Skip to content

Commit a88733f

Browse files
haineshaines
authoredApr 23, 2024··
fix: Include implicit EFFECT_DENY in test failure details (#2117)
#2116 defaulted the expectation to `EFFECT_DENY`, but didn't include the correct expected value in the failure details 🤦‍♂️ Signed-off-by: Andrew Haines <haines@cerbos.dev>
·
v0.42.0api/genpb/v0.36.0
1 parent 61addb0 commit a88733f

File tree

3 files changed

+63
-12
lines changed

3 files changed

+63
-12
lines changed
 

‎internal/test/testdata/verify/cases/case_019.yaml.golden

+46-9
Original file line numberDiff line numberDiff line change
@@ -5,15 +5,15 @@
55
"name": "Example test suite",
66
"summary": {
77
"overallResult": "RESULT_FAILED",
8-
"testsCount": 2,
8+
"testsCount": 4,
99
"resultCounts": [
1010
{
1111
"result": "RESULT_PASSED",
12-
"count": 1
12+
"count": 2
1313
},
1414
{
1515
"result": "RESULT_FAILED",
16-
"count": 1
16+
"count": 2
1717
}
1818
]
1919
},
@@ -23,6 +23,35 @@
2323
"principals": [
2424
{
2525
"name": "admin",
26+
"resources": [
27+
{
28+
"name": "example",
29+
"actions": [
30+
{
31+
"name": "create",
32+
"details": {
33+
"result": "RESULT_PASSED",
34+
"success": {
35+
"effect": "EFFECT_ALLOW"
36+
}
37+
}
38+
},
39+
{
40+
"name": "update",
41+
"details": {
42+
"result": "RESULT_FAILED",
43+
"failure": {
44+
"expected": "EFFECT_DENY",
45+
"actual": "EFFECT_ALLOW"
46+
}
47+
}
48+
}
49+
]
50+
}
51+
]
52+
},
53+
{
54+
"name": "user",
2655
"resources": [
2756
{
2857
"name": "example",
@@ -32,8 +61,16 @@
3261
"details": {
3362
"result": "RESULT_FAILED",
3463
"failure": {
35-
"expected": "EFFECT_ALLOW",
36-
"actual": "EFFECT_DENY"
64+
"expected": "EFFECT_DENY",
65+
"actual": "EFFECT_DENY",
66+
"outputs": [
67+
{
68+
"src": "resource.account.vdefault#rule",
69+
"missing": {
70+
"expected": "foo"
71+
}
72+
}
73+
]
3774
}
3875
}
3976
},
@@ -42,7 +79,7 @@
4279
"details": {
4380
"result": "RESULT_PASSED",
4481
"success": {
45-
"effect": "EFFECT_DENY"
82+
"effect": "EFFECT_ALLOW"
4683
}
4784
}
4885
}
@@ -57,15 +94,15 @@
5794
],
5895
"summary": {
5996
"overallResult": "RESULT_FAILED",
60-
"testsCount": 2,
97+
"testsCount": 4,
6198
"resultCounts": [
6299
{
63100
"result": "RESULT_PASSED",
64-
"count": 1
101+
"count": 2
65102
},
66103
{
67104
"result": "RESULT_FAILED",
68-
"count": 1
105+
"count": 2
69106
}
70107
]
71108
}

‎internal/test/testdata/verify/cases/case_019.yaml.input

+15-1
Original file line numberDiff line numberDiff line change
@@ -6,17 +6,22 @@ principals:
66
id: admin
77
roles:
88
- admin
9+
user:
10+
id: user
11+
roles:
12+
- user
913

1014
resources:
1115
example:
12-
kind: example
16+
kind: account
1317
id: example
1418

1519
tests:
1620
- name: Example test
1721
input:
1822
principals:
1923
- admin
24+
- user
2025
resources:
2126
- example
2227
actions:
@@ -27,3 +32,12 @@ tests:
2732
resource: example
2833
actions:
2934
create: EFFECT_ALLOW
35+
- principal: user
36+
resource: example
37+
actions:
38+
update: EFFECT_ALLOW
39+
outputs:
40+
- action: create
41+
expected:
42+
- src: resource.account.vdefault#rule
43+
val: foo

‎internal/verify/test_fixture.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -289,7 +289,7 @@ func runTest(ctx context.Context, eng Checker, test *policyv1.Test, action strin
289289
details.Result = policyv1.TestResults_RESULT_FAILED
290290
details.Outcome = &policyv1.TestResults_Details_Failure{
291291
Failure: &policyv1.TestResults_Failure{
292-
Expected: test.Expected[action],
292+
Expected: expectedEffect,
293293
Actual: actual[0].Actions[action].Effect,
294294
},
295295
}
@@ -334,7 +334,7 @@ func runTest(ctx context.Context, eng Checker, test *policyv1.Test, action strin
334334
details.Result = policyv1.TestResults_RESULT_FAILED
335335
details.Outcome = &policyv1.TestResults_Details_Failure{
336336
Failure: &policyv1.TestResults_Failure{
337-
Expected: test.Expected[action],
337+
Expected: expectedEffect,
338338
Actual: actual[0].Actions[action].Effect,
339339
Outputs: failures,
340340
},

0 commit comments

Comments
 (0)
Please sign in to comment.