Proxmox/proxmox-backup
5
0
Fork 0
mirror of git://git.proxmox.com/git/proxmox-backup.git synced 2024-12-23 17:34:35 +03:00
Code Releases Activity

cargo fmt

Browse Source 
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2022-10-10 09:54:18 +02:00
parent f097eaa80f
commit 237beaed93
5 changed files with 92 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pbs-client/src/http_client.rs
View File

@ -23,8 +23,8 @@ use proxmox_sys::linux::tty;
use proxmox_async::broadcast_future::BroadcastFuture;
use proxmox_http::client::{HttpsConnector, RateLimiter};
use proxmox_http::ProxyConfig;
use proxmox_http::uri::{build_authority, json_object_to_query};
use proxmox_http::ProxyConfig;
use pbs_api_types::percent_encoding::DEFAULT_ENCODE_SET;
use pbs_api_types::{Authid, RateLimitConfig, Userid};

140
src/api2/config/sync.rs
View File

@ -511,44 +511,40 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator
};
// should work without ACLs
assert!(
check_sync_job_read_access(&user_info, root_auth_id, &job)
);
assert!(
check_sync_job_modify_access(&user_info, root_auth_id, &job)
);
assert!(check_sync_job_read_access(&user_info, root_auth_id, &job));
assert!(check_sync_job_modify_access(&user_info, root_auth_id, &job));
// user without permissions must fail
assert!(
!check_sync_job_read_access(&user_info, &no_perm_auth_id, &job)
);
assert!(
!check_sync_job_modify_access(&user_info, &no_perm_auth_id, &job)
);
assert!(!check_sync_job_read_access(
&user_info,
&no_perm_auth_id,
&job
));
assert!(!check_sync_job_modify_access(
&user_info,
&no_perm_auth_id,
&job
));
// reading without proper read permissions on either remote or local must fail
assert!(
!check_sync_job_read_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job));
// reading without proper read permissions on local end must fail
job.remote = "remote1".to_string();
assert!(
!check_sync_job_read_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job));
// reading without proper read permissions on remote end must fail
job.remote = "remote0".to_string();
job.store = "localstore1".to_string();
assert!(
!check_sync_job_read_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job));
// writing without proper write permissions on either end must fail
job.store = "localstore0".to_string();
assert!(
!check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// writing without proper write permissions on local end must fail
job.remote = "remote1".to_string();
@ -556,72 +552,90 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator
// writing without proper write permissions on remote end must fail
job.remote = "remote0".to_string();
job.store = "localstore1".to_string();
assert!(
!check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// reset remote to one where users have access
job.remote = "remote1".to_string();
// user with read permission can only read, but not modify/run
assert!(
check_sync_job_read_access(&user_info, &read_auth_id, &job)
);
assert!(check_sync_job_read_access(&user_info, &read_auth_id, &job));
job.owner = Some(read_auth_id.clone());
assert!(
!check_sync_job_modify_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&read_auth_id,
&job
));
job.owner = None;
assert!(
!check_sync_job_modify_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&read_auth_id,
&job
));
job.owner = Some(write_auth_id.clone());
assert!(
!check_sync_job_modify_access(&user_info, &read_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&read_auth_id,
&job
));
// user with simple write permission can modify/run
assert!(
check_sync_job_read_access(&user_info, &write_auth_id, &job)
);
assert!(
check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(check_sync_job_read_access(&user_info, &write_auth_id, &job));
assert!(check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// but can't modify/run with deletion
job.remove_vanished = Some(true);
assert!(
!check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// unless they have Datastore.Prune as well
job.store = "localstore2".to_string();
assert!(
check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// changing owner is not possible
job.owner = Some(read_auth_id.clone());
assert!(
!check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// also not to the default 'root@pam'
job.owner = None;
assert!(
!check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(!check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
// unless they have Datastore.Modify as well
job.store = "localstore3".to_string();
job.owner = Some(read_auth_id);
assert!(
check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
job.owner = None;
assert!(
check_sync_job_modify_access(&user_info, &write_auth_id, &job)
);
assert!(check_sync_job_modify_access(
&user_info,
&write_auth_id,
&job
));
Ok(())
}

2
src/bin/proxmox-daily-update.rs
View File

@ -38,7 +38,7 @@ async fn do_update(rpcenv: &mut dyn RpcEnvironment) -> Result<(), Error> {
Err(err) => {
log::error!("Error reading subscription - {}", err);
false
},
}
};
let param = json!({

40
src/tape/test/compute_media_state.rs
View File

@ -118,37 +118,17 @@ fn test_media_expire_time() -> Result<(), Error> {
&MediaStatus::Writable
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 0)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 60)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 120)
);
assert!(
pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 180)
);
assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 0));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 60));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 120));
assert!(pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 180));
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 0)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 60)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 120)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 180)
);
assert!(
!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 190)
);
assert!(
pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 240)
);
assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 0));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 60));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 120));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 180));
assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 190));
assert!(pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 240));
Ok(())
}

10
tests/prune.rs
View File

@ -53,16 +53,10 @@ fn create_info_protected(snapshot: &str, partial: bool) -> BackupInfo {
#[test]
fn test_prune_protected() -> Result<(), Error> {
let orig_list = vec![
create_info_protected(
"host/elsa/2019-11-15T09:39:15Z",
false,
),
create_info_protected("host/elsa/2019-11-15T09:39:15Z", false),
create_info("host/elsa/2019-11-15T10:39:15Z", false),
create_info("host/elsa/2019-11-15T10:49:15Z", false),
create_info_protected(
"host/elsa/2019-11-15T10:59:15Z",
false,
),
create_info_protected("host/elsa/2019-11-15T10:59:15Z", false),
];
eprintln!("{:?}", orig_list);