1*1902Szelenkov@nginx.comimport os 2*1902Szelenkov@nginx.comfrom pathlib import Path 3*1902Szelenkov@nginx.com 4*1902Szelenkov@nginx.comimport pytest 5*1902Szelenkov@nginx.com 6*1902Szelenkov@nginx.comfrom unit.applications.proto import TestApplicationProto 7*1902Szelenkov@nginx.com 8*1902Szelenkov@nginx.com 9*1902Szelenkov@nginx.comclass TestStaticChroot(TestApplicationProto): 10*1902Szelenkov@nginx.com prerequisites = {'features': ['chroot']} 11*1902Szelenkov@nginx.com 12*1902Szelenkov@nginx.com @pytest.fixture(autouse=True) 13*1902Szelenkov@nginx.com def setup_method_fixture(self, temp_dir): 14*1902Szelenkov@nginx.com os.makedirs(temp_dir + '/assets/dir') 15*1902Szelenkov@nginx.com Path(temp_dir + '/assets/index.html').write_text('0123456789') 16*1902Szelenkov@nginx.com Path(temp_dir + '/assets/dir/file').write_text('blah') 17*1902Szelenkov@nginx.com 18*1902Szelenkov@nginx.com test = Path(__file__) 19*1902Szelenkov@nginx.com self.test_path = '/' + test.parent.name + '/' + test.name 20*1902Szelenkov@nginx.com 21*1902Szelenkov@nginx.com self._load_conf( 22*1902Szelenkov@nginx.com { 23*1902Szelenkov@nginx.com "listeners": {"*:7080": {"pass": "routes"}}, 24*1902Szelenkov@nginx.com "routes": [{"action": {"share": temp_dir + "/assets"}}], 25*1902Szelenkov@nginx.com } 26*1902Szelenkov@nginx.com ) 27*1902Szelenkov@nginx.com 28*1902Szelenkov@nginx.com def test_static_chroot(self, temp_dir): 29*1902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 200, 'default chroot' 30*1902Szelenkov@nginx.com assert self.get(url='/index.html')['status'] == 200, 'default chroot 2' 31*1902Szelenkov@nginx.com 32*1902Szelenkov@nginx.com assert 'success' in self.conf( 33*1902Szelenkov@nginx.com { 34*1902Szelenkov@nginx.com "share": temp_dir + "/assets", 35*1902Szelenkov@nginx.com "chroot": temp_dir + "/assets/dir", 36*1902Szelenkov@nginx.com }, 37*1902Szelenkov@nginx.com 'routes/0/action', 38*1902Szelenkov@nginx.com ), 'configure chroot' 39*1902Szelenkov@nginx.com 40*1902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 200, 'chroot' 41*1902Szelenkov@nginx.com assert self.get(url='/index.html')['status'] == 403, 'chroot 403 2' 42*1902Szelenkov@nginx.com assert self.get(url='/file')['status'] == 403, 'chroot 403' 43*1902Szelenkov@nginx.com 44*1902Szelenkov@nginx.com def test_static_chroot_permission(self, is_su, temp_dir): 45*1902Szelenkov@nginx.com if is_su: 46*1902Szelenkov@nginx.com pytest.skip('does\'t work under root') 47*1902Szelenkov@nginx.com 48*1902Szelenkov@nginx.com os.chmod(temp_dir + '/assets/dir', 0o100) 49*1902Szelenkov@nginx.com 50*1902Szelenkov@nginx.com assert 'success' in self.conf( 51*1902Szelenkov@nginx.com { 52*1902Szelenkov@nginx.com "share": temp_dir + "/assets", 53*1902Szelenkov@nginx.com "chroot": temp_dir + "/assets/dir", 54*1902Szelenkov@nginx.com }, 55*1902Szelenkov@nginx.com 'routes/0/action', 56*1902Szelenkov@nginx.com ), 'configure chroot' 57*1902Szelenkov@nginx.com 58*1902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 200, 'chroot' 59*1902Szelenkov@nginx.com 60*1902Szelenkov@nginx.com def test_static_chroot_empty(self, temp_dir): 61*1902Szelenkov@nginx.com assert 'success' in self.conf( 62*1902Szelenkov@nginx.com {"share": temp_dir + "/assets", "chroot": ""}, 'routes/0/action', 63*1902Szelenkov@nginx.com ), 'configure chroot empty absolute' 64*1902Szelenkov@nginx.com 65*1902Szelenkov@nginx.com assert ( 66*1902Szelenkov@nginx.com self.get(url='/dir/file')['status'] == 200 67*1902Szelenkov@nginx.com ), 'chroot empty absolute' 68*1902Szelenkov@nginx.com 69*1902Szelenkov@nginx.com assert 'success' in self.conf( 70*1902Szelenkov@nginx.com {"share": ".", "chroot": ""}, 'routes/0/action', 71*1902Szelenkov@nginx.com ), 'configure chroot empty relative' 72*1902Szelenkov@nginx.com 73*1902Szelenkov@nginx.com assert ( 74*1902Szelenkov@nginx.com self.get(url=self.test_path)['status'] == 200 75*1902Szelenkov@nginx.com ), 'chroot empty relative' 76*1902Szelenkov@nginx.com 77*1902Szelenkov@nginx.com def test_static_chroot_relative(self, is_su, temp_dir): 78*1902Szelenkov@nginx.com if is_su: 79*1902Szelenkov@nginx.com pytest.skip('does\'t work under root') 80*1902Szelenkov@nginx.com 81*1902Szelenkov@nginx.com assert 'success' in self.conf( 82*1902Szelenkov@nginx.com {"share": temp_dir + "/assets", "chroot": "."}, 'routes/0/action', 83*1902Szelenkov@nginx.com ), 'configure relative chroot' 84*1902Szelenkov@nginx.com 85*1902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 403, 'relative chroot' 86*1902Szelenkov@nginx.com 87*1902Szelenkov@nginx.com assert 'success' in self.conf( 88*1902Szelenkov@nginx.com {"share": "."}, 'routes/0/action', 89*1902Szelenkov@nginx.com ), 'configure relative share' 90*1902Szelenkov@nginx.com 91*1902Szelenkov@nginx.com assert self.get(url=self.test_path)['status'] == 200, 'relative share' 92*1902Szelenkov@nginx.com 93*1902Szelenkov@nginx.com assert 'success' in self.conf( 94*1902Szelenkov@nginx.com {"share": ".", "chroot": "."}, 'routes/0/action', 95*1902Szelenkov@nginx.com ), 'configure relative' 96*1902Szelenkov@nginx.com 97*1902Szelenkov@nginx.com assert self.get(url=self.test_path)['status'] == 200, 'relative' 98*1902Szelenkov@nginx.com 99*1902Szelenkov@nginx.com def test_static_chroot_invalid(self, temp_dir): 100*1902Szelenkov@nginx.com assert 'error' in self.conf( 101*1902Szelenkov@nginx.com {"share": temp_dir, "chroot": True}, 'routes/0/action', 102*1902Szelenkov@nginx.com ), 'configure chroot error' 103*1902Szelenkov@nginx.com assert 'error' in self.conf( 104*1902Szelenkov@nginx.com {"share": temp_dir, "symlinks": "True"}, 'routes/0/action', 105*1902Szelenkov@nginx.com ), 'configure symlink error' 106*1902Szelenkov@nginx.com assert 'error' in self.conf( 107*1902Szelenkov@nginx.com {"share": temp_dir, "mount": "True"}, 'routes/0/action', 108*1902Szelenkov@nginx.com ), 'configure mount error' 109