diff options
| author | Salvatore Sanfilippo <antirez@gmail.com> | 2019-12-17 09:58:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-12-17 09:58:26 +0100 |
| commit | b7c78b7651c5458ccf5d95ef5857ec427b927a27 (patch) | |
| tree | a2dc46e4dfcbf8adeb309bba7b0e05e4a0170a07 /tests/unit | |
| parent | 4348d25fc45706ffd611d251d961eb3f1bf1ebde (diff) | |
| parent | 7f04a15311b1dfe25f8f63c7a6dabce5a12d55ed (diff) | |
| download | redis-b7c78b7651c5458ccf5d95ef5857ec427b927a27.tar.gz | |
Merge pull request #5916 from madolson/dev-unstable-acl-module-pr
Add module APIs for custom authentication
Diffstat (limited to 'tests/unit')
| -rw-r--r-- | tests/unit/moduleapi/auth.tcl | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/tests/unit/moduleapi/auth.tcl b/tests/unit/moduleapi/auth.tcl new file mode 100644 index 000000000..04a90a496 --- /dev/null +++ b/tests/unit/moduleapi/auth.tcl @@ -0,0 +1,71 @@ +set testmodule [file normalize tests/modules/auth.so] + +start_server {tags {"modules"}} { + r module load $testmodule + + test {Modules can create a user that can be authenticated} { + # Make sure we start authenticated with default user + r auth default "" + assert_equal [r acl whoami] "default" + r auth.createmoduleuser + + set id [r auth.authmoduleuser] + assert_equal [r client id] $id + + # Verify returned id is the same as our current id and + # we are authenticated with the specified user + assert_equal [r acl whoami] "global" + } + + test {De-authenticating clients is tracked and kills clients} { + assert_equal [r auth.changecount] 0 + r auth.createmoduleuser + + # Catch the I/O exception that was thrown when Redis + # disconnected with us. + catch { [r ping] } e + assert_match {*I/O*} $e + + # Check that a user change was registered + assert_equal [r auth.changecount] 1 + } + + test {Modules cant authenticate with ACLs users that dont exist} { + catch { [r auth.authrealuser auth-module-test-fake] } e + assert_match {*Invalid user*} $e + } + + test {Modules can authenticate with ACL users} { + assert_equal [r acl whoami] "default" + + # Create user to auth into + r acl setuser auth-module-test on allkeys allcommands + + set id [r auth.authrealuser auth-module-test] + + # Verify returned id is the same as our current id and + # we are authenticated with the specified user + assert_equal [r client id] $id + assert_equal [r acl whoami] "auth-module-test" + } + + test {Client callback is called on user switch} { + assert_equal [r auth.changecount] 0 + + # Auth again and validate change count + r auth.authrealuser auth-module-test + assert_equal [r auth.changecount] 1 + + # Re-auth with the default user + r auth default "" + assert_equal [r auth.changecount] 1 + assert_equal [r acl whoami] "default" + + # Re-auth with the default user again, to + # verify the callback isn't fired again + r auth default "" + assert_equal [r auth.changecount] 0 + assert_equal [r acl whoami] "default" + } + +}
\ No newline at end of file |