Author: stsp
Date: Thu Nov 26 14:47:23 2020
New Revision: 1883838
URL: http://svn.apache.org/viewvc?rev=1883838&view=rev
Log:
Add test coverage for mod_authz_svn's AuthzSVNReposRelativeAccessFile option.
* subversion/tests/cmdline/davautocheck.sh: Add a Location to httpd's
configuration file which makes use of AuthzSVNReposRelativeAccessFile.
* subversion/tests/cmdline/mod_authz_svn_tests.py
(repos_relative_access_file): New test. Provides basic coverage for a
setup with a hidden authz rules file. Ensure that this authz rules file
cannot be read by a user who does not have access configured for it.
(test_list): Add new test.
Modified:
subversion/trunk/subversion/tests/cmdline/davautocheck.sh
subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py
Modified: subversion/trunk/subversion/tests/cmdline/davautocheck.sh
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/davautocheck.sh?rev=1883838&r1=1883837&r2=1883838&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/cmdline/davautocheck.sh (original)
+++ subversion/trunk/subversion/tests/cmdline/davautocheck.sh Thu Nov 26
14:47:23 2020
@@ -610,6 +610,15 @@ cat >> "$HTTPD_CFG" <<__EOF__
</IfModule>
${SVN_PATH_AUTHZ_LINE}
</Location>
+<Location /authz-test-work/in-repos-authz>
+__EOF__
+location_common
+cat >> "$HTTPD_CFG" <<__EOF__
+ SVNParentPath
"$ABS_BUILDDIR/subversion/tests/cmdline/svn-test-work/local_tmp"
+ Require valid-user
+ Satisfy Any
+ AuthzSVNReposRelativeAccessFile "^/authz"
+</Location>
<Location /authz-test-work/mixed>
__EOF__
location_common
Modified: subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py
URL:
http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py?rev=1883838&r1=1883837&r2=1883838&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py (original)
+++ subversion/trunk/subversion/tests/cmdline/mod_authz_svn_tests.py Thu Nov 26
14:47:23 2020
@@ -25,7 +25,7 @@
######################################################################
# General modules
-import os, re, logging
+import os, re, logging, shutil
logger = logging.getLogger()
@@ -1043,6 +1043,39 @@ def authn_sallrall(sbox):
verify_gets(test_area_url, sallrall_tests)
+@SkipUnless(svntest.main.is_ra_type_dav)
+def repos_relative_access_file(sbox):
+ "repos-relative access file"
+
+ sbox.build(create_wc = False)
+
+ test_area_url = sbox.repo_url.replace('/svn-test-work/local_tmp/repos',
+ '/authz-test-work/in-repos-authz')
+ svntest.main.write_authz_file(sbox, {"/": "", "/A": "%s = rw" % user1})
+
+ expected_output = svntest.wc.State(sbox.wc_dir, { })
+ expected_disk = svntest.main.greek_state.copy()
+ svntest.actions.run_and_verify_svn(svntest.verify.AnyOutput, [], 'checkout',
+ sbox.file_protocol_repo_url(), sbox.wc_dir)
+
+ shutil.copy(sbox.authz_file, os.path.join(sbox.wc_dir, 'authz'))
+ sbox.simple_add('authz')
+ sbox.simple_commit(message="adding in-repository authz rules file")
+
+ in_repos_authz_tests = (
+ { 'path': '', 'status': 401, },
+ { 'path': '/authz', 'status': 401, },
+ { 'path': '/authz', 'user' : user1, 'pw' : user1_pass,
+ 'status': 403, },
+ { 'path': '/A', 'user' : user1, 'pw' : user1_pass,
+ 'status': 301, },
+ { 'path': '/A/', 'user' : user1, 'pw' : user1_pass,
+ 'status': 200, },
+ )
+
+ verify_gets(test_area_url, in_repos_authz_tests)
+
+
########################################################################
# Run the tests
@@ -1058,6 +1091,7 @@ test_list = [ None,
authn_group,
authn_sallrany,
authn_sallrall,
+ repos_relative_access_file,
]
serial_only = True
