Add tests for CanRead
authorMichele Tartara <mtartara@google.com>
Wed, 10 Jul 2013 11:32:46 +0000 (11:32 +0000)
committerMichele Tartara <mtartara@google.com>
Wed, 10 Jul 2013 13:44:22 +0000 (13:44 +0000)
Verify that the CanRead function is actually able to check whether a file has
the proper permissions.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Klaus Aehlig <aehlig@google.com>

test/py/ganeti.utils.io_unittest-runasroot.py

index 909c08e..7a7d8b5 100644 (file)
@@ -25,6 +25,9 @@ import os
 import tempfile
 import shutil
 import errno
+import grp
+import pwd
+import stat
 
 from ganeti import constants
 from ganeti import utils
@@ -92,6 +95,43 @@ class TestWriteFile(testutils.GanetiTestCase):
                     keep_perms=utils.KP_IF_EXISTS)
     self.assertFileGid(target, tgid)
 
+class TestCanRead(testutils.GanetiTestCase):
+  def setUp(self):
+    testutils.GanetiTestCase.setUp(self)
+    self.tmpdir = tempfile.mkdtemp()
+    self.confdUid = pwd.getpwnam(constants.CONFD_USER).pw_uid
+    self.masterdUid = pwd.getpwnam(constants.MASTERD_USER).pw_uid
+    self.masterdGid = grp.getgrnam(constants.MASTERD_GROUP).gr_gid
+
+  def tearDown(self):
+    testutils.GanetiTestCase.tearDown(self)
+    if self.tmpdir:
+      shutil.rmtree(self.tmpdir)
+
+  def testUserCanRead(self):
+    target = utils.PathJoin(self.tmpdir, "target1")
+    f=open(target, "w")
+    f.close()
+    utils.EnforcePermission(target, 0400, uid=self.confdUid,
+                            gid=self.masterdGid)
+    self.assertTrue(utils.CanRead(constants.CONFD_USER, target))
+    if constants.CONFD_USER != constants.MASTERD_USER:
+      self.assertFalse(utils.CanRead(constants.MASTERD_USER, target))
+
+  def testGroupCanRead(self):
+    target = utils.PathJoin(self.tmpdir, "target2")
+    f=open(target, "w")
+    f.close()
+    utils.EnforcePermission(target, 0040, uid=self.confdUid,
+                            gid=self.masterdGid)
+    self.assertFalse(utils.CanRead(constants.CONFD_USER, target))
+    if constants.CONFD_USER != constants.MASTERD_USER:
+      self.assertTrue(utils.CanRead(constants.MASTERD_USER, target))
+
+    utils.EnforcePermission(target, 0040, uid=self.masterdUid+1,
+                            gid=self.masterdGid)
+    self.assertTrue(utils.CanRead(constants.MASTERD_USER, target))
+
 
 if __name__ == "__main__":
   testutils.GanetiTestProgram()