.NoError(t, err)
  260. response.Body.Close()
  261. assert.Equal(t, 200, response.StatusCode)
  262. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  263. body := "<#Owner>" +
  264. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">, <" + acl + ">;" +
  265. " <http://www.w3.org/ns/auth/acl#owner> <" + user1 + ">;" +
  266. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Control> ."
  267. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  268. assert.NoError(t, err)
  269. request.Header.Add("Content-Type", "text/turtle")
  270. response, err = user1h.Do(request)
  271. assert.NoError(t, err)
  272. response.Body.Close()
  273. assert.Equal(t, 200, response.StatusCode)
  274. // user1
  275. request, err = http.NewRequest("HEAD", acl, nil)
  276. assert.NoError(t, err)
  277. response, err = user1h.Do(request)
  278. assert.NoError(t, err)
  279. response.Body.Close()
  280. assert.Equal(t, 200, response.StatusCode)
  281. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  282. assert.NoError(t, err)
  283. response, err = user1h.Do(request)
  284. assert.NoError(t, err)
  285. response.Body.Close()
  286. assert.Equal(t, 200, response.StatusCode)
  287. request, err = http.NewRequest("HEAD", testServer.URL+"/_test/acldir", nil)
  288. assert.NoError(t, err)
  289. response, err = user1h.Do(request)
  290. assert.NoError(t, err)
  291. response.Body.Close()
  292. assert.Equal(t, 200, response.StatusCode)
  293. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  294. assert.NoError(t, err)
  295. request.Header.Add("Content-Type", "text/turtle")
  296. response, err = user1h.Do(request)
  297. assert.NoError(t, err)
  298. response.Body.Close()
  299. assert.Equal(t, 200, response.StatusCode)
  300. // user2
  301. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  302. assert.NoError(t, err)
  303. response, err = user2h.Do(request)
  304. assert.NoError(t, err)
  305. response.Body.Close()
  306. assert.Equal(t, 403, response.StatusCode)
  307. request, err = http.NewRequest("HEAD", acl, nil)
  308. assert.NoError(t, err)
  309. response, err = user2h.Do(request)
  310. assert.NoError(t, err)
  311. response.Body.Close()
  312. assert.Equal(t, 403, response.StatusCode)
  313. request, err = http.NewRequest("PUT", acl, strings.NewReader("<d> <e> <f> ."))
  314. assert.NoError(t, err)
  315. request.Header.Add("Content-Type", "text/turtle")
  316. response, err = user2h.Do(request)
  317. assert.NoError(t, err)
  318. response.Body.Close()
  319. assert.Equal(t, 403, response.StatusCode)
  320. // agent
  321. request, err = http.NewRequest("PUT", acl, strings.NewReader("<d> <e> <f> ."))
  322. assert.NoError(t, err)
  323. request.Header.Add("Content-Type", "text/turtle")
  324. response, err = httpClient.Do(request)
  325. assert.NoError(t, err)
  326. response.Body.Close()
  327. assert.Equal(t, 401, response.StatusCode)
  328. }
  329. func TestACLReadOnly(t *testing.T) {
  330. request, err := http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  331. assert.NoError(t, err)
  332. response, err := user1h.Do(request)
  333. assert.NoError(t, err)
  334. response.Body.Close()
  335. assert.Equal(t, 200, response.StatusCode)
  336. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  337. body := "<#Owner>" +
  338. " a <http://www.w3.org/ns/auth/acl#Authorization> ;" +
  339. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">, <" + acl + ">;" +
  340. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  341. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  342. "<#Public>" +
  343. " a <http://www.w3.org/ns/auth/acl#Authorization> ;" +
  344. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + ">;" +
  345. " <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;" +
  346. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> ."
  347. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  348. assert.NoError(t, err)
  349. request.Header.Add("Content-Type", "text/turtle")
  350. response, err = user1h.Do(request)
  351. assert.NoError(t, err)
  352. response.Body.Close()
  353. assert.Equal(t, 200, response.StatusCode)
  354. // user1
  355. request, err = http.NewRequest("HEAD", acl, nil)
  356. assert.NoError(t, err)
  357. response, err = user1h.Do(request)
  358. assert.NoError(t, err)
  359. response.Body.Close()
  360. assert.Equal(t, 200, response.StatusCode)
  361. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  362. assert.NoError(t, err)
  363. response, err = user1h.Do(request)
  364. assert.NoError(t, err)
  365. response.Body.Close()
  366. assert.Equal(t, 200, response.StatusCode)
  367. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  368. assert.NoError(t, err)
  369. request.Header.Add("Content-Type", "text/turtle")
  370. response, err = user1h.Do(request)
  371. assert.NoError(t, err)
  372. response.Body.Close()
  373. assert.Equal(t, 200, response.StatusCode)
  374. // user2
  375. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  376. assert.NoError(t, err)
  377. response, err = user2h.Do(request)
  378. assert.NoError(t, err)
  379. response.Body.Close()
  380. assert.Equal(t, 200, response.StatusCode)
  381. request, err = http.NewRequest("HEAD", acl, nil)
  382. assert.NoError(t, err)
  383. response, err = user2h.Do(request)
  384. assert.NoError(t, err)
  385. response.Body.Close()
  386. assert.Equal(t, 403, response.StatusCode)
  387. request, err = http.NewRequest("PUT", acl, strings.NewReader("<d> <e> <f> ."))
  388. assert.NoError(t, err)
  389. request.Header.Add("Content-Type", "text/turtle")
  390. response, err = user2h.Do(request)
  391. assert.NoError(t, err)
  392. response.Body.Close()
  393. assert.Equal(t, 403, response.StatusCode)
  394. // agent
  395. request, err = http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  396. assert.NoError(t, err)
  397. response, err = httpClient.Do(request)
  398. assert.NoError(t, err)
  399. response.Body.Close()
  400. assert.Equal(t, 200, response.StatusCode)
  401. request, err = http.NewRequest("PUT", acl, strings.NewReader("<d> <e> <f> ."))
  402. assert.NoError(t, err)
  403. request.Header.Add("Content-Type", "text/turtle")
  404. response, err = httpClient.Do(request)
  405. assert.NoError(t, err)
  406. response.Body.Close()
  407. assert.Equal(t, 401, response.StatusCode)
  408. }
  409. func TestACLGlob(t *testing.T) {
  410. request, err := http.NewRequest("GET", testServer.URL+aclDir+"*", nil)
  411. assert.NoError(t, err)
  412. request.Header.Add("Content-Type", "text/turtle")
  413. response, err := user2h.Do(request)
  414. assert.NoError(t, err)
  415. response.Body.Close()
  416. assert.Equal(t, 200, response.StatusCode)
  417. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  418. g := NewGraph(testServer.URL + aclDir)
  419. g.Parse(response.Body, "text/turtle")
  420. authz := g.One(nil, nil, ns.acl.Get("Authorization"))
  421. assert.Nil(t, authz)
  422. request, err = http.NewRequest("GET", testServer.URL+aclDir+"*", nil)
  423. assert.NoError(t, err)
  424. request.Header.Add("Content-Type", "text/turtle")
  425. response, err = user1h.Do(request)
  426. assert.NoError(t, err)
  427. response.Body.Close()
  428. assert.Equal(t, 200, response.StatusCode)
  429. g = NewGraph(testServer.URL + aclDir)
  430. g.Parse(response.Body, "text/turtle")
  431. authz = g.One(nil, nil, ns.acl.Get("Authorization"))
  432. assert.Nil(t, authz)
  433. request, err = http.NewRequest("DELETE", acl, nil)
  434. assert.NoError(t, err)
  435. response, err = user1h.Do(request)
  436. assert.NoError(t, err)
  437. response.Body.Close()
  438. assert.Equal(t, 200, response.StatusCode)
  439. }
  440. func TestACLAppendOnly(t *testing.T) {
  441. request, err := http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  442. assert.NoError(t, err)
  443. response, err := user1h.Do(request)
  444. assert.NoError(t, err)
  445. response.Body.Close()
  446. assert.Equal(t, 200, response.StatusCode)
  447. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  448. body := "<#Owner>" +
  449. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + "abc>, <" + acl + ">;" +
  450. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  451. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  452. "<#AppendOnly>" +
  453. " <http://www.w3.org/ns/auth/acl#accessTo> <" + testServer.URL + aclDir + "abc>;" +
  454. " <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;" +
  455. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Append> ."
  456. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  457. assert.NoError(t, err)
  458. request.Header.Add("Content-Type", "text/turtle")
  459. response, err = user1h.Do(request)
  460. assert.NoError(t, err)
  461. response.Body.Close()
  462. assert.Equal(t, 200, response.StatusCode)
  463. // user1
  464. request, err = http.NewRequest("HEAD", acl, nil)
  465. assert.NoError(t, err)
  466. response, err = user1h.Do(request)
  467. assert.NoError(t, err)
  468. response.Body.Close()
  469. assert.Equal(t, 200, response.StatusCode)
  470. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  471. assert.NoError(t, err)
  472. response, err = user1h.Do(request)
  473. assert.NoError(t, err)
  474. response.Body.Close()
  475. assert.Equal(t, 200, response.StatusCode)
  476. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<a> <b> <c> ."))
  477. assert.NoError(t, err)
  478. request.Header.Add("Content-Type", "text/turtle")
  479. response, err = user1h.Do(request)
  480. assert.NoError(t, err)
  481. response.Body.Close()
  482. assert.Equal(t, 200, response.StatusCode)
  483. // user2
  484. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  485. assert.NoError(t, err)
  486. response, err = user2h.Do(request)
  487. assert.NoError(t, err)
  488. response.Body.Close()
  489. assert.Equal(t, 403, response.StatusCode)
  490. request, err = http.NewRequest("HEAD", acl, nil)
  491. assert.NoError(t, err)
  492. response, err = user2h.Do(request)
  493. assert.NoError(t, err)
  494. response.Body.Close()
  495. assert.Equal(t, 403, response.StatusCode)
  496. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<d> <e> <f> ."))
  497. assert.NoError(t, err)
  498. request.Header.Add("Content-Type", "text/turtle")
  499. response, err = user2h.Do(request)
  500. assert.NoError(t, err)
  501. response.Body.Close()
  502. assert.Equal(t, 200, response.StatusCode)
  503. // agent
  504. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  505. assert.NoError(t, err)
  506. response, err = httpClient.Do(request)
  507. assert.NoError(t, err)
  508. response.Body.Close()
  509. assert.Equal(t, 401, response.StatusCode)
  510. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<g> <h> <i> ."))
  511. assert.NoError(t, err)
  512. request.Header.Add("Content-Type", "text/turtle")
  513. response, err = httpClient.Do(request)
  514. assert.NoError(t, err)
  515. response.Body.Close()
  516. assert.Equal(t, 200, response.StatusCode)
  517. request, err = http.NewRequest("DELETE", acl, nil)
  518. assert.NoError(t, err)
  519. response, err = user1h.Do(request)
  520. assert.NoError(t, err)
  521. response.Body.Close()
  522. assert.Equal(t, 200, response.StatusCode)
  523. }
  524. func TestACLRestricted(t *testing.T) {
  525. request, err := http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  526. assert.NoError(t, err)
  527. response, err := user1h.Do(request)
  528. assert.NoError(t, err)
  529. response.Body.Close()
  530. assert.Equal(t, 200, response.StatusCode)
  531. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  532. body := "<#Owner>" +
  533. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + "abc>, <" + acl + ">;" +
  534. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  535. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  536. "<#Restricted>" +
  537. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + "abc>;" +
  538. " <http://www.w3.org/ns/auth/acl#agent> <" + user2 + ">;" +
  539. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write>."
  540. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  541. assert.NoError(t, err)
  542. request.Header.Add("Content-Type", "text/turtle")
  543. response, err = user1h.Do(request)
  544. assert.NoError(t, err)
  545. response.Body.Close()
  546. assert.Equal(t, 201, response.StatusCode)
  547. // user1
  548. request, err = http.NewRequest("HEAD", acl, nil)
  549. assert.NoError(t, err)
  550. response, err = user1h.Do(request)
  551. assert.NoError(t, err)
  552. response.Body.Close()
  553. assert.Equal(t, 200, response.StatusCode)
  554. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  555. assert.NoError(t, err)
  556. response, err = user1h.Do(request)
  557. assert.NoError(t, err)
  558. response.Body.Close()
  559. assert.Equal(t, 200, response.StatusCode)
  560. request, err = http.NewRequest("PUT", testServer.URL+aclDir+"abc", strings.NewReader("<a> <b> <c> ."))
  561. assert.NoError(t, err)
  562. request.Header.Add("Content-Type", "text/turtle")
  563. response, err = user1h.Do(request)
  564. assert.NoError(t, err)
  565. response.Body.Close()
  566. assert.Equal(t, 200, response.StatusCode)
  567. // user2
  568. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  569. assert.NoError(t, err)
  570. response, err = user2h.Do(request)
  571. assert.NoError(t, err)
  572. response.Body.Close()
  573. assert.Equal(t, 200, response.StatusCode)
  574. request, err = http.NewRequest("HEAD", acl, nil)
  575. assert.NoError(t, err)
  576. response, err = user2h.Do(request)
  577. assert.NoError(t, err)
  578. response.Body.Close()
  579. assert.Equal(t, 403, response.StatusCode)
  580. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<d> <e> <f> ."))
  581. assert.NoError(t, err)
  582. request.Header.Add("Content-Type", "text/turtle")
  583. response, err = user2h.Do(request)
  584. assert.NoError(t, err)
  585. response.Body.Close()
  586. assert.Equal(t, 200, response.StatusCode)
  587. // agent
  588. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  589. assert.NoError(t, err)
  590. response, err = httpClient.Do(request)
  591. assert.NoError(t, err)
  592. response.Body.Close()
  593. assert.Equal(t, 401, response.StatusCode)
  594. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<d> <e> <f> ."))
  595. assert.NoError(t, err)
  596. request.Header.Add("Content-Type", "text/turtle")
  597. response, err = httpClient.Do(request)
  598. assert.NoError(t, err)
  599. response.Body.Close()
  600. assert.Equal(t, 401, response.StatusCode)
  601. request, err = http.NewRequest("DELETE", acl, nil)
  602. assert.NoError(t, err)
  603. response, err = user1h.Do(request)
  604. assert.NoError(t, err)
  605. response.Body.Close()
  606. assert.Equal(t, 200, response.StatusCode)
  607. }
  608. func TestACLPathWithSpaces(t *testing.T) {
  609. request, err := http.NewRequest("POST", testServer.URL+aclDir, nil)
  610. assert.NoError(t, err)
  611. request.Header.Add("Content-Type", "text/turtle")
  612. request.Header.Add("Link", "<http://www.w3.org/ns/ldp#BasicContainer>; rel=\"type\"")
  613. request.Header.Add("Slug", "one two")
  614. response, err := user1h.Do(request)
  615. assert.NoError(t, err)
  616. response.Body.Close()
  617. assert.Equal(t, 201, response.StatusCode)
  618. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  619. spacesDir := response.Header.Get("Location")
  620. body := "<#Owner>" +
  621. " <http://www.w3.org/ns/auth/acl#accessTo> <" + spacesDir + ">, <" + acl + ">;" +
  622. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  623. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ."
  624. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  625. assert.NoError(t, err)
  626. request.Header.Add("Content-Type", "text/turtle")
  627. response, err = user1h.Do(request)
  628. assert.NoError(t, err)
  629. response.Body.Close()
  630. assert.Equal(t, 201, response.StatusCode)
  631. // user1
  632. request, err = http.NewRequest("HEAD", spacesDir, nil)
  633. assert.NoError(t, err)
  634. response, err = user1h.Do(request)
  635. assert.NoError(t, err)
  636. response.Body.Close()
  637. assert.Equal(t, 200, response.StatusCode)
  638. // user2
  639. request, err = http.NewRequest("HEAD", spacesDir, nil)
  640. assert.NoError(t, err)
  641. response, err = user2h.Do(request)
  642. assert.NoError(t, err)
  643. response.Body.Close()
  644. assert.Equal(t, 403, response.StatusCode)
  645. // cleanup
  646. request, err = http.NewRequest("DELETE", acl, nil)
  647. assert.NoError(t, err)
  648. response, err = user1h.Do(request)
  649. assert.NoError(t, err)
  650. response.Body.Close()
  651. assert.Equal(t, 200, response.StatusCode)
  652. request, err = http.NewRequest("DELETE", spacesDir, nil)
  653. assert.NoError(t, err)
  654. response, err = user1h.Do(request)
  655. assert.NoError(t, err)
  656. response.Body.Close()
  657. assert.Equal(t, 200, response.StatusCode)
  658. }
  659. func TestACLGroup(t *testing.T) {
  660. request, err := http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  661. assert.NoError(t, err)
  662. response, err := user1h.Do(request)
  663. assert.NoError(t, err)
  664. response.Body.Close()
  665. assert.Equal(t, 200, response.StatusCode)
  666. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  667. groupTriples := "<#> a <http://xmlns.com/foaf/0.1/Group>;" +
  668. " <http://xmlns.com/foaf/0.1/member> <a>, <b>, <" + user2 + ">."
  669. request, err = http.NewRequest("PUT", testServer.URL+aclDir+"group", strings.NewReader(groupTriples))
  670. assert.NoError(t, err)
  671. request.Header.Add("Content-Type", "text/turtle")
  672. response, err = user1h.Do(request)
  673. assert.NoError(t, err)
  674. response.Body.Close()
  675. assert.Equal(t, 201, response.StatusCode)
  676. body := "<#Owner>" +
  677. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + "abc>, <" + acl + ">;" +
  678. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  679. " <http://www.w3.org/ns/auth/acl#defaultForNew> <" + aclDir + ">;" +
  680. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  681. "<#Group>" +
  682. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + "abc>;" +
  683. " <http://www.w3.org/ns/auth/acl#agentClass> <" + testServer.URL + aclDir + "group#>;" +
  684. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> ."
  685. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  686. assert.NoError(t, err)
  687. request.Header.Add("Content-Type", "text/turtle")
  688. response, err = user1h.Do(request)
  689. assert.NoError(t, err)
  690. response.Body.Close()
  691. assert.Equal(t, 201, response.StatusCode)
  692. // user1
  693. request, err = http.NewRequest("HEAD", acl, nil)
  694. assert.NoError(t, err)
  695. request.Header.Add("Accept", "text/turtle")
  696. response, err = user1h.Do(request)
  697. assert.NoError(t, err)
  698. response.Body.Close()
  699. assert.Equal(t, 200, response.StatusCode)
  700. request, err = http.NewRequest("PUT", testServer.URL+aclDir+"abc", strings.NewReader("<a> <b> <c> ."))
  701. assert.NoError(t, err)
  702. request.Header.Add("Content-Type", "text/turtle")
  703. response, err = user1h.Do(request)
  704. assert.NoError(t, err)
  705. response.Body.Close()
  706. assert.Equal(t, 200, response.StatusCode)
  707. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  708. assert.NoError(t, err)
  709. response, err = user1h.Do(request)
  710. assert.NoError(t, err)
  711. response.Body.Close()
  712. assert.Equal(t, 200, response.StatusCode)
  713. // user2
  714. request, err = http.NewRequest("HEAD", acl, nil)
  715. assert.NoError(t, err)
  716. response, err = user2h.Do(request)
  717. assert.NoError(t, err)
  718. response.Body.Close()
  719. assert.Equal(t, 403, response.StatusCode)
  720. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  721. response, err = user2h.Do(request)
  722. response.Body.Close()
  723. assert.NoError(t, err)
  724. assert.Equal(t, 200, response.StatusCode)
  725. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<d> <e> <f> ."))
  726. assert.NoError(t, err)
  727. request.Header.Add("Content-Type", "text/turtle")
  728. response, err = user2h.Do(request)
  729. assert.NoError(t, err)
  730. response.Body.Close()
  731. assert.Equal(t, 403, response.StatusCode)
  732. // agent
  733. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abc", nil)
  734. assert.NoError(t, err)
  735. response, err = httpClient.Do(request)
  736. assert.NoError(t, err)
  737. response.Body.Close()
  738. assert.Equal(t, 401, response.StatusCode)
  739. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abc", strings.NewReader("<d> <e> <f> ."))
  740. request.Header.Add("Content-Type", "text/turtle")
  741. response, err = httpClient.Do(request)
  742. response.Body.Close()
  743. assert.NoError(t, err)
  744. assert.Equal(t, 401, response.StatusCode)
  745. request, err = http.NewRequest("DELETE", testServer.URL+aclDir+"group", nil)
  746. assert.NoError(t, err)
  747. response, err = user1h.Do(request)
  748. assert.NoError(t, err)
  749. response.Body.Close()
  750. assert.Equal(t, 200, response.StatusCode)
  751. request, err = http.NewRequest("DELETE", acl, nil)
  752. assert.NoError(t, err)
  753. response, err = user1h.Do(request)
  754. assert.NoError(t, err)
  755. response.Body.Close()
  756. assert.Equal(t, 200, response.StatusCode)
  757. }
  758. func TestACLDefaultForNew(t *testing.T) {
  759. request, err := http.NewRequest("HEAD", testServer.URL+aclDir, nil)
  760. assert.NoError(t, err)
  761. response, err := user1h.Do(request)
  762. assert.NoError(t, err)
  763. response.Body.Close()
  764. assert.Equal(t, 200, response.StatusCode)
  765. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  766. body := "<#Owner>" +
  767. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + ">, <" + acl + ">;" +
  768. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  769. " <http://www.w3.org/ns/auth/acl#defaultForNew> <" + aclDir + ">;" +
  770. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ." +
  771. "<#Default>" +
  772. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + ">;" +
  773. " <http://www.w3.org/ns/auth/acl#defaultForNew> <" + aclDir + ">;" +
  774. " <http://www.w3.org/ns/auth/acl#agentClass> <http://xmlns.com/foaf/0.1/Agent>;" +
  775. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read> ."
  776. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  777. assert.NoError(t, err)
  778. request.Header.Add("Content-Type", "text/turtle")
  779. response, err = user1h.Do(request)
  780. assert.NoError(t, err)
  781. response.Body.Close()
  782. assert.Equal(t, 201, response.StatusCode)
  783. // user1
  784. request, err = http.NewRequest("HEAD", acl, nil)
  785. assert.NoError(t, err)
  786. response, err = user1h.Do(request)
  787. assert.NoError(t, err)
  788. response.Body.Close()
  789. assert.Equal(t, 200, response.StatusCode)
  790. request, err = http.NewRequest("PUT", testServer.URL+aclDir+"abcd", strings.NewReader("<a> <b> <c> ."))
  791. assert.NoError(t, err)
  792. request.Header.Add("Content-Type", "text/turtle")
  793. response, err = user1h.Do(request)
  794. assert.NoError(t, err)
  795. response.Body.Close()
  796. assert.Equal(t, 201, response.StatusCode)
  797. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abcd", nil)
  798. assert.NoError(t, err)
  799. response, err = user1h.Do(request)
  800. assert.NoError(t, err)
  801. response.Body.Close()
  802. assert.Equal(t, 200, response.StatusCode)
  803. // user2
  804. request, err = http.NewRequest("HEAD", acl, nil)
  805. assert.NoError(t, err)
  806. response, err = user2h.Do(request)
  807. assert.NoError(t, err)
  808. response.Body.Close()
  809. assert.Equal(t, 403, response.StatusCode)
  810. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abcd", nil)
  811. assert.NoError(t, err)
  812. response, err = user2h.Do(request)
  813. assert.NoError(t, err)
  814. response.Body.Close()
  815. assert.Equal(t, 200, response.StatusCode)
  816. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abcd", strings.NewReader("<d> <e> <f> ."))
  817. assert.NoError(t, err)
  818. request.Header.Add("Content-Type", "text/turtle")
  819. response, err = user2h.Do(request)
  820. assert.NoError(t, err)
  821. response.Body.Close()
  822. assert.Equal(t, 403, response.StatusCode)
  823. // agent
  824. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abcd", nil)
  825. assert.NoError(t, err)
  826. response, err = httpClient.Do(request)
  827. assert.NoError(t, err)
  828. response.Body.Close()
  829. assert.Equal(t, 200, response.StatusCode)
  830. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abcd", strings.NewReader("<d> <e> <f> ."))
  831. assert.NoError(t, err)
  832. request.Header.Add("Content-Type", "text/turtle")
  833. response, err = httpClient.Do(request)
  834. assert.NoError(t, err)
  835. response.Body.Close()
  836. assert.Equal(t, 401, response.StatusCode)
  837. }
  838. func TestACLWebIDDelegation(t *testing.T) {
  839. // add delegation
  840. sparqlData := `INSERT DATA { <` + user1 + `> <http://www.w3.org/ns/auth/acl#delegates> <` + user2 + `> . }`
  841. request, err := http.NewRequest("PATCH", user1, strings.NewReader(sparqlData))
  842. assert.NoError(t, err)
  843. request.Header.Add("Content-Type", "application/sparql-update")
  844. response, err := user1h.Do(request)
  845. assert.NoError(t, err)
  846. response.Body.Close()
  847. assert.Equal(t, 200, response.StatusCode)
  848. request, err = http.NewRequest("HEAD", testServer.URL+aclDir+"abcd", nil)
  849. assert.NoError(t, err)
  850. response, err = user1h.Do(request)
  851. assert.NoError(t, err)
  852. response.Body.Close()
  853. assert.Equal(t, 200, response.StatusCode)
  854. acl := ParseLinkHeader(response.Header.Get("Link")).MatchRel("acl")
  855. body := "<#Owner>" +
  856. " <http://www.w3.org/ns/auth/acl#accessTo> <" + aclDir + "abcd>, <" + acl + ">;" +
  857. " <http://www.w3.org/ns/auth/acl#agent> <" + user1 + ">;" +
  858. " <http://www.w3.org/ns/auth/acl#mode> <http://www.w3.org/ns/auth/acl#Read>, <http://www.w3.org/ns/auth/acl#Write> ."
  859. request, err = http.NewRequest("PUT", acl, strings.NewReader(body))
  860. assert.NoError(t, err)
  861. request.Header.Add("Content-Type", "text/turtle")
  862. response, err = user1h.Do(request)
  863. assert.NoError(t, err)
  864. response.Body.Close()
  865. assert.Equal(t, 201, response.StatusCode)
  866. request, err = http.NewRequest("GET", testServer.URL+aclDir+"abcd", nil)
  867. assert.NoError(t, err)
  868. response, err = user2h.Do(request)
  869. assert.NoError(t, err)
  870. response.Body.Close()
  871. assert.Equal(t, 403, response.StatusCode)
  872. request, err = http.NewRequest("POST", testServer.URL+aclDir+"abcd", strings.NewReader("<d> <e> <f> ."))
  873. assert.NoError(t, err)
  874. request.Header.Add("Content-Type", "text/turtle")
  875. request.Header.Add("On-Behalf-Of", "<"+user1+">")
  876. response, err = user2h.Do(request)
  877. assert.NoError(t, err)
  878. response.Body.Close()
  879. assert.Equal(t, 200, response.StatusCode)
  880. }
  881. func TestACLCleanUp(t *testing.T) {
  882. request, err := http.NewRequest("DELETE", testServer.URL+aclDir+"abcd", nil)
  883. assert.NoError(t, err)
  884. response, err := user1h.Do(request)
  885. assert.NoError(t, err)
  886. response.Body.Close()
  887. assert.Equal(t, 200, response.StatusCode)
  888. request, err = http.NewRequest("DELETE", testServer.URL+aclDir+"abc", nil)
  889. assert.NoError(t, err)
  890. response, err = user1h.Do(request)
  891. assert.NoError(t, err)
  892. response.Body.Close()
  893. assert.Equal(t, 200, response.StatusCode)
  894. request, err = http.NewRequest("DELETE", testServer.URL+aclDir, nil)
  895. assert.NoError(t, err)
  896. response, err = user1h.Do(request)
  897. assert.NoError(t, err)
  898. response.Body.Close()
  899. assert.Equal(t, 200, response.StatusCode)
  900. }
  901. func TestACLwalkPath(t *testing.T) {
  902. config.Debug = false
  903. s := NewServer(config)
  904. req := &httpRequest{nil, s, "", "", "", false}
  905. path := "http://example.org/foo/bar/baz"
  906. p, _ := req.pathInfo(path)
  907. depth := strings.Split(p.Path, "/")
  908. var results []string
  909. for i := len(depth); i > 0; i-- {
  910. depth = depth[:len(depth)-1]
  911. path = walkPath(p.Base, depth)
  912. results = append(results, path)
  913. }
  914. assert.Equal(t, "http://example.org/foo/bar/", results[0])
  915. assert.Equal(t, "http://example.org/foo/", results[1])
  916. assert.Equal(t, "http://example.org/", results[2])
  917. }