]>
Commit | Line | Data |
---|---|---|
7c673cae FG |
1 | #!/bin/bash |
2 | ||
3 | set -e | |
4 | set -x | |
5 | declare -A keymap | |
6 | ||
7 | combinations="r w x rw rx wx rwx" | |
8 | ||
9 | for i in ${combinations}; do | |
10 | k="foo_$i" | |
11 | k=`ceph auth get-or-create-key client.$i mon "allow $i"` || exit 1 | |
12 | keymap["$i"]=$k | |
13 | done | |
14 | ||
15 | # add special caps | |
16 | # force blank cap with '--force' | |
17 | keymap["blank"]=`ceph auth get-or-create-key client.blank mon 'allow' --force` || exit 1 | |
18 | keymap["all"]=`ceph auth get-or-create-key client.all mon 'allow *'` || exit 1 | |
19 | ||
20 | tmp=`mktemp` | |
21 | ceph auth export > $tmp | |
22 | ||
23 | trap "rm $tmp" INT ERR EXIT QUIT 0 | |
24 | ||
25 | expect() { | |
26 | ||
27 | set +e | |
28 | ||
29 | local expected_ret=$1 | |
30 | local ret | |
31 | ||
32 | shift | |
33 | cmd=$@ | |
34 | ||
35 | eval $cmd | |
36 | ret=$? | |
37 | ||
38 | set -e | |
39 | ||
40 | if [[ $ret -ne $expected_ret ]]; then | |
41 | echo "ERROR: running \'$cmd\': expected $expected_ret got $ret" | |
42 | return 1 | |
43 | fi | |
44 | ||
45 | return 0 | |
46 | } | |
47 | ||
48 | read_ops() { | |
49 | local caps=$1 | |
50 | local has_read=1 has_exec=1 | |
51 | local ret | |
52 | local args | |
53 | ||
54 | ( echo $caps | grep 'r' ) || has_read=0 | |
55 | ( echo $caps | grep 'x' ) || has_exec=0 | |
56 | ||
57 | if [[ "$caps" == "all" ]]; then | |
58 | has_read=1 | |
59 | has_exec=1 | |
60 | fi | |
61 | ||
62 | ret=13 | |
63 | if [[ $has_read -gt 0 && $has_exec -gt 0 ]]; then | |
64 | ret=0 | |
65 | fi | |
66 | ||
67 | args="--id $caps --key ${keymap[$caps]}" | |
68 | ||
69 | expect $ret ceph auth get client.admin $args | |
70 | expect $ret ceph auth get-key client.admin $args | |
71 | expect $ret ceph auth export $args | |
72 | expect $ret ceph auth export client.admin $args | |
73 | expect $ret ceph auth list $args | |
74 | expect $ret ceph auth print-key client.admin $args | |
75 | expect $ret ceph auth print_key client.admin $args | |
76 | } | |
77 | ||
78 | write_ops() { | |
79 | ||
80 | local caps=$1 | |
81 | local has_read=1 has_write=1 has_exec=1 | |
82 | local ret | |
83 | local err | |
84 | local args | |
85 | ||
86 | ( echo $caps | grep 'r' ) || has_read=0 | |
87 | ( echo $caps | grep 'w' ) || has_write=0 | |
88 | ( echo $caps | grep 'x' ) || has_exec=0 | |
89 | ||
90 | if [[ "$caps" == "all" ]]; then | |
91 | has_read=1 | |
92 | has_write=1 | |
93 | has_exec=1 | |
94 | fi | |
95 | ||
96 | ret=13 | |
97 | if [[ $has_read -gt 0 && $has_write -gt 0 && $has_exec -gt 0 ]]; then | |
98 | ret=0 | |
99 | fi | |
100 | ||
101 | args="--id $caps --key ${keymap[$caps]}" | |
102 | ||
103 | expect $ret ceph auth add client.foo $args | |
104 | expect $ret "ceph auth caps client.foo mon 'allow *' $args" | |
105 | expect $ret ceph auth get-or-create client.admin $args | |
106 | echo "wtf -- before: err=$err ret=$ret" | |
107 | err=$ret | |
108 | [[ $ret -eq 0 ]] && err=22 # EINVAL | |
109 | expect $err "ceph auth get-or-create client.bar mon 'allow' $args" | |
110 | echo "wtf -- after: err=$err ret=$ret" | |
111 | expect $ret "ceph auth get-or-create client.bar mon 'allow' --force $args" | |
112 | expect $ret ceph auth get-or-create-key client.admin $args | |
113 | expect $ret ceph auth get-or-create-key client.baz $args | |
114 | expect $ret ceph auth del client.bar $args | |
115 | expect $ret ceph auth del client.baz $args | |
116 | expect $ret ceph auth del client.foo $args | |
117 | expect $ret ceph auth import -i $tmp $args | |
118 | } | |
119 | ||
120 | echo "running combinations: ${!keymap[@]}" | |
121 | ||
122 | subcmd=$1 | |
123 | ||
124 | for i in ${!keymap[@]}; do | |
125 | echo "caps: $i" | |
126 | if [[ -z "$subcmd" || "$subcmd" == "read" || "$subcmd" == "all" ]]; then | |
127 | read_ops $i | |
128 | fi | |
129 | ||
130 | if [[ -z "$subcmd" || "$subcmd" == "write" || "$subcmd" == "all" ]]; then | |
131 | write_ops $i | |
132 | fi | |
133 | done | |
134 | ||
135 | # cleanup | |
136 | for i in ${combinations} blank all; do | |
137 | ceph auth del client.$i || exit 1 | |
138 | done | |
139 | ||
140 | echo "OK" |