tests: add tests for high uids

author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-12-03 11:20:34 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2018-12-04 22:08:42 +0100
commit: b534a10727455409acd54018a9c91000e7626126 (patch)
tree: a9989888b0b935343928c46c5d4e05b0d19e2011 /test
parent: 2cb40c4d5feeaa09325522bd7d97910f1b59e379 (diff)
download: polkit-b534a10727455409acd54018a9c91000e7626126.tar.gz
4 files changed, 96 insertions, 0 deletions
diff --git a/test/data/etc/group b/test/data/etc/group
index 12ef328..b9acab9 100644
--- a/test/data/etc/group
+++ b/test/data/etc/group
@@ -5,3 +5,4 @@ john:x:500:
 jane:x:501:
 sally:x:502:
 henry:x:503:
+highuid2:x:4000000000:
diff --git a/test/data/etc/passwd b/test/data/etc/passwd
index 8544feb..5cf14a5 100644
--- a/test/data/etc/passwd
+++ b/test/data/etc/passwd
@@ -3,3 +3,5 @@ john:x:500:500:John Done:/home/john:/bin/bash
 jane:x:501:501:Jane Smith:/home/jane:/bin/bash
 sally:x:502:502:Sally Derp:/home/sally:/bin/bash
 henry:x:503:503:Henry Herp:/home/henry:/bin/bash
+highuid1:x:2147483648:2147483648:The first high uid:/home/highuid1:/sbin/nologin
+highuid2:x:4000000000:4000000000:An example high uid:/home/example:/sbin/nologin
diff --git a/test/data/etc/polkit-1/rules.d/10-testing.rules b/test/data/etc/polkit-1/rules.d/10-testing.rules
index 446e622..98bf062 100644
--- a/test/data/etc/polkit-1/rules.d/10-testing.rules
+++ b/test/data/etc/polkit-1/rules.d/10-testing.rules
@@ -53,6 +53,27 @@ polkit.addRule(function(action, subject) {
     }
 });
 
+polkit.addRule(function(action, subject) {
+    if (action.id == "net.company.john_action") {
+        if (subject.user == "john") {
+            return polkit.Result.YES;
+        } else {
+            return polkit.Result.NO;
+        }
+    }
+});
+
+polkit.addRule(function(action, subject) {
+    if (action.id == "net.company.highuid2_action") {
+        if (subject.user == "highuid2") {
+            return polkit.Result.YES;
+        } else {
+            return polkit.Result.NO;
+        }
+    }
+});
+
+
 // ---------------------------------------------------------------------
 // variables
 
diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c
index b484a26..71aad23 100644
--- a/test/polkitbackend/test-polkitbackendjsauthority.c
+++ b/test/polkitbackend/test-polkitbackendjsauthority.c
@@ -330,6 +330,78 @@ static const RulesTestCase rules_test_cases[] = {
     NULL,
     POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
   },
+
+  {
+    /* highuid1 is not a member of group 'users', see test/data/etc/group */
+    "group_membership_with_non_member(highuid22)",
+    "net.company.group.only_group_users",
+    "unix-user:highuid2",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
+
+  {
+    /* highuid2 is not a member of group 'users', see test/data/etc/group */
+    "group_membership_with_non_member(highuid21)",
+    "net.company.group.only_group_users",
+    "unix-user:highuid2",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
+
+  {
+    /* highuid1 is not a member of group 'users', see test/data/etc/group */
+    "group_membership_with_non_member(highuid24)",
+    "net.company.group.only_group_users",
+    "unix-user:2147483648",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
+
+  {
+    /* highuid2 is not a member of group 'users', see test/data/etc/group */
+    "group_membership_with_non_member(highuid23)",
+    "net.company.group.only_group_users",
+    "unix-user:4000000000",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
+
+  {
+    /* john is authorized to do this, see 10-testing.rules */
+    "john_action",
+    "net.company.john_action",
+    "unix-user:john",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
+  },
+
+  {
+    /* only john is authorized to do this, see 10-testing.rules */
+    "jane_action",
+    "net.company.john_action",
+    "unix-user:jane",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
+
+  {
+    /* highuid2 is authorized to do this, see 10-testing.rules */
+    "highuid2_action",
+    "net.company.highuid2_action",
+    "unix-user:highuid2",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
+  },
+
+  {
+    /* only highuid2 is authorized to do this, see 10-testing.rules */
+    "highuid1_action",
+    "net.company.highuid2_action",
+    "unix-user:highuid1",
+    NULL,
+    POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
+  },
 };
 
 /* ---------------------------------------------------------------------------------------------------- */
author	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-12-03 11:20:34 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2018-12-04 22:08:42 +0100
commit	b534a10727455409acd54018a9c91000e7626126 (patch)
tree	a9989888b0b935343928c46c5d4e05b0d19e2011 /test
parent	2cb40c4d5feeaa09325522bd7d97910f1b59e379 (diff)
download	polkit-b534a10727455409acd54018a9c91000e7626126.tar.gz