45 lines
1.5 KiB
Common Lisp
45 lines
1.5 KiB
Common Lisp
(in-package :passepartout)
|
|
|
|
(defvar *permission-table* (make-hash-table :test 'equal))
|
|
|
|
(defun permission-set (tool-name level)
|
|
"Sets the permission level for a tool."
|
|
(setf (gethash (string-downcase (string tool-name)) *permission-table*) level))
|
|
|
|
(defun permission-get (tool-name)
|
|
"Retrieves the permission level for a tool. Defaults to :ask."
|
|
(gethash (string-downcase (string tool-name)) *permission-table* :ask))
|
|
|
|
(defskill :passepartout-security-permissions
|
|
:priority 600
|
|
:trigger (lambda (ctx) (declare (ignore ctx)) nil))
|
|
|
|
(eval-when (:compile-toplevel :load-toplevel :execute)
|
|
(ql:quickload :fiveam :silent t))
|
|
|
|
(defpackage :passepartout-security-permissions-tests
|
|
(:use :cl :fiveam :passepartout)
|
|
(:export #:permissions-suite))
|
|
|
|
(in-package :passepartout-security-permissions-tests)
|
|
|
|
(def-suite permissions-suite :description "Verification of Tool Permissions")
|
|
(in-suite permissions-suite)
|
|
|
|
(test test-permission-round-trip
|
|
"Contract 1: permission-set stores a level; permission-get retrieves it."
|
|
(permission-set "test-tool" :allow)
|
|
(is (eq :allow (permission-get "test-tool")))
|
|
;; Clean up
|
|
(permission-set "test-tool" nil))
|
|
|
|
(test test-permission-default
|
|
"Contract 2: unregistered tools default to :ask."
|
|
(is (eq :ask (permission-get "never-registered-tool-xyz"))))
|
|
|
|
(test test-permission-case-insensitive
|
|
"Contract 3: tool names are normalized to lowercase."
|
|
(permission-set :CapitalTool :deny)
|
|
(is (eq :deny (permission-get :capitaltool)))
|
|
(permission-set "CapitalTool" nil))
|