Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

test: add buffer to fs_permission tests

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/55734
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
This commit is contained in:
Rafael Gonzaga 2024-11-07 18:48:46 -03:00 committed by GitHub
parent 5ddde042c5
commit c8e12983ad
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 117 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
test/fixtures/permission/fs-read.js vendored
View File

@ -21,6 +21,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.readFile(bufferBlockedFile, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.readFileSync(blockedFile);
}, common.expectsError({
@ -79,6 +84,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.stat(bufferBlockedFile, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.statSync(blockedFile);
}, common.expectsError({
@ -112,6 +122,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.access(bufferBlockedFile, fs.constants.R_OK, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.accessSync(blockedFileURL, fs.constants.R_OK);
}, common.expectsError({
@ -140,6 +155,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.copyFile(bufferBlockedFile, path.join(blockedFolder, 'any-other-file'), common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.copyFileSync(blockedFileURL, path.join(blockedFolder, 'any-other-file'));
}, common.expectsError({
@ -165,6 +185,13 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.cpSync(bufferBlockedFile, path.join(blockedFolder, 'any-other-file'));
}, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.cpSync(blockedFileURL, path.join(blockedFolder, 'any-other-file'));
}, common.expectsError({
@ -188,6 +215,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.open(bufferBlockedFile, 'r', common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.openSync(blockedFileURL, 'r');
}, common.expectsError({
@ -312,6 +344,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.rename(bufferBlockedFile, 'newfile', common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.renameSync(blockedFile, 'newfile');
}, common.expectsError({
@ -337,6 +374,13 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.openAsBlob(bufferBlockedFile);
}, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.openAsBlob(blockedFileURL);
}, common.expectsError({
@ -371,6 +415,11 @@ const regularFile = __filename;
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
fs.statfs(bufferBlockedFile, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemRead',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.statfsSync(blockedFile);
}, common.expectsError({
@ -405,6 +454,11 @@ const regularFile = __filename;
}, common.expectsError({
code: 'ERR_ACCESS_DENIED',
}));
assert.throws(() => {
fs.lstatSync(bufferBlockedFile);
}, common.expectsError({
code: 'ERR_ACCESS_DENIED',
}));
assert.throws(() => {
fs.lstatSync(path.join(blockedFolder, 'anyfile'));
}, common.expectsError({

63
test/fixtures/permission/fs-write.js vendored
View File

@ -11,6 +11,7 @@ const regularFolder = process.env.ALLOWEDFOLDER;
const regularFile = process.env.ALLOWEDFILE;
const blockedFolder = process.env.BLOCKEDFOLDER;
const blockedFile = process.env.BLOCKEDFILE;
const bufferBlockedFile = Buffer.from(process.env.BLOCKEDFILE);
const blockedFileURL = require('url').pathToFileURL(process.env.BLOCKEDFILE);
const relativeProtectedFile = process.env.RELATIVEBLOCKEDFILE;
const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
@ -34,6 +35,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
}));
fs.writeFile(bufferBlockedFile, 'example', common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.writeFileSync(blockedFileURL, 'example');
}, {
@ -102,6 +108,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
assert.throws(() => {
fs.utimes(bufferBlockedFile, new Date(), new Date(), () => {});
}, {
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
assert.throws(() => {
fs.utimes(blockedFileURL, new Date(), new Date(), () => {});
}, {
@ -135,6 +148,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
assert.throws(() => {
fs.lutimes(bufferBlockedFile, new Date(), new Date(), () => {});
},{
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
assert.throws(() => {
fs.lutimes(blockedFileURL, new Date(), new Date(), () => {});
}, {
@ -193,6 +213,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
}));
fs.rename(bufferBlockedFile, path.join(blockedFile, 'renamed'), common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
}));
assert.throws(() => {
fs.renameSync(blockedFileURL, path.join(blockedFile, 'renamed'));
}, {
@ -245,6 +270,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(path.join(relativeProtectedFolder, 'any-file')),
}));
fs.copyFile(bufferBlockedFile, path.join(relativeProtectedFolder, 'any-file'), common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(path.join(relativeProtectedFolder, 'any-file')),
}));
}
// fs.cp
@ -295,6 +325,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
fs.open(bufferBlockedFile, fs.constants.O_RDWR | 0x10000000, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
assert.rejects(async () => {
await fs.promises.open(blockedFile, fs.constants.O_RDWR | fs.constants.O_NOFOLLOW);
}, {
@ -322,6 +356,12 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
});
assert.throws(() => {
fs.chmod(bufferBlockedFile, 0o755, common.mustNotCall());
}, {
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
});
assert.throws(() => {
fs.chmod(blockedFileURL, 0o755, common.mustNotCall());
}, {
@ -358,6 +398,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
fs.appendFile(bufferBlockedFile, 'new data', common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
assert.throws(() => {
fs.appendFileSync(blockedFileURL, 'new data');
}, {
@ -378,6 +422,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
fs.chown(bufferBlockedFile, 1541, 999, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
assert.throws(() => {
fs.chownSync(blockedFileURL, 1541, 999);
}, {
@ -399,6 +447,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
fs.lchown(bufferBlockedFile, 1541, 999, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
assert.throws(() => {
fs.lchownSync(blockedFileURL, 1541, 999);
}, {
@ -426,6 +478,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
fs.link(bufferBlockedFile, path.join(blockedFolder, '/linked'), common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
}));
assert.throws(() => {
fs.linkSync(blockedFileURL, path.join(blockedFolder, '/linked'));
}, {
@ -450,6 +506,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
assert.throws(() => {
fs.unlinkSync(bufferBlockedFile);
}, {
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',
resource: path.toNamespacedPath(blockedFile),
});
fs.unlink(blockedFile, common.expectsError({
code: 'ERR_ACCESS_DENIED',
permission: 'FileSystemWrite',