From b14ad7bdeafce6d866310e76a4af00d51e493650 Mon Sep 17 00:00:00 2001 From: Shanin Roman Date: Fri, 15 Dec 2023 13:25:29 +0300 Subject: [PATCH] [fix] #3857: Add test to check token unification Signed-off-by: Shanin Roman --- client/tests/integration/connected_peers.rs | 2 +- client/tests/integration/permissions.rs | 36 +++++++++++++++++++ client/tests/integration/roles.rs | 39 +++++++++++++++++++++ 3 files changed, 76 insertions(+), 1 deletion(-) diff --git a/client/tests/integration/connected_peers.rs b/client/tests/integration/connected_peers.rs index 9d9634316d1..20221dd0d2a 100644 --- a/client/tests/integration/connected_peers.rs +++ b/client/tests/integration/connected_peers.rs @@ -46,7 +46,7 @@ fn register_new_peer() -> Result<()> { PeerBuilder::new() .with_configuration(configuration) .with_into_genesis(WithGenesis::None) - .with_port(11_200) + .with_port(11_225) .start(), ); diff --git a/client/tests/integration/permissions.rs b/client/tests/integration/permissions.rs index a6250427fbd..f9ff3c05cdf 100644 --- a/client/tests/integration/permissions.rs +++ b/client/tests/integration/permissions.rs @@ -329,3 +329,39 @@ fn stored_vs_granted_token_payload() -> Result<()> { Ok(()) } + +#[test] +#[allow(deprecated)] +fn permission_tokens_are_unified() { + let (_rt, _peer, iroha_client) = ::new().with_port(11_230).start_with_runtime(); + wait_for_genesis_committed(&[iroha_client.clone()], 0); + + // Given + let alice_id = AccountId::from_str("alice@wonderland").expect("Valid"); + + let allow_alice_to_transfer_rose_1 = Grant::permission_token( + PermissionToken::from_str_unchecked( + "CanTransferUserAsset".parse().unwrap(), + // NOTE: Introduced additional whitespaces in the serialized form + "{ \"asset_id\" : \"rose#wonderland#alice@wonderland\" }", + ), + alice_id.clone(), + ); + + let allow_alice_to_transfer_rose_2 = Grant::permission_token( + PermissionToken::from_str_unchecked( + "CanTransferUserAsset".parse().unwrap(), + // NOTE: Introduced additional whitespaces in the serialized form + "{ \"asset_id\" : \"rose##alice@wonderland\" }", + ), + alice_id, + ); + + iroha_client + .submit_blocking(allow_alice_to_transfer_rose_1) + .expect("failed to grant permission token"); + + let _ = iroha_client + .submit_blocking(allow_alice_to_transfer_rose_2) + .expect_err("permission tokens are not unified"); +} diff --git a/client/tests/integration/roles.rs b/client/tests/integration/roles.rs index ef1884806a3..95245852db4 100644 --- a/client/tests/integration/roles.rs +++ b/client/tests/integration/roles.rs @@ -172,3 +172,42 @@ fn role_with_invalid_permissions_is_not_accepted() -> Result<()> { Ok(()) } + +#[test] +#[allow(deprecated)] +fn role_permissions_unified() { + let (_rt, _peer, test_client) = ::new().with_port(11_235).start_with_runtime(); + wait_for_genesis_committed(&vec![test_client.clone()], 0); + + let allow_alice_to_transfer_rose_1 = PermissionToken::from_str_unchecked( + "CanTransferUserAsset".parse().unwrap(), + // NOTE: Introduced additional whitespaces in the serialized form + "{ \"asset_id\" : \"rose#wonderland#alice@wonderland\" }", + ); + + let allow_alice_to_transfer_rose_2 = PermissionToken::from_str_unchecked( + "CanTransferUserAsset".parse().unwrap(), + // NOTE: Introduced additional whitespaces in the serialized form + "{ \"asset_id\" : \"rose##alice@wonderland\" }", + ); + + let role_id: RoleId = "role_id".parse().expect("Valid"); + let role = Role::new(role_id.clone()) + .add_permission(allow_alice_to_transfer_rose_1) + .add_permission(allow_alice_to_transfer_rose_2); + + test_client + .submit_blocking(Register::role(role)) + .expect("failed to register role"); + + let role = test_client + .request(FindRoleByRoleId::new(role_id)) + .expect("failed to find role"); + + // Permission tokens are unified so only one token left + assert_eq!( + role.permissions().len(), + 1, + "permission tokens for role aren't deduplicated" + ); +}