xref: /unit/test/test_static_symlink.py (revision 1971:3410f9d2a662)
11902Szelenkov@nginx.comimport os
21902Szelenkov@nginx.comfrom pathlib import Path
31902Szelenkov@nginx.com
41902Szelenkov@nginx.comimport pytest
51902Szelenkov@nginx.comfrom unit.applications.proto import TestApplicationProto
61902Szelenkov@nginx.com
71902Szelenkov@nginx.com
81902Szelenkov@nginx.comclass TestStaticSymlink(TestApplicationProto):
91902Szelenkov@nginx.com    prerequisites = {'features': ['chroot']}
101902Szelenkov@nginx.com
111902Szelenkov@nginx.com    @pytest.fixture(autouse=True)
121902Szelenkov@nginx.com    def setup_method_fixture(self, temp_dir):
131902Szelenkov@nginx.com        os.makedirs(temp_dir + '/assets/dir/dir')
141902Szelenkov@nginx.com        Path(temp_dir + '/assets/index.html').write_text('0123456789')
151902Szelenkov@nginx.com        Path(temp_dir + '/assets/dir/file').write_text('blah')
161902Szelenkov@nginx.com
171902Szelenkov@nginx.com        self._load_conf(
181902Szelenkov@nginx.com            {
191902Szelenkov@nginx.com                "listeners": {"*:7080": {"pass": "routes"}},
20*1960Sz.hong@f5.com                "routes": [{"action": {"share": temp_dir + "/assets$uri"}}],
211902Szelenkov@nginx.com            }
221902Szelenkov@nginx.com        )
231902Szelenkov@nginx.com
241902Szelenkov@nginx.com    def test_static_symlink(self, temp_dir, skip_alert):
251902Szelenkov@nginx.com        skip_alert(r'opening.*failed')
261902Szelenkov@nginx.com
271902Szelenkov@nginx.com        os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link')
281902Szelenkov@nginx.com
291902Szelenkov@nginx.com        assert self.get(url='/dir')['status'] == 301, 'dir'
301902Szelenkov@nginx.com        assert self.get(url='/dir/file')['status'] == 200, 'file'
311902Szelenkov@nginx.com        assert self.get(url='/link')['status'] == 301, 'symlink dir'
321902Szelenkov@nginx.com        assert self.get(url='/link/file')['status'] == 200, 'symlink file'
331902Szelenkov@nginx.com
341902Szelenkov@nginx.com        assert 'success' in self.conf(
35*1960Sz.hong@f5.com            {"share": temp_dir + "/assets$uri", "follow_symlinks": False},
361902Szelenkov@nginx.com            'routes/0/action',
371902Szelenkov@nginx.com        ), 'configure symlink disable'
381902Szelenkov@nginx.com
391902Szelenkov@nginx.com        assert self.get(url='/link/file')['status'] == 403, 'symlink disabled'
401902Szelenkov@nginx.com
411902Szelenkov@nginx.com        assert 'success' in self.conf(
42*1960Sz.hong@f5.com            {"share": temp_dir + "/assets$uri", "follow_symlinks": True},
431902Szelenkov@nginx.com            'routes/0/action',
441902Szelenkov@nginx.com        ), 'configure symlink enable'
451902Szelenkov@nginx.com
461902Szelenkov@nginx.com        assert self.get(url='/link/file')['status'] == 200, 'symlink enabled'
471902Szelenkov@nginx.com
481902Szelenkov@nginx.com    def test_static_symlink_two_blocks(self, temp_dir, skip_alert):
491902Szelenkov@nginx.com        skip_alert(r'opening.*failed')
501902Szelenkov@nginx.com
511902Szelenkov@nginx.com        os.symlink(temp_dir + '/assets/dir', temp_dir + '/assets/link')
521902Szelenkov@nginx.com
531902Szelenkov@nginx.com        assert 'success' in self.conf(
541902Szelenkov@nginx.com            [
551902Szelenkov@nginx.com                {
561902Szelenkov@nginx.com                    "match": {"method": "HEAD"},
571902Szelenkov@nginx.com                    "action": {
58*1960Sz.hong@f5.com                        "share": temp_dir + "/assets$uri",
591902Szelenkov@nginx.com                        "follow_symlinks": False,
601902Szelenkov@nginx.com                    },
611902Szelenkov@nginx.com                },
621902Szelenkov@nginx.com                {
631902Szelenkov@nginx.com                    "match": {"method": "GET"},
641902Szelenkov@nginx.com                    "action": {
65*1960Sz.hong@f5.com                        "share": temp_dir + "/assets$uri",
661902Szelenkov@nginx.com                        "follow_symlinks": True,
671902Szelenkov@nginx.com                    },
681902Szelenkov@nginx.com                },
691902Szelenkov@nginx.com            ],
701902Szelenkov@nginx.com            'routes',
711902Szelenkov@nginx.com        ), 'configure two options'
721902Szelenkov@nginx.com
731902Szelenkov@nginx.com        assert self.get(url='/link/file')['status'] == 200, 'block enabled'
741902Szelenkov@nginx.com        assert self.head(url='/link/file')['status'] == 403, 'block disabled'
751902Szelenkov@nginx.com
761902Szelenkov@nginx.com    def test_static_symlink_chroot(self, temp_dir, skip_alert):
771902Szelenkov@nginx.com        skip_alert(r'opening.*failed')
781902Szelenkov@nginx.com
791902Szelenkov@nginx.com        os.symlink(
801902Szelenkov@nginx.com            temp_dir + '/assets/dir/file', temp_dir + '/assets/dir/dir/link'
811902Szelenkov@nginx.com        )
821902Szelenkov@nginx.com
831902Szelenkov@nginx.com        assert self.get(url='/dir/dir/link')['status'] == 200, 'default chroot'
841902Szelenkov@nginx.com
851902Szelenkov@nginx.com        assert 'success' in self.conf(
861902Szelenkov@nginx.com            {
87*1960Sz.hong@f5.com                "share": temp_dir + "/assets$uri",
881902Szelenkov@nginx.com                "chroot": temp_dir + "/assets/dir/dir",
891902Szelenkov@nginx.com            },
901902Szelenkov@nginx.com            'routes/0/action',
911902Szelenkov@nginx.com        ), 'configure chroot'
921902Szelenkov@nginx.com
931902Szelenkov@nginx.com        assert self.get(url='/dir/dir/link')['status'] == 404, 'chroot'
94