diff options
| author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2013-06-22 12:42:11 +0100 |
|---|---|---|
| committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2013-06-22 12:42:11 +0100 |
| commit | ef1ac5a3603a35aa9cd59e66e8ab020bda1d68ea (patch) | |
| tree | 17b8a4d4b7dec1e4bdd18a56cbc3ada68a9b83b8 | |
| parent | 9842c826f1fb667feb006693ab10cb18c774f8e5 (diff) | |
| download | gitano-ef1ac5a3603a35aa9cd59e66e8ab020bda1d68ea.tar.gz | |
Some more basic testing scenarios.
The two scenarios added here verify some basics of users. That the
administration user can ls and see gitano-admin, that it is a member thereof
and that a fresh user cannot and is not.
| -rw-r--r-- | testing/01-basics.yarn | 40 | ||||
| -rw-r--r-- | testing/library.yarn | 9 |
2 files changed, 49 insertions, 0 deletions
diff --git a/testing/01-basics.yarn b/testing/01-basics.yarn index 0e083ce..00d8623 100644 --- a/testing/01-basics.yarn +++ b/testing/01-basics.yarn @@ -39,3 +39,43 @@ Finally we remove that user and verify that `gitano-admin` reflects that too. THEN testinstance gitano-admin has no file called users/alice/user.conf AND testinstance gitano-admin has no file called users/alice/default.key +Users can see what groups they are in +------------------------------------- + +In this scenario we take a standard instance and ensure that the `testinstance` +user can access their user information (their `whoami` output) and that +information lists the `gitano-admin` group which they should be a member of. + + SCENARIO whoami shows the gitano-admin group + + GIVEN a standard instance + WHEN testinstance adminkey runs whoami + THEN stdout contains gitano-admin + +Then, just to be sure, we create a new user and ensure that it does not have +membership of `gitano-admin` + + GIVEN a unix user called alice + AND alice has keys called main + WHEN testinstance, using adminkey, adds user alice, using alice main + AND alice main runs whoami + THEN stdout does not contain gitano-admin + +Non-admin users cannot see the `gitano-admin` repository +-------------------------------------------------------- + +In this scenario we take a standard instance, add a user to it, and verify that +when the new user runs 'ls' it doesn't get to see `gitano-admin` but that the +`testinstance` user gets to see it and has `RW` privs. + + SCENARIO ls will not show repositories you have no access to + + GIVEN a standard instance + AND a unix user called alice + AND alice has keys called main + WHEN testinstance, using adminkey, adds user alice, using alice main + AND alice main runs ls + THEN stdout does not contain gitano-admin + WHEN testinstance adminkey runs ls + THEN stdout contains RW gitano-admin + diff --git a/testing/library.yarn b/testing/library.yarn index 105e4c8..2f4c4e1 100644 --- a/testing/library.yarn +++ b/testing/library.yarn @@ -73,6 +73,15 @@ Admin repo manipulation Generic utility methods ----------------------- + IMPLEMENTS WHEN ([a-z][a-z0-9]*) ([a-z][a-z0-9]*) runs (.+) + $GTT runcommand $MATCH_1 $MATCH_2 $MATCH_3 > $DATADIR/stdout 2> $DATADIR/stderr + + IMPLEMENTS THEN ([^ ]+) contains (.+) + grep -q "$MATCH_2" $DATADIR/"$MATCH_1" + + IMPLEMENTS THEN ([^ ]+) does not contain (.+) + if grep -q "$MATCH_2" $DATADIR/"$MATCH_1"; then false; else true; fi + IMPLEMENTS THEN failure ensues cd $DATADIR find . |