yadm/test/110_accept_perms.bats

182 lines
3.7 KiB
Bash

load common
load_fixtures
status=;output=; #; populated by bats run()
setup() {
destroy_tmp
build_repo
}
function is_restricted() {
local p
for p in "${restricted[@]}"; do [ "$p" = "$1" ] && return 0; done
return 1
}
function validate_perms() {
local perms="$*"
#; determine which paths should have restricted permissions
restricted=()
local p
for p in $perms; do
case $p in
ssh)
restricted=("${restricted[@]}" $T_DIR_WORK/.ssh $T_DIR_WORK/.ssh/*)
;;
gpg)
restricted=("${restricted[@]}" $T_DIR_WORK/.gnupg $T_DIR_WORK/.gnupg/*)
;;
encrypt)
local glob
while IFS='' read -r glob || [ -n "$glob" ]; do
if [[ ! $glob =~ ^# ]] ; then
restricted=("${restricted[@]}" $T_DIR_WORK/$glob)
fi
done < "$T_YADM_ENCRYPT"
;;
esac
done
#; validate permissions of each path in the worktere
local testpath
while IFS= read -r -d '' testpath; do
local perm_regex="....rwxrwx"
if is_restricted "$testpath"; then
perm_regex="....------"
fi
test_perms "$testpath" "$perm_regex" || return 1
done < <(find "$T_DIR_WORK" -print0)
}
@test "Command 'perms'" {
echo "
When the command 'perms' is provided
Update permissions for ssh/gpg
Verify correct permissions
Exit with 0
"
#; run perms
run "${T_YADM_Y[@]}" perms
#; validate status and output
[ "$status" -eq 0 ]
[ "$output" = "" ]
#; validate permissions
validate_perms ssh gpg
}
@test "Command 'perms' (with encrypt)" {
echo "
When the command 'perms' is provided
And YADM_ENCRYPT is present
Update permissions for ssh/gpg/encrypt
Support comments in YADM_ENCRYPT
Verify correct permissions
Exit with 0
"
#; this version has a comment in it
echo -e "#.vimrc\n.hammerspoon/*" > "$T_YADM_ENCRYPT"
#; run perms
run "${T_YADM_Y[@]}" perms
#; validate status and output
[ "$status" -eq 0 ]
[ "$output" = "" ]
#; this version has no comments in it
echo -e ".hammerspoon/*" > "$T_YADM_ENCRYPT"
#; validate permissions
validate_perms ssh gpg encrypt
}
@test "Command 'perms' (ssh-perms=false)" {
echo "
When the command 'perms' is provided
And yadm.ssh-perms=false
Update permissions for gpg only
Verify correct permissions
Exit with 0
"
#; configure yadm.ssh-perms
git config --file="$T_YADM_CONFIG" "yadm.ssh-perms" "false"
#; run perms
run "${T_YADM_Y[@]}" perms
#; validate status and output
[ "$status" -eq 0 ]
[ "$output" = "" ]
#; validate permissions
validate_perms gpg
}
@test "Command 'perms' (gpg-perms=false)" {
echo "
When the command 'perms' is provided
And yadm.gpg-perms=false
Update permissions for ssh only
Verify correct permissions
Exit with 0
"
#; configure yadm.gpg-perms
git config --file="$T_YADM_CONFIG" "yadm.gpg-perms" "false"
#; run perms
run "${T_YADM_Y[@]}" perms
#; validate status and output
[ "$status" -eq 0 ]
[ "$output" = "" ]
#; validate permissions
validate_perms ssh
}
@test "Command 'auto-perms' (enabled)" {
echo "
When a command possibly changes the repo
Update permissions for ssh/gpg
Verify correct permissions
"
#; run status
run "${T_YADM_Y[@]}" status
#; validate status
[ "$status" -eq 0 ]
#; validate permissions
validate_perms ssh gpg
}
@test "Command 'auto-perms' (disabled)" {
echo "
When a command possibly changes the repo
And yadm.auto-perms=false
Take no action
Verify permissions are intact
"
#; configure yadm.auto-perms
git config --file="$T_YADM_CONFIG" "yadm.auto-perms" "false"
#; run status
run "${T_YADM_Y[@]}" status
#; validate status
[ "$status" -eq 0 ]
#; validate permissions
validate_perms
}