[pve-devel] applied: [PATCH access-control] tests: api: add tests for expected output of get permissions endpoint
Thomas Lamprecht
t.lamprecht at proxmox.com
Sun Nov 10 20:09:50 CET 2024
Am 06.11.24 um 15:48 schrieb Daniel Kral:
> Adds test cases for the GET permissions API endpoint to ensure that:
>
> - users with the Sys.Audit perm can access any user's permissions
> - users with the Sys.Audit perm can access any token's permissions
> - users without the Sys.Audit perm can access their own permissions
> - users without the Sys.Audit perm can access their token's permissions
> - tokens with the Sys.Audit perm can access any user's permissions
> - tokens without the Sys.Audit perm can access their own permissions
>
> These tests also separate whether a token has the privilege-separated
> property or not.
>
> Signed-off-by: Daniel Kral <d.kral at proxmox.com>
> ---
> This is related to the following patch series and should be only applied
> after it:
>
> https://lore.proxmox.com/pve-devel/20241105083039.150454-1-f.gruenbichler@proxmox.com/
>
> Without the patch series above applied, test cases 2-4, 8, 13, 29 should
> fail, as these were not considered before.
A code review that results not only checking the changes but in a patch adding a
test harness? Impressive stuff that I gladly take, nice work!
>
> src/test/Makefile | 1 +
> src/test/api-get-permissions-test.cfg | 17 ++
> src/test/api-get-permissions-test.pl | 325 ++++++++++++++++++++++++++
> src/test/api-tests.pl | 12 +
> 4 files changed, 355 insertions(+)
> create mode 100644 src/test/api-get-permissions-test.cfg
> create mode 100644 src/test/api-get-permissions-test.pl
> create mode 100755 src/test/api-tests.pl
>
>
applied, thanks!
More information about the pve-devel
mailing list