1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
|
<!-- -*- markdown -*- -->
Managing groups
===============
Gitano has users and users can be in groups. Groups are there primarily as a
way to manage access control since it's a lot easier to grant access to a group
and then manage the group, than to keep writing new ACLs for each user you want
to grant access to.
Groups have a name and a description, and then a list of members. In addition
groups may contain other groups and membership is transitive across that
relationship.
Group creation, listing, and removal
------------------------------------
SCENARIO basic group operation
Initially there is one group, the `gitano-admin` group.
GIVEN a standard instance
WHEN testinstance adminkey runs group list
THEN stdout contains gitano-admin
We can add a group...
WHEN testinstance adminkey runs group add newgroup simple description
AND testinstance adminkey runs group list
THEN stdout contains newgroup
AND stdout contains simple description
We can remove a group...
WHEN testinstance adminkey runs group del newgroup --force
AND testinstance adminkey runs group list
THEN stdout does not contain newgroup
FINALLY the instance is torn down
Examining and manipulating groups
---------------------------------
SCENARIO group description
Initially the `gitano-admin` group has one user in it, and has a basic
description.
GIVEN a standard instance
WHEN testinstance adminkey runs group show gitano-admin
THEN stdout contains gitano-admin:Gitano\ Instance\ Administrators
AND stdout contains =>\ admin
We can change that description though.
WHEN testinstance adminkey runs group description gitano-admin Jeffrey
AND testinstance adminkey runs group show gitano-admin
THEN stdout contains gitano-admin:Jeffrey
FINALLY the instance is torn down
Renaming groups
---------------
SCENARIO group renaming
Groups, like users and repositories, can be renamed. This is a moderately
destructive operation since ACLs are often based on group names, and as such
it also takes a token. After renaming a group, the old group name does not
exist.
GIVEN a standard instance
WHEN testinstance adminkey runs group add foo bar
AND testinstance adminkey runs group rename foo b.az --force
AND testinstance adminkey runs group list
THEN stdout does not contain foo:bar
AND stdout contains b.az:bar
FINALLY the instance is torn down
Group membership
----------------
SCENARIO group membership
GIVEN a standard instance
AND testinstance, using adminkey, adds a new user alice, with a key called main
Group membership of users is managed using the `adduser` and `deluser`
subcommands in the `group` command
WHEN testinstance adminkey runs group add foo bar
AND testinstance adminkey runs group adduser foo alice
AND testinstance adminkey runs group show foo
THEN stdout contains =>\ alice
WHEN testinstance adminkey runs group deluser foo alice --force
AND testinstance adminkey runs group show foo
THEN stdout does not contain alice
Group membership of groups is managed with `addgroup` and `delgroup`
subcommands.
WHEN testinstance adminkey runs group show gitano-admin
THEN stdout does not contain foo
WHEN testinstance adminkey runs group addgroup gitano-admin foo
AND testinstance adminkey runs group show gitano-admin
THEN stdout contains \[\]\ foo
WHEN testinstance adminkey runs group delgroup gitano-admin foo --force
AND testinstance adminkey runs group show gitano-admin
THEN stdout does not contain foo
FINALLY the instance is torn down
Membership works across renames
===============================
A critical component of users and groups is that they continue to work across
renames.
SCENARIO group and user rename continuity
GIVEN a standard instance
AND testinstance, using adminkey, adds a new user alice, with a key called main
WHEN testinstance adminkey runs group add foo foodesc
AND testinstance adminkey runs group add bar bardesc
AND testinstance adminkey runs group adduser foo alice
AND testinstance adminkey runs group addgroup bar foo
Firstly we demonstrate that transitive membership turns up in whoami...
WHEN alice main runs whoami
THEN stdout contains foodesc
AND stdout contains bardesc
AND stdout contains \(via foo\)
Next, if we rename the alice user we want to know that the user membership
of group foo continues to work.
WHEN testinstance adminkey runs user rename alice betty --force
WHEN testinstance adminkey runs group show foo
THEN stdout does not contain alice
AND stdout contains betty
WHEN alice main runs whoami
THEN stdout contains foodesc
AND stdout contains bardesc
AND stdout contains \(via foo\)
And, of course, if we rename either group, then the membership persists.
WHEN testinstance adminkey runs group rename foo baz --force
AND testinstance adminkey runs group rename bar meta --force
AND alice main runs whoami
THEN stdout contains foodesc
AND stdout contains bardesc
AND stdout contains \(via baz\)
FINALLY the instance is torn down
regression tests
================
At one point it was possible to run `group add` and pass a group name with a
slash in it which would really confuse Gitano subsequently. This ensures that
can never happen again.
SCENARIO group add with slashes causes error
GIVEN a standard instance
WHEN testinstance adminkey, expecting failure, runs group add foo/bar bananas
THEN stderr contains group name .foo/bar. not valid
FINALLY the instance is torn down
|