view tests/test-acl @ 11521:3efadce5b346 stable

extensions: add a few assertions to wrapfunction() and wrapcommand(). Specifically, assert that the given wrapper is callable in both functions, and assert that the original was also callable in wrapfunction().
author Dan Villiom Podlaski Christiansen <danchr@gmail.com>
date Fri, 09 Jul 2010 11:04:00 +0200
parents 2b83c26b29f3
children
line wrap: on
line source

#!/bin/sh

do_push()
{
    user=$1
    shift

    echo "Pushing as user $user"
    echo 'hgrc = """'
    sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py
    echo '"""'
    if test -f acl.config; then
	echo 'acl.config = """'
	cat acl.config
	echo '"""'
    fi
    # On AIX /etc/profile sets LOGNAME read-only. So
    #  LOGNAME=$user hg --cws a --debug push ../b
    # fails with "This variable is read only."
    # Use env to work around this.
    env LOGNAME=$user hg --cwd a --debug push ../b
    hg --cwd b rollback
    hg --cwd b --quiet tip
    echo
}

init_config()
{
cat > fakegroups.py <<EOF
from hgext import acl
def fakegetusers(ui, group):
    try:
        return acl._getusersorig(ui, group)
    except:
        return ["fred", "betty"]
acl._getusersorig = acl._getusers
acl._getusers = fakegetusers
EOF

rm -f acl.config
cat > $config <<EOF
[hooks]
pretxnchangegroup.acl = python:hgext.acl.hook
[acl]
sources = push
[extensions]
f=`pwd`/fakegroups.py
EOF
}

hg init a
cd a
mkdir foo foo/Bar quux
echo 'in foo' > foo/file.txt
echo 'in foo/Bar' > foo/Bar/file.txt
echo 'in quux' > quux/file.py
hg add -q
hg ci -m 'add files' -d '1000000 0'
echo >> foo/file.txt
hg ci -m 'change foo/file' -d '1000001 0'
echo >> foo/Bar/file.txt
hg ci -m 'change foo/Bar/file' -d '1000002 0'
echo >> quux/file.py
hg ci -m 'change quux/file' -d '1000003 0'
hg tip --quiet

cd ..
hg clone -r 0 a b

echo '[extensions]' >> $HGRCPATH
echo 'acl =' >> $HGRCPATH

config=b/.hg/hgrc

echo

echo 'Extension disabled for lack of a hook'
do_push fred

echo '[hooks]' >> $config
echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config

echo 'Extension disabled for lack of acl.sources'
do_push fred

echo 'No [acl.allow]/[acl.deny]'
echo '[acl]' >> $config
echo 'sources = push' >> $config
do_push fred

echo 'Empty [acl.allow]'
echo '[acl.allow]' >> $config
do_push fred

echo 'fred is allowed inside foo/'
echo 'foo/** = fred' >> $config
do_push fred

echo 'Empty [acl.deny]'
echo '[acl.deny]' >> $config
do_push barney

echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)'
echo 'foo/bar/** = fred' >> $config
do_push fred

echo 'fred is allowed inside foo/, but not foo/Bar/'
echo 'foo/Bar/** = fred' >> $config
do_push fred

echo 'barney is not mentioned => not allowed anywhere'
do_push barney

echo 'barney is allowed everywhere'
echo '[acl.allow]' >> $config
echo '** = barney' >> $config
do_push barney

echo 'wilma can change files with a .txt extension'
echo '**/*.txt = wilma' >> $config
do_push wilma

echo 'file specified by acl.config does not exist'
echo '[acl]' >> $config
echo 'config = ../acl.config' >> $config
do_push barney

echo 'betty is allowed inside foo/ by a acl.config file'
echo '[acl.allow]' >> acl.config
echo 'foo/** = betty' >> acl.config
do_push betty

echo 'acl.config can set only [acl.allow]/[acl.deny]'
echo '[hooks]' >> acl.config
echo 'changegroup.acl = false' >> acl.config
do_push barney

# asterisk

init_config

echo 'asterisk test'
echo '[acl.allow]' >> $config
echo "** = fred" >> $config
echo "fred is always allowed"
do_push fred

echo '[acl.deny]' >> $config
echo "foo/Bar/** = *" >> $config
echo "no one is allowed inside foo/Bar/"
do_push fred

# Groups

init_config

echo 'OS-level groups'
echo '[acl.allow]' >> $config
echo "** = @group1" >> $config
echo "@group1 is always allowed"
do_push fred

echo '[acl.deny]' >> $config
echo "foo/Bar/** = @group1" >> $config
echo "@group is allowed inside anything but foo/Bar/"
do_push fred

echo 'Invalid group'
# Disable the fakegroups trick to get real failures
grep -v fakegroups $config > config.tmp
mv config.tmp $config
echo '[acl.allow]' >> $config
echo "** = @unlikelytoexist" >> $config
do_push fred 2>&1 | grep unlikelytoexist

true