authz_tests.py
来自「subversion-1.4.5.tar.gz 配置svn的源码」· Python 代码 · 共 927 行 · 第 1/3 页
PY
927 行
'--password', svntest.main.wc_passwd, '-m', 'logmsg', lambda_url, D_url) # copy a remote folder svntest.actions.run_and_verify_svn("", None, [], 'cp', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, C_url, D_url, '-m', 'logmsg') # copy a remote folder, source is unreadable: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'cp', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', E_url, D_url)# test whether write access is correctly granted and denieddef authz_write_access(sbox): "test authz for write operations" skip_test_when_no_authz_available() sbox.build("authz_write_access", create_wc = False) write_restrictive_svnserve_conf(svntest.main.current_repo_dir) fp = open(sbox.authz_file, 'w') # For mod_dav_svn's parent path setup we need per-repos permissions in # the authz file... if sbox.repo_url.startswith('http'): fp.write("[authz_write_access:/]\n" + "* = r\n" + "\n" + "[authz_write_access:/A/B]\n" + "* = rw\n" + "\n" + "[authz_write_access:/A/C]\n" + "* = rw") expected_err = ".*403 Forbidden.*" # Otherwise we can just go with the permissions needed for the source # repository. else: fp.write("[/]\n" + "* = r\n" + "[/A/B]\n" + "* = rw\n" + "[/A/C]\n" + "* = rw\n") expected_err = ".*svn: Access denied.*" fp.close() root_url = svntest.main.current_repo_url A_url = root_url + '/A' B_url = A_url + '/B' C_url = A_url + '/C' E_url = B_url + '/E' mu_url = A_url + '/mu' iota_url = root_url + '/iota' lambda_url = B_url + '/lambda' D_url = A_url + '/D' # copy a remote file, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'cp', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', lambda_url, D_url) # copy a remote folder, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'cp', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', E_url, D_url) # delete a file, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'rm', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', iota_url) # delete a folder, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'rm', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', D_url) # create a folder, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'mkdir', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', A_url+'/newfolder') # move a remote file, source is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'mv', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', mu_url, C_url) # move a remote folder, source is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'mv', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', D_url, C_url) # move a remote file, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'mv', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', lambda_url, D_url) # move a remote folder, target is readonly: should fail svntest.actions.run_and_verify_svn("", None, expected_err, 'mv', '--username', svntest.main.wc_author, '--password', svntest.main.wc_passwd, '-m', 'logmsg', B_url, D_url)#----------------------------------------------------------------------def authz_checkout_test(sbox): "test authz for checkout" skip_test_when_no_authz_available() sbox.build("authz_checkout_test", create_wc = False) local_dir = sbox.wc_dir write_restrictive_svnserve_conf(svntest.main.current_repo_dir) # 1st part: disable all read access, checkout should fail # write an authz file with *= on / fp = open(sbox.authz_file, 'w') if sbox.repo_url.startswith('http'): fp.write("[authz_checkout_test:/]\n" + "* =\n") expected_err = ".*403 Forbidden.*" else: fp.write("[/]\n" + "* =\n") expected_err = ".*svn: Authorization failed.*" fp.close() # checkout a working copy, should fail svntest.actions.run_and_verify_svn(None, None, expected_err, 'co', sbox.repo_url, local_dir) # 2nd part: now enable read access # write an authz file with *=r on / fp = open(sbox.authz_file, 'w') if sbox.repo_url.startswith('http'): fp.write("[authz_checkout_test:/]\n" + "* = r\n") expected_err = ".*403 Forbidden.*" else: fp.write("[/]\n" + "* = r\n") expected_err = ".*svn: Authorization failed.*" fp.close() # checkout a working copy, should succeed because we have read access expected_output = svntest.main.greek_state.copy() expected_output.wc_dir = local_dir expected_output.tweak(status='A ', contents=None) expected_wc = svntest.main.greek_state svntest.actions.run_and_verify_checkout(sbox.repo_url, local_dir, expected_output, expected_wc)def authz_checkout_and_update_test(sbox): "test authz for checkout and update" skip_test_when_no_authz_available() sbox.build("authz_checkout_and_update_test", create_wc = False) local_dir = sbox.wc_dir write_restrictive_svnserve_conf(svntest.main.current_repo_dir) # 1st part: disable read access on folder A/B, checkout should not # download this folder # write an authz file with *= on /A/B fp = open(sbox.authz_file, 'w') if sbox.repo_url.startswith('http'): fp.write("[authz_checkout_and_update_test:/]\n" + "* = r\n" + "[authz_checkout_and_update_test:/A/B]\n" + "* =\n") else: fp.write("[/]\n" + "* = r\n" + "[/A/B]\n" + "* =\n") fp.close() # checkout a working copy, should not dl /A/B expected_output = svntest.main.greek_state.copy() expected_output.wc_dir = local_dir expected_output.tweak(status='A ', contents=None) expected_output.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha', 'A/B/E/beta', 'A/B/F') expected_wc = svntest.main.greek_state.copy() expected_wc.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha', 'A/B/E/beta', 'A/B/F') svntest.actions.run_and_verify_checkout(sbox.repo_url, local_dir, expected_output, expected_wc) # 2nd part: now enable read access # write an authz file with *=r on / fp = open(sbox.authz_file, 'w') if sbox.repo_url.startswith('http'): fp.write("[authz_checkout_and_update_test:/]\n" + "* = r\n") else: fp.write("[/]\n" + "* = r\n") fp.close() # update the working copy, should download /A/B because we now have read # access expected_output = svntest.wc.State(local_dir, { 'A/B' : Item(status='A '), 'A/B/lambda' : Item(status='A '), 'A/B/E' : Item(status='A '), 'A/B/E/alpha' : Item(status='A '), 'A/B/E/beta' : Item(status='A '), 'A/B/F' : Item(status='A '), }) expected_wc = svntest.main.greek_state expected_status = svntest.actions.get_virginal_state(local_dir, 1) svntest.actions.run_and_verify_update(local_dir, expected_output, expected_wc, expected_status, None, None, None, None, None, 1) def authz_partial_export_test(sbox): "test authz for export with unreadable subfolder" skip_test_when_no_authz_available() sbox.build("authz_partial_export_test", create_wc = False) local_dir = sbox.wc_dir # cleanup remains of a previous test run. svntest.main.safe_rmtree(local_dir) write_restrictive_svnserve_conf(svntest.main.current_repo_dir) # 1st part: disable read access on folder A/B, export should not # download this folder # write an authz file with *= on /A/B fp = open(sbox.authz_file, 'w') if sbox.repo_url.startswith('http'):⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?