1*1902Szelenkov@nginx.comimport os 2*1902Szelenkov@nginx.comfrom pathlib import Path 3*1902Szelenkov@nginx.com 4*1902Szelenkov@nginx.comimport pytest 5*1902Szelenkov@nginx.com 6*1902Szelenkov@nginx.comfrom unit.applications.proto import TestApplicationProto 7*1902Szelenkov@nginx.com 8*1902Szelenkov@nginx.com 9*1902Szelenkov@nginx.comclass TestStaticSymlink(TestApplicationProto): 10*1902Szelenkov@nginx.com prerequisites = {'features': ['chroot']} 11*1902Szelenkov@nginx.com 12*1902Szelenkov@nginx.com @pytest.fixture(autouse=True) 13*1902Szelenkov@nginx.com def setup_method_fixture(self, temp_dir): 14*1902Szelenkov@nginx.com os.makedirs(temp_dir + '/assets/dir/dir') 15*1902Szelenkov@nginx.com Path(temp_dir + '/assets/index.html').write_text('0123456789') 16*1902Szelenkov@nginx.com Path(temp_dir + '/assets/dir/file').write_text('blah') 17*1902Szelenkov@nginx.com 18*1902Szelenkov@nginx.com self._load_conf( 19*1902Szelenkov@nginx.com { 20*1902Szelenkov@nginx.com "listeners": {"*:7080": {"pass": "routes"}}, 21*1902Szelenkov@nginx.com "routes": [{"action": {"share": temp_dir + "/assets"}}], 22*1902Szelenkov@nginx.com } 23*1902Szelenkov@nginx.com ) 24*1902Szelenkov@nginx.com 25*1902Szelenkov@nginx.com def test_static_symlink(self, temp_dir, skip_alert): 26*1902Szelenkov@nginx.com skip_alert(r'opening.*failed') 27*1902Szelenkov@nginx.com 28*1902Szelenkov@nginx.com os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link') 29*1902Szelenkov@nginx.com 30*1902Szelenkov@nginx.com assert self.get(url='/dir')['status'] == 301, 'dir' 31*1902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 200, 'file' 32*1902Szelenkov@nginx.com assert self.get(url='/link')['status'] == 301, 'symlink dir' 33*1902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'symlink file' 34*1902Szelenkov@nginx.com 35*1902Szelenkov@nginx.com assert 'success' in self.conf( 36*1902Szelenkov@nginx.com {"share": temp_dir + "/assets", "follow_symlinks": False}, 37*1902Szelenkov@nginx.com 'routes/0/action', 38*1902Szelenkov@nginx.com ), 'configure symlink disable' 39*1902Szelenkov@nginx.com 40*1902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 403, 'symlink disabled' 41*1902Szelenkov@nginx.com 42*1902Szelenkov@nginx.com assert 'success' in self.conf( 43*1902Szelenkov@nginx.com {"share": temp_dir + "/assets", "follow_symlinks": True}, 44*1902Szelenkov@nginx.com 'routes/0/action', 45*1902Szelenkov@nginx.com ), 'configure symlink enable' 46*1902Szelenkov@nginx.com 47*1902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'symlink enabled' 48*1902Szelenkov@nginx.com 49*1902Szelenkov@nginx.com def test_static_symlink_two_blocks(self, temp_dir, skip_alert): 50*1902Szelenkov@nginx.com skip_alert(r'opening.*failed') 51*1902Szelenkov@nginx.com 52*1902Szelenkov@nginx.com os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link') 53*1902Szelenkov@nginx.com 54*1902Szelenkov@nginx.com assert 'success' in self.conf( 55*1902Szelenkov@nginx.com [ 56*1902Szelenkov@nginx.com { 57*1902Szelenkov@nginx.com "match": {"method": "HEAD"}, 58*1902Szelenkov@nginx.com "action": { 59*1902Szelenkov@nginx.com "share": temp_dir + "/assets", 60*1902Szelenkov@nginx.com "follow_symlinks": False, 61*1902Szelenkov@nginx.com }, 62*1902Szelenkov@nginx.com }, 63*1902Szelenkov@nginx.com { 64*1902Szelenkov@nginx.com "match": {"method": "GET"}, 65*1902Szelenkov@nginx.com "action": { 66*1902Szelenkov@nginx.com "share": temp_dir + "/assets", 67*1902Szelenkov@nginx.com "follow_symlinks": True, 68*1902Szelenkov@nginx.com }, 69*1902Szelenkov@nginx.com }, 70*1902Szelenkov@nginx.com ], 71*1902Szelenkov@nginx.com 'routes', 72*1902Szelenkov@nginx.com ), 'configure two options' 73*1902Szelenkov@nginx.com 74*1902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'block enabled' 75*1902Szelenkov@nginx.com assert self.head(url='/link/file')['status'] == 403, 'block disabled' 76*1902Szelenkov@nginx.com 77*1902Szelenkov@nginx.com def test_static_symlink_chroot(self, temp_dir, skip_alert): 78*1902Szelenkov@nginx.com skip_alert(r'opening.*failed') 79*1902Szelenkov@nginx.com 80*1902Szelenkov@nginx.com os.symlink( 81*1902Szelenkov@nginx.com temp_dir + '/assets/dir/file', temp_dir + '/assets/dir/dir/link' 82*1902Szelenkov@nginx.com ) 83*1902Szelenkov@nginx.com 84*1902Szelenkov@nginx.com assert self.get(url='/dir/dir/link')['status'] == 200, 'default chroot' 85*1902Szelenkov@nginx.com 86*1902Szelenkov@nginx.com assert 'success' in self.conf( 87*1902Szelenkov@nginx.com { 88*1902Szelenkov@nginx.com "share": temp_dir + "/assets", 89*1902Szelenkov@nginx.com "chroot": temp_dir + "/assets/dir/dir", 90*1902Szelenkov@nginx.com }, 91*1902Szelenkov@nginx.com 'routes/0/action', 92*1902Szelenkov@nginx.com ), 'configure chroot' 93*1902Szelenkov@nginx.com 94*1902Szelenkov@nginx.com assert self.get(url='/dir/dir/link')['status'] == 404, 'chroot' 95