From 235af924a42990ac8ed61382a7335a1689b94856 Mon Sep 17 00:00:00 2001
From: Lukasz Druminski <lukasz.druminski@allegro.pl>
Date: Tue, 2 Jul 2024 21:45:54 +0200
Subject: [PATCH] Added integration test for Glob Pattern matching in Incoming
 Permissins

---
 .../IncomingPermissionsPathMatchingTest.kt    | 38 ++++++++++++++++++-
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/envoy-control-tests/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt b/envoy-control-tests/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt
index ff49b3b2d..2c960de70 100644
--- a/envoy-control-tests/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt
+++ b/envoy-control-tests/src/main/kotlin/pl/allegro/tech/servicemesh/envoycontrol/permissions/IncomingPermissionsPathMatchingTest.kt
@@ -26,7 +26,13 @@ class IncomingPermissionsPathMatchingTest {
                   incoming:
                     unlistedEndpointsPolicy: blockAndLog
                     endpoints:
-                    - paths: ["/api/products", "/api/products/*/reviews", "/api/offers**"]
+                    - paths: 
+                      - /api/products
+                      - /api/products/*/reviews
+                      - /api/offers/**
+                      - /api/**/description
+                      - /*/login
+                      - /**/health
                       clients: ["echo2"]
                     - path: "/path"
                       clients: ["echo2"]
@@ -143,10 +149,38 @@ class IncomingPermissionsPathMatchingTest {
     }
 
     @Test
-    fun `echo should allow echo2 to access 'api' endpoints for matched Glob patterns in the 'paths' field`() {
+    fun `echo should allow echo2 to access endpoints for matched Glob patterns in the 'paths' field`() {
         // expect
         echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products").also {
             assertThat(it).isOk()
         }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/some/reviews").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/offers/electronics/phones").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/some/status/health").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/path/with/description").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/paths/with/description").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/login").also {
+            assertThat(it).isOk()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/too/many/reviews").also {
+            assertThat(it).isForbidden()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/api/products/forbidden").also {
+            assertThat(it).isForbidden()
+        }
+        echo2Envoy.egressOperations.callService(service = "echo", pathAndQuery = "/status/health/login").also {
+            assertThat(it).isForbidden()
+        }
     }
+
 }