tests/acl.test

   1 #!/bin/bash
   2 source common.sh
   3 source import-common.sh
   4
   5 do_import acl
   6
   7 cat > config << EOF
   8 [global]
   9 log_level=9
  10 #enable_logging=true
  11 invoking_user=nobody
  12 [acl]
  13 passphrase_file=`pwd`/acl.key
  14 EOF
  15
  16 launch_pwmd acl
  17
  18 begin_test
  19 echo "Test 1. Invoking user '$USER' with _acl 'nobody'."
  20 echo -ne 'LIST --all --with-target' | pwmc $PWMC_ARGS acl > result
  21 cmp acl.result1 result
  22 rm -f result
  23
  24 echo
  25 echo "Test 2. Retrieve content (fail)."
  26 set +o errexit
  27 echo -ne 'GET c' | pwmc $PWMC_ARGS acl > result
  28 if [ ${PIPESTATUS[1]} == 0 ]; then
  29     echo "The previous command should have failed. Stopping."
  30     exit 1
  31 fi
  32
  33 set -e
  34 rm -f result
  35
  36 echo
  37 echo "Test 3. Create new path."
  38 echo -ne 'acl\tpath\tacl path value' | pwmc $PWMC_ARGS --inquire STORE -S acl
  39
  40 echo
  41 echo "Test 4. Delete _acl attribute of child (owner)."
  42 echo -ne 'ATTR DELETE _acl acl\tpath' | pwmc $PWMC_ARGS -S acl
  43
  44 echo
  45 echo "Test 5. Access child (_acl re-added)."
  46 echo -ne 'ATTR LIST acl\tpath' | pwmc $PWMC_ARGS acl > result
  47 test -s result
  48 rm -f result
  49
  50 echo
  51 echo "Test 6. Change ownership of child element."
  52 echo -ne "ATTR SET _acl acl\tpath nobody,$USER" | pwmc $PWMC_ARGS -S acl
  53
  54 echo
  55 echo "Test 7. Access child (not owner)."
  56 echo -ne 'ATTR LIST acl\tpath' | pwmc $PWMC_ARGS acl > result
  57 test -s result
  58 rm -f result
  59
  60 echo
  61 echo "Test 8. Delete child element (fail)."
  62 set +o errexit
  63 echo -ne 'DELETE acl\tpath' | pwmc $PWMC_ARGS acl
  64 if [ ${PIPESTATUS[1]} == 0 ]; then
  65     echo "The previous command should have failed. Stopping."
  66     exit 1
  67 fi
  68
  69 set -e
  70 echo
  71 echo "Test 9. Change ownership of child element (fail)."
  72 set +o errexit
  73 echo -ne "ATTR SET _acl acl\tpath $USER" | pwmc $PWMC_ARGS -S acl
  74 if [ ${PIPESTATUS[1]} == 0 ]; then
  75     echo "The previous command should have failed. Stopping."
  76     exit 1
  77 fi
  78
  79 set -e
  80 echo
  81 echo "Test 10. Create child element content (fail)."
  82 set +o errexit
  83 echo -ne 'acl\tpath\tupdate' | pwmc $PWMC_ARGS --inquire STORE acl
  84 if [ ${PIPESTATUS[1]} == 0 ]; then
  85     echo "The previous command should have failed. Stopping."
  86     exit 1
  87 fi
  88
  89 set -e
  90 echo
  91 echo "Test 11. Create parent element content."
  92 echo -ne 'acl\tacl value' | pwmc $PWMC_ARGS --inquire STORE -S acl
  93 echo -ne 'GET acl' | pwmc $PWMC_ARGS acl > result
  94 cmp acl.result11 result
  95 rm -f result
  96
  97 echo
  98 echo "Test 12. Change cipher during save (fail)."
  99 set +o errexit
 100 echo -ne 'NOP' | pwmc $PWMC_ARGS -S --cipher=serpent128 acl
 101 if [ ${PIPESTATUS[1]} == 0 ]; then
 102     echo "The previous command should have failed. Stopping."
 103     exit 1
 104 fi
 105
 106 set -e
 107 test_success