1
0
Fork 0
mirror of https://github.com/postmannen/ctrl.git synced 2025-01-07 12:59:15 +00:00
ctrl/central_auth_test.go
postmannen 69995f76ca updated package info
updated references
removed tui client
removed ringbuffer persist store
removed ringbuffer
enabled audit logging
moved audit logging to message readers
disabled goreleaser
update readme, cbor, zstd
removed request type ping and pong
update readme
testing with cmd.WaitDelay for clicommand
fixed readme
removed ringbuffer flag
default serialization set to cbor, default compression set to zstd, fixed race,
removed event type ack and nack, also removed from subject. Fixed file stat error for copy log file
removed remaining elements of the event type
removed comments
renamed toRingbufferCh to samToSendCh
renamed directSAMSCh ro samSendLocalCh
removed handler interface
agpl3 license
added license-change.md
2024-02-07 22:54:50 +01:00

529 lines
19 KiB
Go

package ctrl
import (
"fmt"
"io"
"log"
"sync"
"testing"
"github.com/fxamacker/cbor/v2"
)
func TestACLSingleNode(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "PIG")
// --- TESTS ---
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["HORSE"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["admin"]["PIG"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLSingleNode")
}
func TestACLWithGroups(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
const (
grp_nodes_operators = "grp_nodes_operators"
grp_nodes_ships = "grp_nodes_ships"
grp_commands_commandset1 = "grp_commands_commandset1"
)
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator1")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator2")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship100")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship101")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "dmesg")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "date")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, "admin", "useradd -m kongen")
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, grp_nodes_operators, grp_commands_commandset1)
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["useradd -m kongen"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["operator1"]["dmesg"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["operator1"]["date"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["operator2"]["dmesg"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["operator2"]["date"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
if _, ok := mapOfFromNodeCommands["admin"]["HORSE"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLWithGroups")
}
func TestACLNodesGroupDeleteNode(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
const (
grp_nodes_operators = "grp_nodes_operators"
grp_nodes_ships = "grp_nodes_ships"
grp_commands_commandset1 = "grp_commands_commandset1"
)
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator1")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator2")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship100")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship101")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "dmesg")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "date")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, "admin", "useradd -m kongen")
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, grp_nodes_operators, grp_commands_commandset1)
tstSrv.centralAuth.groupNodesDeleteNode(grp_nodes_ships, "ship101")
// Check that we still got the data for ship100.
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship100"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["useradd -m kongen"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
}
// Check that we don't have any data for ship101.
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["useradd -m kongen"]; ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLNodesGroupDeleteNode")
}
func TestGroupNodesDeleteGroup(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
const (
grp_nodes_operators = "grp_nodes_operators"
grp_nodes_ships = "grp_nodes_ships"
grp_commands_commandset1 = "grp_commands_commandset1"
)
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator1")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator2")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship100")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship101")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "dmesg")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "date")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, "admin", "useradd -m kongen")
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, grp_nodes_operators, grp_commands_commandset1)
tstSrv.centralAuth.groupNodesDeleteGroup(grp_nodes_operators)
// Check that we still got the data for other ACL's.
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["HORSE"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
}
// Check that we don't have any data for grp_nodes_operators
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["dmesg"]; ok {
t.Fatal(" \U0001F631 [FAILED]: foud map entry")
}
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestGroupNodesDeleteGroup")
}
func TestGroupCommandDeleteGroup(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
const (
grp_nodes_operators = "grp_nodes_operators"
grp_nodes_ships = "grp_nodes_ships"
grp_commands_commandset1 = "grp_commands_commandset1"
)
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator1")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_operators, "operator2")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship100")
tstSrv.centralAuth.groupNodesAddNode(grp_nodes_ships, "ship101")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "dmesg")
tstSrv.centralAuth.groupCommandsAddCommand(grp_commands_commandset1, "date")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, "admin", "useradd -m kongen")
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.aclAddCommand(grp_nodes_ships, grp_nodes_operators, grp_commands_commandset1)
tstSrv.centralAuth.groupCommandDeleteGroup(grp_commands_commandset1)
// Check that we still got the data for other ACL's.
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["HORSE"]; !ok {
t.Fatal(" \U0001F631 [FAILED]: missing map entry")
}
}
// Check that we don't have any data for grp_nodes_operators
{
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
if _, ok := mapOfFromNodeCommands["admin"]["dmesg"]; ok {
t.Fatal(" \U0001F631 [FAILED]: foud map entry")
}
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestGroupCommandDeleteGroup")
}
func TestACLGenerated(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
tstSrv.centralAuth.aclAddCommand("ship101", "admin", "HORSE")
tstSrv.centralAuth.groupNodesAddNode("grp_nodes_ships", "ship101")
tstSrv.centralAuth.aclAddCommand("grp_nodes_ships", "admin", "HEN")
tstSrv.centralAuth.groupCommandsAddCommand("grp_commands_test", "echo")
tstSrv.centralAuth.groupCommandsAddCommand("grp_commands_test", "dmesg")
tstSrv.centralAuth.aclAddCommand("grp_nodes_ships", "admin", "grp_commands_test")
tstSrv.centralAuth.groupCommandsDeleteCommand("grp_commands_test", "echo")
// --- TESTS ---
mapOfFromNodeCommands := make(map[Node]map[command]struct{})
err := cbor.Unmarshal(tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap["ship101"].Data, &mapOfFromNodeCommands)
if err != nil {
t.Fatal(err)
}
//if _, ok := mapOfFromNodeCommands["admin"]["PIG"]; !ok {
// t.Fatalf(" \U0001F631 [FAILED]: missing map entry: PIG: Content of Map: %v", mapOfFromNodeCommands)
//}
if _, ok := mapOfFromNodeCommands["admin"]["HORSE"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: HORSE: Content of Map: %v", mapOfFromNodeCommands)
}
if _, ok := mapOfFromNodeCommands["admin"]["HEN"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: HEN: Content of Map: %v", mapOfFromNodeCommands)
}
if _, ok := mapOfFromNodeCommands["admin"]["echo"]; ok {
t.Fatalf(" \U0001F631 [FAILED]: should not contain map entry: echo: Content of Map: %v", mapOfFromNodeCommands)
}
if _, ok := mapOfFromNodeCommands["admin"]["dmesg"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: echo: Content of Map: %v", mapOfFromNodeCommands)
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLGenerated")
}
func TestACLSchemaMainACLMap(t *testing.T) {
if !*logging {
log.SetOutput(io.Discard)
}
//a.aclNodeFromnodeCommandAdd("ship101", "admin", "PIG")
// fmt.Printf("---------------ADDING COMMAND-------------\n")
tstSrv.centralAuth.aclAddCommand("ship0", "admin", "systemctl")
tstSrv.centralAuth.aclAddCommand("ship1", "admin", "tcpdump")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship0"]["admin"]["systemctl"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship0, admin, systemctl")
}
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship1"]["admin"]["tcpdump"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// fmt.Printf("---------------ADDING COMMAND-------------\n")
tstSrv.centralAuth.groupNodesAddNode("grp_nodes_ships", "ship1")
tstSrv.centralAuth.groupNodesAddNode("grp_nodes_ships", "ship2")
tstSrv.centralAuth.aclAddCommand("grp_nodes_ships", "admin", "dmesg")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["grp_nodes_ships"]["admin"]["dmesg"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// fmt.Printf("---------------ADDING COMMAND-------------\n")
tstSrv.centralAuth.aclAddCommand("ship2", "admin", "echo")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship2"]["admin"]["echo"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// fmt.Printf("---------------DELETING COMMAND grp_nodes_ships, admin, dmesg-------------\n")
tstSrv.centralAuth.aclDeleteCommand("grp_nodes_ships", "admin", "dmesg")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["grp_nodes_ships"]["admin"]["dmesg"]; ok {
t.Fatalf(" \U0001F631 [FAILED]: found map entry: grp_nodes_ships, admin, dmesg")
}
// Check that the remaining are still ok.
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship0"]["admin"]["systemctl"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship0, admin, systemctl")
}
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship1"]["admin"]["tcpdump"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship2"]["admin"]["echo"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// fmt.Printf("---------------DELETING COMMAND ship0, admin, systemctl-------------\n")
tstSrv.centralAuth.aclDeleteCommand("ship0", "admin", "systemctl")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship0"]["admin"]["systemctl"]; ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship0, admin, systemctl")
}
// Check that the remaining are ok.
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship1"]["admin"]["tcpdump"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship2"]["admin"]["echo"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// fmt.Printf("---------------DELETING SOURCE ship1, admin-------------\n")
tstSrv.centralAuth.aclDeleteSource("ship1", "admin")
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship1"]["admin"]; ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
// Check that the remaining are ok.
if _, ok := tstSrv.centralAuth.accessLists.schemaMain.ACLMap["ship2"]["admin"]["echo"]; !ok {
t.Fatalf(" \U0001F631 [FAILED]: missing map entry: ship1, admin, tcpdump")
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLSchemaMainACLMap")
}
// Need to clean up from the other tests before this test is enabled
//
// func TestACLHash(t *testing.T) {
// if !*logging {
// log.SetOutput(io.Discard)
// }
//
// a := newAccessLists(&errorKernel{}, tstConf)
//
// a.aclAddCommand("ship101", "admin", "HORSE")
//
// a.groupNodesAddNode("grp_nodes_ships", "ship101")
// a.aclAddCommand("grp_nodes_ships", "admin", "HEN")
//
// hash := [32]uint8{0xa4, 0x99, 0xbd, 0xa3, 0x18, 0x26, 0x52, 0xc2, 0x92, 0x60, 0x23, 0x19, 0x3c, 0xa, 0x7, 0xa9, 0xb7, 0x77, 0x4f, 0x11, 0x34, 0xd5, 0x2d, 0xd1, 0x8d, 0xab, 0x6c, 0x4b, 0x2, 0xfa, 0x5c, 0x7a}
// value := a.schemaGenerated.GeneratedACLsMap["ship101"].Hash
// // fmt.Printf("%#v\n", a.schemaGenerated.GeneratedACLsMap["ship101"].Hash)
//
// if bytes.Equal(hash[:], value[:]) == false {
// t.Fatalf(" \U0001F631 [FAILED]: hash mismatch")
// }
//
// t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLHash")
// }
func TestACLConcurrent(t *testing.T) {
// -----------General testing and creation of some data----------------
// Start concurrent updating of the schema.
var wg sync.WaitGroup
for i := 0; i < 4000; i++ {
wg.Add(1)
go func() {
defer wg.Done()
tstSrv.centralAuth.aclAddCommand("ship1", "operator2", "rm -rf")
tstSrv.centralAuth.aclAddCommand("ship1", "operator1", "ls -lt")
tstSrv.centralAuth.aclAddCommand("ship1", "operator1", "ls -lt")
tstSrv.centralAuth.aclAddCommand("ship1", "operator2", "ls -l")
tstSrv.centralAuth.aclAddCommand("ship3", "operator3", "ls -lt")
tstSrv.centralAuth.aclAddCommand("ship3", "operator3", "vi /etc/hostname")
tstSrv.centralAuth.aclDeleteCommand("ship3", "operator2", "ls -lt")
tstSrv.centralAuth.aclDeleteSource("ship3", "operator3")
}()
wg.Add(1)
go func() {
defer wg.Done()
// fmt.Println("----schemaMain------")
tstSrv.centralAuth.accessLists.schemaMain.mu.Lock()
for _, v := range tstSrv.centralAuth.accessLists.schemaMain.ACLMap {
_ = fmt.Sprintf("%+v\n", v)
}
tstSrv.centralAuth.accessLists.schemaMain.mu.Unlock()
// fmt.Println("----schemaGenerated------")
tstSrv.centralAuth.accessLists.schemaGenerated.mu.Lock()
for k, v := range tstSrv.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap {
_ = fmt.Sprintf("node: %v, NodeDataSerialized: %v\n", k, string(v.Data))
_ = fmt.Sprintf("node: %v, Hash: %v\n", k, v.Hash)
}
tstSrv.centralAuth.accessLists.schemaGenerated.mu.Unlock()
}()
}
wg.Wait()
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestACLConcurrent")
}
// Need to clean up from the other tests before this test is enabled
//
// func TestExportACLs(t *testing.T) {
// const (
// grp_nodes_operators = "grp_nodes_operators"
// grp_nodes_ships = "grp_nodes_ships"
// grp_commands_commandset1 = "grp_commands_commandset1"
// )
//
// a := newAccessLists(&errorKernel{}, tstConf)
//
// a.groupNodesAddNode(grp_nodes_operators, "operator1")
// a.groupNodesAddNode(grp_nodes_operators, "operator2")
//
// a.groupNodesAddNode(grp_nodes_ships, "ship100")
// a.groupNodesAddNode(grp_nodes_ships, "ship101")
//
// a.groupCommandsAddCommand(grp_commands_commandset1, "dmesg")
// a.groupCommandsAddCommand(grp_commands_commandset1, "date")
//
// a.aclAddCommand(grp_nodes_ships, "admin", "useradd -m kongen")
// a.aclAddCommand("ship101", "admin", "HORSE")
//
// a.aclAddCommand(grp_nodes_ships, grp_nodes_operators, grp_commands_commandset1)
//
// js, err := a.exportACLs()
// if err != nil {
// t.Fatalf("%v", err)
// }
//
// want := `{"grp_nodes_ships":{"admin":{"useradd -m kongen":{}},"grp_nodes_operators":{"grp_commands_commandset1":{}}},"ship101":{"admin":{"HORSE":{}}}}`
//
// fmt.Printf(" * GOT = %s\n", js)
// fmt.Printf(" * WANT = %v\n", want)
//
// if string(js) != string(want) {
// t.Fatalf(" \U0001F631 [FAILED]: export does not match with what we want\n")
// }
//
// t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestExportACLs")
//
// }
func TestImportACLs(t *testing.T) {
// js := `{"grp_nodes_ships":{"admin":{"useradd -m kongen":{}},"grp_nodes_operators":{"grp_commands_commandset1":{}}},"ship101":{"admin":{"HORSE":{}}}`
js := []byte{0x7b, 0x22, 0x67, 0x72, 0x70, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x5f, 0x73, 0x68, 0x69, 0x70, 0x73, 0x22, 0x3a, 0x7b, 0x22, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x22, 0x3a, 0x7b, 0x22, 0x75, 0x73, 0x65, 0x72, 0x61, 0x64, 0x64, 0x20, 0x2d, 0x6d, 0x20, 0x6b, 0x6f, 0x6e, 0x67, 0x65, 0x6e, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x2c, 0x22, 0x67, 0x72, 0x70, 0x5f, 0x6e, 0x6f, 0x64, 0x65, 0x73, 0x5f, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x6f, 0x72, 0x73, 0x22, 0x3a, 0x7b, 0x22, 0x67, 0x72, 0x70, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x73, 0x5f, 0x63, 0x6f, 0x6d, 0x6d, 0x61, 0x6e, 0x64, 0x73, 0x65, 0x74, 0x31, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x7d, 0x2c, 0x22, 0x73, 0x68, 0x69, 0x70, 0x31, 0x30, 0x31, 0x22, 0x3a, 0x7b, 0x22, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x22, 0x3a, 0x7b, 0x22, 0x48, 0x4f, 0x52, 0x53, 0x45, 0x22, 0x3a, 0x7b, 0x7d, 0x7d, 0x7d, 0x7d}
want := `map[grp_nodes_ships:map[admin:map[useradd -m kongen:{}] grp_nodes_operators:map[grp_commands_commandset1:{}]] ship101:map[admin:map[HORSE:{}]]]`
err := tstSrv.centralAuth.importACLs(js)
if err != nil {
t.Fatalf("%v", err)
}
if fmt.Sprintf("%v", tstSrv.centralAuth.accessLists.schemaMain.ACLMap) != want {
t.Fatalf("error: import does not match with what we want\n")
}
t.Logf(" \U0001f600 [SUCCESS] : %v\n", "TestImportACLs")
}