Add a failing test for the limiting where git repos can be on the server

author: Justin Wernick <justin@worthe-it.co.za> 2023-03-20 16:39:21 +0200
committer: Justin Wernick <justin@worthe-it.co.za> 2023-03-20 16:39:47 +0200
commit: 4aaca79ed12d327328f7650b737cb47e5ed83fa7 (patch)
tree: 057cb87da4c7c5afb7640869fcb5a717a3d7ec93 /tests
parent: 6a164d491bcaabf589aa2eabfb4841370202ba21 (diff)
1 files changed, 25 insertions, 9 deletions
diff --git a/tests/server_shell.rs b/tests/server_shell.rs
index ff3e1a4..c87fb53 100644
--- a/tests/server_shell.rs
+++ b/tests/server_shell.rs
@@ -1,5 +1,5 @@
 use anyhow::Result;
-use assert_cmd::{cargo::cargo_bin, Command};
+use assert_cmd::{assert::Assert, cargo::cargo_bin, Command};
 use get_port::{tcp::TcpPort, Ops, Range};
 use once_cell::sync::Lazy;
 use rexpect::session::{spawn_command, PtySession};
@@ -7,6 +7,8 @@ use std::{fs, io, path, sync::Mutex};
 use tempfile::TempDir;
 use thiserror::Error;
 
+const GIT_SSH_COMMAND: &str = "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no";
+
 struct TestContext {
     workdir: TempDir,
     ssh_port: u16,
@@ -120,6 +122,8 @@ fn connect_to_ssh_server_interactively(c: &TestContext) -> Result<PtySession> {
         &c.ssh_port.to_string(),
         "shukkie@localhost",
         "-o",
+        "UserKnownHostsFile=/dev/null",
+        "-o",
         "StrictHostKeyChecking=false",
     ]);
     command.current_dir(&c.workdir);
@@ -149,19 +153,20 @@ fn shows_a_prompt() -> Result<()> {
     Ok(())
 }
 
-fn clone_git_repo(c: &TestContext, repo_name: &str) {
+fn clone_git_repo(c: &TestContext, path: &str) -> Assert {
     Command::new("git")
         .args([
             "clone",
-            &format!(
-                "ssh://shukkie@localhost:{}/home/shukkie/git/{}.git",
-                c.ssh_port, repo_name
-            ),
+            &format!("ssh://shukkie@localhost:{}{}", c.ssh_port, path),
         ])
+        .env("GIT_SSH_COMMAND", GIT_SSH_COMMAND)
         .current_dir(&c.workdir)
         .timeout(std::time::Duration::from_secs(3))
         .assert()
-        .success();
+}
+
+fn clone_git_repo_relative_path(c: &TestContext, repo_name: &str) -> Assert {
+    clone_git_repo(c, &format!("/home/shukkie/git/{}.git", repo_name))
 }
 
 #[test]
@@ -169,7 +174,7 @@ fn git_clone_works_with_an_empty_repo() -> Result<()> {
     let c = spawn_ssh_server()?;
     let repo_name = "my-new-clonable-repo";
     make_new_repo(&c, repo_name)?;
-    clone_git_repo(&c, repo_name);
+    clone_git_repo_relative_path(&c, repo_name).success();
 
     Ok(())
 }
@@ -179,7 +184,7 @@ fn git_push_works() -> Result<()> {
     let c = spawn_ssh_server()?;
     let repo_name = "my-new-pushable-repo";
     make_new_repo(&c, repo_name)?;
-    clone_git_repo(&c, repo_name);
+    clone_git_repo_relative_path(&c, repo_name).success();
 
     let repo_dir = c.workdir.as_ref().join(repo_name);
 
@@ -201,9 +206,20 @@ fn git_push_works() -> Result<()> {
     Command::new("git")
         .args(["push", "origin"])
         .current_dir(&repo_dir)
+        .env("GIT_SSH_COMMAND", GIT_SSH_COMMAND)
         .timeout(std::time::Duration::from_secs(3))
         .assert()
         .success();
 
     Ok(())
 }
+
+#[test]
+fn git_clone_can_not_target_repo_outside_allowed_paths() -> Result<()> {
+    let c = spawn_ssh_server()?;
+    clone_git_repo(&c, "/home/shukkie/disallowed.git")
+        .failure()
+        .stdout("Path is not accessible");
+
+    Ok(())
+}
author	Justin Wernick <justin@worthe-it.co.za>	2023-03-20 16:39:21 +0200
committer	Justin Wernick <justin@worthe-it.co.za>	2023-03-20 16:39:47 +0200
commit	4aaca79ed12d327328f7650b737cb47e5ed83fa7 (patch)
tree	057cb87da4c7c5afb7640869fcb5a717a3d7ec93 /tests
parent	6a164d491bcaabf589aa2eabfb4841370202ba21 (diff)