ContainerImage.Pinniped/internal/testutil/transformtestutil/transformtestutil.go

59 lines
1.5 KiB
Go
Raw Normal View History

// Copyright 2023 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package transformtestutil
import (
"fmt"
"testing"
"time"
"github.com/stretchr/testify/require"
"go.pinniped.dev/internal/celtransformer"
"go.pinniped.dev/internal/idtransform"
)
func NewPrefixingPipeline(t *testing.T, usernamePrefix, groupsPrefix string) *idtransform.TransformationPipeline {
t.Helper()
transformer, err := celtransformer.NewCELTransformer(5 * time.Second)
require.NoError(t, err)
p := idtransform.NewTransformationPipeline()
userTransform, err := transformer.CompileTransformation(
&celtransformer.UsernameTransformation{Expression: fmt.Sprintf(`"%s" + username`, usernamePrefix)},
nil,
)
require.NoError(t, err)
p.AppendTransformation(userTransform)
groupsTransform, err := transformer.CompileTransformation(
&celtransformer.GroupsTransformation{Expression: fmt.Sprintf(`groups.map(g, "%s" + g)`, groupsPrefix)},
nil,
)
require.NoError(t, err)
p.AppendTransformation(groupsTransform)
return p
}
func NewRejectAllAuthPipeline(t *testing.T) *idtransform.TransformationPipeline {
t.Helper()
transformer, err := celtransformer.NewCELTransformer(5 * time.Second)
require.NoError(t, err)
p := idtransform.NewTransformationPipeline()
compiledTransform, err := transformer.CompileTransformation(
&celtransformer.AllowAuthenticationPolicy{Expression: `false`},
nil,
)
require.NoError(t, err)
p.AppendTransformation(compiledTransform)
return p
}