Added integration test for Glob Pattern matching in Incoming Permissins

allegro · Jul 2, 2024 · 235af92 · 235af92
1 parent c85d49e
commit 235af92
Showing 1 changed file with 36 additions and 2 deletions.
diff --git a/.../allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt b/.../allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt
@@ -26,7 +26,13 @@ class IncomingPermissionsPathMatchingTest {
                   incoming:
                     unlistedEndpointsPolicy: blockAndLog
                     endpoints:
-                    - paths: ["/api/products", "/api/products/*/reviews", "/api/offers**"]
+                    - paths: 
+                      - /api/products
+                      - /api/products/*/reviews
+                      - /api/offers/**
+                      - /api/**/description
+                      - /*/login
+                      - /**/health
                       clients: ["echo2"]
                     - path: "/path"
                       clients: ["echo2"]
@@ -143,10 +149,38 @@ class IncomingPermissionsPathMatchingTest {
     }
 
     @Test
-    fun `echo should allow echo2 to access 'api' endpoints for matched Glob patterns in the 'paths' field`() {
+    fun `echo should allow echo2 to access endpoints for matched Glob patterns in the 'paths' field`() {
         // expect
         echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products").also {
             assertThat(it).isOk()
         }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/some/reviews").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/offers/electronics/phones").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/some/status/health").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/path/with/description").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/paths/with/description").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/login").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/too/many/reviews").also {
+            assertThat(it).isForbidden()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/forbidden").also {
+            assertThat(it).isForbidden()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/status/health/login").also {
+            assertThat(it).isForbidden()
+        }
     }
+
 }