2018-07-11 08:50:42 -04:00
|
|
|
"""Test asserting private directories"""
|
|
|
|
|
|
|
|
import os
|
|
|
|
import re
|
2023-07-10 10:14:33 -04:00
|
|
|
|
2018-07-11 08:50:42 -04:00
|
|
|
import pytest
|
|
|
|
|
2023-07-10 15:43:17 -04:00
|
|
|
pytestmark = pytest.mark.usefixtures("ds1_copy")
|
|
|
|
PRIVATE_DIRS = [".gnupg", ".ssh"]
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
|
2023-07-10 15:43:17 -04:00
|
|
|
@pytest.mark.parametrize("home", [True, False], ids=["home", "not-home"])
|
2020-11-17 15:38:31 -05:00
|
|
|
def test_pdirs_missing(runner, yadm_cmd, paths, home):
|
2018-07-11 08:50:42 -04:00
|
|
|
"""Private dirs (private dirs missing)
|
|
|
|
|
|
|
|
When a git command is run
|
|
|
|
And private directories are missing
|
|
|
|
Create private directories prior to command
|
|
|
|
"""
|
|
|
|
|
|
|
|
# confirm directories are missing at start
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
path = paths.work.join(pdir)
|
|
|
|
if path.exists():
|
|
|
|
path.remove()
|
|
|
|
assert not path.exists()
|
|
|
|
|
2023-07-10 15:43:17 -04:00
|
|
|
env = {"DEBUG": "yes"}
|
2019-12-10 09:16:42 -05:00
|
|
|
if home:
|
2023-07-10 15:43:17 -04:00
|
|
|
env["HOME"] = paths.work
|
2019-12-10 09:16:42 -05:00
|
|
|
|
2018-07-11 08:50:42 -04:00
|
|
|
# run status
|
2023-07-10 15:43:17 -04:00
|
|
|
run = runner(command=yadm_cmd("status"), env=env)
|
2018-07-11 08:50:42 -04:00
|
|
|
assert run.success
|
2023-07-10 15:43:17 -04:00
|
|
|
assert run.err == ""
|
|
|
|
assert "On branch master" in run.out
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# confirm directories are created
|
|
|
|
# and are protected
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
path = paths.work.join(pdir)
|
2019-12-10 09:16:42 -05:00
|
|
|
if home:
|
|
|
|
assert path.exists()
|
2023-07-10 15:43:17 -04:00
|
|
|
assert oct(path.stat().mode).endswith("00"), "Directory is " "not secured"
|
2019-12-10 09:16:42 -05:00
|
|
|
else:
|
|
|
|
assert not path.exists()
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# confirm directories are created before command is run:
|
2019-12-10 09:16:42 -05:00
|
|
|
if home:
|
|
|
|
assert re.search(
|
2023-07-10 15:43:17 -04:00
|
|
|
r"Creating.+\.(gnupg|ssh).+Creating.+\.(gnupg|ssh).+Running git command git status", run.out, re.DOTALL
|
|
|
|
), "directories created before command is run"
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
|
2020-11-17 15:38:31 -05:00
|
|
|
def test_pdirs_missing_apd_false(runner, yadm_cmd, paths):
|
2018-07-11 08:50:42 -04:00
|
|
|
"""Private dirs (private dirs missing / yadm.auto-private-dirs=false)
|
|
|
|
|
|
|
|
When a git command is run
|
|
|
|
And private directories are missing
|
|
|
|
But auto-private-dirs is false
|
|
|
|
Do not create private dirs
|
|
|
|
"""
|
|
|
|
|
|
|
|
# confirm directories are missing at start
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
path = paths.work.join(pdir)
|
|
|
|
if path.exists():
|
|
|
|
path.remove()
|
|
|
|
assert not path.exists()
|
|
|
|
|
|
|
|
# set configuration
|
2023-07-10 15:43:17 -04:00
|
|
|
os.system(" ".join(yadm_cmd("config", "--bool", "yadm.auto-private-dirs", "false")))
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# run status
|
2023-07-10 15:43:17 -04:00
|
|
|
run = runner(command=yadm_cmd("status"))
|
2018-07-11 08:50:42 -04:00
|
|
|
assert run.success
|
2023-07-10 15:43:17 -04:00
|
|
|
assert run.err == ""
|
|
|
|
assert "On branch master" in run.out
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# confirm directories are STILL missing
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
assert not paths.work.join(pdir).exists()
|
|
|
|
|
|
|
|
|
2020-11-17 15:38:31 -05:00
|
|
|
def test_pdirs_exist_apd_false(runner, yadm_cmd, paths):
|
2018-07-11 08:50:42 -04:00
|
|
|
"""Private dirs (private dirs exist / yadm.auto-perms=false)
|
|
|
|
|
|
|
|
When a git command is run
|
|
|
|
And private directories exist
|
|
|
|
And yadm is configured not to auto update perms
|
|
|
|
Do not alter directories
|
|
|
|
"""
|
|
|
|
|
|
|
|
# create permissive directories
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
path = paths.work.join(pdir)
|
|
|
|
if not path.isdir():
|
|
|
|
path.mkdir()
|
|
|
|
path.chmod(0o777)
|
2023-07-10 15:43:17 -04:00
|
|
|
assert oct(path.stat().mode).endswith("77"), "Directory is secure."
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# set configuration
|
2023-07-10 15:43:17 -04:00
|
|
|
os.system(" ".join(yadm_cmd("config", "--bool", "yadm.auto-perms", "false")))
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# run status
|
2023-07-10 15:43:17 -04:00
|
|
|
run = runner(command=yadm_cmd("status"))
|
2018-07-11 08:50:42 -04:00
|
|
|
assert run.success
|
2023-07-10 15:43:17 -04:00
|
|
|
assert run.err == ""
|
|
|
|
assert "On branch master" in run.out
|
2018-07-11 08:50:42 -04:00
|
|
|
|
|
|
|
# created directories are STILL permissive
|
|
|
|
for pdir in PRIVATE_DIRS:
|
|
|
|
path = paths.work.join(pdir)
|
2023-07-10 15:43:17 -04:00
|
|
|
assert oct(path.stat().mode).endswith("77"), "Directory is secure"
|