test/perm-test6.pl

   1 #!/usr/bin/perl -w
   2
   3 use strict;
   4 use PVE::Tools;
   5 use PVE::AccessControl;
   6 use PVE::RPCEnvironment;
   7 use Getopt::Long;
   8
   9 my $rpcenv = PVE::RPCEnvironment->init('cli');
  10
  11 my $cfgfn = "test6.cfg";
  12 $rpcenv->init_request(userconfig => $cfgfn);
  13
  14 sub check_roles {
  15     my ($user, $path, $expected_result) = @_;
  16
  17     my @ra = $rpcenv->roles($user, $path);
  18     my $res = join(',', sort @ra);
  19
  20     die "unexpected result\nneed '${expected_result}'\ngot '$res'\n"
  21         if $res ne $expected_result;
  22
  23     print "ROLES:$path:$user:$res\n";
  24 }
  25
  26 check_roles('User1@pve', '', '');
  27 check_roles('User2@pve', '', '');
  28 check_roles('User3@pve', '', '');
  29 check_roles('User4@pve', '', '');
  30
  31 check_roles('User1@pve', '/vms', 'RoleTEST1');
  32 check_roles('User2@pve', '/vms', 'RoleTEST1');
  33 check_roles('User3@pve', '/vms', 'NoAccess');
  34 check_roles('User4@pve', '/vms', '');
  35
  36 check_roles('User1@pve', '/vms/100', 'RoleTEST1');
  37 check_roles('User2@pve', '/vms/100', 'RoleTEST1');
  38 check_roles('User3@pve', '/vms/100', 'NoAccess');
  39 check_roles('User4@pve', '/vms/100', '');
  40
  41 check_roles('User1@pve', '/vms/300', 'Role1');
  42 check_roles('User2@pve', '/vms/300', 'RoleTEST1');
  43 check_roles('User3@pve', '/vms/300', 'NoAccess');
  44 check_roles('User4@pve', '/vms/300', 'Role1');
  45
  46 check_roles('User1@pve', '/vms/500', 'RoleDEVEL,RoleTEST1');
  47 check_roles('User2@pve', '/vms/500', 'RoleDEVEL,RoleTEST1');
  48 check_roles('User3@pve', '/vms/500', 'NoAccess');
  49 check_roles('User4@pve', '/vms/500', '');
  50
  51 check_roles('User1@pve', '/vms/600', 'RoleMARKETING,RoleTEST1');
  52 check_roles('User2@pve', '/vms/600', 'RoleTEST1');
  53 check_roles('User3@pve', '/vms/600', 'NoAccess');
  54 check_roles('User4@pve', '/vms/600', 'RoleMARKETING');
  55
  56 check_roles('User1@pve', '/storage/store1', 'RoleDEVEL,RoleMARKETING');
  57 check_roles('User2@pve', '/storage/store1', 'RoleDEVEL');
  58 check_roles('User3@pve', '/storage/store1', 'RoleDEVEL');
  59 check_roles('User4@pve', '/storage/store1', 'RoleMARKETING');
  60
  61 check_roles('User1@pve', '/storage/store2', 'RoleDEVEL');
  62 check_roles('User2@pve', '/storage/store2', 'RoleDEVEL');
  63 check_roles('User3@pve', '/storage/store2', 'RoleDEVEL');
  64 check_roles('User4@pve', '/storage/store2', '');
  65
  66 print "all tests passed\n";
  67
  68 exit (0);