[Asterisk-code-review] python libs: Add capability to set file permissions on a tests files (testsuite[19])

Friendly Automation asteriskteam at digium.com
Fri Oct 14 07:16:12 CDT 2022


Friendly Automation has submitted this change. ( https://gerrit.asterisk.org/c/testsuite/+/19450 )

Change subject: python libs: Add capability to set file permissions on a tests files
......................................................................

python libs: Add capability to set file permissions on a tests files

When testing encryption related scenarios, key files may need to
have specific permissions set in order for them to be used. See
https://issues.asterisk.org/jira/browse/ASTERISK-30213 for more
context.  Since git doesn't natively support saving file
permissions other than the executable bit, we needed a way to set
them ourselves.

* The asterisk instance setup functions have been updated to
  look for a file named ".permissions" in a test's config and
  files directories which contains a list of files and octal
  permissions to set before running the test.

  For files in the config directory that are copied to
  /etc/asterisk, the .permissions file must be in the
  testdir/configs/astX directory.

  Example:
  testdir/
    test_config.yaml
    configs/
      ast1/
        .permissions
        mykey.pem

  The .permissions file would have the following:
  # Permissions file for private key
  mykey.pem:0600

  For files copied to other places, the .permissions file
  must be under the last symbolic part of the path.
  Example:

  testdir/
    test_config.yaml
    files/
      ast1/
        astvarlibdir/
          .permissions
          keys/
            test.key

  The .permissions file would have the following:
  # Permissions file for private key
  keys/test.key:0600

  When this particular test runs, the .permissions file
  will be processed and permissions set before the test
  actually executes.

* .permissions files  have been created for the two immediate tests
  with issues:
  tests/channels/iax2/encrypted-calls/rsa
  tests/channels/iax2/encrypted-calls/rsa-dynamic

Change-Id: I4169b64c4e61b5856468a048c9fa138d81209831
---
M lib/python/asterisk/asterisk.py
M lib/python/asterisk/test_suite_utils.py
A tests/channels/iax2/encrypted-calls/rsa-dynamic/files/ast1/astvarlibdir/.permissions
A tests/channels/iax2/encrypted-calls/rsa/files/ast1/astvarlibdir/.permissions
4 files changed, 121 insertions(+), 0 deletions(-)

Approvals:
  George Joseph: Looks good to me, approved
  Friendly Automation: Approved for Submit




diff --git a/lib/python/asterisk/asterisk.py b/lib/python/asterisk/asterisk.py
index d88cfb5..b32e760 100644
--- a/lib/python/asterisk/asterisk.py
+++ b/lib/python/asterisk/asterisk.py
@@ -723,6 +723,15 @@
             if os.path.isfile(target):
                 self.install_config(target)
 
+        permissions_file = os.path.join(cfg_path, ".permissions")
+        if os.path.exists(permissions_file):
+            try:
+                test_suite_utils.set_file_permissions(
+                    self.astetcdir, permissions_file)
+            except BaseException as err:
+                raise Exception("All permissions were not applied to '%s': %s" % (target_path, str(err)))
+                
+
     def install_config(self, cfg_path, target_filename=None):
         """Install a custom configuration file for this instance of Asterisk.
 
@@ -841,6 +850,13 @@
                 dirpath = direntry[1:] if direntry[0] == '/' else direntry
                 dest = os.path.join(self.base, dirpath)
                 polyfill.copytree(source, dest, dirs_exist_ok=True)
+                permissions_file = os.path.join(source, ".permissions")
+                if os.path.exists(permissions_file):
+                    try:
+                        test_suite_utils.set_file_permissions(
+                            dest, permissions_file)
+                    except BaseException as err:
+                        raise Exception("All permissions were not applied to '%s': %s" % (dest, str(err)))
 
     def _overwrite_file(self, filename, values):
         """Overwrite a particular config file
diff --git a/lib/python/asterisk/test_suite_utils.py b/lib/python/asterisk/test_suite_utils.py
index 185adaa..dcf4bbc 100644
--- a/lib/python/asterisk/test_suite_utils.py
+++ b/lib/python/asterisk/test_suite_utils.py
@@ -14,6 +14,8 @@
 import logging
 import re
 import sys
+import stat
+import numpy as np
 
 from os import close
 from os import remove
@@ -210,3 +212,41 @@
                 _ast_conf.directories[var] = val
 
     return _ast_conf
+
+def set_file_permissions(dir_path, permissions_file):
+    """Set permissions on files from a file
+
+    The permissions_file must be a list in the format
+    <relative_path>:<octal_permissions>
+    <relative_path>:<octal_permissions>
+    ...
+
+    relative_path: A path relative to dir_path.  If a directory
+                   is specified, only the directory permissions
+                   are changed not the contents.
+    permissions: 3 or 4 digit octal permissions
+    
+    Whitespace and blank lines are ignored.
+    The '#' is the comment character.
+    
+    Example:
+    <testdir>/files/ast1/astvarlibdir/.permissions:
+    # My permissions file
+    keys/key.pem: 0600
+
+    Note: The paths in the .permissions file must be below the
+    last replaceable element in the dir_path.  In this example,
+    it has to be below astvarlibdir.
+
+    :param dir_path: Path containing the directories/files to change
+    :param permissions_file: File with the subdirectories/files and new permissions.
+    """
+    converter = lambda x: int(x, 8)
+    permlist=np.genfromtxt(permissions_file,
+        dtype="S255,I", names="filename,permissions",
+        delimiter=':', autostrip=True,
+        converters={"permissions": converter})
+    for filename, permissions in permlist.flat:
+        path=os.path.join(dir_path, filename.decode('utf-8'))
+        os.chmod(path,permissions)
+    return None
diff --git a/tests/channels/iax2/encrypted-calls/rsa-dynamic/files/ast1/astvarlibdir/.permissions b/tests/channels/iax2/encrypted-calls/rsa-dynamic/files/ast1/astvarlibdir/.permissions
new file mode 100644
index 0000000..9bd35f8
--- /dev/null
+++ b/tests/channels/iax2/encrypted-calls/rsa-dynamic/files/ast1/astvarlibdir/.permissions
@@ -0,0 +1 @@
+keys/test.key:0600
diff --git a/tests/channels/iax2/encrypted-calls/rsa/files/ast1/astvarlibdir/.permissions b/tests/channels/iax2/encrypted-calls/rsa/files/ast1/astvarlibdir/.permissions
new file mode 100644
index 0000000..9bd35f8
--- /dev/null
+++ b/tests/channels/iax2/encrypted-calls/rsa/files/ast1/astvarlibdir/.permissions
@@ -0,0 +1 @@
+keys/test.key:0600

-- 
To view, visit https://gerrit.asterisk.org/c/testsuite/+/19450
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: testsuite
Gerrit-Branch: 19
Gerrit-Change-Id: I4169b64c4e61b5856468a048c9fa138d81209831
Gerrit-Change-Number: 19450
Gerrit-PatchSet: 1
Gerrit-Owner: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-MessageType: merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20221014/c5f37b36/attachment.html>


More information about the asterisk-code-review mailing list