summaryrefslogtreecommitdiff
path: root/source3/modules/test_nfs4_acls.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/modules/test_nfs4_acls.c')
-rw-r--r--source3/modules/test_nfs4_acls.c63
1 files changed, 63 insertions, 0 deletions
diff --git a/source3/modules/test_nfs4_acls.c b/source3/modules/test_nfs4_acls.c
index eda2fe56d32..341bf179ea9 100644
--- a/source3/modules/test_nfs4_acls.c
+++ b/source3/modules/test_nfs4_acls.c
@@ -1537,6 +1537,68 @@ static void test_dacl_to_nfs4_config_special(void **state)
TALLOC_FREE(frame);
}
+static void test_nfs4_to_dacl_config_special(void **state)
+{
+ struct dom_sid *sids = *state;
+ TALLOC_CTX *frame = talloc_stackframe();
+ struct SMB4ACL_T *nfs4_acl;
+ SMB_ACE4PROP_T nfs4_ace;
+ struct security_ace *dacl_aces;
+ int good_aces;
+ struct smbacl4_vfs_params params = {
+ .mode = e_special,
+ .do_chown = true,
+ .acedup = e_dontcare,
+ .map_full_control = true,
+ };
+
+ nfs4_acl = smb_create_smb4acl(frame);
+ assert_non_null(nfs4_acl);
+
+ /*
+ * In config mode special, this is not mapped to Creator Owner
+ */
+ nfs4_ace = (SMB_ACE4PROP_T) {
+ .flags = SMB_ACE4_ID_SPECIAL,
+ .who.special_id = SMB_ACE4_WHO_OWNER,
+ .aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE,
+ .aceFlags = SMB_ACE4_FILE_INHERIT_ACE,
+ .aceMask = SMB_ACE4_READ_DATA,
+ };
+ assert_non_null(smb_add_ace4(nfs4_acl, &nfs4_ace));
+
+ /*
+ * In config mode special, this is not mapped to Creator Group
+ */
+ nfs4_ace = (SMB_ACE4PROP_T) {
+ .flags = SMB_ACE4_ID_SPECIAL,
+ .who.special_id = SMB_ACE4_WHO_GROUP,
+ .aceType = SMB_ACE4_ACCESS_ALLOWED_ACE_TYPE,
+ .aceFlags = SMB_ACE4_DIRECTORY_INHERIT_ACE,
+ .aceMask = SMB_ACE4_WRITE_DATA,
+ };
+ assert_non_null(smb_add_ace4(nfs4_acl, &nfs4_ace));
+
+ assert_true(smbacl4_nfs42win(frame, &params, nfs4_acl,
+ &sids[0], &sids[1], true,
+ &dacl_aces, &good_aces));
+
+ assert_int_equal(good_aces, 2);
+ assert_non_null(dacl_aces);
+
+ assert_int_equal(dacl_aces[0].type, SEC_ACE_TYPE_ACCESS_ALLOWED);
+ assert_int_equal(dacl_aces[0].flags, SEC_ACE_FLAG_OBJECT_INHERIT);
+ assert_int_equal(dacl_aces[0].access_mask, SEC_FILE_READ_DATA);
+ assert_true(dom_sid_equal(&dacl_aces[0].trustee, &sids[0]));
+
+ assert_int_equal(dacl_aces[1].type, SEC_ACE_TYPE_ACCESS_ALLOWED);
+ assert_int_equal(dacl_aces[1].flags, SEC_ACE_FLAG_CONTAINER_INHERIT);
+ assert_int_equal(dacl_aces[1].access_mask, SEC_FILE_WRITE_DATA);
+ assert_true(dom_sid_equal(&dacl_aces[1].trustee, &sids[1]));
+
+ TALLOC_FREE(frame);
+}
+
int main(int argc, char **argv)
{
const struct CMUnitTest tests[] = {
@@ -1557,6 +1619,7 @@ int main(int argc, char **argv)
cmocka_unit_test(test_dacl_to_nfs4_acedup_settings),
cmocka_unit_test(test_dacl_to_nfs4_acedup_match),
cmocka_unit_test(test_dacl_to_nfs4_config_special),
+ cmocka_unit_test(test_nfs4_to_dacl_config_special),
};
cmocka_set_message_output(CM_OUTPUT_SUBUNIT);
View Lorry Controller Status