1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
|
import os
import tempfile
from ..platform import acl_get, acl_set
from .platform import skipif_not_freebsd, skipif_acls_not_working
# set module-level skips
pytestmark = [skipif_not_freebsd]
ACCESS_ACL = """\
user::rw-
user:root:rw-
user:9999:r--
group::r--
group:wheel:r--
group:9999:r--
mask::rw-
other::r--
""".encode(
"ascii"
)
DEFAULT_ACL = """\
user::rw-
user:root:r--
user:8888:r--
group::r--
group:wheel:r--
group:8888:r--
mask::rw-
other::r--
""".encode(
"ascii"
)
def get_acl(path, numeric_ids=False):
item = {}
acl_get(path, item, os.stat(path), numeric_ids=numeric_ids)
return item
def set_acl(path, access=None, default=None, nfs4=None, numeric_ids=False):
item = {"acl_access": access, "acl_default": default, "acl_nfs4": nfs4}
acl_set(path, item, numeric_ids=numeric_ids)
@skipif_acls_not_working
def test_access_acl():
file1 = tempfile.NamedTemporaryFile()
set_acl(
file1.name,
access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-\ngroup:wheel:rw-\n",
numeric_ids=False,
)
acl_access_names = get_acl(file1.name, numeric_ids=False)["acl_access"]
assert b"user:root:rw-" in acl_access_names
assert b"group:wheel:rw-" in acl_access_names
acl_access_ids = get_acl(file1.name, numeric_ids=True)["acl_access"]
assert b"user:0:rw-" in acl_access_ids
assert b"group:0:rw-" in acl_access_ids
file2 = tempfile.NamedTemporaryFile()
set_acl(
file2.name, access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:0:rw-\ngroup:0:rw-\n", numeric_ids=True
)
acl_access_names = get_acl(file2.name, numeric_ids=False)["acl_access"]
assert b"user:root:rw-" in acl_access_names
assert b"group:wheel:rw-" in acl_access_names
acl_access_ids = get_acl(file2.name, numeric_ids=True)["acl_access"]
assert b"user:0:rw-" in acl_access_ids
assert b"group:0:rw-" in acl_access_ids
file3 = tempfile.NamedTemporaryFile()
set_acl(
file3.name,
access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-:9999\ngroup:wheel:rw-:9999\n",
numeric_ids=True,
)
acl_access_ids = get_acl(file3.name, numeric_ids=True)["acl_access"]
assert b"user:9999:rw-" in acl_access_ids
assert b"group:9999:rw-" in acl_access_ids
@skipif_acls_not_working
def test_default_acl():
tmpdir = tempfile.mkdtemp()
set_acl(tmpdir, access=ACCESS_ACL, default=DEFAULT_ACL)
assert get_acl(tmpdir)["acl_access"] == ACCESS_ACL
assert get_acl(tmpdir)["acl_default"] == DEFAULT_ACL
# nfs4 acls testing not implemented.
|