fix: lack test file (#12)

Signed-off-by: closetool <c299999999@qq.com>

Author: kilosonc

.gitignore

@@ -14,4 +14,5 @@
 .glide/
 
 .idea/
-*.iml
+*.iml
+caddy

.travis.yml

@@ -7,13 +7,15 @@ go:
 - 1.15
 
 env:
-- GO111MODULE=on
+  - GO111MODULE=on
 
-before_install:
-  - go get github.com/mattn/goveralls
 
 install:
-- go get -t ./...
+  - go get -t ./...
+  - go get -u github.com/caddyserver/xcaddy/cmd/xcaddy
+
+before_script:
+  - xcaddy build
 
 script:
-  - $GOPATH/bin/goveralls -service=travis-ci
+  - go test -v -coverprofile="cover-profile.out" -short -race ./...

Caddyfile Caddyfile.example

@@ -83,7 +83,6 @@ func (a *Authorizer) UnmarshalCaddyfile(d *caddyfile.Dispenser) error {
 
 // parseCaddyfile unmarshals tokens from h into a new Authorizer.
 func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error) {
-	fmt.Println("parse")
 	var m Authorizer
 	err := m.UnmarshalCaddyfile(h.Dispenser)
 	return m, err
@@ -92,7 +91,7 @@ func parseCaddyfile(h httpcaddyfile.Helper) (caddyhttp.MiddlewareHandler, error)
 // GetUserName gets the user name from the request.
 // Currently, only HTTP basic authentication is supported
 func (a *Authorizer) GetUserName(r *http.Request) string {
-	username, _, _ := r.BasicAuth()
+	username := r.Header.Get("Authorization")
 	return username
 }
 

authz.go

@@ -0,0 +1,74 @@
+package authz
+
+import (
+	"fmt"
+	"net/http"
+	"testing"
+
+	"github.com/caddyserver/caddy/v2/caddytest"
+)
+
+var tester *caddytest.Tester
+
+func testRequest(t *testing.T, user string, path string, method string, code int) {
+	req, err := http.NewRequest(method, fmt.Sprintf("http://localhost:9080%s", path), nil)
+	if err != nil {
+		t.Fatalf("unable to create request %s", err)
+	}
+	req.Header.Set("Authorization", user)
+	tester.AssertResponse(req, code, "")
+}
+
+func initTester(t *testing.T) {
+	tester = caddytest.NewTester(t)
+	tester.InitServer(` 
+	{
+		http_port     9080
+		https_port    9443
+	}
+	localhost:9080 {
+		route /* {
+			authz "authz_model.conf" "authz_policy.csv"
+			respond ""
+		}
+	}`, "caddyfile")
+}
+
+func TestBasic(t *testing.T) {
+	initTester(t)
+
+	testRequest(t, "alice", "/dataset1/resource1", "GET", 200)
+	testRequest(t, "alice", "/dataset1/resource1", "POST", 200)
+	testRequest(t, "alice", "/dataset1/resource2", "GET", 200)
+	testRequest(t, "alice", "/dataset1/resource2", "POST", 403)
+}
+
+func TestPathWildcard(t *testing.T) {
+	initTester(t)
+
+	testRequest(t, "bob", "/dataset2/resource1", "GET", 200)
+	testRequest(t, "bob", "/dataset2/resource1", "POST", 200)
+	testRequest(t, "bob", "/dataset2/resource1", "DELETE", 200)
+	testRequest(t, "bob", "/dataset2/resource2", "GET", 200)
+	testRequest(t, "bob", "/dataset2/resource2", "POST", 403)
+	testRequest(t, "bob", "/dataset2/resource2", "DELETE", 403)
+
+	testRequest(t, "bob", "/dataset2/folder1/item1", "GET", 403)
+	testRequest(t, "bob", "/dataset2/folder1/item1", "POST", 200)
+	testRequest(t, "bob", "/dataset2/folder1/item1", "DELETE", 403)
+	testRequest(t, "bob", "/dataset2/folder1/item2", "GET", 403)
+	testRequest(t, "bob", "/dataset2/folder1/item2", "POST", 200)
+	testRequest(t, "bob", "/dataset2/folder1/item2", "DELETE", 403)
+}
+
+func TestRBAC(t *testing.T) {
+	initTester(t)
+
+	// cathy can access all /dataset1/* resources via all methods because it has the dataset1_admin role.
+	testRequest(t, "cathy", "/dataset1/item", "GET", 200)
+	testRequest(t, "cathy", "/dataset1/item", "POST", 200)
+	testRequest(t, "cathy", "/dataset1/item", "DELETE", 200)
+	testRequest(t, "cathy", "/dataset2/item", "GET", 403)
+	testRequest(t, "cathy", "/dataset2/item", "POST", 403)
+	testRequest(t, "cathy", "/dataset2/item", "DELETE", 403)
+}

authz_test.go

@@ -3,6 +3,6 @@ module github.com/casbin/caddy-authz/v2
 go 1.14
 
 require (
-	github.com/caddyserver/caddy/v2 v2.1.1
+	github.com/caddyserver/caddy/v2 v2.2.1
 	github.com/casbin/casbin/v2 v2.8.6
 )