diff options
| author | Russ Allbery <rra@stanford.edu> | 2007-12-07 02:03:44 +0000 |
|---|---|---|
| committer | Russ Allbery <rra@stanford.edu> | 2007-12-07 02:03:44 +0000 |
| commit | bc043eb26eebd54857814caf02641d866ec5beb7 (patch) | |
| tree | b71fb8aa34e36899e9976824023d46475ac5f2cb | |
| parent | c2ca6dbc6caa51283a8fa587a622bcd870c97d93 (diff) | |
Test the interaction of the ADMIN ACL with autocreate on get.
| -rwxr-xr-x | perl/t/server.t | 30 |
1 files changed, 27 insertions, 3 deletions
diff --git a/perl/t/server.t b/perl/t/server.t index a1467d1..13b08e9 100755 --- a/perl/t/server.t +++ b/perl/t/server.t @@ -8,7 +8,7 @@ # # See LICENSE for licensing terms. -use Test::More tests => 321; +use Test::More tests => 325; use POSIX qw(strftime); use Wallet::Config; @@ -753,7 +753,8 @@ is ($server->error, "$user2 not authorized to create base:service/both", # ACL). # # Also add service/default-get and service/default-store to test auto-creation -# on get and store. +# on get and store, and service/default-admin to test auto-creation when one +# is an admin. package Wallet::Config; sub default_owner { my ($type, $name) = @_; @@ -767,6 +768,8 @@ sub default_owner { return ('user2', [ 'krb5', $user2 ]); } elsif ($type eq 'base' and $name eq 'service/default-store') { return ('user2', [ 'krb5', $user2 ]); + } elsif ($type eq 'base' and $name eq 'service/default-admin') { + return ('auto-admin', [ 'krb5', $admin ]); } else { return; } @@ -800,7 +803,7 @@ EOO is ($server->error, undef, ' and the created object and ACL are correct'); } -# Try the other basic cases in default_acl. +# Try the other basic cases in default_owner. is ($server->create ('base', 'service/default-both'), undef, 'Creating an object with an ACL mismatch fails'); is ($server->error, "ACL both exists and doesn't match default", @@ -868,6 +871,27 @@ is ($server->store ('base', 'service/foo', 'stuff'), undef, is ($server->error, "$user2 not authorized to create base:service/foo", ' with the right error'); +# Switch back to admin to test auto-creation. +$server = eval { Wallet::Server->new ($admin, $host) }; +is ($@, '', 'Switching users back to admin works'); +$result = eval { $server->get ('base', 'service/default-admin') }; +is ($result, undef, 'Auto-creation on get...'); +is ($@, "Do not instantiate Wallet::Object::Base directly\n", ' ...works'); +$show = $server->show ('base', 'service/default-admin'); +$show =~ s/(Created on:) [\d-]+ [\d:]+$/$1 0/m; +$expected = <<"EOO"; + Type: base + Name: service/default-admin + Owner: auto-admin + Created by: $admin + Created from: $host + Created on: 0 + +Members of ACL auto-admin (id: 8) are: + krb5 $admin +EOO +is ($show, $expected, ' and the created object and ACL are correct'); + # Clean up. $schema = Wallet::Schema->new; $schema->drop ($server->dbh); |