diff --git a/ladon_test.go b/ladon_test.go index bfe2e37..432e1da 100644 --- a/ladon_test.go +++ b/ladon_test.go @@ -34,7 +34,7 @@ import ( // A bunch of exemplary policies var pols = []Policy{ &DefaultPolicy{ - ID: "1", + ID: "0", Description: `This policy allows max, peter, zac and ken to create, delete and get the listed resources, but only if the client ip matches and the request states that they are the owner of those resources as well.`, Subjects: []string{"max", "peter", ""}, @@ -49,7 +49,7 @@ var pols = []Policy{ }, }, &DefaultPolicy{ - ID: "2", + ID: "1", Description: "This policy allows max to update any resource", Subjects: []string{"max"}, Actions: []string{"update"}, @@ -64,6 +64,14 @@ var pols = []Policy{ Resources: []string{"<.*>"}, Effect: DenyAccess, }, + &DefaultPolicy{ + ID: "2", + Description: "This policy denies max to broadcast any of the resources", + Subjects: []string{"max"}, + Actions: []string{"random"}, + Resources: []string{"<.*>"}, + Effect: DenyAccess, + }, } // Some test cases @@ -157,6 +165,15 @@ func TestLadon(t *testing.T) { require.Nil(t, warden.Manager.Create(pol)) } + for i := 0; i < len(pols); i++ { + polices, err := warden.Manager.GetAll(int64(1), int64(i)) + require.NoError(t, err) + p, err := warden.Manager.Get(fmt.Sprintf("%d", i)) + if err == nil { + AssertPolicyEqual(t, p, polices[0]) + } + } + for k, c := range cases { t.Run(fmt.Sprintf("case=%d-%s", k, c.description), func(t *testing.T) { @@ -166,6 +183,7 @@ func TestLadon(t *testing.T) { assert.Equal(t, c.expectErr, err != nil) }) } + } func TestLadonEmpty(t *testing.T) { diff --git a/manager/memory/manager_memory.go b/manager/memory/manager_memory.go index 1cb6c89..799c84b 100644 --- a/manager/memory/manager_memory.go +++ b/manager/memory/manager_memory.go @@ -27,6 +27,7 @@ import ( . "github.com/ory/ladon" "github.com/ory/pagination" + "sort" ) // MemoryManager is an in-memory (non-persistent) implementation of Manager. @@ -52,16 +53,24 @@ func (m *MemoryManager) Update(policy Policy) error { // GetAll returns all policies. func (m *MemoryManager) GetAll(limit, offset int64) (Policies, error) { - ps := make(Policies, len(m.Policies)) + keys := make([]string, len(m.Policies)) i := 0 - - for _, p := range m.Policies { - ps[i] = p + m.RLock() + for key := range m.Policies { + keys[i] = key i++ } - start, end := pagination.Index(int(limit), int(offset), len(ps)) - return ps[start:end], nil + start, end := pagination.Index(int(limit), int(offset), len(m.Policies)) + sort.Strings(keys) + ps := make(Policies, len(keys[start:end])) + i = 0 + for _, key := range keys[start:end] { + ps[i] = m.Policies[key] + i++ + } + m.RUnlock() + return ps, nil } // Create a new pollicy to MemoryManager.