summaryrefslogtreecommitdiffstats
path: root/src/test/mds
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 18:24:20 +0000
commit483eb2f56657e8e7f419ab1a4fab8dce9ade8609 (patch)
treee5d88d25d870d5dedacb6bbdbe2a966086a0a5cf /src/test/mds
parentInitial commit. (diff)
downloadceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.tar.xz
ceph-483eb2f56657e8e7f419ab1a4fab8dce9ade8609.zip
Adding upstream version 14.2.21.upstream/14.2.21upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/test/mds/CMakeLists.txt16
-rw-r--r--src/test/mds/TestMDSAuthCaps.cc289
-rw-r--r--src/test/mds/TestSessionFilter.cc151
3 files changed, 456 insertions, 0 deletions
diff --git a/src/test/mds/CMakeLists.txt b/src/test/mds/CMakeLists.txt
new file mode 100644
index 00000000..857b205e
--- /dev/null
+++ b/src/test/mds/CMakeLists.txt
@@ -0,0 +1,16 @@
+# unittest_mds_authcap
+add_executable(unittest_mds_authcap
+ TestMDSAuthCaps.cc
+ $<TARGET_OBJECTS:unit-main>
+ )
+add_ceph_unittest(unittest_mds_authcap)
+target_link_libraries(unittest_mds_authcap mds global ${BLKID_LIBRARIES})
+
+# unittest_mds_sessionfilter
+add_executable(unittest_mds_sessionfilter
+ TestSessionFilter.cc
+ $<TARGET_OBJECTS:unit-main>
+ )
+add_ceph_unittest(unittest_mds_sessionfilter)
+target_link_libraries(unittest_mds_sessionfilter mds osdc ceph-common global ${BLKID_LIBRARIES})
+
diff --git a/src/test/mds/TestMDSAuthCaps.cc b/src/test/mds/TestMDSAuthCaps.cc
new file mode 100644
index 00000000..deaddf51
--- /dev/null
+++ b/src/test/mds/TestMDSAuthCaps.cc
@@ -0,0 +1,289 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2012 Inktank
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#include <iostream>
+
+#include "include/stringify.h"
+#include "mds/MDSAuthCaps.h"
+
+#include "gtest/gtest.h"
+
+using std::string;
+using std::cout;
+
+entity_addr_t addr;
+
+const char *parse_good[] = {
+ "allow rw uid=1 gids=1",
+ "allow * path=\"/foo\"",
+ "allow * path=/foo",
+ "allow * path=/foo-bar_baz",
+ "allow * path=\"/foo bar/baz\"",
+ "allow * uid=1",
+ "allow * path=\"/foo\" uid=1",
+ "allow *",
+ "allow r",
+ "allow rw",
+ "allow rw uid=1 gids=1,2,3",
+ "allow rw path=/foo uid=1 gids=1,2,3",
+ "allow r, allow rw path=/foo",
+ "allow r, allow * uid=1",
+ "allow r ,allow * uid=1",
+ "allow r ;allow * uid=1",
+ "allow r ; allow * uid=1",
+ "allow r ; allow * uid=1",
+ "allow r uid=1 gids=1,2,3, allow * uid=2",
+ "allow r network 1.2.3.4/8",
+ "allow rw path=/foo uid=1 gids=1,2,3 network 2.3.4.5/16",
+ 0
+};
+
+TEST(MDSAuthCaps, ParseGood) {
+ for (int i=0; parse_good[i]; i++) {
+ string str = parse_good[i];
+ MDSAuthCaps cap;
+ std::cout << "Testing good input: '" << str << "'" << std::endl;
+ ASSERT_TRUE(cap.parse(g_ceph_context, str, &cout));
+ }
+}
+
+const char *parse_bad[] = {
+ "allow r poolfoo",
+ "allow r w",
+ "ALLOW r",
+ "allow w",
+ "allow rwx,",
+ "allow rwx x",
+ "allow r pool foo r",
+ "allow wwx pool taco",
+ "allow wwx pool taco^funny&chars",
+ "allow rwx pool 'weird name''",
+ "allow rwx object_prefix \"beforepool\" pool weird",
+ "allow rwx auid 123 pool asdf",
+ "allow xrwx pool foo,, allow r pool bar",
+ ";allow rwx pool foo rwx ; allow r pool bar",
+ "allow rwx pool foo ;allow r pool bar gibberish",
+ "allow rwx auid 123 pool asdf namespace=foo",
+ "allow rwx auid 123 namespace",
+ "allow rwx namespace",
+ "allow namespace",
+ "allow namespace=foo",
+ "allow rwx auid 123 namespace asdf",
+ "allow wwx pool ''",
+ "allow rw gids=1",
+ "allow rw gids=1,2,3",
+ "allow rw uid=123 gids=asdf",
+ "allow rw uid=123 gids=1,2,asdf",
+ 0
+};
+
+TEST(MDSAuthCaps, ParseBad) {
+ for (int i=0; parse_bad[i]; i++) {
+ string str = parse_bad[i];
+ MDSAuthCaps cap;
+ std::cout << "Testing bad input: '" << str << "'" << std::endl;
+ ASSERT_FALSE(cap.parse(g_ceph_context, str, &cout));
+ }
+}
+
+TEST(MDSAuthCaps, AllowAll) {
+ MDSAuthCaps cap;
+ ASSERT_FALSE(cap.allow_all());
+
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow r", NULL));
+ ASSERT_FALSE(cap.allow_all());
+ cap = MDSAuthCaps();
+
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow rw", NULL));
+ ASSERT_FALSE(cap.allow_all());
+ cap = MDSAuthCaps();
+
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow", NULL));
+ ASSERT_FALSE(cap.allow_all());
+ cap = MDSAuthCaps();
+
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow *", NULL));
+ ASSERT_TRUE(cap.allow_all());
+ ASSERT_TRUE(cap.is_capable("foo/bar", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+}
+
+TEST(MDSAuthCaps, AllowUid) {
+ MDSAuthCaps cap(g_ceph_context);
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow * uid=10", NULL));
+ ASSERT_FALSE(cap.allow_all());
+
+ // uid/gid must be valid
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 10, 0, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 12, 12, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 10, 13, NULL, MAY_READ, 0, 0, addr));
+}
+
+TEST(MDSAuthCaps, AllowUidGid) {
+ MDSAuthCaps cap(g_ceph_context);
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow * uid=10 gids=10,11,12; allow * uid=12 gids=12,10", NULL));
+ ASSERT_FALSE(cap.allow_all());
+
+ // uid/gid must be valid
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 10, 0, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 9, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 12, 12, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 10, 13, NULL, MAY_READ, 0, 0, addr));
+
+ // user
+ ASSERT_TRUE(cap.is_capable("foo", 10, 10, 0500, 10, 11, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 10, 10, 0500, 10, 11, NULL, MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 10, 10, 0500, 10, 11, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 10, 10, 0700, 10, 11, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 10, 10, 0700, 10, 11, NULL, MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 10, 10, 0700, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 10, 0, 0700, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 12, 0, 0700, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 12, 0, 0700, 12, 12, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0700, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+
+ // group
+ vector<uint64_t> glist10;
+ glist10.push_back(10);
+ vector<uint64_t> dglist10;
+ dglist10.push_back(8);
+ dglist10.push_back(10);
+ vector<uint64_t> glist11;
+ glist11.push_back(11);
+ vector<uint64_t> glist12;
+ glist12.push_back(12);
+ ASSERT_TRUE(cap.is_capable("foo", 0, 10, 0750, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 10, 0750, 10, 10, NULL, MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 10, 0770, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 10, 0770, 10, 11, &glist10, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 11, 0770, 10, 10, &glist11, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 11, 0770, 10, 11, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 12, 0770, 12, 12, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 10, 0770, 12, 12, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 10, 0770, 12, 12, &glist10, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 10, 0770, 12, 12, &dglist10, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 11, 0770, 12, 12, &glist11, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 12, 0770, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 12, 0770, 10, 10, &glist12, MAY_READ | MAY_WRITE, 0, 0, addr));
+
+ // user > group
+ ASSERT_TRUE(cap.is_capable("foo", 10, 10, 0570, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 10, 10, 0570, 10, 10, NULL, MAY_WRITE, 0, 0, addr));
+
+ // other
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0775, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0770, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0775, 10, 10, NULL, MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0775, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 10, 10, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0773, 10, 10, NULL, MAY_READ, 0, 0, addr));
+
+ // group > other
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0557, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 10, 0557, 10, 10, NULL, MAY_WRITE, 0, 0, addr));
+
+ // user > other
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0557, 10, 10, NULL, MAY_READ, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 10, 0, 0557, 10, 10, NULL, MAY_WRITE, 0, 0, addr));
+}
+
+TEST(MDSAuthCaps, AllowPath) {
+ MDSAuthCaps cap;
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow * path=/sandbox", NULL));
+ ASSERT_FALSE(cap.allow_all());
+ ASSERT_TRUE(cap.is_capable("sandbox/foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_TRUE(cap.is_capable("sandbox", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("sandboxed", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+}
+
+TEST(MDSAuthCaps, AllowPathChars) {
+ MDSAuthCaps unquo_cap;
+ ASSERT_TRUE(unquo_cap.parse(g_ceph_context, "allow * path=/sandbox-._foo", NULL));
+ ASSERT_FALSE(unquo_cap.allow_all());
+ ASSERT_TRUE(unquo_cap.is_capable("sandbox-._foo/foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(unquo_cap.is_capable("sandbox", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(unquo_cap.is_capable("sandbox-._food", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(unquo_cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+}
+
+
+TEST(MDSAuthCaps, AllowPathCharsQuoted) {
+ MDSAuthCaps quo_cap;
+ ASSERT_TRUE(quo_cap.parse(g_ceph_context, "allow * path=\"/sandbox-._foo\"", NULL));
+ ASSERT_FALSE(quo_cap.allow_all());
+ ASSERT_TRUE(quo_cap.is_capable("sandbox-._foo/foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(quo_cap.is_capable("sandbox", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(quo_cap.is_capable("sandbox-._food", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+ ASSERT_FALSE(quo_cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ | MAY_WRITE, 0, 0, addr));
+}
+
+TEST(MDSAuthCaps, OutputParsed) {
+ struct CapsTest {
+ const char *input;
+ const char *output;
+ };
+ CapsTest test_values[] = {
+ {"allow",
+ "MDSAuthCaps[allow rwps]"},
+ {"allow *",
+ "MDSAuthCaps[allow *]"},
+ {"allow r",
+ "MDSAuthCaps[allow r]"},
+ {"allow rw",
+ "MDSAuthCaps[allow rw]"},
+ {"allow * uid=1",
+ "MDSAuthCaps[allow * uid=1]"},
+ {"allow * uid=1 gids=1",
+ "MDSAuthCaps[allow * uid=1 gids=1]"},
+ {"allow * uid=1 gids=1,2,3",
+ "MDSAuthCaps[allow * uid=1 gids=1,2,3]"},
+ {"allow * path=/foo",
+ "MDSAuthCaps[allow * path=\"/foo\"]"},
+ {"allow * path=\"/foo\"",
+ "MDSAuthCaps[allow * path=\"/foo\"]"},
+ {"allow * path=\"/foo\" uid=1",
+ "MDSAuthCaps[allow * path=\"/foo\" uid=1]"},
+ {"allow * path=\"/foo\" uid=1 gids=1,2,3",
+ "MDSAuthCaps[allow * path=\"/foo\" uid=1 gids=1,2,3]"},
+ {"allow r uid=1 gids=1,2,3, allow * uid=2",
+ "MDSAuthCaps[allow r uid=1 gids=1,2,3, allow * uid=2]"},
+ {"allow r uid=1 gids=1,2,3, allow * uid=2 network 10.0.0.0/8",
+ "MDSAuthCaps[allow r uid=1 gids=1,2,3, allow * uid=2 network 10.0.0.0/8]"},
+ };
+ size_t num_tests = sizeof(test_values) / sizeof(*test_values);
+ for (size_t i = 0; i < num_tests; ++i) {
+ MDSAuthCaps cap;
+ std::cout << "Testing input '" << test_values[i].input << "'" << std::endl;
+ ASSERT_TRUE(cap.parse(g_ceph_context, test_values[i].input, &cout));
+ ASSERT_EQ(test_values[i].output, stringify(cap));
+ }
+}
+
+TEST(MDSAuthCaps, network) {
+ entity_addr_t a, b, c;
+ a.parse("10.1.2.3");
+ b.parse("192.168.2.3");
+ c.parse("192.167.2.3");
+
+ MDSAuthCaps cap;
+ ASSERT_TRUE(cap.parse(g_ceph_context, "allow * network 192.168.0.0/16, allow * network 10.0.0.0/8", NULL));
+
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ, 0, 0, a));
+ ASSERT_TRUE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ, 0, 0, b));
+ ASSERT_FALSE(cap.is_capable("foo", 0, 0, 0777, 0, 0, NULL, MAY_READ, 0, 0, c));
+}
diff --git a/src/test/mds/TestSessionFilter.cc b/src/test/mds/TestSessionFilter.cc
new file mode 100644
index 00000000..150663da
--- /dev/null
+++ b/src/test/mds/TestSessionFilter.cc
@@ -0,0 +1,151 @@
+// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*-
+// vim: ts=8 sw=2 smarttab
+/*
+ * Ceph - scalable distributed file system
+ *
+ * Copyright (C) 2012 Inktank
+ *
+ * This is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License version 2.1, as published by the Free Software
+ * Foundation. See file COPYING.
+ *
+ */
+
+#include <iostream>
+
+#include "include/stringify.h"
+#include "mds/SessionMap.h"
+
+#include "gtest/gtest.h"
+
+typedef std::vector<std::string> args_eg;
+typedef std::vector<args_eg> args_eg_set;
+
+TEST(MDSSessionFilter, ParseGood)
+{
+ args_eg_set examples = {
+ {"id=34"},
+ {"auth_name=foxtrot"},
+ {"state=reconnecting"},
+ {"reconnecting=true"},
+ {"client_metadata.root=/foo/bar"},
+ {},
+ {"id=123"},
+ {"id=34", "client_metadata.root=/foo/bar", "auth_name=foxtrot",
+ "state=reconnecting", "reconnecting=true"}
+ };
+
+ for (auto ex : examples) {
+ SessionFilter f;
+ std::stringstream ss;
+
+ std::cout << "Testing '" << ex << "'" << std::endl;
+ int r = f.parse(ex, &ss);
+ ASSERT_EQ(r, 0);
+ ASSERT_TRUE(ss.str().empty());
+ }
+}
+
+TEST(MDSSessionFilter, ParseBad)
+{
+ args_eg_set examples = {
+ {"rhubarb"},
+ {"id="},
+ {"id=custard"},
+ {"=custard"},
+ {"reconnecting=MAYBE"},
+ {"reconnecting=2"}
+ };
+
+ for (auto ex : examples) {
+ SessionFilter f;
+ std::stringstream ss;
+
+ std::cout << "Testing '" << ex << "'" << std::endl;
+ int r = f.parse(ex, &ss);
+ ASSERT_EQ(r, -EINVAL);
+ ASSERT_FALSE(ss.str().empty());
+ }
+}
+
+TEST(MDSSessionFilter, IdEquality)
+{
+ SessionFilter filter;
+ std::stringstream ss;
+ filter.parse({"id=123"}, &ss);
+ Session *a = new Session(nullptr);;
+ Session *b = new Session(nullptr);;
+ a->info.inst.name.parse("client.123");
+ b->info.inst.name.parse("client.456");
+
+ ASSERT_TRUE(filter.match(*a, [](client_t c) -> bool {return false;}));
+ ASSERT_FALSE(filter.match(*b, [](client_t c) -> bool {return false;}));
+ a->put();
+ b->put();
+}
+
+TEST(MDSSessionFilter, StateEquality)
+{
+ SessionFilter filter;
+ std::stringstream ss;
+ filter.parse({"state=closing"}, &ss);
+ Session *a = new Session(nullptr);
+ a->set_state(Session::STATE_CLOSING);
+ Session *b = new Session(nullptr);
+ b->set_state(Session::STATE_OPENING);
+
+ ASSERT_TRUE(filter.match(*a, [](client_t c) -> bool {return false;}));
+ ASSERT_FALSE(filter.match(*b, [](client_t c) -> bool {return false;}));
+ a->put();
+ b->put();
+}
+
+TEST(MDSSessionFilter, AuthEquality)
+{
+ SessionFilter filter;
+ std::stringstream ss;
+ filter.parse({"auth_name=rhubarb"}, &ss);
+ Session *a = new Session(nullptr);
+ a->info.auth_name.set_id("rhubarb");
+ Session *b = new Session(nullptr);
+ b->info.auth_name.set_id("custard");
+
+ ASSERT_TRUE(filter.match(*a, [](client_t c) -> bool {return false;}));
+ ASSERT_FALSE(filter.match(*b, [](client_t c) -> bool {return false;}));
+ a->put();
+ b->put();
+}
+
+TEST(MDSSessionFilter, MetadataEquality)
+{
+ SessionFilter filter;
+ std::stringstream ss;
+ int r = filter.parse({"client_metadata.root=/rhubarb"}, &ss);
+ ASSERT_EQ(r, 0);
+ client_metadata_t meta;
+ Session *a = new Session(nullptr);
+ meta.kv_map = {{"root", "/rhubarb"}};
+ a->set_client_metadata(meta);
+ Session *b = new Session(nullptr);
+ meta.kv_map = {{"root", "/custard"}};
+ b->set_client_metadata(meta);
+
+ ASSERT_TRUE(filter.match(*a, [](client_t c) -> bool {return false;}));
+ ASSERT_FALSE(filter.match(*b, [](client_t c) -> bool {return false;}));
+ a->put();
+ b->put();
+}
+
+TEST(MDSSessionFilter, ReconnectingEquality)
+{
+ SessionFilter filter;
+ std::stringstream ss;
+ int r = filter.parse({"reconnecting=true"}, &ss);
+ ASSERT_EQ(r, 0);
+ Session *a = new Session(nullptr);
+
+ ASSERT_TRUE(filter.match(*a, [](client_t c) -> bool {return true;}));
+ ASSERT_FALSE(filter.match(*a, [](client_t c) -> bool {return false;}));
+ a->put();
+}