From ede1777f42072276263252c47f5945197beb560a Mon Sep 17 00:00:00 2001
From: Homaja Marisetty <hmariset@redhat.com>
Date: Mon, 8 Jul 2024 11:34:17 -0400
Subject: [PATCH] test(RHTAPWATCH-1068): Unit test for getNamespacesWithAccess

Add unit test for workspace-manager function
getNamespacesWithAccess

Jira-Url: https://issues.redhat.com/browse/RHTAPWATCH-1068
Signed-off-by: Homaja Marisetty <hmariset@redhat.com>
---
 cmd/main_test.go | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/cmd/main_test.go b/cmd/main_test.go
index 382d855..942b610 100644
--- a/cmd/main_test.go
+++ b/cmd/main_test.go
@@ -17,15 +17,18 @@ import (
 	"context"
 	"os"
 	"testing"
+	"net/http/httptest"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
+	"github.com/labstack/echo/v4"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/clientcmd"
 	clientcmdapi "k8s.io/client-go/tools/clientcmd/api"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/config"
 	"sigs.k8s.io/controller-runtime/pkg/envtest"
+	"sigs.k8s.io/controller-runtime/pkg/client/config"
 )
 
 type HTTPResponse struct {
@@ -40,6 +43,7 @@ type HTTPheader struct {
 
 var k8sClient client.Client
 var testEnv *envtest.Environment
+var ns1, ns2, ns3 k8sapi.Namespace
 
 func createRole(k8sClient client.Client, nsName string, roleName string, verbs []string) {
 	role := &rbacv1.Role{
@@ -256,6 +260,9 @@ var _ = BeforeSuite(func() {
 	createRoleBinding(k8sClient, "namespace-access-user-binding", "test-tenant", user1, "namespace-access")
 	createRoleBinding(k8sClient, "namespace-access-user-binding-2", "test-tenant", user2, "namespace-access")
 	createRoleBinding(k8sClient, "namespace-access-user-binding-3", "test-tenant-2", user2, "namespace-access-2")
+	ns1, err = GetNamespace(k8sClient, "test-tenant")
+	ns2, err = GetNamespace(k8sClient, "test-tenant-2")
+	ns3, err = GetNamespace(k8sClient, "test-tenant-3")
 	serverProcess = exec.Command("go", "run", "main.go")
 	err = serverProcess.Start()
 	Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Error starting the server during test setup: %v", err))
@@ -301,3 +308,42 @@ var _ = DescribeTable("TestRunAccessCheck", func(user string, namespace string,
 		"patch",
 		false),
 )
+
+func GetNamespace(k8sClient client.Client, namespace string) (k8sapi.Namespace, error) {
+	ns := &k8sapi.Namespace{}
+	err := k8sClient.Get(context.Background(), client.ObjectKey{Name: namespace}, ns)
+	if err != nil {
+		return k8sapi.Namespace{}, fmt.Errorf("error getting namespace: %w", err)
+	}
+	return *ns, nil
+}
+
+var _ = DescribeTable("TestGetNamespacesWithAccess", func(allNamespaces []k8sapi.Namespace, 
+	expectedNs []k8sapi.Namespace) {
+	e := echo.New()
+	cfg, _ := config.GetConfig()
+	clientset, _ := kubernetes.NewForConfig(cfg)
+	req := httptest.NewRequest(http.MethodGet, "/", nil)
+	rec := httptest.NewRecorder()
+	c := e.NewContext(req, rec)
+	c.Request().Header.Set("X-Email", "test@example.com")
+	authCl := clientset.AuthorizationV1()
+
+	actualNs, err := getNamespacesWithAccess(e, c, authCl, allNamespaces)
+
+	Expect(actualNs).To(Equal(expectedNs))
+	Expect(err).NotTo(HaveOccurred(), "Unexpected error testing GetNamespacesWithAccess")
+},
+	Entry(
+		"when get namspace with access check allows all namespaces",
+		[]k8sapi.Namespace{ns1, ns2},
+		[]k8sapi.Namespace{ns1, ns2}),
+	Entry(
+		"when get namspace with access denies all namespaces",
+		[]k8sapi.Namespace{ns3},
+		[]k8sapi.Namespace{}),
+	Entry(
+		"when get namspace with access allows only some namespaces",
+		[]k8sapi.Namespace{ns1, ns2, ns3},
+		[]k8sapi.Namespace{ns1, ns2}),
+)