1 // Copyright (C) 2021 Simon Ruderich
3 // This program is free software: you can redistribute it and/or modify
4 // it under the terms of the GNU General Public License as published by
5 // the Free Software Foundation, either version 3 of the License, or
6 // (at your option) any later version.
8 // This program is distributed in the hope that it will be useful,
9 // but WITHOUT ANY WARRANTY; without even the implied warranty of
10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 // GNU General Public License for more details.
13 // You should have received a copy of the GNU General Public License
14 // along with this program. If not, see <http://www.gnu.org/licenses/>.
24 "ruderich.org/simon/safcm"
25 "ruderich.org/simon/safcm/testutil"
28 func TestLoadPermissions(t *testing.T) {
29 cwd, err := os.Getwd()
35 err = os.Chdir("../testdata/project")
42 exp map[string]*safcm.File
54 map[string]*safcm.File{
57 Mode: fs.ModeDir | 0755 | fs.ModeSetgid,
63 Mode: fs.ModeDir | 0755,
69 Mode: 0100 | fs.ModeSetuid | fs.ModeSetgid | fs.ModeSticky,
79 Data: []byte(`Welcome to
80 {{- if .IsHost "host1.example.org"}} Host ONE
81 {{- else if "host2"}} Host TWO
84 {{if .InGroup "detected_linux"}}
85 This is GNU/Linux host
87 {{if .InGroup "detected_freebsd"}}
93 Path: "/etc/rc.local",
97 Data: []byte("#!/bin/sh\n"),
100 Path: "/etc/resolv.conf",
106 Data: []byte("nameserver ::1\n"),
110 Mode: fs.ModeSymlink | 0777,
113 Data: []byte("doesnt-exist"),
120 "permissions-invalid-execute",
121 map[string]*safcm.File{
124 Mode: fs.ModeDir | 0755,
130 Mode: fs.ModeDir | 0755,
135 Path: "/etc/rc.local",
139 Data: []byte("#!/bin/sh\n"),
142 fmt.Errorf("permissions-invalid-execute/permissions.yaml: \"/etc/rc.local\": trying to remove +x from file, manually chmod -x in files/"),
145 "permissions-invalid-line",
146 map[string]*safcm.File{
149 Mode: fs.ModeDir | 0755,
155 Mode: fs.ModeDir | 0755,
159 "/etc/resolv.conf": {
160 Path: "/etc/resolv.conf",
164 Data: []byte("nameserver ::1\n"),
167 fmt.Errorf("permissions-invalid-line/permissions.yaml: invalid line \"invalid line\" (expected <perm> [<user> <group>])"),
170 "permissions-invalid-path",
172 fmt.Errorf("permissions-invalid-path/permissions.yaml: \"/does/not/exist\" does not exist in files/"),
175 "permissions-invalid-permission",
176 map[string]*safcm.File{
179 Mode: fs.ModeDir | 0755,
185 Mode: fs.ModeDir | 0755,
189 "/etc/resolv.conf": {
190 Path: "/etc/resolv.conf",
194 Data: []byte("nameserver ::1\n"),
197 fmt.Errorf("permissions-invalid-permission/permissions.yaml: invalid permission \"u=rwg=r\" (expected e.g. \"0644\" or \"01777\")"),
200 "permissions-invalid-permission-int",
201 map[string]*safcm.File{
204 Mode: fs.ModeDir | 0755,
210 Mode: fs.ModeDir | 0755,
214 "/etc/resolv.conf": {
215 Path: "/etc/resolv.conf",
219 Data: []byte("nameserver ::1\n"),
222 fmt.Errorf("permissions-invalid-permission-int/permissions.yaml: invalid permission 066066 (expected e.g. 0644 or 01777)"),
226 for _, tc := range tests {
227 t.Run(tc.group, func(t *testing.T) {
228 // Use LoadFiles() so we work on real data and don't
229 // make any mistakes generating it
230 files, err := LoadFiles(tc.group)
232 t.Fatalf("err = %#v, want nil", err)
234 err = LoadPermissions(tc.group, files)
236 testutil.AssertEqual(t, "res", files, tc.exp)
237 testutil.AssertErrorEqual(t, "err", err, tc.expErr)