From 67d3e252f0f9338c099726f88e03d73eb9d73594 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Fri, 2 May 2025 16:29:28 -0600
Subject: test: fix name in test

---
 pkg/policies/allowed_test.go  | 146 ++++++++++++++++++++++++++++++++++++++++++
 pkg/policies/policies_test.go | 146 ------------------------------------------
 2 files changed, 146 insertions(+), 146 deletions(-)
 create mode 100644 pkg/policies/allowed_test.go
 delete mode 100644 pkg/policies/policies_test.go

(limited to 'pkg')

diff --git a/pkg/policies/allowed_test.go b/pkg/policies/allowed_test.go
new file mode 100644
index 00000000..7963e8df
--- /dev/null
+++ b/pkg/policies/allowed_test.go
@@ -0,0 +1,146 @@
+package policies
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/cedar-policy/cedar-go"
+	"github.com/stretchr/testify/assert"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/authz.d/pkg/gid"
+)
+
+func build(f func(*cedar.Request)) *cedar.Request {
+	request := &cedar.Request{
+		Principal: gid.NewEntityUID("gid://example/User/1"),
+		Action:    cedar.NewEntityUID("HttpMethod", "GET"),
+		Resource:  cedar.NewEntityUID("HttpPath", "/"),
+		Context: cedar.NewRecord(cedar.RecordMap{
+			"host": cedar.String("example.com"),
+		}),
+	}
+	f(request)
+	return request
+}
+
+func TestAllowed(t *testing.T) {
+	allowed := []*cedar.Request{
+		build(func(r *cedar.Request) {}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "POST")
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "PUT")
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "PATCH")
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "DELETE")
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "HEAD")
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/organizations.json")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("api.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/groups.json")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("api.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/openid-configuration")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("idp.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/oauth-authorization-server")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("idp.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/*")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/openid-configuration")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("idp.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/*")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/oauth-authorization-server")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("idp.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "POST")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/twirp/authz.rpc.Ability/Allowed")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("idp.example.com"),
+			})
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.NewEntityUID("gid://example/User/1")
+			r.Action = cedar.NewEntityUID("HttpMethod", "GET")
+			r.Resource = cedar.NewEntityUID("HttpPath", "/index.html")
+			r.Context = cedar.NewRecord(cedar.RecordMap{
+				"host": cedar.String("ui.example.com"),
+			})
+		}),
+	}
+
+	for _, tt := range allowed {
+		t.Run(fmt.Sprintf("allows: %v/%v %v %v%v", tt.Principal.Type, tt.Principal.ID, tt.Action.ID, tt.Context.Map()["host"], tt.Resource.ID), func(t *testing.T) {
+			assert.True(t, Allowed(t.Context(), *tt))
+		})
+	}
+
+	denied := []*cedar.Request{
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("POST"))
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("PUT"))
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("PATCH"))
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("DELETE"))
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("HEAD"))
+		}),
+		build(func(r *cedar.Request) {
+			r.Principal = gid.ZeroEntityUID()
+			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("TRACE"))
+		}),
+	}
+
+	for _, tt := range denied {
+		t.Run(fmt.Sprintf("denies: %v/%v %v %v%v", tt.Principal.Type, tt.Principal.ID, tt.Action.ID, tt.Context.Map()["host"], tt.Resource.ID), func(t *testing.T) {
+			assert.False(t, Allowed(t.Context(), *tt))
+		})
+	}
+}
diff --git a/pkg/policies/policies_test.go b/pkg/policies/policies_test.go
deleted file mode 100644
index d44d049d..00000000
--- a/pkg/policies/policies_test.go
+++ /dev/null
@@ -1,146 +0,0 @@
-package policies
-
-import (
-	"fmt"
-	"testing"
-
-	"github.com/cedar-policy/cedar-go"
-	"github.com/stretchr/testify/assert"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/authz.d/pkg/gid"
-)
-
-func build(f func(*cedar.Request)) *cedar.Request {
-	request := &cedar.Request{
-		Principal: gid.NewEntityUID("gid://example/User/1"),
-		Action:    cedar.NewEntityUID("HttpMethod", "GET"),
-		Resource:  cedar.NewEntityUID("HttpPath", "/"),
-		Context: cedar.NewRecord(cedar.RecordMap{
-			"host": cedar.String("idp.example.com"),
-		}),
-	}
-	f(request)
-	return request
-}
-
-func TestAllowed(t *testing.T) {
-	allowed := []*cedar.Request{
-		build(func(r *cedar.Request) {}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "POST")
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "PUT")
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "PATCH")
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "DELETE")
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "HEAD")
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/organizations.json")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("api.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/groups.json")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("api.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/openid-configuration")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("idp.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/oauth-authorization-server")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("idp.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/*")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/openid-configuration")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("idp.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/*")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/.well-known/oauth-authorization-server")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("idp.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "POST")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/twirp/authx.rpc.Ability/Allowed")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("idp.example.com"),
-			})
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.NewEntityUID("gid://example/User/1")
-			r.Action = cedar.NewEntityUID("HttpMethod", "GET")
-			r.Resource = cedar.NewEntityUID("HttpPath", "/index.html")
-			r.Context = cedar.NewRecord(cedar.RecordMap{
-				"host": cedar.String("ui.example.com"),
-			})
-		}),
-	}
-
-	for _, tt := range allowed {
-		t.Run(fmt.Sprintf("allows: %v/%v %v %v%v", tt.Principal.Type, tt.Principal.ID, tt.Action.ID, tt.Context.Map()["host"], tt.Resource.ID), func(t *testing.T) {
-			assert.True(t, Allowed(t.Context(), *tt))
-		})
-	}
-
-	denied := []*cedar.Request{
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("POST"))
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("PUT"))
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("PATCH"))
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("DELETE"))
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("HEAD"))
-		}),
-		build(func(r *cedar.Request) {
-			r.Principal = gid.ZeroEntityUID()
-			r.Action = cedar.NewEntityUID("HttpMethod", cedar.String("TRACE"))
-		}),
-	}
-
-	for _, tt := range denied {
-		t.Run(fmt.Sprintf("denies: %v/%v %v %v%v", tt.Principal.Type, tt.Principal.ID, tt.Action.ID, tt.Context.Map()["host"], tt.Resource.ID), func(t *testing.T) {
-			assert.False(t, Allowed(t.Context(), *tt))
-		})
-	}
-}
-- 
cgit v1.2.3