MCPcopy
hub / github.com/kopia/kopia / TestACL

Function TestACL

tests/end_to_end_test/acl_test.go:15–194  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

13)
14
15func TestACL(t *testing.T) {
16 t.Parallel()
17
18 serverRunner := testenv.NewInProcRunner(t)
19 serverEnvironment := testenv.NewCLITest(t, testenv.RepoFormatNotImportant, serverRunner)
20
21 defer serverEnvironment.RunAndExpectSuccess(t, "repo", "disconnect")
22
23 serverEnvironment.RunAndExpectSuccess(t, "repo", "create", "filesystem", "--path", serverEnvironment.RepoDir, "--override-hostname=foo", "--override-username=foo", "--enable-actions")
24
25 require.Empty(t, serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "list"))
26
27 // enable ACLs - that should insert all the rules.
28 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "enable")
29
30 require.Len(t, serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "list"), len(auth.DefaultACLs))
31
32 // reduce default access to snapshots to APPEND - this will fail because exactly identical rule already exists and grants FULL access.
33 serverEnvironment.RunAndExpectFailure(t, "server", "acl", "add", "--user", "*@*", "--target", "type=snapshot,username=OWN_USER,hostname=OWN_HOST", "--access=APPEND")
34
35 // reduce default access to snapshots to APPEND with --overwrite, this will succeed.
36 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "*@*", "--target", "type=snapshot,username=OWN_USER,hostname=OWN_HOST", "--access=APPEND", "--overwrite")
37
38 // add read access to all snapshots and policies for user foo@bar
39 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "foo@bar", "--target", "type=snapshot", "--access=READ")
40 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "foo@bar", "--target", "type=policy", "--access=READ")
41
42 // add append access to all snapshots and read-only access to policies for user another@bar
43 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "another@bar", "--target", "type=snapshot", "--access=APPEND")
44 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "another@bar", "--target", "type=policy", "--access=READ")
45
46 // add full access to global policy for all users
47 serverEnvironment.RunAndExpectSuccess(t, "server", "acl", "add", "--user", "*@*", "--target", "type=policy,policyType=global", "--access=FULL")
48
49 serverEnvironment.RunAndExpectSuccess(t, "server", "users", "add", "foo@bar", "--user-password", "baz")
50 serverEnvironment.RunAndExpectSuccess(t, "server", "users", "add", "another@bar", "--user-password", "baz")
51 serverEnvironment.RunAndExpectSuccess(t, "server", "users", "add", "alice@wonderland", "--user-password", "baz")
52
53 const keepLatestSnapshots = 3
54
55 serverEnvironment.RunAndExpectSuccess(t, "policy", "set", "another@bar", fmt.Sprintf("--keep-latest=%v", keepLatestSnapshots))
56
57 var sp testutil.ServerParameters
58
59 wait, kill := serverEnvironment.RunAndProcessStderr(t, sp.ProcessOutput,
60 "server", "start",
61 "--address=localhost:0",
62 "--server-control-username=admin-user",
63 "--server-control-password=admin-pwd",
64 "--tls-generate-cert",
65 "--tls-generate-rsa-key-size=2048", // use shorter key size to speed up generation
66 )
67
68 t.Logf("detected server parameters %#v", sp)
69
70 defer wait()
71 defer kill()
72

Callers

nothing calls this directly

Calls 9

RunAndExpectSuccessMethod · 0.95
RunAndExpectFailureMethod · 0.95
RunAndProcessStderrMethod · 0.95
NewInProcRunnerFunction · 0.92
NewCLITestFunction · 0.92
LogfMethod · 0.80
FatalfMethod · 0.80
LenMethod · 0.45

Tested by

no test coverage detected