11902Szelenkov@nginx.comimport os 21902Szelenkov@nginx.comfrom pathlib import Path 31902Szelenkov@nginx.com 41902Szelenkov@nginx.comimport pytest 51902Szelenkov@nginx.comfrom unit.applications.proto import TestApplicationProto 61902Szelenkov@nginx.com 71902Szelenkov@nginx.com 81902Szelenkov@nginx.comclass TestStaticSymlink(TestApplicationProto): 91902Szelenkov@nginx.com prerequisites = {'features': ['chroot']} 101902Szelenkov@nginx.com 111902Szelenkov@nginx.com @pytest.fixture(autouse=True) 121902Szelenkov@nginx.com def setup_method_fixture(self, temp_dir): 131902Szelenkov@nginx.com os.makedirs(temp_dir + '/assets/dir/dir') 141902Szelenkov@nginx.com Path(temp_dir + '/assets/index.html').write_text('0123456789') 151902Szelenkov@nginx.com Path(temp_dir + '/assets/dir/file').write_text('blah') 161902Szelenkov@nginx.com 171902Szelenkov@nginx.com self._load_conf( 181902Szelenkov@nginx.com { 191902Szelenkov@nginx.com "listeners": {"*:7080": {"pass": "routes"}}, 20*1960Sz.hong@f5.com "routes": [{"action": {"share": temp_dir + "/assets$uri"}}], 211902Szelenkov@nginx.com } 221902Szelenkov@nginx.com ) 231902Szelenkov@nginx.com 241902Szelenkov@nginx.com def test_static_symlink(self, temp_dir, skip_alert): 251902Szelenkov@nginx.com skip_alert(r'opening.*failed') 261902Szelenkov@nginx.com 271902Szelenkov@nginx.com os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link') 281902Szelenkov@nginx.com 291902Szelenkov@nginx.com assert self.get(url='/dir')['status'] == 301, 'dir' 301902Szelenkov@nginx.com assert self.get(url='/dir/file')['status'] == 200, 'file' 311902Szelenkov@nginx.com assert self.get(url='/link')['status'] == 301, 'symlink dir' 321902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'symlink file' 331902Szelenkov@nginx.com 341902Szelenkov@nginx.com assert 'success' in self.conf( 35*1960Sz.hong@f5.com {"share": temp_dir + "/assets$uri", "follow_symlinks": False}, 361902Szelenkov@nginx.com 'routes/0/action', 371902Szelenkov@nginx.com ), 'configure symlink disable' 381902Szelenkov@nginx.com 391902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 403, 'symlink disabled' 401902Szelenkov@nginx.com 411902Szelenkov@nginx.com assert 'success' in self.conf( 42*1960Sz.hong@f5.com {"share": temp_dir + "/assets$uri", "follow_symlinks": True}, 431902Szelenkov@nginx.com 'routes/0/action', 441902Szelenkov@nginx.com ), 'configure symlink enable' 451902Szelenkov@nginx.com 461902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'symlink enabled' 471902Szelenkov@nginx.com 481902Szelenkov@nginx.com def test_static_symlink_two_blocks(self, temp_dir, skip_alert): 491902Szelenkov@nginx.com skip_alert(r'opening.*failed') 501902Szelenkov@nginx.com 511902Szelenkov@nginx.com os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link') 521902Szelenkov@nginx.com 531902Szelenkov@nginx.com assert 'success' in self.conf( 541902Szelenkov@nginx.com [ 551902Szelenkov@nginx.com { 561902Szelenkov@nginx.com "match": {"method": "HEAD"}, 571902Szelenkov@nginx.com "action": { 58*1960Sz.hong@f5.com "share": temp_dir + "/assets$uri", 591902Szelenkov@nginx.com "follow_symlinks": False, 601902Szelenkov@nginx.com }, 611902Szelenkov@nginx.com }, 621902Szelenkov@nginx.com { 631902Szelenkov@nginx.com "match": {"method": "GET"}, 641902Szelenkov@nginx.com "action": { 65*1960Sz.hong@f5.com "share": temp_dir + "/assets$uri", 661902Szelenkov@nginx.com "follow_symlinks": True, 671902Szelenkov@nginx.com }, 681902Szelenkov@nginx.com }, 691902Szelenkov@nginx.com ], 701902Szelenkov@nginx.com 'routes', 711902Szelenkov@nginx.com ), 'configure two options' 721902Szelenkov@nginx.com 731902Szelenkov@nginx.com assert self.get(url='/link/file')['status'] == 200, 'block enabled' 741902Szelenkov@nginx.com assert self.head(url='/link/file')['status'] == 403, 'block disabled' 751902Szelenkov@nginx.com 761902Szelenkov@nginx.com def test_static_symlink_chroot(self, temp_dir, skip_alert): 771902Szelenkov@nginx.com skip_alert(r'opening.*failed') 781902Szelenkov@nginx.com 791902Szelenkov@nginx.com os.symlink( 801902Szelenkov@nginx.com temp_dir + '/assets/dir/file', temp_dir + '/assets/dir/dir/link' 811902Szelenkov@nginx.com ) 821902Szelenkov@nginx.com 831902Szelenkov@nginx.com assert self.get(url='/dir/dir/link')['status'] == 200, 'default chroot' 841902Szelenkov@nginx.com 851902Szelenkov@nginx.com assert 'success' in self.conf( 861902Szelenkov@nginx.com { 87*1960Sz.hong@f5.com "share": temp_dir + "/assets$uri", 881902Szelenkov@nginx.com "chroot": temp_dir + "/assets/dir/dir", 891902Szelenkov@nginx.com }, 901902Szelenkov@nginx.com 'routes/0/action', 911902Szelenkov@nginx.com ), 'configure chroot' 921902Szelenkov@nginx.com 931902Szelenkov@nginx.com assert self.get(url='/dir/dir/link')['status'] == 404, 'chroot' 94