From: John Spray Date: Mon, 29 Sep 2014 12:43:16 +0000 (+0100) Subject: test: unit tests for MDSAuthCaps X-Git-Tag: v0.88~97^2~2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=82ecf60b7b593271acd24651ae0e8de445b9b518;p=ceph.git test: unit tests for MDSAuthCaps Signed-off-by: John Spray --- diff --git a/src/test/Makefile.am b/src/test/Makefile.am index bbc9c979ba76..bb85b45cf055 100644 --- a/src/test/Makefile.am +++ b/src/test/Makefile.am @@ -555,6 +555,11 @@ unittest_osd_osdcap_LDADD = $(LIBOSD) $(UNITTEST_LDADD) $(CEPH_GLOBAL) unittest_osd_osdcap_CXXFLAGS = $(UNITTEST_CXXFLAGS) check_PROGRAMS += unittest_osd_osdcap +unittest_mds_authcap_SOURCES = test/mds/TestMDSAuthCaps.cc +unittest_mds_authcap_LDADD = $(LIBMDS) $(UNITTEST_LDADD) $(CEPH_GLOBAL) +unittest_mds_authcap_CXXFLAGS = $(UNITTEST_CXXFLAGS) +check_PROGRAMS += unittest_mds_authcap + unittest_mon_moncap_SOURCES = test/mon/moncap.cc unittest_mon_moncap_LDADD = $(LIBMON) $(UNITTEST_LDADD) $(CEPH_GLOBAL) unittest_mon_moncap_CXXFLAGS = $(UNITTEST_CXXFLAGS) diff --git a/src/test/mds/TestMDSAuthCaps.cc b/src/test/mds/TestMDSAuthCaps.cc new file mode 100644 index 000000000000..74cec8a7618f --- /dev/null +++ b/src/test/mds/TestMDSAuthCaps.cc @@ -0,0 +1,151 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab +/* + * Ceph - scalable distributed file system + * + * Copyright (C) 2012 Inktank + * + * This is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License version 2.1, as published by the Free Software + * Foundation. See file COPYING. + * + */ + +#include + +#include "include/stringify.h" +#include "mds/MDSAuthCaps.h" + +#include "gtest/gtest.h" + +using std::string; +using std::cout; + +const char *parse_good[] = { + "allow * path=\"/foo\"", + "allow * path=/foo", + "allow * path=\"/foo bar/baz\"", + "allow * uid=1", + "allow * path=\"/foo\" uid=1", + "allow *", + "allow r", + "allow rw", + 0 +}; + +TEST(MDSAuthCaps, ParseGood) { + for (int i=0; parse_good[i]; i++) { + string str = parse_good[i]; + MDSAuthCaps cap; + std::cout << "Testing good input: '" << str << "'" << std::endl; + ASSERT_TRUE(cap.parse(str, &cout)); + } +} + +const char *parse_bad[] = { + "allow r poolfoo", + "allow r w", + "ALLOW r", + "allow w", + "allow rwx,", + "allow rwx x", + "allow r pool foo r", + "allow wwx pool taco", + "allow wwx pool taco^funny&chars", + "allow rwx pool 'weird name''", + "allow rwx object_prefix \"beforepool\" pool weird", + "allow rwx auid 123 pool asdf", + "allow xrwx pool foo,, allow r pool bar", + ";allow rwx pool foo rwx ; allow r pool bar", + "allow rwx pool foo ;allow r pool bar gibberish", + "allow rwx auid 123 pool asdf namespace=foo", + "allow rwx auid 123 namespace", + "allow rwx namespace", + "allow namespace", + "allow namespace=foo", + "allow rwx auid 123 namespace asdf", + "allow wwx pool ''", + 0 +}; + +TEST(MDSAuthCaps, ParseBad) { + for (int i=0; parse_bad[i]; i++) { + string str = parse_bad[i]; + MDSAuthCaps cap; + std::cout << "Testing bad input: '" << str << "'" << std::endl; + ASSERT_FALSE(cap.parse(str, &cout)); + } +} + +TEST(MDSAuthCaps, AllowAll) { + MDSAuthCaps cap; + ASSERT_FALSE(cap.allow_all()); + + ASSERT_TRUE(cap.parse("allow r", NULL)); + ASSERT_FALSE(cap.allow_all()); + cap = MDSAuthCaps(); + + ASSERT_TRUE(cap.parse("allow rw", NULL)); + ASSERT_FALSE(cap.allow_all()); + cap = MDSAuthCaps(); + + ASSERT_TRUE(cap.parse("allow", NULL)); + ASSERT_FALSE(cap.allow_all()); + cap = MDSAuthCaps(); + + ASSERT_TRUE(cap.parse("allow *", NULL)); + ASSERT_TRUE(cap.allow_all()); + ASSERT_TRUE(cap.is_capable("/foo/bar", 0, true, true)); +} + +TEST(MDSAuthCaps, AllowUid) { + MDSAuthCaps cap; + ASSERT_TRUE(cap.parse("allow * uid=10", NULL)); + ASSERT_FALSE(cap.allow_all()); + ASSERT_TRUE(cap.is_capable("/foo", 10, true, true)); + ASSERT_FALSE(cap.is_capable("/foo", -1, true, true)); + ASSERT_FALSE(cap.is_capable("/foo", 0, true, true)); +} + +TEST(MDSAuthCaps, AllowPath) { + MDSAuthCaps cap; + ASSERT_TRUE(cap.parse("allow * path=/sandbox", NULL)); + ASSERT_FALSE(cap.allow_all()); + ASSERT_TRUE(cap.is_capable("/sandbox/foo", 0, true, true)); + ASSERT_TRUE(cap.is_capable("/sandbox", 0, true, true)); + ASSERT_FALSE(cap.is_capable("/foo", 0, true, true)); +} + +TEST(MDSAuthCaps, OutputParsed) { + struct CapsTest { + const char *input; + const char *output; + }; + CapsTest test_values[] = { + {"allow", + "MDSAuthCaps[allow rw]"}, + {"allow *", + "MDSAuthCaps[allow *]"}, + {"allow r", + "MDSAuthCaps[allow r]"}, + {"allow rw", + "MDSAuthCaps[allow rw]"}, + {"allow * uid=1", + "MDSAuthCaps[allow * uid=1]"}, + {"allow * path=/foo", + "MDSAuthCaps[allow * path=\"/foo\"]"}, + {"allow * path=\"/foo\"", + "MDSAuthCaps[allow * path=\"/foo\"]"}, + {"allow * path=\"/foo\" uid=1", + "MDSAuthCaps[allow * path=\"/foo\" uid=1]"}, + }; + size_t num_tests = sizeof(test_values) / sizeof(*test_values); + for (size_t i = 0; i < num_tests; ++i) { + MDSAuthCaps cap; + std::cout << "Testing input '" << test_values[i].input << "'" << std::endl; + ASSERT_TRUE(cap.parse(test_values[i].input, &cout)); + ASSERT_EQ(test_values[i].output, stringify(cap)); + } +} +