tests: add tests for high uids

parent 2cb40c4d
......@@ -5,3 +5,4 @@ john:x:500:
jane:x:501:
sally:x:502:
henry:x:503:
highuid2:x:4000000000:
......@@ -3,3 +3,5 @@ john:x:500:500:John Done:/home/john:/bin/bash
jane:x:501:501:Jane Smith:/home/jane:/bin/bash
sally:x:502:502:Sally Derp:/home/sally:/bin/bash
henry:x:503:503:Henry Herp:/home/henry:/bin/bash
highuid1:x:2147483648:2147483648:The first high uid:/home/highuid1:/sbin/nologin
highuid2:x:4000000000:4000000000:An example high uid:/home/example:/sbin/nologin
......@@ -53,6 +53,27 @@ polkit.addRule(function(action, subject) {
}
});
polkit.addRule(function(action, subject) {
if (action.id == "net.company.john_action") {
if (subject.user == "john") {
return polkit.Result.YES;
} else {
return polkit.Result.NO;
}
}
});
polkit.addRule(function(action, subject) {
if (action.id == "net.company.highuid2_action") {
if (subject.user == "highuid2") {
return polkit.Result.YES;
} else {
return polkit.Result.NO;
}
}
});
// ---------------------------------------------------------------------
// variables
......
......@@ -330,6 +330,78 @@ static const RulesTestCase rules_test_cases[] = {
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
{
/* highuid1 is not a member of group 'users', see test/data/etc/group */
"group_membership_with_non_member(highuid22)",
"net.company.group.only_group_users",
"unix-user:highuid2",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
{
/* highuid2 is not a member of group 'users', see test/data/etc/group */
"group_membership_with_non_member(highuid21)",
"net.company.group.only_group_users",
"unix-user:highuid2",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
{
/* highuid1 is not a member of group 'users', see test/data/etc/group */
"group_membership_with_non_member(highuid24)",
"net.company.group.only_group_users",
"unix-user:2147483648",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
{
/* highuid2 is not a member of group 'users', see test/data/etc/group */
"group_membership_with_non_member(highuid23)",
"net.company.group.only_group_users",
"unix-user:4000000000",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
{
/* john is authorized to do this, see 10-testing.rules */
"john_action",
"net.company.john_action",
"unix-user:john",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
{
/* only john is authorized to do this, see 10-testing.rules */
"jane_action",
"net.company.john_action",
"unix-user:jane",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
{
/* highuid2 is authorized to do this, see 10-testing.rules */
"highuid2_action",
"net.company.highuid2_action",
"unix-user:highuid2",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_AUTHORIZED,
},
{
/* only highuid2 is authorized to do this, see 10-testing.rules */
"highuid1_action",
"net.company.highuid2_action",
"unix-user:highuid1",
NULL,
POLKIT_IMPLICIT_AUTHORIZATION_NOT_AUTHORIZED,
},
};
/* ---------------------------------------------------------------------------------------------------- */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment