blob: 9835a661a38d7d57f96e14d8b2df5fc754ea75b1 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package main_test
import (
"io/ioutil"
"os"
"path/filepath"
"strings"
"testing"
libsec "v.io/x/ref/lib/security"
"v.io/x/ref/lib/v23test"
)
func TestV23ClaimableServer(t *testing.T) {
v23test.SkipUnlessRunningIntegrationTests(t)
sh := v23test.NewShell(t, v23test.Opts{})
defer sh.Cleanup()
workdir, err := ioutil.TempDir("", "claimable-test-")
if err != nil {
t.Fatalf("ioutil.TempDir failed: %v", err)
}
defer os.RemoveAll(workdir)
permsDir := filepath.Join(workdir, "perms")
serverCreds := sh.ForkCredentials("child")
if err := libsec.InitDefaultBlessings(serverCreds.Principal, "server"); err != nil {
t.Fatalf("Failed to create server credentials: %v", err)
}
legitClientCreds := sh.ForkCredentials("legit")
badClientCreds1 := sh.ForkCredentials("child")
badClientCreds2 := sh.ForkCredentials("other-guy")
serverBin := sh.BuildGoPkg("v.io/x/ref/services/device/claimable")
server := sh.Cmd(serverBin,
"--v23.tcp.address=127.0.0.1:0",
"--perms-dir="+permsDir,
"--root-blessings="+rootBlessings(t, sh, legitClientCreds),
"--v23.permissions.literal={\"Admin\":{\"In\":[\"root:legit\"]}}",
).WithCredentials(serverCreds)
server.Start()
addr := server.S.ExpectVar("NAME")
clientBin := sh.BuildGoPkg("v.io/x/ref/services/device/device")
testcases := []struct {
creds *v23test.Credentials
success bool
permsExist bool
}{
{badClientCreds1, false, false},
{badClientCreds2, false, false},
{legitClientCreds, true, true},
}
for _, tc := range testcases {
client := sh.Cmd(clientBin, "claim", addr, "my-device").WithCredentials(tc.creds)
client.ExitErrorIsOk = true
if client.Run(); (client.Err == nil) != tc.success {
t.Errorf("Unexpected exit value. Expected success=%v, got err=%v", tc.success, err)
}
if _, err := os.Stat(permsDir); (client.Err == nil) != tc.permsExist {
t.Errorf("Unexpected permsDir state. Got %v, expected %v", err == nil, tc.permsExist)
}
}
// Server should exit cleanly after the successful Claim.
server.Wait()
}
// Note: Identical to rootBlessings in
// v.io/x/ref/services/cluster/cluster_agentd/cluster_agentd_v23_test.go.
func rootBlessings(t *testing.T, sh *v23test.Shell, creds *v23test.Credentials) string {
principalBin := sh.BuildGoPkg("v.io/x/ref/cmd/principal")
blessings := strings.TrimSpace(sh.Cmd(principalBin, "get", "default").WithCredentials(creds).Stdout())
cmd := sh.Cmd(principalBin, "dumproots", "-")
cmd.Stdin = blessings
return strings.Replace(strings.TrimSpace(cmd.Stdout()), "\n", ",", -1)
}
func TestMain(m *testing.M) {
os.Exit(v23test.Run(m.Run))
}