TheLocehiliosan_yadm/test/test_perms.py

"""Test perms"""

import os

import pytest


@pytest.mark.parametrize("autoperms", ["notest", "unset", "true", "false"])
@pytest.mark.usefixtures("ds1_copy")
def test_perms(runner, yadm_cmd, paths, ds1, autoperms):
    """Test perms"""
    # set the value of auto-perms
    if autoperms != "notest":
        if autoperms != "unset":
            os.system(" ".join(yadm_cmd("config", "yadm.auto-perms", autoperms)))

    # privatepaths will hold all paths that should become secured
    privatepaths = [paths.work.join(".ssh"), paths.work.join(".gnupg")]
    privatepaths += [paths.work.join(private.path) for private in ds1.private]

    # create an archive file
    os.system(f'touch "{str(paths.archive)}"')
    privatepaths.append(paths.archive)

    # create encrypted file test data
    efile1 = paths.work.join("efile1")
    efile1.write("efile1")
    efile2 = paths.work.join("efile2")
    efile2.write("efile2")
    paths.encrypt.write("efile1\nefile2\n!efile1\n")
    insecurepaths = [efile1]
    privatepaths.append(efile2)

    # assert these paths begin unsecured
    for private in privatepaths + insecurepaths:
        assert not oct(private.stat().mode).endswith("00"), "Path started secured"

    cmd = "perms"
    if autoperms != "notest":
        cmd = "status"
    run = runner(yadm_cmd(cmd), env={"HOME": paths.work})
    assert run.success
    assert run.err == ""
    if cmd == "perms":
        assert run.out == ""

    # these paths should be secured if processing perms
    for private in privatepaths:
        if autoperms == "false":
            assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"
        else:
            assert oct(private.stat().mode).endswith("00"), "Path has not been secured"

    # these paths should never be secured
    for private in insecurepaths:
        assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"


@pytest.mark.parametrize("sshperms", [None, "true", "false"])
@pytest.mark.parametrize("gpgperms", [None, "true", "false"])
@pytest.mark.usefixtures("ds1_copy")
def test_perms_control(runner, yadm_cmd, paths, ds1, sshperms, gpgperms):
    """Test fine control of perms"""
    # set the value of ssh-perms
    if sshperms:
        os.system(" ".join(yadm_cmd("config", "yadm.ssh-perms", sshperms)))

    # set the value of gpg-perms
    if gpgperms:
        os.system(" ".join(yadm_cmd("config", "yadm.gpg-perms", gpgperms)))

    # privatepaths will hold all paths that should become secured
    privatepaths = [paths.work.join(".ssh"), paths.work.join(".gnupg")]
    privatepaths += [paths.work.join(private.path) for private in ds1.private]

    # assert these paths begin unsecured
    for private in privatepaths:
        assert not oct(private.stat().mode).endswith("00"), "Path started secured"

    run = runner(yadm_cmd("perms"), env={"HOME": paths.work})
    assert run.success
    assert run.err == ""
    assert run.out == ""

    # these paths should be secured if processing perms
    for private in privatepaths:
        if (sshperms == "false" and "ssh" in str(private)) or (gpgperms == "false" and "gnupg" in str(private)):
            assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"
        else:
            assert oct(private.stat().mode).endswith("00"), "Path has not been secured"

    # verify permissions aren't changed for the worktree
    assert oct(paths.work.stat().mode).endswith("0755")
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`"""Test perms"""`

			`import os`
Lint using isort 2023-07-10 14:14:33 +00:00
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`import pytest`


Changes for black compliance 2023-07-10 19:43:17 +00:00			`@pytest.mark.parametrize("autoperms", ["notest", "unset", "true", "false"])`
			`@pytest.mark.usefixtures("ds1_copy")`
Rename yadm_y -> yadm_cmd -Y is no longer used when running commands 2020-11-17 20:38:31 +00:00			`def test_perms(runner, yadm_cmd, paths, ds1, autoperms):`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`"""Test perms"""`
			`# set the value of auto-perms`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`if autoperms != "notest":`
			`if autoperms != "unset":`
			`os.system(" ".join(yadm_cmd("config", "yadm.auto-perms", autoperms)))`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# privatepaths will hold all paths that should become secured`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`privatepaths = [paths.work.join(".ssh"), paths.work.join(".gnupg")]`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`privatepaths += [paths.work.join(private.path) for private in ds1.private]`

			`# create an archive file`
			`os.system(f'touch "{str(paths.archive)}"')`
			`privatepaths.append(paths.archive)`

			`# create encrypted file test data`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`efile1 = paths.work.join("efile1")`
			`efile1.write("efile1")`
			`efile2 = paths.work.join("efile2")`
			`efile2.write("efile2")`
			`paths.encrypt.write("efile1\nefile2\n!efile1\n")`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`insecurepaths = [efile1]`
			`privatepaths.append(efile2)`

			`# assert these paths begin unsecured`
			`for private in privatepaths + insecurepaths:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert not oct(private.stat().mode).endswith("00"), "Path started secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
Changes for black compliance 2023-07-10 19:43:17 +00:00			`cmd = "perms"`
			`if autoperms != "notest":`
			`cmd = "status"`
			`run = runner(yadm_cmd(cmd), env={"HOME": paths.work})`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`assert run.success`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert run.err == ""`
			`if cmd == "perms":`
			`assert run.out == ""`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# these paths should be secured if processing perms`
			`for private in privatepaths:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`if autoperms == "false":`
			`assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`else:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert oct(private.stat().mode).endswith("00"), "Path has not been secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# these paths should never be secured`
			`for private in insecurepaths:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00

Changes for black compliance 2023-07-10 19:43:17 +00:00			`@pytest.mark.parametrize("sshperms", [None, "true", "false"])`
			`@pytest.mark.parametrize("gpgperms", [None, "true", "false"])`
			`@pytest.mark.usefixtures("ds1_copy")`
Rename yadm_y -> yadm_cmd -Y is no longer used when running commands 2020-11-17 20:38:31 +00:00			`def test_perms_control(runner, yadm_cmd, paths, ds1, sshperms, gpgperms):`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`"""Test fine control of perms"""`
			`# set the value of ssh-perms`
			`if sshperms:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`os.system(" ".join(yadm_cmd("config", "yadm.ssh-perms", sshperms)))`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# set the value of gpg-perms`
			`if gpgperms:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`os.system(" ".join(yadm_cmd("config", "yadm.gpg-perms", gpgperms)))`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# privatepaths will hold all paths that should become secured`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`privatepaths = [paths.work.join(".ssh"), paths.work.join(".gnupg")]`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`privatepaths += [paths.work.join(private.path) for private in ds1.private]`

			`# assert these paths begin unsecured`
			`for private in privatepaths:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert not oct(private.stat().mode).endswith("00"), "Path started secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
Changes for black compliance 2023-07-10 19:43:17 +00:00			`run = runner(yadm_cmd("perms"), env={"HOME": paths.work})`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`assert run.success`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert run.err == ""`
			`assert run.out == ""`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00
			`# these paths should be secured if processing perms`
			`for private in privatepaths:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`if (sshperms == "false" and "ssh" in str(private)) or (gpgperms == "false" and "gnupg" in str(private)):`
			`assert not oct(private.stat().mode).endswith("00"), "Path should not be secured"`
Rewrite testing system (#119) The new test system is written with py.test. These tests are more comprehensive, run faster by an order of magnitude, and are far more maintainable. The tests themselves conform to PEP8. 2018-07-11 12:50:42 +00:00			`else:`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert oct(private.stat().mode).endswith("00"), "Path has not been secured"`
Add test for permission bug (#174) 2019-11-12 05:28:16 +00:00
			`# verify permissions aren't changed for the worktree`
Changes for black compliance 2023-07-10 19:43:17 +00:00			`assert oct(paths.work.stat().mode).endswith("0755")`