diff options
| author | Johannes Löthberg <johannes@kyriasis.com> | 2018-01-21 17:51:02 +0100 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@archlinux.org> | 2018-01-21 18:09:10 +0100 |
| commit | e5b43760c275130623ff4fda5a96f628cf17156e (patch) | |
| tree | d0416f24e591d39315366311775467ff1c9ab875 /test | |
| parent | ac29097ce8585b99ebe7c5d9570b0567236d45f3 (diff) | |
| download | aur-e5b43760c275130623ff4fda5a96f628cf17156e.tar.gz aur-e5b43760c275130623ff4fda5a96f628cf17156e.tar.xz | |
Move AUR_OVERWRITE privilege check from git/auth to git/update
git/auth is run as an AutherizedKeysCommand which does not get the
environment variables passed to it, so AUR_OVERWRITE always got
hard-set to '0' by it. Instead we need to perform the actual privilege
check in git/update instead.
Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
Diffstat (limited to 'test')
| -rwxr-xr-x | test/t1100-git-auth.sh | 17 | ||||
| -rwxr-xr-x | test/t1300-git-update.sh | 14 |
2 files changed, 13 insertions, 18 deletions
diff --git a/test/t1100-git-auth.sh b/test/t1100-git-auth.sh index dd20bea1..71d526f2 100755 --- a/test/t1100-git-auth.sh +++ b/test/t1100-git-auth.sh @@ -25,21 +25,4 @@ test_expect_success 'Test authentication with a wrong key.' ' test_must_be_empty out ' -test_expect_success 'Test AUR_OVERWRITE passthrough.' ' - AUR_OVERWRITE=1 \ - "$GIT_AUTH" "$AUTH_KEYTYPE_TU" "$AUTH_KEYTEXT_TU" >out && - grep -q AUR_OVERWRITE=1 out -' - -test_expect_success 'Make sure that AUR_OVERWRITE is unset by default.' ' - "$GIT_AUTH" "$AUTH_KEYTYPE_TU" "$AUTH_KEYTEXT_TU" >out && - grep -q AUR_OVERWRITE=0 out -' - -test_expect_success 'Make sure regular users cannot set AUR_OVERWRITE.' ' - AUR_OVERWRITE=1 \ - "$GIT_AUTH" "$AUTH_KEYTYPE_USER" "$AUTH_KEYTEXT_USER" >out && - grep -q AUR_OVERWRITE=0 out -' - test_done diff --git a/test/t1300-git-update.sh b/test/t1300-git-update.sh index b9c4f53a..06d14984 100755 --- a/test/t1300-git-update.sh +++ b/test/t1300-git-update.sh @@ -137,7 +137,19 @@ test_expect_success 'Performing a non-fast-forward ref update as Trusted User.' test_cmp expected actual ' -test_expect_success 'Performing a non-fast-forward ref update with AUR_OVERWRITE=1.' ' +test_expect_success 'Performing a non-fast-forward ref update as normal user with AUR_OVERWRITE=1.' ' + old=$(git -C aur.git rev-parse HEAD) && + new=$(git -C aur.git rev-parse HEAD^) && + cat >expected <<-EOD && + error: denying non-fast-forward (you should pull first) + EOD + test_must_fail \ + env AUR_USER=user AUR_PKGBASE=foobar AUR_PRIVILEGED=0 AUR_OVERWRITE=1 \ + "$GIT_UPDATE" refs/heads/master "$old" "$new" 2>&1 && + test_cmp expected actual +' + +test_expect_success 'Performing a non-fast-forward ref update as Trusted User with AUR_OVERWRITE=1.' ' old=$(git -C aur.git rev-parse HEAD) && new=$(git -C aur.git rev-parse HEAD^) && AUR_USER=tu AUR_PKGBASE=foobar AUR_PRIVILEGED=1 AUR_OVERWRITE=1 \ |