From 70091d85b6890a2fec69829c044a26155afb4941 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Wed, 27 Aug 2014 21:09:36 +0100 Subject: Add tests for per-repo groups --- git.liw.fi.sh | 23 +++++++++++++++++++++++ git.liw.fi.yarn | 47 +++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 70 insertions(+) diff --git a/git.liw.fi.sh b/git.liw.fi.sh index d7df0b5..fca4bc3 100644 --- a/git.liw.fi.sh +++ b/git.liw.fi.sh @@ -92,6 +92,29 @@ user_del() } +# Create a group on the server. + +group_add() +{ + run_gitano_as "$1" group add "$2" group for testing +} + + +# Add a user to a group. + +group_adduser() +{ + run_gitano_as "$1" group adduser "$2" "$3" +} + +# Remove a group. + +group_del() +{ + two_step run_gitano_as "$1" group del "$2" +} + + # Does a repository exist? repo_exists() diff --git a/git.liw.fi.yarn b/git.liw.fi.yarn index 6d758be..c0a9ec9 100644 --- a/git.liw.fi.yarn +++ b/git.liw.fi.yarn @@ -72,6 +72,16 @@ This is what the test suite is meant to test. It is a simple design that I can, later, improve upon to add more groups, and give people more detailed control and access. +Per-repo groups +--------------- + +In addition to the simple design, I will have a per-repository group +concept. For each repository `foo`, if the user is in a group called +`foo`, their restriction pushing only to branches prefixed by their +username is lifted. This allows me to share a repository with specific +people and not treat them as guests, but as first class citizens for +that project. + Test suite pre-requisites ========================= @@ -208,6 +218,25 @@ able to push to a branch prefixed by their username. FINALLY remove repository tstrepo on server AND remove user tstusr on server +However, a non-admin who is in a group with the same name as a +repository can push to master. + + SCENARIO non-admin can push to master if in group for repository + ASSUMING no tstusr user exists on server + GIVEN an ssh key for tstusr + + WHEN admin creates user tstusr + AND admin creates repository tstrepo + AND admin creates group tstrepo + AND admin adds user tstusr to group tstrepo + AND tstusr clones tstrepo over ssh + AND tstusr makes change to master in tstrepo + THEN tstusr can push master in tstrepo + FINALLY remove repository tstrepo on server + AND remove user tstusr on server + AND remove group tstrepo on server + + Private repositories -------------------- @@ -344,6 +373,24 @@ Admin clean up user at end of scenario. user_del admin "$MATCH_1" fi +Group creation and removal +-------------------------- + +An admin creates a group on the server. + + IMPLEMENTS WHEN admin creates group (\S+) + group_add admin "$MATCH_1" + +An admin adds a user to a group. + + IMPLEMENTS WHEN admin adds user (\S+) to group (\S+) + group_adduser admin "$MATCH_2" "$MATCH_1" + +An admin removes a group on the server. + + IMPLEMENTS FINALLY remove group (\S+) on server + group_del admin "$MATCH_1" + Repository creation ------------------- -- cgit v1.2.1