1import os 2from pathlib import Path 3 4import pytest 5 6from unit.applications.proto import ApplicationProto 7from unit.option import option 8 9prerequisites = {'features': {'chroot': True}} 10 11client = ApplicationProto() 12test_path = f'/{os.path.relpath(Path(__file__))}' 13 14 15@pytest.fixture(autouse=True) 16def setup_method_fixture(temp_dir): 17 Path(f'{temp_dir}/assets/dir').mkdir(parents=True) 18 Path(f'{temp_dir}/assets/index.html').write_text( 19 '0123456789', encoding='utf-8' 20 ) 21 Path(f'{temp_dir}/assets/dir/file').write_text('blah', encoding='utf-8') 22 23 assert 'success' in client.conf( 24 { 25 "listeners": {"*:8080": {"pass": "routes"}}, 26 "routes": [{"action": {"share": f'{temp_dir}/assets$uri'}}], 27 } 28 ) 29 30 31def update_action(chroot, share=f'{option.temp_dir}/assets$uri'): 32 return client.conf( 33 {'chroot': chroot, 'share': share}, 34 'routes/0/action', 35 ) 36 37 38def get_custom(uri, host): 39 return client.get(url=uri, headers={'Host': host, 'Connection': 'close'})[ 40 'status' 41 ] 42 43 44def test_static_chroot(temp_dir): 45 assert client.get(url='/dir/file')['status'] == 200, 'default chroot' 46 assert client.get(url='/index.html')['status'] == 200, 'default chroot 2' 47 48 assert 'success' in update_action(f'{temp_dir}/assets/dir') 49 50 assert client.get(url='/dir/file')['status'] == 200, 'chroot' 51 assert client.get(url='/index.html')['status'] == 403, 'chroot 403 2' 52 assert client.get(url='/file')['status'] == 403, 'chroot 403' 53 54 55def test_share_chroot_array(temp_dir): 56 assert 'success' in update_action( 57 f'{temp_dir}/assets/dir', ["/blah", f'{temp_dir}/assets$uri'] 58 ) 59 assert client.get(url='/dir/file')['status'] == 200, 'share array' 60 61 assert 'success' in update_action( 62 f'{temp_dir}/assets/$host', 63 ['/blah', f'{temp_dir}/assets$uri'], 64 ) 65 assert get_custom('/dir/file', 'dir') == 200, 'array variable' 66 67 assert 'success' in update_action( 68 f'{temp_dir}/assets/dir', ['/blah', '/blah2'] 69 ) 70 assert client.get()['status'] != 200, 'share array bad' 71 72 73def test_static_chroot_permission(require, temp_dir): 74 require({'privileged_user': False}) 75 76 os.chmod(f'{temp_dir}/assets/dir', 0o100) 77 78 assert 'success' in update_action( 79 f'{temp_dir}/assets/dir' 80 ), 'configure chroot' 81 82 assert client.get(url='/dir/file')['status'] == 200, 'chroot' 83 84 85def test_static_chroot_empty(): 86 assert 'success' in update_action('') 87 assert client.get(url='/dir/file')['status'] == 200, 'empty absolute' 88 89 assert 'success' in update_action("", ".$uri") 90 assert client.get(url=test_path)['status'] == 200, 'empty relative' 91 92 93def test_static_chroot_relative(require): 94 require({'privileged_user': False}) 95 96 assert 'success' in update_action('.') 97 assert client.get(url='/dir/file')['status'] == 403, 'relative chroot' 98 99 assert 'success' in client.conf({"share": ".$uri"}, 'routes/0/action') 100 assert client.get(url=test_path)['status'] == 200, 'relative share' 101 102 assert 'success' in update_action(".", ".$uri") 103 assert client.get(url=test_path)['status'] == 200, 'relative' 104 105 106def test_static_chroot_variables(temp_dir): 107 assert 'success' in update_action(f'{temp_dir}/assets/$host') 108 assert get_custom('/dir/file', 'dir') == 200 109 110 assert 'success' in update_action(f'{temp_dir}/assets/${{host}}') 111 assert get_custom('/dir/file', 'dir') == 200 112 113 114def test_static_chroot_variables_buildin_start(temp_dir): 115 assert 'success' in update_action( 116 '$uri/assets/dir', 117 f'{temp_dir}/assets/dir/$host', 118 ) 119 assert get_custom(temp_dir, 'file') == 200 120 121 122def test_static_chroot_variables_buildin_mid(temp_dir): 123 assert 'success' in update_action(f'{temp_dir}/$host/dir') 124 assert get_custom('/dir/file', 'assets') == 200 125 126 127def test_static_chroot_variables_buildin_end(temp_dir): 128 assert 'success' in update_action(f'{temp_dir}/assets/$host') 129 assert get_custom('/dir/file', 'dir') == 200 130 131 132def test_static_chroot_slash(temp_dir): 133 assert 'success' in update_action(f'{temp_dir}/assets/dir/') 134 assert client.get(url='/dir/file')['status'] == 200, 'slash end' 135 assert client.get(url='/dirxfile')['status'] == 403, 'slash end bad' 136 137 assert 'success' in update_action(f'{temp_dir}/assets/dir') 138 assert client.get(url='/dir/file')['status'] == 200, 'no slash end' 139 140 assert 'success' in update_action(f'{temp_dir}/assets/dir/') 141 assert client.get(url='/dir/file')['status'] == 200, 'slash end 2' 142 assert client.get(url='/dirxfile')['status'] == 403, 'slash end 2 bad' 143 144 assert 'success' in update_action( 145 f'{temp_dir}//assets////dir///', f'{temp_dir}///assets/////$uri' 146 ) 147 assert client.get(url='/dir/file')['status'] == 200, 'multiple slashes' 148 149 150def test_static_chroot_invalid(temp_dir): 151 assert 'error' in client.conf( 152 {"share": temp_dir, "chroot": True}, 153 'routes/0/action', 154 ), 'configure chroot error' 155 assert 'error' in client.conf( 156 {"share": temp_dir, "symlinks": "True"}, 157 'routes/0/action', 158 ), 'configure symlink error' 159 assert 'error' in client.conf( 160 {"share": temp_dir, "mount": "True"}, 161 'routes/0/action', 162 ), 'configure mount error' 163 164 assert 'error' in update_action(f'{temp_dir}/assets/d$r$uri') 165 assert 'error' in update_action(f'{temp_dir}/assets/$$uri') 166