diff options
| author | David Zeuthen <davidz@redhat.com> | 2012-05-21 12:29:01 -0400 |
|---|---|---|
| committer | David Zeuthen <davidz@redhat.com> | 2012-05-21 12:29:01 -0400 |
| commit | 8e0c53ecf7129cd1be8bc9ac322aab4af992ce61 (patch) | |
| tree | 9353d2b7b076ee45dd3dfbdb6ee581d74e9697ad | |
| parent | bbf0ea5fff7e397e6170f280ca7e8f4d3d596934 (diff) | |
| download | polkit-8e0c53ecf7129cd1be8bc9ac322aab4af992ce61.tar.gz | |
Test that subject.isInGroup() works
Signed-off-by: David Zeuthen <davidz@redhat.com>
| -rw-r--r-- | test/data/etc/polkit-1/rules.d/10-testing.rules | 12 | ||||
| -rw-r--r-- | test/polkitbackend/test-polkitbackendjsauthority.c | 26 |
2 files changed, 37 insertions, 1 deletions
diff --git a/test/data/etc/polkit-1/rules.d/10-testing.rules b/test/data/etc/polkit-1/rules.d/10-testing.rules index 4fce8c5..4cd184c 100644 --- a/test/data/etc/polkit-1/rules.d/10-testing.rules +++ b/test/data/etc/polkit-1/rules.d/10-testing.rules @@ -41,3 +41,15 @@ polkit.addRule(function(action, subject, details) { return "yes"; } }); + +// --------------------------------------------------------------------- +// group membership + +polkit.addRule(function(action, subject, details) { + if (action == "net.company.group.only_group_users") { + if (subject.isInGroup("users")) + return "yes"; + else + return "no"; + } +}); diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c index 8057707..a210f68 100644 --- a/test/polkitbackend/test-polkitbackendjsauthority.c +++ b/test/polkitbackend/test-polkitbackendjsauthority.c @@ -148,6 +148,7 @@ struct RulesTestCase { const gchar *test_name; const gchar *action_id; + const gchar *identity; PolkitImplicitAuthorization expected_result; const gchar *expected_detail; }; @@ -157,12 +158,14 @@ static const RulesTestCase rules_test_cases[] = { { "basic0", "net.company.productA.action0", + "unix-user:root", POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED, NULL }, { "basic1", "net.company.productA.action1", + "unix-user:root", POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED, NULL }, @@ -181,6 +184,7 @@ static const RulesTestCase rules_test_cases[] = { /* defined in file a, b, c, d - should pick file a */ "order0", "net.company.order0", + "unix-user:root", POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, "a" }, @@ -188,6 +192,7 @@ static const RulesTestCase rules_test_cases[] = { /* defined in file b, c, d - should pick file b */ "order1", "net.company.order1", + "unix-user:root", POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, "b" }, @@ -195,9 +200,28 @@ static const RulesTestCase rules_test_cases[] = { /* defined in file c, d - should pick file c */ "order2", "net.company.order2", + "unix-user:root", POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, "c" }, + + /* check group membership */ + { + /* john is a member of group 'users', see test/etc/group */ + "group_membership_with_member", + "net.company.group.only_group_users", + "unix-user:john", + POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED, + NULL + }, + { + /* sally is not a member of group 'users', see test/etc/group */ + "group_membership_with_non_member", + "net.company.group.only_group_users", + "unix-user:sally", + POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED, + NULL + }, }; /* ---------------------------------------------------------------------------------------------------- */ @@ -218,7 +242,7 @@ rules_test_func (gconstpointer user_data) caller = polkit_unix_process_new (getpid ()); subject = polkit_unix_process_new (getpid ()); - user_for_subject = polkit_identity_from_string ("unix-user:root", &error); + user_for_subject = polkit_identity_from_string (tc->identity, &error); g_assert_no_error (error); details = polkit_details_new (); |