MCPcopy
hub / github.com/ContainerSSH/ContainerSSH / TestSubsystem

Function TestSubsystem

internal/security/handler_session_test.go:140–181  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

138}
139
140func TestSubsystem(t *testing.T) {
141 backend := &dummyBackend{}
142 session := &sessionHandler{
143 config: config.SecurityConfig{},
144 backend: backend,
145 sshConnection: &sshConnectionHandler{
146 lock: &sync.Mutex{},
147 },
148 logger: log.NewTestLogger(t),
149 }
150
151 session.config.Subsystem.Mode = config.ExecutionPolicyDisable
152 assert.Error(t, session.OnSubsystem(1, "sftp"))
153
154 session.config.Subsystem.Mode = config.ExecutionPolicyFilter
155 assert.Error(t, session.OnSubsystem(1, "sftp"))
156 session.config.Subsystem.Allow = []string{"sftp"}
157 assert.NoError(t, session.OnSubsystem(1, "sftp"))
158
159 session.config.Subsystem.Mode = config.ExecutionPolicyEnable
160 session.config.Subsystem.Allow = []string{}
161 assert.NoError(t, session.OnSubsystem(1, "sftp"))
162 session.config.Subsystem.Deny = []string{"sftp"}
163 assert.Error(t, session.OnSubsystem(1, "sftp"))
164
165 session.config.Subsystem.Mode = config.ExecutionPolicyEnable
166 backend.commandsExecuted = []string{}
167 session.config.Subsystem.Deny = []string{}
168 backend.env = map[string]string{}
169 assert.NoError(t, session.OnSubsystem(1, "sftp"))
170 assert.Equal(t, []string{"sftp"}, backend.commandsExecuted)
171 assert.Equal(t, map[string]string{}, backend.env)
172
173 session.config.Subsystem.Mode = config.ExecutionPolicyEnable
174 session.config.ForceCommand = "/bin/wrapper"
175 backend.commandsExecuted = []string{}
176 session.config.Subsystem.Deny = []string{}
177 backend.env = map[string]string{}
178 assert.NoError(t, session.OnSubsystem(1, "sftp"))
179 assert.Equal(t, []string{"/bin/wrapper"}, backend.commandsExecuted)
180 assert.Equal(t, map[string]string{"SSH_ORIGINAL_COMMAND": "sftp"}, backend.env)
181}
182
183// region Dummy backend
184type dummyBackend struct {

Callers

nothing calls this directly

Calls 3

OnSubsystemMethod · 0.95
NewTestLoggerFunction · 0.92
ErrorMethod · 0.65

Tested by

no test coverage detected