]> git.ipfire.org Git - thirdparty/git.git/blame - t/lib-proto-disable.sh
l10n: fr v2.23.0 round 2
[thirdparty/git.git] / t / lib-proto-disable.sh
CommitLineData
a5adaced
JK
1# Test routines for checking protocol disabling.
2
f1762d77
BW
3# Test clone/fetch/push with GIT_ALLOW_PROTOCOL whitelist
4test_whitelist () {
a5adaced
JK
5 desc=$1
6 proto=$2
7 url=$3
8
85e42053 9 test_expect_success "clone $desc (enabled)" '
a5adaced
JK
10 rm -rf tmp.git &&
11 (
12 GIT_ALLOW_PROTOCOL=$proto &&
13 export GIT_ALLOW_PROTOCOL &&
14 git clone --bare "$url" tmp.git
15 )
16 '
17
85e42053 18 test_expect_success "fetch $desc (enabled)" '
a5adaced
JK
19 (
20 cd tmp.git &&
21 GIT_ALLOW_PROTOCOL=$proto &&
22 export GIT_ALLOW_PROTOCOL &&
23 git fetch
24 )
25 '
26
85e42053 27 test_expect_success "push $desc (enabled)" '
a5adaced
JK
28 (
29 cd tmp.git &&
30 GIT_ALLOW_PROTOCOL=$proto &&
31 export GIT_ALLOW_PROTOCOL &&
32 git push origin HEAD:pushed
33 )
34 '
35
85e42053 36 test_expect_success "push $desc (disabled)" '
a5adaced
JK
37 (
38 cd tmp.git &&
39 GIT_ALLOW_PROTOCOL=none &&
40 export GIT_ALLOW_PROTOCOL &&
41 test_must_fail git push origin HEAD:pushed
42 )
43 '
44
85e42053 45 test_expect_success "fetch $desc (disabled)" '
a5adaced
JK
46 (
47 cd tmp.git &&
48 GIT_ALLOW_PROTOCOL=none &&
49 export GIT_ALLOW_PROTOCOL &&
50 test_must_fail git fetch
51 )
52 '
53
85e42053 54 test_expect_success "clone $desc (disabled)" '
a5adaced
JK
55 rm -rf tmp.git &&
56 (
57 GIT_ALLOW_PROTOCOL=none &&
58 export GIT_ALLOW_PROTOCOL &&
59 test_must_fail git clone --bare "$url" tmp.git
60 )
61 '
f1762d77
BW
62
63 test_expect_success "clone $desc (env var has precedence)" '
64 rm -rf tmp.git &&
65 (
66 GIT_ALLOW_PROTOCOL=none &&
67 export GIT_ALLOW_PROTOCOL &&
68 test_must_fail git -c protocol.allow=always clone --bare "$url" tmp.git &&
69 test_must_fail git -c protocol.$proto.allow=always clone --bare "$url" tmp.git
70 )
71 '
72}
73
74test_config () {
75 desc=$1
76 proto=$2
77 url=$3
78
79 # Test clone/fetch/push with protocol.<type>.allow config
80 test_expect_success "clone $desc (enabled with config)" '
81 rm -rf tmp.git &&
82 git -c protocol.$proto.allow=always clone --bare "$url" tmp.git
83 '
84
85 test_expect_success "fetch $desc (enabled)" '
86 git -C tmp.git -c protocol.$proto.allow=always fetch
87 '
88
89 test_expect_success "push $desc (enabled)" '
90 git -C tmp.git -c protocol.$proto.allow=always push origin HEAD:pushed
91 '
92
93 test_expect_success "push $desc (disabled)" '
94 test_must_fail git -C tmp.git -c protocol.$proto.allow=never push origin HEAD:pushed
95 '
96
97 test_expect_success "fetch $desc (disabled)" '
98 test_must_fail git -C tmp.git -c protocol.$proto.allow=never fetch
99 '
100
101 test_expect_success "clone $desc (disabled)" '
102 rm -rf tmp.git &&
103 test_must_fail git -c protocol.$proto.allow=never clone --bare "$url" tmp.git
104 '
105
106 # Test clone/fetch/push with protocol.user.allow and its env var
107 test_expect_success "clone $desc (enabled)" '
108 rm -rf tmp.git &&
109 git -c protocol.$proto.allow=user clone --bare "$url" tmp.git
110 '
111
112 test_expect_success "fetch $desc (enabled)" '
113 git -C tmp.git -c protocol.$proto.allow=user fetch
114 '
115
116 test_expect_success "push $desc (enabled)" '
117 git -C tmp.git -c protocol.$proto.allow=user push origin HEAD:pushed
118 '
119
120 test_expect_success "push $desc (disabled)" '
121 (
122 cd tmp.git &&
123 GIT_PROTOCOL_FROM_USER=0 &&
124 export GIT_PROTOCOL_FROM_USER &&
125 test_must_fail git -c protocol.$proto.allow=user push origin HEAD:pushed
126 )
127 '
128
129 test_expect_success "fetch $desc (disabled)" '
130 (
131 cd tmp.git &&
132 GIT_PROTOCOL_FROM_USER=0 &&
133 export GIT_PROTOCOL_FROM_USER &&
134 test_must_fail git -c protocol.$proto.allow=user fetch
135 )
136 '
137
138 test_expect_success "clone $desc (disabled)" '
139 rm -rf tmp.git &&
140 (
141 GIT_PROTOCOL_FROM_USER=0 &&
142 export GIT_PROTOCOL_FROM_USER &&
143 test_must_fail git -c protocol.$proto.allow=user clone --bare "$url" tmp.git
144 )
145 '
146
147 # Test clone/fetch/push with protocol.allow user defined default
148 test_expect_success "clone $desc (enabled)" '
149 rm -rf tmp.git &&
30c586ff 150 test_config_global protocol.allow always &&
f1762d77
BW
151 git clone --bare "$url" tmp.git
152 '
153
154 test_expect_success "fetch $desc (enabled)" '
30c586ff 155 test_config_global protocol.allow always &&
f1762d77
BW
156 git -C tmp.git fetch
157 '
158
159 test_expect_success "push $desc (enabled)" '
30c586ff 160 test_config_global protocol.allow always &&
f1762d77
BW
161 git -C tmp.git push origin HEAD:pushed
162 '
163
164 test_expect_success "push $desc (disabled)" '
30c586ff 165 test_config_global protocol.allow never &&
f1762d77
BW
166 test_must_fail git -C tmp.git push origin HEAD:pushed
167 '
168
169 test_expect_success "fetch $desc (disabled)" '
30c586ff 170 test_config_global protocol.allow never &&
f1762d77
BW
171 test_must_fail git -C tmp.git fetch
172 '
173
174 test_expect_success "clone $desc (disabled)" '
175 rm -rf tmp.git &&
30c586ff 176 test_config_global protocol.allow never &&
f1762d77
BW
177 test_must_fail git clone --bare "$url" tmp.git
178 '
179}
180
181# test cloning a particular protocol
182# $1 - description of the protocol
183# $2 - machine-readable name of the protocol
184# $3 - the URL to try cloning
185test_proto () {
186 test_whitelist "$@"
187
188 test_config "$@"
a5adaced
JK
189}
190
191# set up an ssh wrapper that will access $host/$repo in the
192# trash directory, and enable it for subsequent tests.
193setup_ssh_wrapper () {
194 test_expect_success 'setup ssh wrapper' '
195 write_script ssh-wrapper <<-\EOF &&
196 echo >&2 "ssh: $*"
197 host=$1; shift
198 cd "$TRASH_DIRECTORY/$host" &&
199 eval "$*"
200 EOF
201 GIT_SSH="$PWD/ssh-wrapper" &&
202 export GIT_SSH &&
203 export TRASH_DIRECTORY
204 '
205}
206
207# set up a wrapper that can be used with remote-ext to
208# access repositories in the "remote" directory of trash-dir,
209# like "ext::fake-remote %S repo.git"
210setup_ext_wrapper () {
211 test_expect_success 'setup ext wrapper' '
212 write_script fake-remote <<-\EOF &&
213 echo >&2 "fake-remote: $*"
214 cd "$TRASH_DIRECTORY/remote" &&
215 eval "$*"
216 EOF
217 PATH=$TRASH_DIRECTORY:$PATH &&
218 export TRASH_DIRECTORY
219 '
220}