MCPcopy Index your code
hub / github.com/coder/coder / benchmarkUserCases

Function benchmarkUserCases

coderd/rbac/authz_test.go:27–147  ·  view source on GitHub ↗

benchmarkUserCases builds a set of users with different roles and groups. The user id used as the subject and the orgs used to build the roles are returned.

()

Source from the content-addressed store, hash-verified

25// The user id used as the subject and the orgs used to build the roles are
26// returned.
27func benchmarkUserCases() (cases []benchmarkCase, users uuid.UUID, orgs []uuid.UUID) {
28 orgs = []uuid.UUID{
29 uuid.MustParse("bf7b72bd-a2b1-4ef2-962c-1d698e0483f6"),
30 uuid.MustParse("e4660c6f-b9de-422d-9578-cd888983a795"),
31 uuid.MustParse("fb13d477-06f4-42d9-b957-f6b89bd63515"),
32 }
33
34 user := uuid.MustParse("10d03e62-7703-4df5-a358-4f76577d4e2f")
35 // noiseGroups are just added to add noise to the authorize call. They
36 // never match an object's list of groups.
37 noiseGroups := []string{uuid.NewString(), uuid.NewString(), uuid.NewString()}
38
39 benchCases := []benchmarkCase{
40 {
41 Name: "NoRoles",
42 Actor: rbac.Subject{
43 ID: user.String(),
44 Roles: rbac.RoleIdentifiers{},
45 Scope: rbac.ScopeAll,
46 },
47 },
48 {
49 Name: "Admin",
50 Actor: rbac.Subject{
51 // Give some extra roles that an admin might have
52 Roles: rbac.RoleIdentifiers{rbac.ScopedRoleOrgMember(orgs[0]), rbac.RoleAuditor(), rbac.RoleOwner(), rbac.RoleMember()},
53 ID: user.String(),
54 Scope: rbac.ScopeAll,
55 Groups: noiseGroups,
56 },
57 },
58 {
59 Name: "OrgAdmin",
60 Actor: rbac.Subject{
61 Roles: rbac.RoleIdentifiers{rbac.ScopedRoleOrgMember(orgs[0]), rbac.ScopedRoleOrgAdmin(orgs[0]), rbac.RoleMember()},
62 ID: user.String(),
63 Scope: rbac.ScopeAll,
64 Groups: noiseGroups,
65 },
66 },
67 {
68 Name: "OrgMember",
69 Actor: rbac.Subject{
70 // Member of 2 orgs
71 Roles: rbac.RoleIdentifiers{rbac.ScopedRoleOrgMember(orgs[0]), rbac.ScopedRoleOrgMember(orgs[1]), rbac.RoleMember()},
72 ID: user.String(),
73 Scope: rbac.ScopeAll,
74 Groups: noiseGroups,
75 },
76 },
77 {
78 Name: "ManyRoles",
79 Actor: rbac.Subject{
80 // Admin of many orgs
81 Roles: rbac.RoleIdentifiers{
82 rbac.ScopedRoleOrgMember(orgs[0]), rbac.ScopedRoleOrgAdmin(orgs[0]),
83 rbac.ScopedRoleOrgMember(orgs[1]), rbac.ScopedRoleOrgAdmin(orgs[1]),
84 rbac.ScopedRoleOrgMember(orgs[2]), rbac.ScopedRoleOrgAdmin(orgs[2]),

Callers 3

BenchmarkRBACAuthorizeFunction · 0.85
BenchmarkRBACFilterFunction · 0.85

Calls 9

ScopedRoleOrgMemberFunction · 0.92
RoleAuditorFunction · 0.92
RoleOwnerFunction · 0.92
RoleMemberFunction · 0.92
ScopedRoleOrgAdminFunction · 0.92
RoleTemplateAdminFunction · 0.92
RoleUserAdminFunction · 0.92
WithCachedASTValueMethod · 0.80
StringMethod · 0.45

Tested by

no test coverage detected