projects / pve-access-control.git / blame
| Commit | Line | Data |
|---|---|---|
| 2c3a6c0a DM |
1 | #!/usr/bin/perl -w |
| 2 | ||
| 3 | use strict; | |
| 95fb22e6 TL |
4 | use warnings; |
| 5 | ||
| 6 | use Getopt::Long; | |
| 7 | ||
| 2c3a6c0a | 8 | use PVE::Tools; |
| 95fb22e6 | 9 | |
| 2c3a6c0a DM |
10 | use PVE::AccessControl; |
| 11 | use PVE::RPCEnvironment; | |
| 2c3a6c0a DM |
12 | |
| 13 | my $rpcenv = PVE::RPCEnvironment->init('cli'); | |
| 14 | ||
| 15 | my $cfgfn = "test2.cfg"; | |
| 16 | $rpcenv->init_request(userconfig => $cfgfn); | |
| 17 | ||
| 18 | sub check_roles { | |
| 19 | my ($user, $path, $expected_result) = @_; | |
| 20 | ||
| 7e8bcaa7 FG |
21 | my $roles = PVE::AccessControl::roles($rpcenv->{user_cfg}, $user, $path); |
| 22 | my $res = join(',', sort keys %$roles); | |
| 2c3a6c0a DM |
23 | |
| 24 | die "unexpected result\nneed '${expected_result}'\ngot '$res'\n" | |
| 25 | if $res ne $expected_result; | |
| 26 | ||
| 27 | print "ROLES:$path:$user:$res\n"; | |
| 28 | } | |
| 29 | ||
| 30 | # inherit multiple group permissions | |
| 31 | ||
| 32 | check_roles('User1@pve', '/', ''); | |
| 33 | check_roles('User2@pve', '/', ''); | |
| 34 | ||
| 35 | check_roles('User1@pve', '/vms', 'Role1,Role2'); | |
| 36 | check_roles('User2@pve', '/vms', ''); | |
| 37 | ||
| 38 | check_roles('User1@pve', '/vms/100', 'Role1,Role2'); | |
| 39 | check_roles('User2@pve', '/vms', ''); | |
| 40 | ||
| 41 | print "all tests passed\n"; | |
| 42 | ||
| 43 | exit (0); |