commit - b7e5019680e3d2e1827b8c759abbaf3e4e04ea0c
commit + c87f19c974f195762461da6acda5b2acd8ebeedb
blob - 1ad6b1fd130557ddf6737ba042b5a736717e0cfb
blob + 69bf191628d4e806c1c0fc3a7d5c6867bdb22f30
--- regress/gotsysd/test_gotsysd.sh
+++ regress/gotsysd/test_gotsysd.sh
test_done "$testroot" "$ret"
}
+
+test_deny_access() {
+ local testroot=`test_init deny_access 1`
+
+ got checkout -q $testroot/${GOTSYS_REPO} $testroot/wt >/dev/null
+ ret=$?
+ if [ $ret -ne 0 ]; then
+ echo "got checkout failed unexpectedly" >&2
+ test_done "$testroot" 1
+ return 1
+ fi
+ crypted_vm_pw=`echo ${GOTSYSD_VM_PASSWORD} | encrypt | tr -d '\n'`
+ crypted_pw=`echo ${GOTSYSD_DEV_PASSWORD} | encrypt | tr -d '\n'`
+ sshkey=`cat ${GOTSYSD_SSH_PUBKEY}`
+ cat > ${testroot}/wt/gotsys.conf <<EOF
+group slackers
+
+user ${GOTSYSD_TEST_USER} {
+ password "${crypted_vm_pw}"
+ authorized key ${sshkey}
+}
+user ${GOTSYSD_DEV_USER} {
+ password "${crypted_pw}"
+ authorized key ${sshkey}
+}
+repository gotsys.git {
+ permit rw ${GOTSYSD_TEST_USER}
+ permit rw ${GOTSYSD_DEV_USER}
+}
+repository "foo" {
+ deny ${GOTSYSD_DEV_USER}
+ permit ro anonymous
+ head foo
+ protect branch foo
+ protect {
+ tag namespace "refs/tags"
+ }
+}
+EOF
+ (cd ${testroot}/wt && \
+ got commit -m "deny access to foo repository" >/dev/null)
+ local commit_id=`git_show_head $testroot/${GOTSYS_REPO}`
+
+ got send -q -i ${GOTSYSD_SSH_KEY} -r ${testroot}/${GOTSYS_REPO}
+ ret=$?
+ if [ $ret -ne 0 ]; then
+ echo "got send failed unexpectedly" >&2
+ test_done "$testroot" 1
+ return 1
+ fi
+
+ # Wait for gotsysd to apply the new configuration.
+ echo "$commit_id" > $testroot/stdout.expected
+ for i in 1 2 3 4 5; do
+ sleep 1
+ ssh -i ${GOTSYSD_SSH_KEY} root@${VMIP} \
+ cat /var/db/gotsysd/commit > $testroot/stdout
+ if cmp -s $testroot/stdout.expected $testroot/stdout; then
+ break;
+ fi
+ done
+ cmp -s $testroot/stdout.expected $testroot/stdout
+ ret=$?
+ if [ $ret -ne 0 ]; then
+ echo "gotsysd failed to apply configuration" >&2
+ diff -u $testroot/stdout.expected $testroot/stdout
+ test_done "$testroot" "$ret"
+ return 1
+ fi
+
+ # Try to clone repository foo. Should fail.
+ got clone -q -i ${GOTSYSD_SSH_KEY} -b foo \
+ ${GOTSYSD_DEV_USER}@${VMIP}:foo.git $testroot/foo.git \
+ > $testroot/stdout 2> $testroot/stderr
+ ret=$?
+ if [ $ret -eq 0 ]; then
+ echo "got clone succeeded unexpectedly" >&2
+ return 1
+ fi
+
+ echo -n "" > $testroot/stdout.expected
+ cmp -s $testroot/stdout.expected $testroot/stdout
+ ret=$?
+ if [ $ret -ne 0 ]; then
+ diff -u $testroot/stdout.expected $testroot/stdout
+ test_done "$testroot" "$ret"
+ return 1
+ fi
+
+ echo "gotsh: foo: Permission denied" > $testroot/stderr.expected
+ grep '^gotsh:' $testroot/stderr > $testroot/stderr.filtered
+ cmp -s $testroot/stderr.expected $testroot/stderr.filtered
+ ret=$?
+ if [ $ret -ne 0 ]; then
+ diff -u $testroot/stderr.expected $testroot/stderr.filtered
+ test_done "$testroot" "$ret"
+ return 1
+ fi
+
+ test_done "$testroot" "$ret"
+}
+
test_parseargs "$@"
run_test test_user_add
run_test test_user_mod
run_test test_bad_gotsysconf
run_test test_set_head
run_test test_protect_refs
+run_test test_deny_access
