##// END OF EJS Templates
upstream » mercurial-mirror
RSS

Clone from https://www.mercurial-scm.org/repo/hg-all

tests: unify test-abort-checkin
tests: unify test-abort-checkin
Mads Kiilerich - - Load All Authors

File last commit:

r11461:2b83c26b stable
r11848:f54ff493 default
Show More
test-acl
176 lines | 3.7 KiB | text/plain | TextLexer
/ tests / test-acl
History | Annotation | Raw |Copy content |Copy permalink
#!/bin/sh
do_push()
{
user=$1
shift
echo "Pushing as user $user"
echo 'hgrc = """'
sed -e 1,2d b/.hg/hgrc | grep -v fakegroups.py
echo '"""'
if test -f acl.config; then
echo 'acl.config = """'
cat acl.config
echo '"""'
fi
# On AIX /etc/profile sets LOGNAME read-only. So
# LOGNAME=$user hg --cws a --debug push ../b
# fails with "This variable is read only."
# Use env to work around this.
env LOGNAME=$user hg --cwd a --debug push ../b
hg --cwd b rollback
hg --cwd b --quiet tip
echo
}
init_config()
{
cat > fakegroups.py <<EOF
from hgext import acl
def fakegetusers(ui, group):
try:
return acl._getusersorig(ui, group)
except:
return ["fred", "betty"]
acl._getusersorig = acl._getusers
acl._getusers = fakegetusers
EOF
rm -f acl.config
cat > $config <<EOF
[hooks]
pretxnchangegroup.acl = python:hgext.acl.hook
[acl]
sources = push
[extensions]
f=`pwd`/fakegroups.py
EOF
}
hg init a
cd a
mkdir foo foo/Bar quux
echo 'in foo' > foo/file.txt
echo 'in foo/Bar' > foo/Bar/file.txt
echo 'in quux' > quux/file.py
hg add -q
hg ci -m 'add files' -d '1000000 0'
echo >> foo/file.txt
hg ci -m 'change foo/file' -d '1000001 0'
echo >> foo/Bar/file.txt
hg ci -m 'change foo/Bar/file' -d '1000002 0'
echo >> quux/file.py
hg ci -m 'change quux/file' -d '1000003 0'
hg tip --quiet
cd ..
hg clone -r 0 a b
echo '[extensions]' >> $HGRCPATH
echo 'acl =' >> $HGRCPATH
config=b/.hg/hgrc
echo
echo 'Extension disabled for lack of a hook'
do_push fred
echo '[hooks]' >> $config
echo 'pretxnchangegroup.acl = python:hgext.acl.hook' >> $config
echo 'Extension disabled for lack of acl.sources'
do_push fred
echo 'No [acl.allow]/[acl.deny]'
echo '[acl]' >> $config
echo 'sources = push' >> $config
do_push fred
echo 'Empty [acl.allow]'
echo '[acl.allow]' >> $config
do_push fred
echo 'fred is allowed inside foo/'
echo 'foo/** = fred' >> $config
do_push fred
echo 'Empty [acl.deny]'
echo '[acl.deny]' >> $config
do_push barney
echo 'fred is allowed inside foo/, but not foo/bar/ (case matters)'
echo 'foo/bar/** = fred' >> $config
do_push fred
echo 'fred is allowed inside foo/, but not foo/Bar/'
echo 'foo/Bar/** = fred' >> $config
do_push fred
echo 'barney is not mentioned => not allowed anywhere'
do_push barney
echo 'barney is allowed everywhere'
echo '[acl.allow]' >> $config
echo '** = barney' >> $config
do_push barney
echo 'wilma can change files with a .txt extension'
echo '**/*.txt = wilma' >> $config
do_push wilma
echo 'file specified by acl.config does not exist'
echo '[acl]' >> $config
echo 'config = ../acl.config' >> $config
do_push barney
echo 'betty is allowed inside foo/ by a acl.config file'
echo '[acl.allow]' >> acl.config
echo 'foo/** = betty' >> acl.config
do_push betty
echo 'acl.config can set only [acl.allow]/[acl.deny]'
echo '[hooks]' >> acl.config
echo 'changegroup.acl = false' >> acl.config
do_push barney
# asterisk
init_config
echo 'asterisk test'
echo '[acl.allow]' >> $config
echo "** = fred" >> $config
echo "fred is always allowed"
do_push fred
echo '[acl.deny]' >> $config
echo "foo/Bar/** = *" >> $config
echo "no one is allowed inside foo/Bar/"
do_push fred
# Groups
init_config
echo 'OS-level groups'
echo '[acl.allow]' >> $config
echo "** = @group1" >> $config
echo "@group1 is always allowed"
do_push fred
echo '[acl.deny]' >> $config
echo "foo/Bar/** = @group1" >> $config
echo "@group is allowed inside anything but foo/Bar/"
do_push fred
echo 'Invalid group'
# Disable the fakegroups trick to get real failures
grep -v fakegroups $config > config.tmp
mv config.tmp $config
echo '[acl.allow]' >> $config
echo "** = @unlikelytoexist" >> $config
do_push fred 2>&1 | grep unlikelytoexist
true