Author: stsp Date: Thu Nov 26 14:47:23 2020 New Revision: 1883838 URL: http://svn.apache.org/viewvc?rev=1883838&view=rev Log: Add test coverage for mod_authz_svn's AuthzSVNReposRelativeAccessFile option.
* subversion/tests/cmdline/davautocheck.sh: Add a Location to httpd's configuration file which makes use of AuthzSVNReposRelativeAccessFile. * subversion/tests/cmdline/mod_authz_svn_tests.py (repos_relative_access_file): New test. Provides basic coverage for a setup with a hidden authz rules file. Ensure that this authz rules file cannot be read by a user who does not have access configured for it. (test_list): Add new test. Modified: subversion/trunk/subversion/tests/cmdline/davautocheck.sh subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py Modified: subversion/trunk/subversion/tests/cmdline/davautocheck.sh URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/davautocheck.sh?rev=1883838&r1=1883837&r2=1883838&view=diff ============================================================================== --- subversion/trunk/subversion/tests/cmdline/davautocheck.sh (original) +++ subversion/trunk/subversion/tests/cmdline/davautocheck.sh Thu Nov 26 14:47:23 2020 @@ -610,6 +610,15 @@ cat >> "$HTTPD_CFG" <<__EOF__ </IfModule> ${SVN_PATH_AUTHZ_LINE} </Location> +<Location /authz-test-work/in-repos-authz> +__EOF__ +location_common +cat >> "$HTTPD_CFG" <<__EOF__ + SVNParentPath "$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp" + Require valid-user + Satisfy Any + AuthzSVNReposRelativeAccessFile "^/authz" +</Location> <Location /authz-test-work/mixed> __EOF__ location_common Modified: subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py?rev=1883838&r1=1883837&r2=1883838&view=diff ============================================================================== --- subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py (original) +++ subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py Thu Nov 26 14:47:23 2020 @@ -25,7 +25,7 @@ ###################################################################### # General modules -import os, re, logging +import os, re, logging, shutil logger = logging.getLogger() @@ -1043,6 +1043,39 @@ def authn_sallrall(sbox): verify_gets(test_area_url, sallrall_tests) +@SkipUnless(svntest.main.is_ra_type_dav) +def repos_relative_access_file(sbox): + "repos-relative access file" + + sbox.build(create_wc = False) + + test_area_url = sbox.repo_url.replace('/svn-test-work/local_tmp/repos', + '/authz-test-work/in-repos-authz') + svntest.main.write_authz_file(sbox, {"/": "", "/A": "%s = rw" % user1}) + + expected_output = svntest.wc.State(sbox.wc_dir, { }) + expected_disk = svntest.main.greek_state.copy() + svntest.actions.run_and_verify_svn(svntest.verify.AnyOutput, [], 'checkout', + sbox.file_protocol_repo_url(), sbox.wc_dir) + + shutil.copy(sbox.authz_file, os.path.join(sbox.wc_dir, 'authz')) + sbox.simple_add('authz') + sbox.simple_commit(message="adding in-repository authz rules file") + + in_repos_authz_tests = ( + { 'path': '', 'status': 401, }, + { 'path': '/authz', 'status': 401, }, + { 'path': '/authz', 'user' : user1, 'pw' : user1_pass, + 'status': 403, }, + { 'path': '/A', 'user' : user1, 'pw' : user1_pass, + 'status': 301, }, + { 'path': '/A/', 'user' : user1, 'pw' : user1_pass, + 'status': 200, }, + ) + + verify_gets(test_area_url, in_repos_authz_tests) + + ######################################################################## # Run the tests @@ -1058,6 +1091,7 @@ test_list = [ None, authn_group, authn_sallrany, authn_sallrall, + repos_relative_access_file, ] serial_only = True