Mercurial > hg
view tests/test-acl @ 11447:ac256cd2cb36 stable
mercurial.spec: don't include convert-repo - use "hg convert" instead
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Fri, 25 Jun 2010 19:59:22 +0200 |
parents | 1f26cf0a3663 |
children | 2b83c26b29f3 |
line wrap: on
line source
#!/bin/sh do_push() { user=$1 shift echo "Pushing as user $user" echo 'hgrc = """' sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py echo '"""' if test -f acl.config; then echo 'acl.config = """' cat acl.config echo '"""' fi # On AIX /etc/profile sets LOGNAME read-only. So # LOGNAME=$user hg --cws a --debug push ../b # fails with "This variable is read only." # Use env to work around this. env LOGNAME=$user hg --cwd a --debug push ../b hg --cwd b rollback hg --cwd b --quiet tip echo } init_config() { cat > fakegroups.py <<EOF from hgext import acl def fakegetusers(ui, group): try: return acl._getusersorig(ui, group) except: return ["fred", "betty"] acl._getusersorig = acl._getusers acl._getusers = fakegetusers EOF rm -f acl.config cat > $config <<EOF [hooks] pretxnchangegroup.acl = python:hgext.acl.hook [acl] sources = push [extensions] f=$PWD/fakegroups.py EOF } hg init a cd a mkdir foo foo/Bar quux echo 'in foo' > foo/file.txt echo 'in foo/Bar' > foo/Bar/file.txt echo 'in quux' > quux/file.py hg add -q hg ci -m 'add files' -d '1000000 0' echo >> foo/file.txt hg ci -m 'change foo/file' -d '1000001 0' echo >> foo/Bar/file.txt hg ci -m 'change foo/Bar/file' -d '1000002 0' echo >> quux/file.py hg ci -m 'change quux/file' -d '1000003 0' hg tip --quiet cd .. hg clone -r 0 a b echo '[extensions]' >> $HGRCPATH echo 'acl =' >> $HGRCPATH config=b/.hg/hgrc echo echo 'Extension disabled for lack of a hook' do_push fred echo '[hooks]' >> $config echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config echo 'Extension disabled for lack of acl.sources' do_push fred echo 'No [acl.allow]/[acl.deny]' echo '[acl]' >> $config echo 'sources = push' >> $config do_push fred echo 'Empty [acl.allow]' echo '[acl.allow]' >> $config do_push fred echo 'fred is allowed inside foo/' echo 'foo/** = fred' >> $config do_push fred echo 'Empty [acl.deny]' echo '[acl.deny]' >> $config do_push barney echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)' echo 'foo/bar/** = fred' >> $config do_push fred echo 'fred is allowed inside foo/, but not foo/Bar/' echo 'foo/Bar/** = fred' >> $config do_push fred echo 'barney is not mentioned => not allowed anywhere' do_push barney echo 'barney is allowed everywhere' echo '[acl.allow]' >> $config echo '** = barney' >> $config do_push barney echo 'wilma can change files with a .txt extension' echo '**/*.txt = wilma' >> $config do_push wilma echo 'file specified by acl.config does not exist' echo '[acl]' >> $config echo 'config = ../acl.config' >> $config do_push barney echo 'betty is allowed inside foo/ by a acl.config file' echo '[acl.allow]' >> acl.config echo 'foo/** = betty' >> acl.config do_push betty echo 'acl.config can set only [acl.allow]/[acl.deny]' echo '[hooks]' >> acl.config echo 'changegroup.acl = false' >> acl.config do_push barney # asterisk init_config echo 'asterisk test' echo '[acl.allow]' >> $config echo "** = fred" >> $config echo "fred is always allowed" do_push fred echo '[acl.deny]' >> $config echo "foo/Bar/** = *" >> $config echo "no one is allowed inside foo/Bar/" do_push fred # Groups init_config echo 'OS-level groups' echo '[acl.allow]' >> $config echo "** = @group1" >> $config echo "@group1 is always allowed" do_push fred echo '[acl.deny]' >> $config echo "foo/Bar/** = @group1" >> $config echo "@group is allowed inside anything but foo/Bar/" do_push fred echo 'Invalid group' # Disable the fakegroups trick to get real failures grep -v fakegroups $config > config.tmp mv config.tmp $config echo '[acl.allow]' >> $config echo "** = @unlikelytoexist" >> $config do_push fred 2>&1 | grep unlikelytoexist true