From c8bb38fec1c57c418f472820b557a80839897b1f Mon Sep 17 00:00:00 2001
From: "R.I.Pienaar" <rip@devco.net>
Date: Tue, 23 Apr 2024 13:22:15 +0200
Subject: [PATCH] (misc) Improve test for actionpolicy

Signed-off-by: R.I.Pienaar <rip@devco.net>
---
 CHANGELOG.md                                      |  2 +-
 providers/agent/mcorpc/authz_actionpolicy_test.go | 10 ++++++++++
 providers/agent/mcorpc/testdata/facts.json        |  5 ++++-
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fb31745c2..7005abae8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,7 +9,7 @@
 | 2024/03/14 | 2139  | Send `alive` events every 30 minutes instead of every 1 hour                                                       |
 | 2024/03/14 | 2137  | Use correct private inboxes for `scout watch` to support protocol v2 deployments                                   |
 | 2024/03/11 | 2133  | Redesign the gossip service discovery for upcoming NATS 2.11 due June 2024                                         |
-| 2024/03/09 | 2131  | Ensure the duplicate window alins with the kv TTL when creating buckets                                            |
+| 2024/03/09 | 2131  | Ensure the duplicate window aligns with the kv TTL when creating buckets                                           |
 | 2024/03/07 | 2129  | Adds `skip_trigger_on_reenter` to the `scheduler` watcher to avoid some duplicate triggers                         |
 | 2024/03/07 | 2127  | Support for Debian Bookworm                                                                                        |
 | 2024/02/26 | 2120  | Adds `choria tool sha256` to compute recursive checksums compatible with `archive` and `plugins`                   |
diff --git a/providers/agent/mcorpc/authz_actionpolicy_test.go b/providers/agent/mcorpc/authz_actionpolicy_test.go
index e96b392bc..7d71c8ed6 100644
--- a/providers/agent/mcorpc/authz_actionpolicy_test.go
+++ b/providers/agent/mcorpc/authz_actionpolicy_test.go
@@ -554,6 +554,16 @@ var _ = Describe("Policy", func() {
 			matched, err = pol.MatchesFacts(cfg, logger)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(matched).To(BeTrue())
+
+			pol.facts = "nested.facts=~/^al/"
+			matched, err = pol.MatchesFacts(cfg, logger)
+			Expect(err).ToNot(HaveOccurred())
+			Expect(matched).To(BeFalse())
+
+			pol.facts = "nested.facts=~/^val/"
+			matched, err = pol.MatchesFacts(cfg, logger)
+			Expect(err).ToNot(HaveOccurred())
+			Expect(matched).To(BeTrue())
 		})
 	})
 
diff --git a/providers/agent/mcorpc/testdata/facts.json b/providers/agent/mcorpc/testdata/facts.json
index af6d23319..c5b880794 100644
--- a/providers/agent/mcorpc/testdata/facts.json
+++ b/providers/agent/mcorpc/testdata/facts.json
@@ -3,5 +3,8 @@
     "two": "two two",
     "three": "three three three",
     "digit": 1,
-    "boolean": false
+    "boolean": false,
+    "nested": {
+        "facts": "value"
+    }
 }
\ No newline at end of file