package posture import ( "testing" "github.com/netbirdio/netbird/management/server/peer" "github.com/stretchr/testify/assert" ) func TestGeoLocationCheck_Check(t *testing.T) { tests := []struct { name string input peer.Peer check GeoLocationCheck wantErr bool isValid bool }{ { name: "Peer location matches the location in the allow sets", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Berlin", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "US", CityName: "Los Angeles", }, { CountryCode: "DE", CityName: "Berlin", }, }, Action: CheckActionAllow, }, wantErr: false, isValid: true, }, { name: "Peer location matches the location in the allow country only", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Berlin", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", }, }, Action: CheckActionAllow, }, wantErr: false, isValid: true, }, { name: "Peer location doesn't match the location in the allow sets", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Frankfurt am Main", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", CityName: "Berlin", }, { CountryCode: "US", CityName: "Los Angeles", }, }, Action: CheckActionAllow, }, wantErr: false, isValid: false, }, { name: "Peer location doesn't match the location in the allow country only", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Frankfurt am Main", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "US", }, }, Action: CheckActionAllow, }, wantErr: false, isValid: false, }, { name: "Peer location matches the location in the deny sets", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Berlin", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", CityName: "Berlin", }, { CountryCode: "US", CityName: "Los Angeles", }, }, Action: CheckActionDeny, }, wantErr: false, isValid: false, }, { name: "Peer location matches the location in the deny country only", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Berlin", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", }, { CountryCode: "US", }, }, Action: CheckActionDeny, }, wantErr: false, isValid: false, }, { name: "Peer location doesn't match the location in the deny sets", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Frankfurt am Main", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", CityName: "Berlin", }, { CountryCode: "US", CityName: "Los Angeles", }, }, Action: CheckActionDeny, }, wantErr: false, isValid: true, }, { name: "Peer location doesn't match the location in the deny country only", input: peer.Peer{ Location: peer.Location{ CountryCode: "DE", CityName: "Frankfurt am Main", }, }, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "US", CityName: "Los Angeles", }, }, Action: CheckActionDeny, }, wantErr: false, isValid: true, }, { name: "Peer with no location in the allow sets", input: peer.Peer{}, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", CityName: "Berlin", }, }, Action: CheckActionAllow, }, wantErr: true, isValid: false, }, { name: "Peer with no location in the deny sets", input: peer.Peer{}, check: GeoLocationCheck{ Locations: []Location{ { CountryCode: "DE", CityName: "Berlin", }, }, Action: CheckActionDeny, }, wantErr: true, isValid: false, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { isValid, err := tt.check.Check(tt.input) if tt.wantErr { assert.Error(t, err) } else { assert.NoError(t, err) } assert.Equal(t, tt.isValid, isValid) }) } }