[Fuego] [PATCH v2] acl: Add test cases for commands of ACL.

Wang Mingyu wangmy at cn.fujitsu.com
Tue Apr 9 13:02:07 UTC 2019 

ACLs are a second level of discretionary permissions, that may override the standard ugo/rwx ones.
This is a simple test to check the commands of ACL.

Signed-off-by: Wang Mingyu <wangmy at cn.fujitsu.com>
---
 tests/Functional.acl/acl_test.sh           |  4 ++++
 tests/Functional.acl/fuego_test.sh         | 21 ++++++++++++++++++++
 tests/Functional.acl/parser.py             | 20 +++++++++++++++++++
 tests/Functional.acl/spec.json             |  6 ++++++
 tests/Functional.acl/test.yaml             | 32 ++++++++++++++++++++++++++++++
 tests/Functional.acl/tests/acl_chacl.sh    | 20 +++++++++++++++++++
 tests/Functional.acl/tests/acl_getfacl1.sh | 13 ++++++++++++
 tests/Functional.acl/tests/acl_getfacl2.sh | 20 +++++++++++++++++++
 tests/Functional.acl/tests/acl_getfacl3.sh | 20 +++++++++++++++++++
 tests/Functional.acl/tests/acl_setfacl1.sh | 13 ++++++++++++
 tests/Functional.acl/tests/acl_setfacl2.sh | 19 ++++++++++++++++++
 tests/Functional.acl/tests/acl_setfacl3.sh | 19 ++++++++++++++++++
 tests/Functional.acl/tests/acl_setfacl4.sh | 19 ++++++++++++++++++
 tests/Functional.acl/tests/acl_setfacl5.sh | 19 ++++++++++++++++++
 14 files changed, 245 insertions(+)
 create mode 100644 tests/Functional.acl/acl_test.sh
 create mode 100644 tests/Functional.acl/fuego_test.sh
 create mode 100644 tests/Functional.acl/parser.py
 create mode 100644 tests/Functional.acl/spec.json
 create mode 100644 tests/Functional.acl/test.yaml
 create mode 100644 tests/Functional.acl/tests/acl_chacl.sh
 create mode 100644 tests/Functional.acl/tests/acl_getfacl1.sh
 create mode 100644 tests/Functional.acl/tests/acl_getfacl2.sh
 create mode 100644 tests/Functional.acl/tests/acl_getfacl3.sh
 create mode 100644 tests/Functional.acl/tests/acl_setfacl1.sh
 create mode 100644 tests/Functional.acl/tests/acl_setfacl2.sh
 create mode 100644 tests/Functional.acl/tests/acl_setfacl3.sh
 create mode 100644 tests/Functional.acl/tests/acl_setfacl4.sh
 create mode 100644 tests/Functional.acl/tests/acl_setfacl5.sh

diff --git a/tests/Functional.acl/acl_test.sh b/tests/Functional.acl/acl_test.sh
new file mode 100644
index 0000000..dd5ce37
--- /dev/null
+++ b/tests/Functional.acl/acl_test.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+for i in tests/*.sh; do
+    sh $i
+done
diff --git a/tests/Functional.acl/fuego_test.sh b/tests/Functional.acl/fuego_test.sh
new file mode 100644
index 0000000..a65e39c
--- /dev/null
+++ b/tests/Functional.acl/fuego_test.sh
@@ -0,0 +1,21 @@
+function test_pre_check {
+    assert_has_program chacl
+    assert_has_program setfacl
+    assert_has_program getfacl
+}
+
+function test_deploy {
+    put $TEST_HOME/acl_test.sh $BOARD_TESTDIR/fuego.$TESTDIR/
+    put -r $TEST_HOME/tests $BOARD_TESTDIR/fuego.$TESTDIR/
+}
+
+function test_run {
+    report "cd $BOARD_TESTDIR/fuego.$TESTDIR;\
+    export tst_acl_ram=$DISK_DEV;\
+    export tst_acl_media=$DISK_MEDIA;\
+    ./acl_test.sh"
+}
+
+function test_processing {
+    log_compare "$TESTDIR" "0" "TEST-FAIL" "n"
+}
diff --git a/tests/Functional.acl/parser.py b/tests/Functional.acl/parser.py
new file mode 100644
index 0000000..f25a608
--- /dev/null
+++ b/tests/Functional.acl/parser.py
@@ -0,0 +1,20 @@
+#!/usr/bin/python
+# See common.py for description of command-line arguments
+
+import os, sys, collections
+import common as plib
+
+measurements = {}
+measurements = collections.OrderedDict()
+
+regex_string = '^ -> (.*): TEST-(.*)$'
+matches = plib.parse_log(regex_string)
+
+if matches:
+    for m in matches:
+        measurements['default.' + m[0]] = 'PASS' if m[1] == 'PASS' else 'FAIL'
+
+# split the output for each testcase
+plib.split_output_per_testcase(regex_string, measurements)
+
+sys.exit(plib.process(measurements))
diff --git a/tests/Functional.acl/spec.json b/tests/Functional.acl/spec.json
new file mode 100644
index 0000000..e3432a2
--- /dev/null
+++ b/tests/Functional.acl/spec.json
@@ -0,0 +1,6 @@
+{
+    "testName": "Functional.acl",
+    "specs": {
+        "default": {}
+    }
+}
diff --git a/tests/Functional.acl/test.yaml b/tests/Functional.acl/test.yaml
new file mode 100644
index 0000000..9959fb3
--- /dev/null
+++ b/tests/Functional.acl/test.yaml
@@ -0,0 +1,32 @@
+fuego_package_version: 1
+name: Functional.acl
+description: |
+      ACLs are a second level of discretionary permissions, that may override the standard ugo/rwx ones.
+      When used correctly they can grant you a better granularity in setting access to a file or a directory.
+      This is a simple test to check the commands of ACL.
+license: Unknown
+author: Wang Mingyu <wangmy at cn.fujitsu.com>
+maintainer: Tim Bird <tim.bird at sony.com>
+version: 1.00
+fuego_release: 1
+type: Functional
+tags: ['vlan']
+params:
+      DISK_DEV="the device file in your target board" Defined in board file
+      DISK_MEDIA="the mount point of device in your target board" Defined in board file
+data_files:
+ - acl_test.sh
+ - fuego_test.sh
+ - parser.py
+ - spec.json
+ - test.yaml
+ - tests
+    acl_chacl.sh
+    acl_getfacl1.sh
+    acl_getfacl2.sh
+    acl_getfacl3.sh
+    acl_setfacl1.sh
+    acl_setfacl2.sh
+    acl_setfacl3.sh
+    acl_setfacl4.sh
+    acl_setfacl5.sh
diff --git a/tests/Functional.acl/tests/acl_chacl.sh b/tests/Functional.acl/tests/acl_chacl.sh
new file mode 100644
index 0000000..df4fde5
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_chacl.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+#  Create a new file and run getfacl to check the string "user:: RWX".
+test="chacl"
+
+modprobe brd
+yes | mke2fs -j $tst_acl_ram
+mkdir $tst_acl_media
+mount -t ext3 -o acl $tst_acl_ram $tst_acl_media
+touch $tst_acl_media/testfile
+chacl u::rwx,g::r-x,o::r-- $tst_acl_media/testfile
+if getfacl $tst_acl_media/testfile | grep "user::rwx"
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f $tst_acl_media/testfile
+umount $tst_acl_media
+rm -rf $tst_acl_media
diff --git a/tests/Functional.acl/tests/acl_getfacl1.sh b/tests/Functional.acl/tests/acl_getfacl1.sh
new file mode 100644
index 0000000..5d183a6
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_getfacl1.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Check the help message of command getfacl.
+# option: --help
+
+test="getfacl"
+
+if getfacl --help | grep Usage
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
diff --git a/tests/Functional.acl/tests/acl_getfacl2.sh b/tests/Functional.acl/tests/acl_getfacl2.sh
new file mode 100644
index 0000000..c2daf9a
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_getfacl2.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# Create a new file with the target and execute setfacl (allow RW for user FTP) to execute getfacl to check output.
+test="getfacl2"
+
+modprobe brd
+yes | mke2fs -j $tst_acl_ram
+mkdir $tst_acl_media
+mount -t ext3 -o acl $tst_acl_ram $tst_acl_media
+touch $tst_acl_media/testfile
+setfacl -m u:ftp:rw $tst_acl_media/testfile
+if getfacl $tst_acl_media/testfile | grep "user:ftp"
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f $tst_acl_media/testfile
+umount $tst_acl_media
+rm -rf $tst_acl_media
diff --git a/tests/Functional.acl/tests/acl_getfacl3.sh b/tests/Functional.acl/tests/acl_getfacl3.sh
new file mode 100644
index 0000000..0fdac59
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_getfacl3.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+# After a new file is created, and setfacl is executed, all the ACLS specified in the file are deleted, and getfacl is executed to check the output.
+test="getfacl3"
+
+yes | mke2fs -j /dev/ram
+mkdir /media/ram
+mount -t ext3 -o acl /dev/ram /media/ram
+touch /media/ram/testfile
+setfacl -m u:ftp:rw /media/ram/testfile
+setfacl -b /media/ram/testfile
+if getfacl /media/ram/testfile | grep "user::"
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f /media/ram/testfile
+umount /media/ram
+rm -rf /media/ram
diff --git a/tests/Functional.acl/tests/acl_setfacl1.sh b/tests/Functional.acl/tests/acl_setfacl1.sh
new file mode 100644
index 0000000..00db23d
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_setfacl1.sh
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Check the help message of command setfacl.
+# option: --help
+
+test="setfacl1"
+
+if setfacl --help | grep Usage
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
diff --git a/tests/Functional.acl/tests/acl_setfacl2.sh b/tests/Functional.acl/tests/acl_setfacl2.sh
new file mode 100644
index 0000000..ee72bb6
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_setfacl2.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# Create a new file with the target and execute setfacl (allow RW for user FTP) to verify the end of the operation.
+test="setfacl2"
+
+modprobe brd
+yes | mke2fs -j $tst_acl_ram
+mkdir $tst_acl_media
+mount -t ext3 -o acl $tst_acl_ram $tst_acl_media
+touch $tst_acl_media/testfile
+if setfacl -m u:ftp:rw $tst_acl_media/testfile
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f $tst_acl_media/testfile
+umount $tst_acl_media
+rm -rf $tst_acl_media
diff --git a/tests/Functional.acl/tests/acl_setfacl3.sh b/tests/Functional.acl/tests/acl_setfacl3.sh
new file mode 100644
index 0000000..44f6b3e
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_setfacl3.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# After a new file is created by the target and setfacl is executed, delete the ACL specified in the file.
+test="setfacl3"
+
+yes | mke2fs -j /dev/ram
+mkdir /media/ram
+mount -t ext3 -o acl /dev/ram /media/ram
+touch /media/ram/testfile
+setfacl -m u:ftp:rw /media/ram/testfile
+if setfacl -x u:ftp /media/ram/testfile
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f /media/ram/testfile
+umount /media/ram
+rm -rf /media/ram
diff --git a/tests/Functional.acl/tests/acl_setfacl4.sh b/tests/Functional.acl/tests/acl_setfacl4.sh
new file mode 100644
index 0000000..2e03f72
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_setfacl4.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# Create a new file with the target and execute setfacl (allow r for group FTP).
+test="setfacl4"
+
+modprobe brd
+yes | mke2fs -j $tst_acl_ram
+mkdir $tst_acl_media
+mount -t ext3 -o acl $tst_acl_ram $tst_acl_media
+touch $tst_acl_media/testfile
+if setfacl -m g:ftp:r $tst_acl_media/testfile
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f /meida/ram/testfile
+umount $tst_acl_media
+rm -rf $tst_acl_media
diff --git a/tests/Functional.acl/tests/acl_setfacl5.sh b/tests/Functional.acl/tests/acl_setfacl5.sh
new file mode 100644
index 0000000..9ccf676
--- /dev/null
+++ b/tests/Functional.acl/tests/acl_setfacl5.sh
@@ -0,0 +1,19 @@
+#!/bin/sh
+
+# After a new file is created by the target and setfacl is executed, delete all the ACLS specified in the file.
+test="setfacl5"
+
+yes | mke2fs -j /dev/ram
+mkdir /media/ram
+mount -t ext3 -o acl /dev/ram /media/ram
+touch /media/ram/testfile
+setfacl -m u:ftp:rw /media/ram/testfile
+if setfacl -b /media/ram/testfile
+then
+    echo " -> $test: TEST-PASS"
+else
+    echo " -> $test: TEST-FAIL"
+fi
+rm -f /media/ram/testfile
+umount /media/ram
+rm -rf /media/ram
-- 
1.8.3.1

More information about the Fuego mailing list