shiny/authz_client
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 10 Activity
Files
main
authz_client/client_test.go
T

651 lines
16 KiB
Go
Raw Permalink Normal View History

feat: initial version
2019-11-05 21:24:54 +01:00
package client
import (
"fmt"
"net/http"
"net/http/httptest"
fix: sort companies before comparing since map-iteration is not stable
2020-04-12 20:46:18 +02:00
"sort"
test: add concurrent fetch and read tests for privileges Adds multiple tests to verify the thread-safety of the Fetch method and the handling of privileges in concurrent operations. Tests include concurrent fetching, reading privileges, and processing with multiple goroutines. Ensures no errors occur during operations and verifies privileges are set correctly.
2025-11-03 12:40:04 +01:00
"sync"
feat: initial version
2019-11-05 21:24:54 +01:00
"testing"
chore: group imports
2021-05-03 20:52:15 +02:00
chore: switch to moved goamqp
2022-07-20 17:11:29 +02:00
"github.com/sparetimecoders/goamqp"
chore: group imports
2021-05-03 20:52:15 +02:00
"github.com/stretchr/testify/assert"
feat: initial version
2019-11-05 21:24:54 +01:00
)
func TestPrivilegeHandler_Process_InvalidType(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process("abc", goamqp.Headers{})
feat: initial version
2019-11-05 21:24:54 +01:00
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
assert.Nil(t, result)
assert.EqualError(t, err, "unexpected event type: 'string'")
feat: initial version
2019-11-05 21:24:54 +01:00
}
chore: add tests
2019-12-31 12:58:20 +01:00
func TestPrivilegeHandler_Process_PrivilegeRemoved(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeAdmin,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: add tests
2019-12-31 12:58:20 +01:00
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
assert.Equal(t, []string{"abc-123"}, companies)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err = handler.Process(&PrivilegeRemoved{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeAdmin,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: add tests
2019-12-31 12:58:20 +01:00
companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
assert.Empty(t, companies)
}
chore: modify event structure
2020-04-12 20:33:35 +02:00
func TestPrivilegeHandler_Process_UserAdded_And_UserRemoved(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process(&UserAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err = handler.Process(&UserAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-456",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return true
})
fix: sort companies before comparing since map-iteration is not stable
2020-04-12 20:46:18 +02:00
sort.Strings(companies)
chore: modify event structure
2020-04-12 20:33:35 +02:00
assert.Equal(t, []string{"abc-123", "abc-456"}, companies)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err = handler.Process(&UserRemoved{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err = handler.Process(&UserRemoved{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-456",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return true
})
assert.Empty(t, companies)
}
feat: initial version
2019-11-05 21:24:54 +01:00
func TestPrivilegeHandler_GetCompanies_Email_Not_Found(t *testing.T) {
handler := New(WithBaseURL("base"))
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return true
})
assert.Empty(t, companies)
}
func TestPrivilegeHandler_GetCompanies_No_Companies_Found(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process(&UserAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
feat: initial version
2019-11-05 21:24:54 +01:00
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
assert.Empty(t, companies)
chore: modify event structure
2020-04-12 20:33:35 +02:00
companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return true
})
assert.Equal(t, []string{"abc-123"}, companies)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err = handler.Process(&UserRemoved{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
companies = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return true
})
assert.Empty(t, companies)
feat: initial version
2019-11-05 21:24:54 +01:00
}
func TestPrivilegeHandler_GetCompanies_Company_With_Company_Access_Found(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeCompany,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
feat: initial version
2019-11-05 21:24:54 +01:00
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Company
})
assert.Equal(t, []string{"abc-123"}, companies)
}
func TestPrivilegeHandler_GetCompanies_Company_With_Admin_Access_Found(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
result, err := handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeConsumer,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
assert.Nil(t, result)
assert.NoError(t, err)
feat: initial version
2019-11-05 21:24:54 +01:00
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
chore: modify event structure
2020-04-12 20:33:35 +02:00
return privileges.Consumer
feat: initial version
2019-11-05 21:24:54 +01:00
})
assert.Equal(t, []string{"abc-123"}, companies)
}
chore: add tests
2019-12-31 12:58:20 +01:00
func TestPrivilegeHandler_IsAllowed_Return_False_If_No_Privileges(t *testing.T) {
handler := New(WithBaseURL("base"))
result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Company
})
assert.False(t, result)
}
func TestPrivilegeHandler_IsAllowed_Return_True_If_Privilege_Exists(t *testing.T) {
handler := New(WithBaseURL("base"))
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
_, _ = handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeTime,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
chore: add tests
2019-12-31 12:58:20 +01:00
result := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
chore: modify event structure
2020-04-12 20:33:35 +02:00
return privileges.Time
})
assert.True(t, result)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
_, _ = handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeInvoicing,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
chore: modify event structure
2020-04-12 20:33:35 +02:00
result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Invoicing
})
assert.True(t, result)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
_, _ = handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeAccounting,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
chore: modify event structure
2020-04-12 20:33:35 +02:00
result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Accounting
})
assert.True(t, result)
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
_, _ = handler.Process(&PrivilegeAdded{
chore: modify event structure
2020-04-12 20:33:35 +02:00
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeSupplier,
chore: update to latest version of goamqp
2021-05-15 14:42:19 +02:00
}, goamqp.Headers{})
chore: modify event structure
2020-04-12 20:33:35 +02:00
result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Supplier
chore: add tests
2019-12-31 12:58:20 +01:00
})
assert.True(t, result)
feat: add salary privilege to privilege management system Add support for the salary privilege in the privilege handler. Implement associated logic to process and validate the salary privilege in the test cases. Update the data structures to include the new privilege and ensure correct functionality in the privilege processing flow.
2025-09-06 14:49:56 +02:00
_, _ = handler.Process(&PrivilegeAdded{
Email: "jim@example.org",
CompanyID: "abc-123",
Privilege: PrivilegeSalary,
}, goamqp.Headers{})
result = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Salary
})
assert.True(t, result)
chore: add tests
2019-12-31 12:58:20 +01:00
}
feat(client): add API key authentication for /authz endpoint (#294) ## Summary - Add `WithAPIKey(key string)` option to `PrivilegeHandler` - When set, `Fetch()` sends `Authorization: Bearer <key>` header - Backward compatible: no key = no header (existing behavior) ## Test plan - [x] Unit test verifying Authorization header is sent - [x] Unit test verifying no header without key - [x] Existing tests still pass 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: https://gitea.unbound.se/shiny/authz_client/pulls/294
2026-03-12 07:32:12 +00:00
func TestPrivilegeHandler_Fetch_Sends_Authorization_Header_When_APIKey_Set(t *testing.T) {
var receivedAuth string
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
receivedAuth = r.Header.Get("Authorization")
_, _ = w.Write([]byte("{}"))
}))
defer server.Close()
handler := New(
WithBaseURL(server.URL),
WithAPIKey("my-secret-key"),
)
err := handler.Fetch()
assert.NoError(t, err)
assert.Equal(t, "Bearer my-secret-key", receivedAuth)
}
func TestPrivilegeHandler_Fetch_No_Authorization_Header_Without_APIKey(t *testing.T) {
var receivedAuth string
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
receivedAuth = r.Header.Get("Authorization")
_, _ = w.Write([]byte("{}"))
}))
defer server.Close()
handler := New(WithBaseURL(server.URL))
err := handler.Fetch()
assert.NoError(t, err)
assert.Empty(t, receivedAuth)
}
feat: initial version
2019-11-05 21:24:54 +01:00
func TestPrivilegeHandler_Fetch_Error_Response(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(500)
}))
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
server.Close()
err := handler.Fetch()
chore: modify event structure
2020-04-12 20:33:35 +02:00
assert.EqualError(t, err, fmt.Sprintf("Get \"http://%s/authz\": dial tcp %s: connect: connection refused", baseURL, baseURL))
feat: initial version
2019-11-05 21:24:54 +01:00
}
func TestPrivilegeHandler_Fetch_Error_Unreadable_Body(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Length", "1")
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
err := handler.Fetch()
assert.EqualError(t, err, "unexpected EOF")
}
func TestPrivilegeHandler_Fetch_Error_Broken_JSON(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte("{abc"))
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
err := handler.Fetch()
assert.EqualError(t, err, "invalid character 'a' looking for beginning of object key string")
}
func TestPrivilegeHandler_Fetch_Valid(t *testing.T) {
privileges := `
{
"jim@example.org": {
"00010203-0405-4607-8809-0a0b0c0d0e0f": {
"admin": false,
"company": true,
"consumer": false,
"time": true,
"invoicing": true,
"accounting": false,
feat: add salary privilege to privilege management system Add support for the salary privilege in the privilege handler. Implement associated logic to process and validate the salary privilege in the test cases. Update the data structures to include the new privilege and ensure correct functionality in the privilege processing flow.
2025-09-06 14:49:56 +02:00
"supplier": false,
"salary": true
feat: initial version
2019-11-05 21:24:54 +01:00
}
}
}`
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte(privileges))
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
err := handler.Fetch()
assert.NoError(t, err)
chore: modify event structure
2020-04-12 20:33:35 +02:00
expectedPrivileges := map[string]map[string]*CompanyPrivileges{
feat: initial version
2019-11-05 21:24:54 +01:00
"jim@example.org": {
"00010203-0405-4607-8809-0a0b0c0d0e0f": {
Admin: false,
Company: true,
Consumer: false,
Time: true,
Invoicing: true,
Accounting: false,
Supplier: false,
feat: add salary privilege to privilege management system Add support for the salary privilege in the privilege handler. Implement associated logic to process and validate the salary privilege in the test cases. Update the data structures to include the new privilege and ensure correct functionality in the privilege processing flow.
2025-09-06 14:49:56 +02:00
Salary: true,
feat: initial version
2019-11-05 21:24:54 +01:00
},
},
}
assert.Equal(t, expectedPrivileges, handler.privileges)
}
test: add concurrent fetch and read tests for privileges Adds multiple tests to verify the thread-safety of the Fetch method and the handling of privileges in concurrent operations. Tests include concurrent fetching, reading privileges, and processing with multiple goroutines. Ensures no errors occur during operations and verifies privileges are set correctly.
2025-11-03 12:40:04 +01:00
func TestPrivilegeHandler_Fetch_Concurrent_Fetches(t *testing.T) {
privileges := `
{
"jim@example.org": {
"00010203-0405-4607-8809-0a0b0c0d0e0f": {
"admin": false,
"company": true,
"consumer": false,
"time": true,
"invoicing": true,
"accounting": false,
"supplier": false,
"salary": true
}
}
}`
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte(privileges))
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
// Run multiple Fetch calls concurrently to test thread-safety
var wg sync.WaitGroup
errors := make(chan error, 10)
for i := 0; i < 10; i++ {
wg.Add(1)
go func() {
defer wg.Done()
if err := handler.Fetch(); err != nil {
errors <- err
}
}()
}
wg.Wait()
close(errors)
// Check no errors occurred
for err := range errors {
assert.NoError(t, err)
}
// Verify privileges were set correctly
expectedPrivileges := map[string]map[string]*CompanyPrivileges{
"jim@example.org": {
"00010203-0405-4607-8809-0a0b0c0d0e0f": {
Admin: false,
Company: true,
Consumer: false,
Time: true,
Invoicing: true,
Accounting: false,
Supplier: false,
Salary: true,
},
},
}
assert.Equal(t, expectedPrivileges, handler.privileges)
}
func TestPrivilegeHandler_Concurrent_Fetch_And_Read(t *testing.T) {
privileges := `
{
"jim@example.org": {
"abc-123": {
"admin": true,
"company": true,
"consumer": false,
"time": false,
"invoicing": false,
"accounting": false,
"supplier": false,
"salary": false
}
}
}`
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte(privileges))
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
var wg sync.WaitGroup
errors := make(chan error, 100)
// Start multiple Fetch operations
for i := 0; i < 10; i++ {
wg.Add(1)
go func() {
defer wg.Done()
if err := handler.Fetch(); err != nil {
errors <- err
}
}()
}
// Concurrently read privileges while Fetch is running
for i := 0; i < 50; i++ {
wg.Add(1)
go func() {
defer wg.Done()
_ = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
}()
}
// Concurrently check privileges while Fetch is running
for i := 0; i < 50; i++ {
wg.Add(1)
go func() {
defer wg.Done()
_ = handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
}()
}
wg.Wait()
close(errors)
// Check no errors occurred
for err := range errors {
assert.NoError(t, err)
}
// Verify privileges are correct after all concurrent operations
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
assert.Equal(t, []string{"abc-123"}, companies)
isAllowed := handler.IsAllowed("jim@example.org", "abc-123", func(privileges CompanyPrivileges) bool {
return privileges.Admin && privileges.Company
})
assert.True(t, isAllowed)
}
func TestPrivilegeHandler_Concurrent_Process_And_Read(t *testing.T) {
handler := New(WithBaseURL("base"))
var wg sync.WaitGroup
// Concurrently add privileges via Process
for i := 0; i < 100; i++ {
wg.Add(1)
companyID := fmt.Sprintf("company-%d", i%10)
go func(id string) {
defer wg.Done()
_, _ = handler.Process(&PrivilegeAdded{
Email: "jim@example.org",
CompanyID: id,
Privilege: PrivilegeAdmin,
}, goamqp.Headers{})
}(companyID)
}
// Concurrently read privileges while Process is running
for i := 0; i < 100; i++ {
wg.Add(1)
go func() {
defer wg.Done()
_ = handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
}()
}
wg.Wait()
// Verify all companies were added
companies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
sort.Strings(companies)
expected := make([]string, 10)
for i := 0; i < 10; i++ {
expected[i] = fmt.Sprintf("company-%d", i)
}
sort.Strings(expected)
assert.Equal(t, expected, companies)
}
func TestPrivilegeHandler_Concurrent_Multiple_Operations(t *testing.T) {
privileges := `
{
"jim@example.org": {
"initial-company": {
"admin": true,
"company": true,
"consumer": false,
"time": false,
"invoicing": false,
"accounting": false,
"supplier": false,
"salary": false
}
}
}`
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
_, _ = w.Write([]byte(privileges))
}))
defer server.Close()
baseURL := server.Listener.Addr().String()
handler := New(WithBaseURL(fmt.Sprintf("http://%s", baseURL)))
var wg sync.WaitGroup
// Fetch
for i := 0; i < 5; i++ {
wg.Add(1)
go func() {
defer wg.Done()
_ = handler.Fetch()
}()
}
// Process PrivilegeAdded
for i := 0; i < 20; i++ {
wg.Add(1)
go func(idx int) {
defer wg.Done()
_, _ = handler.Process(&PrivilegeAdded{
Email: "jane@example.org",
CompanyID: fmt.Sprintf("company-%d", idx%5),
Privilege: PrivilegeCompany,
}, goamqp.Headers{})
}(i)
}
// CompaniesByUser reads
for i := 0; i < 50; i++ {
wg.Add(1)
email := "jim@example.org"
if i%2 == 0 {
email = "jane@example.org"
}
go func(e string) {
defer wg.Done()
_ = handler.CompaniesByUser(e, func(privileges CompanyPrivileges) bool {
return privileges.Admin || privileges.Company
})
}(email)
}
// IsAllowed reads
for i := 0; i < 50; i++ {
wg.Add(1)
go func() {
defer wg.Done()
_ = handler.IsAllowed("jim@example.org", "initial-company", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
}()
}
wg.Wait()
// Verify final state is consistent
jimCompanies := handler.CompaniesByUser("jim@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Admin
})
assert.Contains(t, jimCompanies, "initial-company")
janeCompanies := handler.CompaniesByUser("jane@example.org", func(privileges CompanyPrivileges) bool {
return privileges.Company
})
sort.Strings(janeCompanies)
expectedJane := []string{"company-0", "company-1", "company-2", "company-3", "company-4"}
assert.Equal(t, expectedJane, janeCompanies)
}
Reference in New Issue Copy Permalink