-
Notifications
You must be signed in to change notification settings - Fork 384
/
test_gitdaemon.py
186 lines (166 loc) · 5.88 KB
/
test_gitdaemon.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
from nose.tools import eq_ as eq
import os
from ConfigParser import RawConfigParser
from gitosis import gitdaemon
from gitosis.test.util import maketemp, writeFile
def exported(path):
assert os.path.isdir(path)
p = gitdaemon.export_ok_path(path)
return os.path.exists(p)
def test_git_daemon_export_ok_repo_missing():
# configured but not created yet; before first push
tmp = maketemp()
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
cfg.set('repo foo', 'daemon', 'yes')
gitdaemon.set_export_ok(config=cfg)
assert not os.path.exists(os.path.join(tmp, 'foo'))
assert not os.path.exists(os.path.join(tmp, 'foo.git'))
def test_git_daemon_export_ok_repo_missing_parent():
# configured but not created yet; before first push
tmp = maketemp()
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo/bar')
cfg.set('repo foo/bar', 'daemon', 'yes')
gitdaemon.set_export_ok(config=cfg)
assert not os.path.exists(os.path.join(tmp, 'foo'))
def test_git_daemon_export_ok_allowed():
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
cfg.set('repo foo', 'daemon', 'yes')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), True)
def test_git_daemon_export_ok_allowed_already():
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
writeFile(gitdaemon.export_ok_path(path), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
cfg.set('repo foo', 'daemon', 'yes')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), True)
def test_git_daemon_export_ok_denied():
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
writeFile(gitdaemon.export_ok_path(path), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
cfg.set('repo foo', 'daemon', 'no')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), False)
def test_git_daemon_export_ok_denied_already():
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
cfg.set('repo foo', 'daemon', 'no')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), False)
def test_git_daemon_export_ok_subdirs():
tmp = maketemp()
foo = os.path.join(tmp, 'foo')
os.mkdir(foo)
path = os.path.join(foo, 'bar.git')
os.mkdir(path)
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo/bar')
cfg.set('repo foo/bar', 'daemon', 'yes')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), True)
def test_git_daemon_export_ok_denied_default():
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
writeFile(gitdaemon.export_ok_path(path), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.add_section('repo foo')
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), False)
def test_git_daemon_export_ok_denied_even_not_configured():
# repositories not mentioned in config also get touched; this is
# to avoid security trouble, otherwise we might expose (or
# continue to expose) old repositories removed from config
tmp = maketemp()
path = os.path.join(tmp, 'foo.git')
os.mkdir(path)
writeFile(gitdaemon.export_ok_path(path), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
gitdaemon.set_export_ok(config=cfg)
eq(exported(path), False)
def test_git_daemon_export_ok_allowed_global():
tmp = maketemp()
for repo in [
'foo.git',
'quux.git',
'thud.git',
]:
path = os.path.join(tmp, repo)
os.mkdir(path)
# try to provoke an invalid allow
writeFile(gitdaemon.export_ok_path(os.path.join(tmp, 'thud.git')), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.set('gitosis', 'daemon', 'yes')
cfg.add_section('repo foo')
cfg.add_section('repo quux')
# same as default, no effect
cfg.set('repo quux', 'daemon', 'yes')
cfg.add_section('repo thud')
# this is still hidden
cfg.set('repo thud', 'daemon', 'no')
gitdaemon.set_export_ok(config=cfg)
eq(exported(os.path.join(tmp, 'foo.git')), True)
eq(exported(os.path.join(tmp, 'quux.git')), True)
eq(exported(os.path.join(tmp, 'thud.git')), False)
def test_git_daemon_export_ok_allowed_all():
tmp = maketemp()
for repo in [
'foo.git',
'quux.git',
'thud.git',
]:
path = os.path.join(tmp, repo)
os.mkdir(path)
# try to provoke an invalid allow
writeFile(gitdaemon.export_ok_path(os.path.join(tmp, 'thud.git')), '')
cfg = RawConfigParser()
cfg.add_section('gitosis')
cfg.set('gitosis', 'repositories', tmp)
cfg.set('gitosis', 'daemon-if-all', 'yes')
cfg.add_section('group all')
cfg.set('group all', 'readonly', 'foo')
cfg.add_section('group boo')
cfg.set('group boo', 'members', '@all')
cfg.set('group boo', 'readonly', 'quux thud')
cfg.add_section('repo thud')
# this is still hidden
cfg.set('repo thud', 'daemon', 'no')
gitdaemon.set_export_ok(config=cfg)
eq(exported(os.path.join(tmp, 'foo.git')), True)
eq(exported(os.path.join(tmp, 'quux.git')), True)
eq(exported(os.path.join(tmp, 'thud.git')), False)