1 files changed, 0 insertions, 149 deletions
diff --git a/tests/authorization/cedar_authorizer_test.rs b/tests/authorization/cedar_authorizer_test.rs
deleted file mode 100644
index 58563832..00000000
--- a/tests/authorization/cedar_authorizer_test.rs
+++ /dev/null
@@ -1,149 +0,0 @@
-#[cfg(test)]
-mod tests {
-    use crate::support::factory_bot::*;
-    use crate::support::*;
-    use authzd::Authorizer;
-    use envoy_types::pb::envoy::service::auth::v3::attribute_context::HttpRequest;
-    use std::collections::HashMap;
-
-    fn subject() -> authzd::CedarAuthorizer {
-        common::setup();
-        subject_with(cedar_policy::Entities::empty())
-    }
-
-    fn subject_with(entities: cedar_policy::Entities) -> authzd::CedarAuthorizer {
-        build_cedar_authorizer(entities)
-    }
-
-    #[test]
-    fn test_cedar_authorizer_denies_missing_header() {
-        assert!(
-            !subject().authorize(build_request(|item: &mut HttpRequest| {
-                item.headers = HashMap::new();
-            }))
-        );
-    }
-
-    #[test]
-    fn test_unauthenticated_sparkle_endpoints() {
-        let hosts = vec![
-            "localhost:10000",
-            "sparkle.runway.gitlab.net",
-            "sparkle.staging.runway.gitlab.net",
-        ];
-
-        let routes = vec![
-            ("GET", "/", true),
-            ("GET", "/callback", true),
-            ("GET", "/dashboard/nav", true),
-            ("GET", "/health", true),
-            ("GET", "/signout", true),
-            ("GET", "/sparkles", true),
-            ("POST", "/sparkles/restore", true),
-            ("GET", "/dashboard", false),
-            ("POST", "/sparkles", false),
-        ];
-
-        let authorizer = subject();
-        for host in hosts {
-            for (method, path, expected) in &routes {
-                let request = build_request(|item: &mut HttpRequest| {
-                    item.method = method.to_string();
-                    item.path = path.to_string();
-                    item.host = host.to_string();
-                    item.headers = build_headers(vec![
-                        (String::from(":path"), path.to_string()),
-                        (String::from(":method"), method.to_string()),
-                        (String::from(":authority"), host.to_string()),
-                    ]);
-                });
-
-                assert_eq!(
-                    authorizer.authorize(request),
-                    *expected,
-                    "{} {}",
-                    method,
-                    path
-                );
-            }
-        }
-    }
-
-    // TODO:: Add entities to represent access to:
-    // * list of sparkles: `:read, gid://sparkle/Sparkle/*`
-    // * single sparkle: `:read, gid://sparkle/Sparkle/:id`
-    // * create sparkle: `:create, gid://sparkle/Sparkle/*`
-    // * update sparkles: `:update, gid://sparkle/Sparkle/*`
-    // * update single sparkle: `:update, gid://sparkle/Sparkle/:id`
-    // * delete sparkles: `:delete, gid://sparkle/Sparkle/*`
-    // * delete single sparkle: `:delete, gid://sparkle/Sparkle/:id`
-    #[test]
-    fn test_authenticated_create_sparkle() {
-        let request = build_request(|item: &mut HttpRequest| {
-            item.method = "POST".to_string();
-            item.path = "/sparkles".to_string();
-            item.host = "sparkle.staging.runway.gitlab.net".to_string();
-            item.headers = build_headers(vec![
-                (String::from(":path"), item.path.to_string()),
-                (String::from(":method"), item.method.to_string()),
-                (String::from(":authority"), item.host.to_string()),
-                (String::from("x-jwt-claim-sub"), "1675940".to_string()),
-            ]);
-        });
-
-        let mut attrs = std::collections::HashMap::new();
-        attrs.insert(
-            "username".to_string(),
-            cedar_policy::RestrictedExpression::new_string("tanuki".to_string()),
-        );
-        let user = build_user("1675940", attrs);
-        let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
-        let authorizer = subject_with(entities);
-        assert!(authorizer.authorize(request.clone()));
-
-        let mut attrs = std::collections::HashMap::new();
-        attrs.insert(
-            "username".to_string(),
-            cedar_policy::RestrictedExpression::new_string("root".to_string()),
-        );
-        let user = build_user("1", attrs);
-        let entities = cedar_policy::Entities::from_entities([user], None).unwrap();
-        let authorizer = subject_with(entities);
-        assert!(!authorizer.authorize(request.clone()));
-    }
-
-    #[test]
-    fn test_sparkle_homepage() {
-        let request = build_request(|item: &mut HttpRequest| {
-            item.method = "GET".to_string();
-            item.path = "/".to_string();
-            item.host = "localhost:10000".to_string();
-            item.headers = build_headers(vec![
-                (String::from(":path"), item.path.to_string()),
-                (String::from(":method"), item.method.to_string()),
-                (String::from(":authority"), item.host.to_string()),
-            ]);
-        });
-
-        let authorizer = subject();
-        assert_eq!(authorizer.authorize(request), true);
-    }
-
-    #[test]
-    fn test_sparkle_dashboard() {
-        let request = build_request(|item: &mut HttpRequest| {
-            item.method = "GET".to_string();
-            item.path = "/dashboard".to_string();
-            item.host = "localhost:10000".to_string();
-            item.headers = build_headers(vec![
-                (String::from("x-jwt-claim-sub"), "1".to_string()),
-                (String::from(":path"), item.path.to_string()),
-                (String::from(":method"), item.method.to_string()),
-                (String::from(":authority"), item.host.to_string()),
-            ]);
-        });
-
-        let authorizer = subject();
-        assert_eq!(authorizer.authorize(request), true);
-    }
-}