PolicyKit: Branch 'wip/js-rule-files'
David Zeuthen
david at kemper.freedesktop.org
Mon May 21 09:29:27 PDT 2012
test/data/etc/polkit-1/rules.d/10-testing.rules | 12 +++++++++
test/polkitbackend/test-polkitbackendjsauthority.c | 26 ++++++++++++++++++++-
2 files changed, 37 insertions(+), 1 deletion(-)
New commits:
commit 8e0c53ecf7129cd1be8bc9ac322aab4af992ce61
Author: David Zeuthen <davidz at redhat.com>
Date: Mon May 21 12:29:01 2012 -0400
Test that subject.isInGroup() works
Signed-off-by: David Zeuthen <davidz at redhat.com>
diff --git a/test/data/etc/polkit-1/rules.d/10-testing.rules b/test/data/etc/polkit-1/rules.d/10-testing.rules
index 4fce8c5..4cd184c 100644
--- a/test/data/etc/polkit-1/rules.d/10-testing.rules
+++ b/test/data/etc/polkit-1/rules.d/10-testing.rules
@@ -41,3 +41,15 @@ polkit.addRule(function(action, subject, details) {
return "yes";
}
});
+
+// ---------------------------------------------------------------------
+// group membership
+
+polkit.addRule(function(action, subject, details) {
+ if (action == "net.company.group.only_group_users") {
+ if (subject.isInGroup("users"))
+ return "yes";
+ else
+ return "no";
+ }
+});
diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
index 8057707..a210f68 100644
--- a/test/polkitbackend/test-polkitbackendjsauthority.c
+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
@@ -148,6 +148,7 @@ struct RulesTestCase
{
const gchar *test_name;
const gchar *action_id;
+ const gchar *identity;
PolkitImplicitAuthorization expected_result;
const gchar *expected_detail;
};
@@ -157,12 +158,14 @@ static const RulesTestCase rules_test_cases[] = {
{
"basic0",
"net.company.productA.action0",
+ "unix-user:root",
POLKIT_IMPLICIT_AUTHORIZATION_ADMINISTRATOR_AUTHENTICATION_REQUIRED,
NULL
},
{
"basic1",
"net.company.productA.action1",
+ "unix-user:root",
POLKIT_IMPLICIT_AUTHORIZATION_AUTHENTICATION_REQUIRED,
NULL
},
@@ -181,6 +184,7 @@ static const RulesTestCase rules_test_cases[] = {
/* defined in file a, b, c, d - should pick file a */
"order0",
"net.company.order0",
+ "unix-user:root",
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
"a"
},
@@ -188,6 +192,7 @@ static const RulesTestCase rules_test_cases[] = {
/* defined in file b, c, d - should pick file b */
"order1",
"net.company.order1",
+ "unix-user:root",
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
"b"
},
@@ -195,9 +200,28 @@ static const RulesTestCase rules_test_cases[] = {
/* defined in file c, d - should pick file c */
"order2",
"net.company.order2",
+ "unix-user:root",
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
"c"
},
+
+ /* check group membership */
+ {
+ /* john is a member of group 'users', see test/etc/group */
+ "group_membership_with_member",
+ "net.company.group.only_group_users",
+ "unix-user:john",
+ POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
+ NULL
+ },
+ {
+ /* sally is not a member of group 'users', see test/etc/group */
+ "group_membership_with_non_member",
+ "net.company.group.only_group_users",
+ "unix-user:sally",
+ POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+ NULL
+ },
};
/* ---------------------------------------------------------------------------------------------------- */
@@ -218,7 +242,7 @@ rules_test_func (gconstpointer user_data)
caller = polkit_unix_process_new (getpid ());
subject = polkit_unix_process_new (getpid ());
- user_for_subject = polkit_identity_from_string ("unix-user:root", &error);
+ user_for_subject = polkit_identity_from_string (tc->identity, &error);
g_assert_no_error (error);
details = polkit_details_new ();
More information about the hal-commit
mailing list