1
0
forked from baron/baron-sso

Ory Keto ReBAC Policy & Relation Tuple Architecture

This commit is contained in:
2026-02-20 17:56:05 +09:00
parent 226a236bf2
commit 2ec2653bfb
23 changed files with 980 additions and 396 deletions

View File

@@ -116,11 +116,10 @@ func (m *MockUserRepoForTenant) List(ctx context.Context, offset, limit int, sea
return nil, 0, nil
}
// --- Tests ---
func TestTenantService_RegisterTenant_AutoVerify(t *testing.T) {
mockRepo := new(MockTenantRepoForSvc)
svc := NewTenantService(mockRepo, nil)
mockOutbox := new(MockKetoOutboxRepositoryShared)
svc := NewTenantService(mockRepo, nil, mockOutbox)
ctx := context.Background()
name := "New Tenant"
@@ -142,7 +141,8 @@ func TestTenantService_RegisterTenant_AutoVerify(t *testing.T) {
func TestTenantService_RequestRegistration_NoVerify(t *testing.T) {
mockRepo := new(MockTenantRepoForSvc)
svc := NewTenantService(mockRepo, nil)
mockOutbox := new(MockKetoOutboxRepositoryShared)
svc := NewTenantService(mockRepo, nil, mockOutbox)
ctx := context.Background()
name := "Public Tenant"
@@ -165,8 +165,9 @@ func TestTenantService_ApproveTenant_SyncAdmin(t *testing.T) {
mockRepo := new(MockTenantRepoForSvc)
mockUserRepo := new(MockUserRepoForTenant)
mockKeto := new(MockKetoSvcForTenant)
mockOutbox := new(MockKetoOutboxRepositoryShared)
svc := NewTenantService(mockRepo, mockUserRepo)
svc := NewTenantService(mockRepo, mockUserRepo, mockOutbox)
svc.SetKetoService(mockKeto)
ctx := context.Background()
@@ -183,11 +184,14 @@ func TestTenantService_ApproveTenant_SyncAdmin(t *testing.T) {
mockRepo.On("FindByID", ctx, tenantID).Return(tenant, nil)
mockRepo.On("Update", ctx, mock.Anything).Return(nil)
mockUserRepo.On("FindByEmail", adminEmail).Return(&domain.User{ID: userID, Email: adminEmail}, nil)
mockKeto.On("CreateRelation", ctx, "Tenant", tenantID, "admin", "User:"+userID).Return(nil)
// Now using Outbox instead of direct Keto call
mockOutbox.On("Create", ctx, mock.MatchedBy(func(e *domain.KetoOutbox) bool {
return e.Namespace == "Tenant" && e.Object == tenantID && e.Relation == "admins" && e.Subject == "User:"+userID
})).Return(nil)
err := svc.ApproveTenant(ctx, tenantID)
assert.NoError(t, err)
mockRepo.AssertExpectations(t)
mockUserRepo.AssertExpectations(t)
mockKeto.AssertExpectations(t)
mockOutbox.AssertExpectations(t)
}