From 2073a84e3128d87bcc445c628109fd18e720d082 Mon Sep 17 00:00:00 2001 From: Aras Ergus Date: Wed, 2 Apr 2025 08:46:20 +0200 Subject: [PATCH] Test also matchers in tests for Policy.Filter --- hscontrol/policy/v1/policy_test.go | 25 +++++++++++++++++++++-- hscontrol/policy/v2/policy_test.go | 32 ++++++++++++++++++++---------- 2 files changed, 44 insertions(+), 13 deletions(-) diff --git a/hscontrol/policy/v1/policy_test.go b/hscontrol/policy/v1/policy_test.go index f1d899ba..c9f98079 100644 --- a/hscontrol/policy/v1/policy_test.go +++ b/hscontrol/policy/v1/policy_test.go @@ -1,6 +1,7 @@ package v1 import ( + "github.com/juanfont/headscale/hscontrol/policy/matcher" "testing" "github.com/google/go-cmp/cmp" @@ -27,6 +28,7 @@ func TestPolicySetChange(t *testing.T) { wantNodesChange bool wantPolicyChange bool wantFilter []tailcfg.FilterRule + wantMatchers []matcher.Match }{ { name: "set-nodes", @@ -42,6 +44,9 @@ func TestPolicySetChange(t *testing.T) { DstPorts: []tailcfg.NetPortRange{{IP: "100.64.0.1/32", Ports: tailcfg.PortRangeAny}}, }, }, + wantMatchers: []matcher.Match{ + matcher.MatchFromStrings([]string{}, []string{"100.64.0.1/32"}), + }, }, { name: "set-users", @@ -52,6 +57,9 @@ func TestPolicySetChange(t *testing.T) { DstPorts: []tailcfg.NetPortRange{{IP: "100.64.0.1/32", Ports: tailcfg.PortRangeAny}}, }, }, + wantMatchers: []matcher.Match{ + matcher.MatchFromStrings([]string{}, []string{"100.64.0.1/32"}), + }, }, { name: "set-users-and-node", @@ -70,6 +78,9 @@ func TestPolicySetChange(t *testing.T) { DstPorts: []tailcfg.NetPortRange{{IP: "100.64.0.1/32", Ports: tailcfg.PortRangeAny}}, }, }, + wantMatchers: []matcher.Match{ + matcher.MatchFromStrings([]string{"100.64.0.2/32"}, []string{"100.64.0.1/32"}), + }, }, { name: "set-policy", @@ -95,6 +106,9 @@ func TestPolicySetChange(t *testing.T) { DstPorts: []tailcfg.NetPortRange{{IP: "100.64.0.62/32", Ports: tailcfg.PortRangeAny}}, }, }, + wantMatchers: []matcher.Match{ + matcher.MatchFromStrings([]string{"100.64.0.61/32"}, []string{"100.64.0.62/32"}), + }, }, } @@ -150,9 +164,16 @@ func TestPolicySetChange(t *testing.T) { assert.Equal(t, tt.wantNodesChange, change) } - filter, _ := pm.Filter() + filter, matchers := pm.Filter() if diff := cmp.Diff(tt.wantFilter, filter); diff != "" { - t.Errorf("TestPolicySetChange() unexpected result (-want +got):\n%s", diff) + t.Errorf("TestPolicySetChange() unexpected filter (-want +got):\n%s", diff) + } + if diff := cmp.Diff( + tt.wantMatchers, + matchers, + cmp.AllowUnexported(matcher.Match{}), + ); diff != "" { + t.Errorf("TestPolicySetChange() unexpected matchers (-want +got):\n%s", diff) } }) } diff --git a/hscontrol/policy/v2/policy_test.go b/hscontrol/policy/v2/policy_test.go index 2bc26760..47057bf9 100644 --- a/hscontrol/policy/v2/policy_test.go +++ b/hscontrol/policy/v2/policy_test.go @@ -1,6 +1,7 @@ package v2 import ( + "github.com/juanfont/headscale/hscontrol/policy/matcher" "testing" "github.com/google/go-cmp/cmp" @@ -29,16 +30,18 @@ func TestPolicyManager(t *testing.T) { } tests := []struct { - name string - pol string - nodes types.Nodes - wantFilter []tailcfg.FilterRule + name string + pol string + nodes types.Nodes + wantFilter []tailcfg.FilterRule + wantMatchers []matcher.Match }{ { - name: "empty-policy", - pol: "{}", - nodes: types.Nodes{}, - wantFilter: nil, + name: "empty-policy", + pol: "{}", + nodes: types.Nodes{}, + wantFilter: nil, + wantMatchers: nil, }, } @@ -47,9 +50,16 @@ func TestPolicyManager(t *testing.T) { pm, err := NewPolicyManager([]byte(tt.pol), users, tt.nodes) require.NoError(t, err) - filter, _ := pm.Filter() - if diff := cmp.Diff(filter, tt.wantFilter); diff != "" { - t.Errorf("Filter() mismatch (-want +got):\n%s", diff) + filter, matchers := pm.Filter() + if diff := cmp.Diff(tt.wantFilter, filter); diff != "" { + t.Errorf("Filter() filter mismatch (-want +got):\n%s", diff) + } + if diff := cmp.Diff( + tt.wantMatchers, + matchers, + cmp.AllowUnexported(matcher.Match{}), + ); diff != "" { + t.Errorf("Filter() matchers mismatch (-want +got):\n%s", diff) } // TODO(kradalby): Test SSH Policy