Skip to content

Commit

Permalink
increase coverage of lenient equals / not equals
Browse files Browse the repository at this point in the history
  • Loading branch information
@divarvel
divarvel committed Nov 5, 2024
1 parent 5a65099 commit d90accd
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 69 deletions.
32 changes: 20 additions & 12 deletions biscuit-auth/examples/testcases.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2043,8 +2043,24 @@ fn heterogeneous_equal(target: &str, root: &KeyPair, test: bool) -> TestResult {

let biscuit = biscuit!(
r#"
check if fact(1, $value), 1 == $value;
check if fact2(1, $value), 1 != $value;
check if true == true;
check if false != false;
check if 1 != true;
check if 1 == 1;
check if 1 != 3;
check if 1 != true;
check if "abcD12" == "abcD12";
check if "abcD12x" != "abcD12";
check if "abcD12x" != true;
check if 2022-12-04T09:46:41+00:00 == 2022-12-04T09:46:41+00:00;
check if 2022-12-04T09:46:41+00:00 != 2020-12-04T09:46:41+00:00;
check if 2022-12-04T09:46:41+00:00 != true;
check if hex:12abcd == hex:12abcd;
check if hex:12abcd != hex:12ab;
check if hex:12abcd != true;
check if {1, 2} == {1, 2};
check if {1, 4} != {1, 2};
check if {1, 4} != true;
"#
)
.build_with_rng(&root, SymbolTable::default(), &mut rng)
Expand All @@ -2055,16 +2071,8 @@ fn heterogeneous_equal(target: &str, root: &KeyPair, test: bool) -> TestResult {

let mut validations = BTreeMap::new();
validations.insert(
"authorized same type".to_string(),
validate_token(root, &data[..], "fact(1, 1); fact2(1, 2); allow if true"),
);
validations.insert(
"unauthorized failed logic different type".to_string(),
validate_token(
root,
&data[..],
"fact(1, true); fact2(1, false); allow if true",
),
"".to_string(),
validate_token(root, &data[..], "allow if true"),
);

TestResult {
Expand Down
84 changes: 27 additions & 57 deletions biscuit-auth/samples/samples.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2513,71 +2513,41 @@
"token": [
{
"symbols": [
"fact",
"value",
"fact2"
"abcD12",
"abcD12x"
],
"public_keys": [],
"external_key": null,
"code": "check if fact(1, $value), 1 == $value;\ncheck if fact2(1, $value), 1 != $value;\n"
"code": "check if true == true;\ncheck if false != false;\ncheck if 1 != true;\ncheck if 1 == 1;\ncheck if 1 != 3;\ncheck if 1 != true;\ncheck if \"abcD12\" == \"abcD12\";\ncheck if \"abcD12x\" != \"abcD12\";\ncheck if \"abcD12x\" != true;\ncheck if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z;\ncheck if 2022-12-04T09:46:41Z != true;\ncheck if hex:12abcd == hex:12abcd;\ncheck if hex:12abcd != hex:12ab;\ncheck if hex:12abcd != true;\ncheck if {1, 2} == {1, 2};\ncheck if {1, 4} != {1, 2};\ncheck if {1, 4} != true;\n"
}
],
"validations": {
"authorized same type": {
"world": {
"facts": [
{
"origin": [
null
],
"facts": [
"fact(1, 1)",
"fact2(1, 2)"
]
}
],
"rules": [],
"checks": [
{
"origin": 0,
"checks": [
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value"
]
}
],
"policies": [
"allow if true"
]
},
"result": {
"Ok": 0
},
"authorizer_code": "fact(1, 1);\nfact2(1, 2);\n\nallow if true;\n",
"revocation_ids": [
"d65b3aeceb6268124190f5eb87788a5eb81c89a3fc8370c9a3ea362731c55660b2b390ca6270e68afab90862bd2bbb808aa6b5576c975ae773a992a2434c930d"
]
},
"unauthorized failed logic different type": {
"": {
"world": {
"facts": [
{
"origin": [
null
],
"facts": [
"fact(1, true)",
"fact2(1, false)"
]
}
],
"facts": [],
"rules": [],
"checks": [
{
"origin": 0,
"checks": [
"check if fact(1, $value), 1 == $value",
"check if fact2(1, $value), 1 != $value"
"check if \"abcD12\" == \"abcD12\"",
"check if \"abcD12x\" != \"abcD12\"",
"check if \"abcD12x\" != true",
"check if 1 != 3",
"check if 1 != true",
"check if 1 != true",
"check if 1 == 1",
"check if 2022-12-04T09:46:41Z != 2020-12-04T09:46:41Z",
"check if 2022-12-04T09:46:41Z != true",
"check if 2022-12-04T09:46:41Z == 2022-12-04T09:46:41Z",
"check if false != false",
"check if hex:12abcd != hex:12ab",
"check if hex:12abcd != true",
"check if hex:12abcd == hex:12abcd",
"check if true == true",
"check if {1, 2} == {1, 2}",
"check if {1, 4} != true",
"check if {1, 4} != {1, 2}"
]
}
],
Expand All @@ -2596,18 +2566,18 @@
{
"Block": {
"block_id": 0,
"check_id": 0,
"rule": "check if fact(1, $value), 1 == $value"
"check_id": 1,
"rule": "check if false != false"
}
}
]
}
}
}
},
"authorizer_code": "fact(1, true);\nfact2(1, false);\n\nallow if true;\n",
"authorizer_code": "allow if true;\n",
"revocation_ids": [
"d65b3aeceb6268124190f5eb87788a5eb81c89a3fc8370c9a3ea362731c55660b2b390ca6270e68afab90862bd2bbb808aa6b5576c975ae773a992a2434c930d"
"4af245a2504ec00809bd0cd8d20ceaaac35f8ec5aaa8c7d3fd6652b126d2bf246d64fec8f0e65c409b196d4a60c9723dd4fbb3328988790e97fc4e08e9528208"
]
}
}
Expand Down
Binary file modified biscuit-auth/samples/test031_heterogeneous_equal.bc
View file
Binary file not shown.

0 comments on commit d90accd

Please sign in to comment.