Search in sources :

Example 1 with MetadataMatcher

use of io.envoyproxy.envoy.type.matcher.v3.MetadataMatcher in project grpc-java by grpc.

the class RbacFilterTest method compositeRules.

@Test
@SuppressWarnings("unchecked")
public void compositeRules() {
    MetadataMatcher metadataMatcher = MetadataMatcher.newBuilder().build();
    List<Permission> permissionList = Arrays.asList(Permission.newBuilder().setOrRules(Permission.Set.newBuilder().addRules(Permission.newBuilder().setMetadata(metadataMatcher).build()).build()).build());
    List<Principal> principalList = Arrays.asList(Principal.newBuilder().setNotId(Principal.newBuilder().setMetadata(metadataMatcher).build()).build());
    ConfigOrError<? extends FilterConfig> result = parse(permissionList, principalList);
    assertThat(result.errorDetail).isNull();
    assertThat(result.config).isInstanceOf(RbacConfig.class);
    ServerCall<Void, Void> serverCall = mock(ServerCall.class);
    GrpcAuthorizationEngine engine = new GrpcAuthorizationEngine(((RbacConfig) result.config).authConfig());
    AuthDecision decision = engine.evaluate(new Metadata(), serverCall);
    assertThat(decision.decision()).isEqualTo(GrpcAuthorizationEngine.Action.ALLOW);
}
Also used : MetadataMatcher(io.envoyproxy.envoy.type.matcher.v3.MetadataMatcher) AuthDecision(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision) Permission(io.envoyproxy.envoy.config.rbac.v3.Permission) Metadata(io.grpc.Metadata) GrpcAuthorizationEngine(io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine) Principal(io.envoyproxy.envoy.config.rbac.v3.Principal) Test(org.junit.Test)

Aggregations

Permission (io.envoyproxy.envoy.config.rbac.v3.Permission)1 Principal (io.envoyproxy.envoy.config.rbac.v3.Principal)1 MetadataMatcher (io.envoyproxy.envoy.type.matcher.v3.MetadataMatcher)1 Metadata (io.grpc.Metadata)1 GrpcAuthorizationEngine (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine)1 AuthDecision (io.grpc.xds.internal.rbac.engine.GrpcAuthorizationEngine.AuthDecision)1 Test (org.junit.Test)1