Skip to content

Commit

Permalink
fixup! fix heterogeneous testcase and rebuild samples
Browse files Browse the repository at this point in the history
  • Loading branch information
@divarvel
divarvel committed Nov 12, 2024
1 parent 0846798 commit d56c311
Show file tree
Hide file tree
Showing 4 changed files with 126 additions and 21 deletions.
10 changes: 8 additions & 2 deletions biscuit-auth/examples/testcases.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2062,6 +2062,8 @@ fn heterogeneous_equal(target: &str, root: &KeyPair, test: bool) -> TestResult {
check if {1, 2} == {1, 2};
check if {1, 4} != {1, 2};
check if {1, 4} != true;
check if fact(1, $value), 1 == $value;
check if fact2(1, $value), 1 != $value;
"#
)
.build_with_rng(&root, SymbolTable::default(), &mut rng)
Expand All @@ -2073,11 +2075,15 @@ fn heterogeneous_equal(target: &str, root: &KeyPair, test: bool) -> TestResult {
let mut validations = BTreeMap::new();
validations.insert(
"".to_string(),
validate_token(root, &data[..], "allow if true"),
validate_token(root, &data[..], "fact(1,1); fact2(1,2); allow if true"),
);
validations.insert(
"evaluate to false".to_string(),
validate_token(root, &data[..], "allow if false != false"),
validate_token(
root,
&data[..],
"fact(1,2); fact2(1,1); check if false != false; allow if true",
),
);

TestResult {
Expand Down
58 changes: 50 additions & 8 deletions biscuit-auth/samples/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2657,7 +2657,7 @@ result: `Err(FailedLogic(Unauthorized { policy: Allow(0), checks: [Block(FailedB
### token

authority:
symbols: ["abcD12", "abcD12x"]
symbols: ["abcD12", "abcD12x", "fact", "value", "fact2"]

public keys: []

Expand All @@ -2681,22 +2681,37 @@ check if hex:12abcd != true;
check if {1, 2} == {1, 2};
check if {1, 4} != {1, 2};
check if {1, 4} != true;
check if fact(1, $value), 1 == $value;
check if fact2(1, $value), 1 != $value;
```

### validation

authorizer code:
```
fact(1, 1);
fact2(1, 2);
allow if true;
```

revocation ids:
- `10242885d535e2e665512c710510dbf99e450108cb0183f1bfd35266a13453163059f41960d3459514e7bebd85a1997969aa993c9fc66aa7e74e1ddadee1c40f`
- `899521bb50786bd40a21bf22c9362b021a9300e20cbf1b8b2f70bd1f5a9b01c420efeab85092f081db71ce7b7cebfc01b4a4f8f2294c478ce4c7f8813ffa5c0f`

authorizer world:
```
World {
facts: []
facts: [
Facts {
origin: {
None,
},
facts: [
"fact(1, 1)",
"fact2(1, 2)",
],
},
]
rules: []
checks: [
Checks {
Expand All @@ -2714,6 +2729,8 @@ World {
"check if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z",
"check if 2022-12-04T09:46:41Z != true",
"check if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z",
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value",
"check if false != true",
"check if false == false",
"check if hex:12abcd != hex:12ab",
Expand All @@ -2737,16 +2754,31 @@ result: `Ok(0)`

authorizer code:
```
allow if false != false;
fact(1, 2);
fact2(1, 1);
check if false != false;
allow if true;
```

revocation ids:
- `10242885d535e2e665512c710510dbf99e450108cb0183f1bfd35266a13453163059f41960d3459514e7bebd85a1997969aa993c9fc66aa7e74e1ddadee1c40f`
- `899521bb50786bd40a21bf22c9362b021a9300e20cbf1b8b2f70bd1f5a9b01c420efeab85092f081db71ce7b7cebfc01b4a4f8f2294c478ce4c7f8813ffa5c0f`

authorizer world:
```
World {
facts: []
facts: [
Facts {
origin: {
None,
},
facts: [
"fact(1, 2)",
"fact2(1, 1)",
],
},
]
rules: []
checks: [
Checks {
Expand All @@ -2764,6 +2796,8 @@ World {
"check if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z",
"check if 2022-12-04T09:46:41Z != true",
"check if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z",
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value",
"check if false != true",
"check if false == false",
"check if hex:12abcd != hex:12ab",
Expand All @@ -2775,14 +2809,22 @@ World {
"check if {1, 4} != {1, 2}",
],
},
Checks {
origin: Some(
18446744073709551615,
),
checks: [
"check if false != false",
],
},
]
policies: [
"allow if false != false",
"allow if true",
]
}
```

result: `Err(FailedLogic(NoMatchingPolicy { checks: [] }))`
result: `Err(FailedLogic(Unauthorized { policy: Allow(0), checks: [Authorizer(FailedAuthorizerCheck { check_id: 0, rule: "check if false != false" }), Block(FailedBlockCheck { block_id: 0, check_id: 19, rule: "check if fact(1, $value), 1 == $value" }), Block(FailedBlockCheck { block_id: 0, check_id: 20, rule: "check if fact2(1, $value), 1 != $value" })] }))`


------------------------------
Expand Down
79 changes: 68 additions & 11 deletions biscuit-auth/samples/samples.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2514,17 +2514,30 @@
{
"symbols": [
"abcD12",
"abcD12x"
"abcD12x",
"fact",
"value",
"fact2"
],
"public_keys": [],
"external_key": null,
"code": "check if true == true;\ncheck if false == false;\ncheck if false != true;\ncheck if 1 != true;\ncheck if 1 == 1;\ncheck if 1 != 3;\ncheck if 1 != true;\ncheck if \"abcD12\" == \"abcD12\";\ncheck if \"abcD12x\" != \"abcD12\";\ncheck if \"abcD12x\" != true;\ncheck if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != true;\ncheck if hex:12abcd == hex:12abcd;\ncheck if hex:12abcd != hex:12ab;\ncheck if hex:12abcd != true;\ncheck if {1, 2} == {1, 2};\ncheck if {1, 4} != {1, 2};\ncheck if {1, 4} != true;\n"
"code": "check if true == true;\ncheck if false == false;\ncheck if false != true;\ncheck if 1 != true;\ncheck if 1 == 1;\ncheck if 1 != 3;\ncheck if 1 != true;\ncheck if \"abcD12\" == \"abcD12\";\ncheck if \"abcD12x\" != \"abcD12\";\ncheck if \"abcD12x\" != true;\ncheck if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != true;\ncheck if hex:12abcd == hex:12abcd;\ncheck if hex:12abcd != hex:12ab;\ncheck if hex:12abcd != true;\ncheck if {1, 2} == {1, 2};\ncheck if {1, 4} != {1, 2};\ncheck if {1, 4} != true;\ncheck if fact(1, $value), 1 == $value;\ncheck if fact2(1, $value), 1 != $value;\n"
}
],
"validations": {
"": {
"world": {
"facts": [],
"facts": [
{
"origin": [
null
],
"facts": [
"fact(1, 1)",
"fact2(1, 2)"
]
}
],
"rules": [],
"checks": [
{
Expand All @@ -2540,6 +2553,8 @@
"check if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z",
"check if 2022-12-04T09:46:41Z != true",
"check if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z",
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value",
"check if false != true",
"check if false == false",
"check if hex:12abcd != hex:12ab",
Expand All @@ -2559,14 +2574,24 @@
"result": {
"Ok": 0
},
"authorizer_code": "allow if true;\n",
"authorizer_code": "fact(1, 1);\nfact2(1, 2);\n\nallow if true;\n",
"revocation_ids": [
"10242885d535e2e665512c710510dbf99e450108cb0183f1bfd35266a13453163059f41960d3459514e7bebd85a1997969aa993c9fc66aa7e74e1ddadee1c40f"
"899521bb50786bd40a21bf22c9362b021a9300e20cbf1b8b2f70bd1f5a9b01c420efeab85092f081db71ce7b7cebfc01b4a4f8f2294c478ce4c7f8813ffa5c0f"
]
},
"evaluate to false": {
"world": {
"facts": [],
"facts": [
{
"origin": [
null
],
"facts": [
"fact(1, 2)",
"fact2(1, 1)"
]
}
],
"rules": [],
"checks": [
{
Expand All @@ -2582,6 +2607,8 @@
"check if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z",
"check if 2022-12-04T09:46:41Z != true",
"check if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z",
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value",
"check if false != true",
"check if false == false",
"check if hex:12abcd != hex:12ab",
Expand All @@ -2592,24 +2619,54 @@
"check if {1, 4} != true",
"check if {1, 4} != {1, 2}"
]
},
{
"origin": 18446744073709551615,
"checks": [
"check if false != false"
]
}
],
"policies": [
"allow if false != false"
"allow if true"
]
},
"result": {
"Err": {
"FailedLogic": {
"NoMatchingPolicy": {
"checks": []
"Unauthorized": {
"policy": {
"Allow": 0
},
"checks": [
{
"Authorizer": {
"check_id": 0,
"rule": "check if false != false"
}
},
{
"Block": {
"block_id": 0,
"check_id": 19,
"rule": "check if fact(1, $value), 1 == $value"
}
},
{
"Block": {
"block_id": 0,
"check_id": 20,
"rule": "check if fact2(1, $value), 1 != $value"
}
}
]
}
}
}
},
"authorizer_code": "allow if false != false;\n",
"authorizer_code": "fact(1, 2);\nfact2(1, 1);\n\ncheck if false != false;\n\nallow if true;\n",
"revocation_ids": [
"10242885d535e2e665512c710510dbf99e450108cb0183f1bfd35266a13453163059f41960d3459514e7bebd85a1997969aa993c9fc66aa7e74e1ddadee1c40f"
"899521bb50786bd40a21bf22c9362b021a9300e20cbf1b8b2f70bd1f5a9b01c420efeab85092f081db71ce7b7cebfc01b4a4f8f2294c478ce4c7f8813ffa5c0f"
]
}
}
Expand Down
Binary file modified biscuit-auth/samples/test031_heterogeneous_equal.bc
View file
Binary file not shown.

0 comments on commit d56c311

Please sign in to comment.