1 files changed, 69 insertions, 0 deletions

diff --git a/internal/admin/model_test.go b/internal/admin/model_test.go
new file mode 100644
index 0000000..b13bfad
--- /dev/null
+++ b/internal/admin/model_test.go
@@ -0,0 +1,69 @@
+package admin
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestCasbinPolicies(t *testing.T) {
+	roleName := "mr:role"
+	repoName := "myrepo"
+	pRO := &Permission{
+		Role: roleName,
+		Mode: 0,
+	}
+	pW := &Permission{
+		Role: "my:admin",
+		Mode: 1,
+	}
+
+	t.Run("test read only policies", func(t *testing.T) {
+		roPolicies := readOnlyPaths(roleName, repoName)
+		for _, v := range roPolicies {
+			if v[0] != roleName {
+				t.Fatalf("Missing rolename in policy %s %s", v[0], v[1])
+			}
+		}
+		if roPolicies[0][1] != fmt.Sprintf("/%s/info/refs", repoName) {
+			t.Fatal("missing info/refs policy")
+		}
+		if roPolicies[1][1] != fmt.Sprintf("/%s/git-upload-pack", repoName) {
+			t.Fatal("missing git-upload-pack policy")
+		}
+		if roPolicies[0][2] != "GET" {
+			t.Fatal("missing info/refs policy")
+		}
+		if roPolicies[1][2] != "POST" {
+			t.Fatal("missing git-upload-pack policy")
+		}
+	})
+	t.Run("testing write policies", func(t *testing.T) {
+		wPolicies := writePaths(roleName, repoName)
+		if wPolicies[0][0] != roleName {
+			t.Fatal("Role name doesn't match")
+		}
+		if wPolicies[0][1] != fmt.Sprintf("/%s/git-recieve-pack", repoName) {
+			t.Fatal("Policy missing write path")
+		}
+	})
+
+	t.Run("testing mode build policies", func(t *testing.T) {
+		rOPolicy := pRO.Policy(roleName)
+		wPolicy := pW.Policy(roleName)
+		if len(rOPolicy) != 2 {
+			t.Fatal("Didn't provide correct number of read policies")
+		}
+		if len(wPolicy) != 3 {
+			t.Fatal("Didn't provide correct number of write policies")
+		}
+	})
+	t.Run("testing repo level policies", func(t *testing.T) {
+		repo := &GitRepo{
+			Permissions: []*Permission{pRO, pW},
+		}
+		policies := repo.CasbinPolicies()
+		if len(policies) != 5 {
+			t.Fatal("Repo was expected to have 5 policies generated")
+		}
+	})
+}