summaryrefslogtreecommitdiff
path: root/internal/fs/permissions/permission_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/fs/permissions/permission_test.go')
-rw-r--r--internal/fs/permissions/permission_test.go112
1 files changed, 0 insertions, 112 deletions
diff --git a/internal/fs/permissions/permission_test.go b/internal/fs/permissions/permission_test.go
deleted file mode 100644
index d415ac2..0000000
--- a/internal/fs/permissions/permission_test.go
+++ /dev/null
@@ -1,112 +0,0 @@
-// +build linux
-
-package permissions
-
-import (
- "os"
- "os/exec"
- "os/user"
- "strings"
- "testing"
-)
-
-const (
- setfacl string = "/usr/bin/setfacl"
- file string = "/tmp/acltest"
-)
-
-func TestLinuxACL(t *testing.T) {
- setfacl := "/usr/bin/setfacl"
- file := "/tmp/acltest"
-
- // Delete file if it exists.
- if _, err := os.Stat(file); err == nil {
- os.Remove(file)
- }
-
- f, err := os.Create(file)
- if err != nil {
- t.Errorf("%v", err)
- }
- defer func() {
- f.Close()
- //os.Remove(file)
- }()
-
- user, err := user.Current()
- if err != nil {
- t.Errorf("Unable to retrieve current user: %v", err)
- }
-
- // Test 1: Remove all permissions and perform a permission check
- cmd := exec.Command(setfacl, "-b", "-m", "u::---,g::---,o::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, _ := ToRead(user.Username, file); ok {
- t.Errorf("Didn't expect permissions to read file!")
- }
-
- // Test 2: Add read permission to file owner
- cmd = exec.Command(setfacl, "-b", "-m", "u::r--,g::---,o::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, err := ToRead(user.Username, file); !ok {
- t.Errorf("Expected permissions to read file: %v", err)
- }
-
- // Test 3: Add read permission to file group
- cmd = exec.Command(setfacl, "-b", "-m", "u::---,g::r--,o::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, err := ToRead(user.Username, file); !ok {
- t.Errorf("Expected permissions to read file: %v", err)
- }
-
- // Test 4: Add read permission to others
- cmd = exec.Command(setfacl, "-b", "-m", "u::---,g::---,o::r--", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
-
- if ok, err := ToRead(user.Username, file); !ok {
- t.Errorf("Expected permissions to read file: %v", err)
- }
-
- // Test 5: Remove read permission from mask
- cmd = exec.Command(setfacl, "-m", "m::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, _ := ToRead(user.Username, file); ok {
- t.Errorf("Didn't expect permissions to read file!")
- }
- cmd = exec.Command(setfacl, "-m", "m::r--", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
-
- // Test 6: Add read permission to specific group
- cmd = exec.Command(setfacl, "-b", "-m", "u::---,g:"+user.Username+":r--,o::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, err := ToRead(user.Username, file); !ok {
- t.Errorf("Expected permissions to read file for user %v: %v", user.Username, err)
- }
-
- // Test 7: Remove all permissions but mask
- cmd = exec.Command(setfacl, "-b", "-m", "u::---,g::---,o::---", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- cmd = exec.Command(setfacl, "-m", "m::r--", file)
- if err := cmd.Run(); err != nil {
- t.Errorf("%s -> %v", strings.Join(cmd.Args, " "), err)
- }
- if ok, _ := ToRead(user.Username, file); ok {
- t.Errorf("Didn't expect permissions to read file!")
- }
-}
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-18 11:03:30 +0000