diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2013-06-22 15:45:09 +0100 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2013-06-22 15:45:09 +0100 |
commit | 1630874880c9bf9c67a4be1b3783a5bf5778e06b (patch) | |
tree | 8114d415a0a043822cdec7b44b8d5bfd6e057f6a /testing/02-commands-as.yarn | |
parent | b3b452ced0628134762b2214c2e7f324294dfef7 (diff) | |
download | gitano-1630874880c9bf9c67a4be1b3783a5bf5778e06b.tar.gz |
Support testing of 'as'
Diffstat (limited to 'testing/02-commands-as.yarn')
-rw-r--r-- | testing/02-commands-as.yarn | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/testing/02-commands-as.yarn b/testing/02-commands-as.yarn index f282cb0..1a96617 100644 --- a/testing/02-commands-as.yarn +++ b/testing/02-commands-as.yarn @@ -1 +1,38 @@ <!-- -*- markdown -*- --> +as --A- Become someone else +=========================== + +The `as` command can be used to run commands as different users. It should not +leak the existence/absence of a user, nor should it leak permissions from the +calling user into the effective user. + +Verification of `as` in the simple case +--------------------------------------- + +In the simple case, `as` is being called by someone who has permission to do +so, on behalf of a user which exists and can be used. + + SCENARIO Default case for as + + GIVEN a standard instance + AND testinstance has keys called other + WHEN testinstance, using adminkey, adds user other, using testinstance other + AND testinstance adminkey runs as other whoami + THEN stdout contains other + AND stdout does not contain gitano-admin + +The other trivial case is that a user without permission tries to run `as`. + + WHEN testinstance other, expecting failure, runs as other whoami + THEN stdout is empty + AND stderr contains Ruleset denied action + AND stderr contains exit:1 + +The final trivial case is that a user which can run `as` cannot use it to run +`as`. + + WHEN testinstance adminkey, expecting failure, runs as other as other whoami + THEN stdout is empty + AND stderr contains Cannot use 'as' to run 'as' + AND stderr contains Validation of command line failed + AND stderr contains exit:1 |