import os
import svntest
from svntest.main import write_restrictive_svnserve_conf
from svntest.main import write_authz_file
from svntest.main import server_authz_has_aliases
from upgrade_tests import (replace_sbox_with_tarfile,
replace_sbox_repo_with_tarfile,
wc_is_too_old_regex)
Item = svntest.wc.StateItem
Skip = svntest.testcase.Skip_deco
SkipUnless = svntest.testcase.SkipUnless_deco
XFail = svntest.testcase.XFail_deco
Issues = svntest.testcase.Issues_deco
Issue = svntest.testcase.Issue_deco
Wimp = svntest.testcase.Wimp_deco
@Issue(2486)
@Skip(svntest.main.is_ra_type_file)
def authz_open_root(sbox):
"authz issue #2486 - open root"
sbox.build()
write_authz_file(sbox, {"/": "", "/A": "jrandom = rw"})
write_restrictive_svnserve_conf(sbox.repo_dir)
wc_dir = sbox.wc_dir
mu_path = os.path.join(wc_dir, 'A', 'mu')
svntest.main.file_append(mu_path, "hi")
expected_output = svntest.wc.State(wc_dir, {
'A/mu' : Item(verb='Sending'),
})
svntest.actions.run_and_verify_commit(wc_dir,
expected_output,
None,
None,
mu_path)
@Issue(2486)
@Skip(svntest.main.is_ra_type_file)
def authz_open_directory(sbox):
"authz issue #2486 - open directory"
sbox.build()
write_authz_file(sbox, {"/": "*=rw", "/A/B": "*=", "/A/B/E": "jrandom = rw"})
write_restrictive_svnserve_conf(sbox.repo_dir)
wc_dir = sbox.wc_dir
mu_path = os.path.join(wc_dir, 'A', 'mu')
E_path = os.path.join(wc_dir, 'A', 'B', 'E')
svntest.main.run_svn(None, 'mv', mu_path, E_path)
expected_output = svntest.wc.State(wc_dir, {
'A/mu' : Item(verb='Deleting'),
'A/B/E/mu' : Item(verb='Adding'),
})
svntest.actions.run_and_verify_commit(wc_dir,
expected_output,
None,
None,
wc_dir)
@Skip(svntest.main.is_ra_type_file)
def broken_authz_file(sbox):
"broken authz files cause errors"
sbox.build(create_wc = False)
write_authz_file(sbox, {"/": "jrandom = rw # End-line comments disallowed"})
write_restrictive_svnserve_conf(sbox.repo_dir)
exit_code, out, err = svntest.main.run_svn(1,
"delete",
sbox.repo_url + "/A",
"-m", "a log message");
if out:
raise svntest.verify.SVNUnexpectedStdout(out)
if not err:
raise svntest.verify.SVNUnexpectedStderr("Missing stderr")
@Skip(svntest.main.is_ra_type_file)
def authz_read_access(sbox):
"test authz for read operations"
sbox.build(create_wc = False)
root_url = sbox.repo_url
A_url = root_url + '/A'
B_url = A_url + '/B'
C_url = A_url + '/C'
E_url = B_url + '/E'
mu_url = A_url + '/mu'
iota_url = root_url + '/iota'
lambda_url = B_url + '/lambda'
alpha_url = E_url + '/alpha'
F_alpha_url = B_url + '/F/alpha'
D_url = A_url + '/D'
G_url = D_url + '/G'
pi_url = G_url + '/pi'
H_url = D_url + '/H'
chi_url = H_url + '/chi'
fws_url = B_url + '/folder with spaces'
fws_empty_folder_url = fws_url + '/empty folder'
if sbox.repo_url.startswith("http"):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
svntest.actions.run_and_verify_svn(None, None, [], 'mkdir', '-m', 'logmsg',
fws_url, fws_empty_folder_url)
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, { "/": "* = r",
"/A/B": "* =",
"/A/B/F": "* = rw",
"/A/D": "* = rw",
"/A/D/G": ("* = rw\n" +
svntest.main.wc_author + " ="),
"/A/D/H": ("* = \n" +
svntest.main.wc_author + " = rw"),
"/A/B/folder with spaces":
(svntest.main.wc_author + " = r")})
svntest.actions.run_and_verify_svn(None, ["This is the file 'iota'.\n"],
[], 'cat',
iota_url)
svntest.actions.run_and_verify_svn(None, ["This is the file 'chi'.\n"],
[], 'cat',
chi_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cat',
lambda_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cat',
alpha_url)
svntest.actions.run_and_verify_svn(None, ["This is the file 'pi'.\n"],
[], 'cat',
pi_url)
svntest.actions.run_and_verify_svn("ls remote root folder",
["A/\n", "iota\n"],
[], 'ls',
root_url)
svntest.actions.run_and_verify_svn(None,
None, svntest.verify.AnyOutput, 'ls',
B_url)
svntest.actions.run_and_verify_svn(None,
None, [], 'ls',
fws_empty_folder_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'ls',
E_url)
svntest.actions.run_and_verify_svn(None, None, [], 'cp',
iota_url, D_url,
'-m', 'logmsg')
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cp',
'-m', 'logmsg',
lambda_url, D_url)
svntest.actions.run_and_verify_svn(None, None, [], 'cp',
C_url, D_url,
'-m', 'logmsg')
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cp',
'-m', 'logmsg',
E_url, D_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mv', '-m', 'logmsg',
alpha_url, F_alpha_url)
@Skip(svntest.main.is_ra_type_file)
def authz_write_access(sbox):
"test authz for write operations"
sbox.build(create_wc = False)
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith('http'):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E220004: Access denied.*"
write_authz_file(sbox, { "/": "* = r",
"/A/B": "* = rw",
"/A/C": "* = rw"})
root_url = sbox.repo_url
A_url = root_url + '/A'
B_url = A_url + '/B'
C_url = A_url + '/C'
E_url = B_url + '/E'
mu_url = A_url + '/mu'
iota_url = root_url + '/iota'
lambda_url = B_url + '/lambda'
D_url = A_url + '/D'
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cp',
'-m', 'logmsg',
lambda_url, D_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cp',
'-m', 'logmsg',
E_url, D_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'rm',
'-m', 'logmsg',
iota_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'rm',
'-m', 'logmsg',
D_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mkdir',
'-m', 'logmsg',
A_url+'/newfolder')
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mv',
'-m', 'logmsg',
mu_url, C_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mv',
'-m', 'logmsg',
D_url, C_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mv',
'-m', 'logmsg',
lambda_url, D_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'mv',
'-m', 'logmsg',
B_url, D_url)
@Skip(svntest.main.is_ra_type_file)
def authz_checkout_test(sbox):
"test authz for checkout"
sbox.build(create_wc = False, read_only = True)
local_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith('http'):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
write_authz_file(sbox, { "/": "* ="})
svntest.actions.run_and_verify_svn(None, None, expected_err,
'co', sbox.repo_url, local_dir)
write_authz_file(sbox, { "/": "* = r"})
expected_output = svntest.main.greek_state.copy()
expected_output.wc_dir = local_dir
expected_output.tweak(status='A ', contents=None)
expected_wc = svntest.main.greek_state
svntest.actions.run_and_verify_checkout(sbox.repo_url,
local_dir,
expected_output,
expected_wc)
@Skip(svntest.main.is_ra_type_file)
def authz_checkout_and_update_test(sbox):
"test authz for checkout and update"
sbox.build(create_wc = False, read_only = True)
local_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, { "/": "* = r",
"/A/B": "* =",
"/A/mu": "* =",
})
expected_output = svntest.main.greek_state.copy()
expected_output.wc_dir = local_dir
expected_output.tweak(status='A ', contents=None)
expected_output.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha',
'A/B/E/beta', 'A/B/F', 'A/mu')
expected_wc = svntest.main.greek_state.copy()
expected_wc.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha',
'A/B/E/beta', 'A/B/F', 'A/mu')
svntest.actions.run_and_verify_checkout(sbox.repo_url, local_dir,
expected_output,
expected_wc)
write_authz_file(sbox, { "/": "* = r",
"/A/mu": "* =",
})
expected_output = svntest.wc.State(local_dir, {
'A/B' : Item(status='A '),
'A/B/lambda' : Item(status='A '),
'A/B/E' : Item(status='A '),
'A/B/E/alpha' : Item(status='A '),
'A/B/E/beta' : Item(status='A '),
'A/B/F' : Item(status='A '),
})
expected_wc = svntest.main.greek_state.copy()
expected_wc.remove('A/mu')
expected_status = svntest.actions.get_virginal_state(local_dir, 1)
expected_status.remove('A/mu')
svntest.actions.run_and_verify_update(local_dir,
expected_output,
expected_wc,
expected_status,
None,
None, None,
None, None, 1)
@Skip(svntest.main.is_ra_type_file)
def authz_partial_export_test(sbox):
"test authz for export with unreadable subfolder"
sbox.build(create_wc = False, read_only = True)
local_dir = sbox.wc_dir
svntest.main.safe_rmtree(local_dir)
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, { "/": "* = r", "/A/B": "* =" })
expected_output = svntest.main.greek_state.copy()
expected_output.wc_dir = local_dir
expected_output.desc[''] = Item()
expected_output.tweak(status='A ', contents=None)
expected_output.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha',
'A/B/E/beta', 'A/B/F')
expected_wc = svntest.main.greek_state.copy()
expected_wc.remove('A/B', 'A/B/lambda', 'A/B/E', 'A/B/E/alpha',
'A/B/E/beta', 'A/B/F')
svntest.actions.run_and_verify_export(sbox.repo_url, local_dir,
expected_output,
expected_wc)
@Skip(svntest.main.is_ra_type_file)
def authz_log_and_tracing_test(sbox):
"test authz for log and tracing path changes"
sbox.build()
wc_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith('http'):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
write_authz_file(sbox, { "/": "* = rw\n" })
root_url = sbox.repo_url
D_url = root_url + '/A/D'
G_url = D_url + '/G'
rho_path = os.path.join(wc_dir, 'A', 'D', 'G', 'rho')
svntest.main.file_append(rho_path, 'new appended text for rho')
svntest.actions.run_and_verify_svn(None, None, [],
'ci', '-m', 'add file rho', sbox.wc_dir)
svntest.main.file_append(rho_path, 'extra change in rho')
svntest.actions.run_and_verify_svn(None, None, [],
'ci', '-m', 'changed file rho',
sbox.wc_dir)
svntest.actions.run_and_verify_svn(None, None, [], 'cp',
rho_path, D_url,
'-m', 'copy rho to readable area')
if sbox.repo_url.startswith('http'):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
authz = { "/": "* = rw",
"/A/D/G": "* ="}
write_authz_file(sbox, authz)
svntest.actions.run_and_verify_svn(None,
".*(no author).*(no date).*|-+\n|\n", [],
'log', '-r', '2', '--limit', '1',
wc_dir)
if sbox.repo_url.startswith('http'):
expected_err2 = expected_err
else:
expected_err2 = ".*svn: E220001: Item is not readable.*"
svntest.actions.run_and_verify_svn(None, None, expected_err2,
'log', rho_path)
svntest.actions.run_and_verify_svn(None,
".*(no author).*(no date).*|-+\n|\n", [],
'log', '-r', '2', '--limit', '1', D_url)
svntest.actions.enable_revprop_changes(sbox.repo_dir)
write_authz_file(sbox, { "/": "* = rw"})
svntest.actions.run_and_verify_svn(
None, None, [], 'ps', '--revprop', '-r1', 'foobar', 'foo bar', sbox.repo_url)
svntest.actions.run_and_verify_log_xml(
expected_revprops=[{'svn:author': svntest.main.wc_author, 'svn:date': '',
'svn:log': 'Log message for revision 1.',
'foobar': 'foo bar'}],
args=['--with-all-revprops', '-r1', sbox.repo_url])
write_authz_file(sbox, authz)
svntest.actions.run_and_verify_log_xml(
expected_revprops=[{'svn:author': svntest.main.wc_author, 'svn:date': ''}],
args=['--with-all-revprops', '-r1', sbox.repo_url])
svntest.actions.run_and_verify_svn(None, None, expected_err,
'cat', '-r', '2', D_url+'/rho')
if sbox.repo_url.startswith('http'):
expected_err2 = expected_err
else:
expected_err2 = ".*svn: E220001: Unreadable path encountered; access denied.*"
svntest.actions.run_and_verify_svn(None, None, expected_err2,
'cat', '-r', '2', G_url+'/rho')
svntest.actions.run_and_verify_svn(None, None, expected_err,
'diff', '-r', 'HEAD', G_url+'/rho')
svntest.actions.run_and_verify_svn(None, None, expected_err,
'diff', '-r', '2', D_url+'/rho')
svntest.actions.run_and_verify_svn(None, None, expected_err,
'diff', '-r', '2:4', D_url+'/rho')
@SkipUnless(server_authz_has_aliases)
@Skip(svntest.main.is_ra_type_file)
def authz_aliases(sbox):
"test authz for aliases"
sbox.build(create_wc = False)
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith("http"):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
write_authz_file(sbox, { "/" : "* = r",
"/A/B" : "&jray = rw" },
{ "aliases" : 'jray = jrandom' } )
root_url = sbox.repo_url
A_url = root_url + '/A'
B_url = A_url + '/B'
iota_url = root_url + '/iota'
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'cp',
'--username', svntest.main.wc_author2,
'-m', 'logmsg',
iota_url, B_url)
svntest.actions.run_and_verify_svn(None,
None, [],
'cp',
'-m', 'logmsg',
iota_url, B_url)
@Skip(svntest.main.is_ra_type_file)
@Issue(2486)
def authz_validate(sbox):
"test the authz validation rules"
sbox.build(create_wc = False, read_only = True)
write_restrictive_svnserve_conf(sbox.repo_dir)
A_url = sbox.repo_url + '/A'
write_authz_file(sbox, { "/" : "* = r",
"/A/B" : "@undefined_group = rw" })
if sbox.repo_url.startswith("http"):
expected_err = ".*[Ff]orbidden.*"
elif sbox.repo_url.startswith("svn"):
expected_err = ".*Invalid authz configuration"
else:
expected_err = ".*@undefined_group.*"
svntest.actions.run_and_verify_svn("ls remote folder",
None, expected_err,
'ls',
A_url)
write_authz_file(sbox, { "/" : "* = r" },
{ "groups" : """admins = admin1, admin2, @devs
devs1 = @admins, dev1
devs2 = @admins, dev2
devs = @devs1, dev3, dev4""" })
if sbox.repo_url.startswith("http"):
expected_err = ".*[Ff]orbidden.*"
elif sbox.repo_url.startswith("svn"):
expected_err = ".*Invalid authz configuration"
else:
expected_err = ".*Circular dependency.*"
svntest.actions.run_and_verify_svn("ls remote folder",
None, expected_err,
'ls',
A_url)
write_authz_file(sbox, { "/" : "* = r" },
{ "groups" : """admins = admin1, admin2
devs1 = @admins, dev1
devs2 = @admins, dev2
users = @devs1, @devs2, user1, user2""" })
svntest.actions.run_and_verify_svn("ls remote folder",
['B/\n', 'C/\n', 'D/\n', 'mu\n'],
[],
'ls',
A_url)
@Skip(svntest.main.is_ra_type_file)
@Issue(2700)
def authz_locking(sbox):
"test authz for locking"
sbox.build()
write_authz_file(sbox, {"/": "", "/A": "jrandom = rw"})
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith('http'):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
root_url = sbox.repo_url
wc_dir = sbox.wc_dir
iota_url = root_url + '/iota'
iota_path = os.path.join(wc_dir, 'iota')
A_url = root_url + '/A'
mu_path = os.path.join(wc_dir, 'A', 'mu')
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'lock',
'-m', 'lock msg',
iota_url)
svntest.actions.run_and_verify_svn(None,
None, expected_err,
'lock',
'-m', 'lock msg',
iota_path)
svntest.actions.run_and_verify_svn(None,
None, [],
'lock',
'-m', 'lock msg',
mu_path)
svntest.main.file_append(mu_path, "hi")
expected_output = svntest.wc.State(wc_dir, {
'A/mu' : Item(verb='Sending'),
})
svntest.actions.run_and_verify_commit(wc_dir,
expected_output,
[],
None,
mu_path)
@XFail()
@Issue(2712)
@SkipUnless(svntest.main.is_ra_type_svn)
def authz_svnserve_anon_access_read(sbox):
"authz issue #2712"
sbox.build(create_wc = False)
svntest.main.safe_rmtree(sbox.wc_dir)
B_path = os.path.join(sbox.wc_dir, 'A', 'B')
other_B_path = B_path + '_other'
B_url = sbox.repo_url + '/A/B'
D_path = os.path.join(sbox.wc_dir, 'A', 'D')
D_url = sbox.repo_url + '/A/D'
write_restrictive_svnserve_conf(sbox.repo_dir, "read")
write_authz_file(sbox, { "/A/B" : "jrandom = rw",
"/A/D" : "* = r" })
svntest.actions.run_and_verify_svn(None, None, [],
'checkout',
B_url, B_path)
svntest.actions.run_and_verify_svn(None, None, [],
'checkout',
D_url, D_path)
svntest.main.safe_rmtree(D_path)
svntest.actions.run_and_verify_svn(None, None, [],
'switch', D_url, B_path)
svntest.actions.run_and_verify_svn(
None, None,
".*Authentication error from server: Username not found.*",
'checkout',
'--non-interactive',
'--username', 'losing_user',
B_url, B_path + '_unsuccessful')
svntest.actions.run_and_verify_svn(None, None, [],
'checkout',
B_url, other_B_path)
other_alpha_path = os.path.join(other_B_path, 'E', 'alpha')
svntest.main.file_append(other_alpha_path, "fish\n")
svntest.actions.run_and_verify_svn(None, None, [],
'commit', '-m', 'log msg',
other_B_path)
svntest.actions.run_and_verify_svn(None, None, [],
'merge', '-c', '2',
B_url, B_path)
@XFail()
@Skip(svntest.main.is_ra_type_file)
def authz_switch_to_directory(sbox):
"switched to directory, no read access on parents"
sbox.build(read_only = True)
write_authz_file(sbox, {"/": "*=rw", "/A/B": "*=", "/A/B/E": "jrandom = rw"})
write_restrictive_svnserve_conf(sbox.repo_dir)
wc_dir = sbox.wc_dir
mu_path = os.path.join(wc_dir, 'A', 'mu')
F_path = os.path.join(wc_dir, 'A', 'B', 'F')
G_path = os.path.join(wc_dir, 'A', 'D', 'G')
svntest.main.run_svn(None, 'switch', sbox.repo_url + "/A/B/E", G_path)
@Skip(svntest.main.is_ra_type_file)
@Issue(3242)
def authz_access_required_at_repo_root(sbox):
"authz issue #3242 - access required at repo root"
sbox.build(create_wc = False)
root_url = sbox.repo_url
svntest.main.run_svn(None, 'cp', '-m', 'logmsg',
root_url + '/A',
root_url + '/A-copy')
write_authz_file(sbox, {'/': '* =',
'/A': 'jrandom = rw',
'/A-copy': 'jrandom = rw'})
write_restrictive_svnserve_conf(sbox.repo_dir)
svntest.main.run_svn(None, 'cp',
'-m', 'copy in readable space',
root_url + '/A/B',
root_url + '/A/B-copy')
svntest.main.run_svn(None, 'cp',
'-m', 'copy across disjoint readable spaces',
root_url + '/A/B',
root_url + '/A-copy/B-copy')
svntest.main.run_svn(None, 'cp',
'-m', 'multi-copy across disjoint readable spaces',
root_url + '/A/B',
root_url + '/A/mu',
root_url + '/A-copy/C')
svntest.main.run_svn(None, 'cp',
'-m', 'copy from disjoint readable spaces',
root_url + '/A/B/E/alpha',
root_url + '/A-copy/B/E/beta',
root_url + '/A-copy/C')
@Skip(svntest.main.is_ra_type_file)
@Issue(3242)
def authz_access_required_at_repo_root2(sbox):
"more authz issue #3242 - update to renamed file"
sbox.build(create_wc = False)
root_url = sbox.repo_url
write_authz_file(sbox, {'/': '* =',
'/A': 'jrandom = rw'})
write_restrictive_svnserve_conf(sbox.repo_dir)
svntest.main.run_svn(None, 'mv',
'-m', 'rename file in readable writable space',
root_url + '/A/B/E/alpha',
root_url + '/A/B/E/alpha-renamed')
wc_dir = sbox.add_wc_path('ABE')
os.mkdir(wc_dir)
svntest.main.run_svn(None, 'co', '-r', '1', root_url + '/A/B/E', wc_dir)
svntest.main.run_svn(None, 'up', wc_dir)
svntest.main.run_svn(None, 'mv',
'-m', 'rename diretory in readable writable space',
root_url + '/A/D/H',
root_url + '/A/D/a g e')
wc_dir = sbox.add_wc_path('AD')
os.mkdir(wc_dir)
svntest.main.run_svn(None, 'co', '-r', '1', root_url + '/A/D', wc_dir)
svntest.main.run_svn(None, 'up', wc_dir)
@Skip(svntest.main.is_ra_type_file)
def multiple_matches(sbox):
"multiple lines matching a user"
sbox.build(create_wc = False)
root_url = sbox.repo_url
write_restrictive_svnserve_conf(sbox.repo_dir)
if sbox.repo_url.startswith("http"):
expected_err = ".*[Ff]orbidden.*"
else:
expected_err = ".*svn: E170001: Authorization failed.*"
write_authz_file(sbox, {'/': 'jrandom ='})
svntest.actions.run_and_verify_svn(None, None, expected_err,
'cp', '-m', 'fail copy',
root_url, root_url + '/fail')
write_authz_file(sbox, {'/': 'jrandom =' + '\n' + '* = rw'})
svntest.main.run_svn(None, 'cp',
'-m', 'first copy',
root_url, root_url + '/first')
write_authz_file(sbox, {'/': '* = rw' + '\n' + 'jrandom ='})
svntest.main.run_svn(None, 'cp',
'-m', 'second copy',
root_url, root_url + '/second')
@Issues(4025,4026)
@Skip(svntest.main.is_ra_type_file)
def wc_wc_copy_revert(sbox):
"wc-to-wc-copy with absent nodes and then revert"
sbox.build(create_wc = False)
local_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, {'/' : '* = r',
'/A/B/E' : '* =', })
expected_output = svntest.main.greek_state.copy()
expected_output.wc_dir = local_dir
expected_output.tweak(status='A ', contents=None)
expected_output.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
expected_wc = svntest.main.greek_state.copy()
expected_wc.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
svntest.actions.run_and_verify_checkout(sbox.repo_url, local_dir,
expected_output,
expected_wc)
expected_status = svntest.actions.get_virginal_state(sbox.wc_dir, 1)
expected_status.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
svntest.actions.run_and_verify_status(sbox.wc_dir, expected_status)
svntest.actions.run_and_verify_svn(None, None,
'svn: E155035: Cannot copy.*excluded by server',
'cp', sbox.ospath('A'), sbox.ospath('A2'))
expected_output = svntest.verify.ExpectedOutput(
['A + - 1 jrandom ' + sbox.ospath('A2') + '\n',
' + - 1 jrandom ' + sbox.ospath('A2/B') + '\n',
'! - ? ? ' + sbox.ospath('A2/B/E') + '\n',
])
expected_output.match_all = False
svntest.actions.run_and_verify_svn(None, expected_output, [],
'st', '--verbose', sbox.ospath('A2'))
svntest.actions.run_and_verify_svn(None, None,
'svn: E145000: .*unrecognized node kind',
'info', sbox.ospath('A2/B/E'))
svntest.actions.run_and_verify_svn(None, None,
'svn: E145001: cannot handle node kind',
'cp', sbox.ospath('A2/B'), sbox.ospath('B3'))
expected_output = svntest.verify.ExpectedOutput(
['A + - 1 jrandom ' + sbox.ospath('B3') + '\n',
'! - ? ? ' + sbox.ospath('B3/E') + '\n',
])
expected_output.match_all = False
svntest.actions.run_and_verify_svn(None, expected_output, [],
'st', '--verbose', sbox.ospath('B3'))
svntest.actions.run_and_verify_svn(None, None, [],
'revert', '--recursive',
sbox.ospath('A2'), sbox.ospath('B3'))
expected_status = svntest.actions.get_virginal_state(sbox.wc_dir, 1)
expected_status.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
svntest.actions.run_and_verify_status(sbox.wc_dir, expected_status)
@Skip(svntest.main.is_ra_type_file)
def authz_recursive_ls(sbox):
"recursive ls with private subtrees"
sbox.build(create_wc = False)
local_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, {'/' : '* = r',
'/A/B/E' : '* =',
'/A/mu' : '* =',
})
expected_entries = [
'A/',
'A/B/',
'A/B/F/',
'A/B/lambda',
'A/C/',
'A/D/',
'A/D/G/',
'A/D/G/pi',
'A/D/G/rho',
'A/D/G/tau',
'A/D/H/',
'A/D/H/chi',
'A/D/H/omega',
'A/D/H/psi',
'A/D/gamma',
'iota',
]
svntest.actions.run_and_verify_svn('recursive ls from /',
map(lambda x: x + '\n', expected_entries),
[], 'ls', '-R',
sbox.repo_url)
@Issue(3781)
@Skip(svntest.main.is_ra_type_file)
def case_sensitive_authz(sbox):
"authz issue #3781, check case sensitiveness"
sbox.build()
wc_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
mu_path = os.path.join(wc_dir, 'A', 'mu')
mu_url = sbox.repo_url + '/A/mu'
mu_repo_path = sbox.repo_dir + "/A/mu"
svntest.main.file_append(mu_path, "hi")
expected_output = svntest.wc.State(wc_dir, {
'A/mu' : Item(verb='Sending'),
})
expected_error_for_commit = "Commit failed"
if sbox.repo_url.startswith("http"):
expected_error_for_cat = ".*[Ff]orbidden.*"
else:
expected_error_for_cat = ".*svn: E170001: Authorization failed.*"
write_authz_file(sbox, {"/": "jrandom = r",
"/A/mu": "jrandom =", "/a/Mu": "jrandom = rw"})
svntest.actions.run_and_verify_svn2(None, None,
expected_error_for_cat,
1, 'cat', mu_url)
write_authz_file(sbox, {"/": "jrandom = r",
"/A": "jrandom = r",
"/a/Mu": "jrandom = rw"})
svntest.actions.run_and_verify_commit(wc_dir,
None,
None,
expected_error_for_commit,
mu_path)
def mixcases(repo_name):
mixed_repo_name = ''
for i in range(0, len(repo_name)):
if i % 2 == 0:
mixed_val = repo_name[i].upper()
mixed_repo_name = mixed_repo_name + mixed_val
else:
mixed_val = repo_name[i].lower()
mixed_repo_name = mixed_repo_name + mixed_val
return mixed_repo_name
mixed_case_repo_dir = mixcases(os.path.basename(sbox.repo_dir))
sec_mixed_case = {mixed_case_repo_dir + ":/": "jrandom = r",
mixed_case_repo_dir + ":/A": "jrandom = r",
os.path.basename(sbox.repo_dir) + ":/A/mu": "jrandom =",
mixed_case_repo_dir + ":/A/mu": "jrandom = rw"}
write_authz_file(sbox, {}, sec_mixed_case)
svntest.actions.run_and_verify_svn2(None, None,
expected_error_for_cat,
1, 'cat', mu_url)
write_authz_file(sbox, {},
sections = {mixed_case_repo_dir + ":/": "jrandom = r",
mixed_case_repo_dir + ":/A": "jrandom = r",
mixed_case_repo_dir + ":/A/mu": "jrandom = rw"})
svntest.actions.run_and_verify_commit(wc_dir,
None,
None,
expected_error_for_commit,
mu_path)
write_authz_file(sbox, {"/": "jrandom = r",
"/A": "jrandom = r", "/A/mu": "jrandom = rw"})
svntest.actions.run_and_verify_svn2('No error',
svntest.verify.AnyOutput, [],
0, 'cat', mu_url)
svntest.actions.run_and_verify_commit(wc_dir,
expected_output,
None,
None,
mu_path)
@Skip(svntest.main.is_ra_type_file)
def authz_tree_conflict(sbox):
"authz should notice a tree conflict"
sbox.build()
wc_dir = sbox.wc_dir
sbox.simple_rm('A/C')
sbox.simple_commit()
sbox.simple_update()
write_authz_file(sbox, {"/": "jrandom = rw", "/A/C": "*="})
write_restrictive_svnserve_conf(sbox.repo_dir)
sbox.simple_mkdir('A/C')
expected_output = svntest.wc.State(wc_dir, {})
expected_status = svntest.actions.get_virginal_state(wc_dir, 2)
expected_status.tweak('A/C', status='A ', wc_rev='0')
svntest.actions.run_and_verify_update(wc_dir,
expected_output,
None,
expected_status,
"Failed to mark '.*C' absent:",
None, None, None, None, 0,
'-r', '1', wc_dir)
@Issue(3900)
@Skip(svntest.main.is_ra_type_file)
def wc_delete(sbox):
"wc delete with absent nodes"
sbox.build(create_wc = False)
local_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
write_authz_file(sbox, {'/' : '* = r',
'/A/B/E' : '* =', })
expected_output = svntest.main.greek_state.copy()
expected_output.wc_dir = local_dir
expected_output.tweak(status='A ', contents=None)
expected_output.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
expected_wc = svntest.main.greek_state.copy()
expected_wc.remove('A/B/E', 'A/B/E/alpha', 'A/B/E/beta')
svntest.actions.run_and_verify_checkout(sbox.repo_url, local_dir,
expected_output,
expected_wc)
expected_status = svntest.actions.get_virginal_state(sbox.wc_dir, 1)
expected_err = ".*svn: E155035: .*excluded by server*"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'rm', sbox.ospath('A/B/E'))
svntest.actions.run_and_verify_svn(None, None, expected_err,
'rm', sbox.ospath('A'))
expected_status = svntest.actions.get_virginal_state(sbox.wc_dir, 1)
@Skip(svntest.main.is_ra_type_file)
def wc_commit_error_handling(sbox):
"verify commit error reporting"
sbox.build()
wc_dir = sbox.wc_dir
write_restrictive_svnserve_conf(sbox.repo_dir)
sbox.simple_mkdir('A/Z')
write_authz_file(sbox, {'/' : '* = r', })
expected_err = "(svn: E175013: .*orbidden.*)|" + \
"(svn: E170001: Authorization failed)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
write_authz_file(sbox, {'/' : '* = rw',
'/A' : '* = r', })
expected_err = "(svn: E195023: Changing directory '.*Z' is forbidden)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/Z')
svntest.main.file_write(sbox.ospath('A/zeta'), "Zeta")
sbox.simple_add('A/zeta')
expected_err = "(svn: E195023: Changing file '.*zeta' is forbidden)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/zeta')
sbox.simple_propset('a', 'b', 'A/D')
expected_err = "(svn: E175013: .*orbidden.*)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/D')
sbox.simple_propset('a', 'b', 'A/B/lambda')
expected_err = "(svn: E195023: Changing file '.*lambda' is forbidden.*)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/B/lambda')
svntest.main.file_write(sbox.ospath('A/B/lambda'), "New lambda")
expected_err = "(svn: E195023: Changing file '.*lambda' is forbidden.*)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/B/lambda')
sbox.simple_rm('A/B/F')
expected_err = "(svn: E195023: Changing directory '.*F' is forbidden.*)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
sbox.simple_revert('A/B/F')
svntest.main.file_write(sbox.ospath('A/mu'), "Updated mu")
expected_err = "(svn: E195023: Changing file '.*mu' is forbidden.*)|" + \
"(svn: E220004: Access denied)"
svntest.actions.run_and_verify_svn(None, None, expected_err,
'ci', wc_dir, '-m', '')
@Skip(svntest.main.is_ra_type_file)
def upgrade_absent(sbox):
"upgrade absent nodes to server-excluded"
replace_sbox_with_tarfile(sbox, 'upgrade_absent.tar.bz2')
replace_sbox_repo_with_tarfile(sbox, 'upgrade_absent_repos.tar.bz2')
svntest.main.write_restrictive_svnserve_conf(sbox.repo_dir)
svntest.main.write_authz_file(sbox, { "/" : "*=rw",
"/A/B" : "*=",
"/A/B/E" : "jrandom = rw"})
expected_stderr = wc_is_too_old_regex
svntest.actions.run_and_verify_svn(None, None, expected_stderr,
'info', sbox.wc_dir)
svntest.actions.run_and_verify_svn(None, None, [],
'upgrade', sbox.wc_dir)
svntest.actions.run_and_verify_svn(None, None, [], 'relocate',
'svn://127.0.0.1/authz_tests-2',
sbox.repo_url, sbox.wc_dir)
expected_output = svntest.wc.State(sbox.wc_dir, {
})
svntest.actions.run_and_verify_update(sbox.wc_dir, expected_output,
None, None)
@Skip(svntest.main.is_ra_type_file)
@Issue(4332)
def authz_del_from_subdir(sbox):
"delete file without rights on the root"
sbox.build(create_wc = False)
write_authz_file(sbox, {"/": "* = ", "/A": "jrandom = rw"})
write_restrictive_svnserve_conf(sbox.repo_dir)
svntest.actions.run_and_verify_svn(None, None, [],
'rm', sbox.repo_url + '/A/mu',
'-m', '')
test_list = [ None,
authz_open_root,
authz_open_directory,
broken_authz_file,
authz_read_access,
authz_write_access,
authz_checkout_test,
authz_log_and_tracing_test,
authz_checkout_and_update_test,
authz_partial_export_test,
authz_aliases,
authz_validate,
authz_locking,
authz_svnserve_anon_access_read,
authz_switch_to_directory,
authz_access_required_at_repo_root,
authz_access_required_at_repo_root2,
multiple_matches,
wc_wc_copy_revert,
authz_recursive_ls,
case_sensitive_authz,
authz_tree_conflict,
wc_delete,
wc_commit_error_handling,
upgrade_absent,
authz_del_from_subdir,
]
serial_only = True
if __name__ == '__main__':
svntest.main.run_tests(test_list, serial_only = serial_only)