jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-01 17:03:34 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity
3ba81e34e8
node/test/parallel/test-module-readonly.js
Bill Ticehurst 3ba81e34e8 test: add test for loading read-only modules 
Adds a test-case to cover loading modules
the user does not have permission to write to.

Covers issue logged in https://github.com/nodejs/node/issues/20112

PR-URL: https://github.com/nodejs/node/pull/20138
Refs: https://github.com/nodejs/node/issues/20112
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-04-23 01:03:05 +03:00

49 lines
1.4 KiB
JavaScript
Raw Blame History

'use strict';
const common = require('../common');
if (!common.isWindows) {
// TODO: Similar checks on *nix-like systems (e.g using chmod or the like)
common.skip('test only runs on Windows');
}
const assert = require('assert');
const fs = require('fs');
const path = require('path');
const cp = require('child_process');
const tmpdir = require('../common/tmpdir');
tmpdir.refresh();
// Create readOnlyMod.js and set to read only
const readOnlyMod = path.join(tmpdir.path, 'readOnlyMod');
const readOnlyModRelative = path.relative(__dirname, readOnlyMod);
const readOnlyModFullPath = `${readOnlyMod}.js`;
fs.writeFileSync(readOnlyModFullPath, 'module.exports = 42;');
// Removed any inherited ACEs, and any explicitly granted ACEs for the
// current user
cp.execSync(
`icacls.exe "${readOnlyModFullPath}" /inheritance:r /remove "%USERNAME%"`);
// Grant the current user read & execute only
cp.execSync(`icacls.exe "${readOnlyModFullPath}" /grant "%USERNAME%":RX`);
let except = null;
try {
// Attempt to load the module. Will fail if write access is required
require(readOnlyModRelative);
} catch (err) {
except = err;
}
// Remove the expliclty granted rights, and reenable inheritance
cp.execSync(
`icacls.exe "${readOnlyModFullPath}" /remove "%USERNAME%" /inheritance:e`);
// Delete the test module (note: tmpdir should get cleaned anyway)
fs.unlinkSync(readOnlyModFullPath);
assert.ifError(except);
Reference in New Issue View Git Blame Copy Permalink