MCPcopy
hub / github.com/grpc/grpc-go / TestFileWatcher_InvalidPolicySkipReload

Method TestFileWatcher_InvalidPolicySkipReload

authz/grpc_authz_end2end_test.go:604–650  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

602}
603
604func (s) TestFileWatcher_InvalidPolicySkipReload(t *testing.T) {
605 valid := authzTests["DeniesRPCMatchInDenyAndAllow"]
606 file := createTmpPolicyFile(t, "invalid_policy_skip_reload", []byte(valid.authzPolicy))
607 i, _ := authz.NewFileWatcher(file, 20*time.Millisecond)
608 defer i.Close()
609
610 stub := &stubserver.StubServer{
611 UnaryCallF: func(context.Context, *testpb.SimpleRequest) (*testpb.SimpleResponse, error) {
612 return &testpb.SimpleResponse{}, nil
613 },
614 // Start a gRPC server with gRPC authz unary server interceptors.
615 S: grpc.NewServer(grpc.ChainUnaryInterceptor(i.UnaryInterceptor)),
616 }
617 stubserver.StartTestService(t, stub)
618 defer stub.Stop()
619
620 // Establish a connection to the server.
621 cc, err := grpc.NewClient(stub.Address, grpc.WithTransportCredentials(insecure.NewCredentials()))
622 if err != nil {
623 t.Fatalf("grpc.NewClient(%v) failed: %v", stub.Address, err)
624 }
625 defer cc.Close()
626 client := testgrpc.NewTestServiceClient(cc)
627
628 ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
629 defer cancel()
630
631 // Verifying authorization decision.
632 _, err = client.UnaryCall(ctx, &testpb.SimpleRequest{})
633 if got := status.Convert(err); got.Code() != valid.wantStatus.Code() || got.Message() != valid.wantStatus.Message() {
634 t.Fatalf("client.UnaryCall(_, _) = %v; want = %v", got.Err(), valid.wantStatus.Err())
635 }
636
637 // Skips the invalid policy update, and continues to use the valid policy.
638 if err := os.WriteFile(file, []byte("{}"), os.ModePerm); err != nil {
639 t.Fatalf("os.WriteFile(%q) failed: %v", file, err)
640 }
641
642 // Wait 40 ms for background go routine to read updated files.
643 time.Sleep(40 * time.Millisecond)
644
645 // Verifying authorization decision.
646 _, err = client.UnaryCall(ctx, &testpb.SimpleRequest{})
647 if got := status.Convert(err); got.Code() != valid.wantStatus.Code() || got.Message() != valid.wantStatus.Message() {
648 t.Fatalf("client.UnaryCall(_, _) = %v; want = %v", got.Err(), valid.wantStatus.Err())
649 }
650}
651
652func (s) TestFileWatcher_RecoversFromReloadFailure(t *testing.T) {
653 valid1 := authzTests["DeniesRPCMatchInDenyAndAllow"]

Callers

nothing calls this directly

Calls 15

StopMethod · 0.95
UnaryCallMethod · 0.95
NewFileWatcherFunction · 0.92
NewServerFunction · 0.92
ChainUnaryInterceptorFunction · 0.92
StartTestServiceFunction · 0.92
NewClientFunction · 0.92
WithTransportCredentialsFunction · 0.92
NewCredentialsFunction · 0.92
ConvertFunction · 0.92
createTmpPolicyFileFunction · 0.85
CodeMethod · 0.80

Tested by

no test coverage detected