Skip to content

Commit

Permalink
chore: add integration test demonstrating mqtt wildcard behavior
Browse files Browse the repository at this point in the history
  • Loading branch information
@jcosentino11
jcosentino11 committed Sep 11, 2024
1 parent 34b9a58 commit 1d2958e
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 1 deletion.
13 changes: 13 additions & 0 deletions src/integrationtests/java/com/aws/greengrass/integrationtests/policy/PolicyTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -273,6 +273,19 @@ public static Stream<Arguments> authzRequests() {
.operation("mqtt:publish")
.resource("mqtt:topic:myThing/world")
.expectedResult(false)
.build(),
// mqtt wildcards eval not supported
AuthZRequest.builder()
.thingName("myThing")
.operation("mqtt:subscribe")
.resource("mqtt:topic:myThing/test/test/*")
.expectedResult(false)
.build(),
AuthZRequest.builder()
.thingName("myThing")
.operation("mqtt:subscribe")
.resource("mqtt:topic:myThing/#/test/*")
.expectedResult(true)
.build()
)),

Expand Down
8 changes: 7 additions & 1 deletion ...ests/resources/com/aws/greengrass/integrationtests/policy/wildcards-in-resource-type.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,18 @@ services:
policyName: "thingAccessPolicy"
policies:
thingAccessPolicy:
policyStatement:
publish:
statementDescription: "mqtt publish"
operations:
- "mqtt:publish"
resources:
- "mqtt:topic:*/myThing/*"
subscribe:
statementDescription: "mqtt subscribe"
operations:
- "mqtt:subscribe"
resources:
- "mqtt:topic:myThing/#/test/*"
main:
dependencies:
- aws.greengrass.clientdevices.Auth

0 comments on commit 1d2958e

Please sign in to comment.