mirror of
				https://git.proxmox.com/git/proxmox-backup
				synced 2025-10-25 01:52:02 +00:00 
			
		
		
		
	cargo fmt
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
		
							parent
							
								
									f097eaa80f
								
							
						
					
					
						commit
						237beaed93
					
				| @ -23,8 +23,8 @@ use proxmox_sys::linux::tty; | |||||||
| 
 | 
 | ||||||
| use proxmox_async::broadcast_future::BroadcastFuture; | use proxmox_async::broadcast_future::BroadcastFuture; | ||||||
| use proxmox_http::client::{HttpsConnector, RateLimiter}; | use proxmox_http::client::{HttpsConnector, RateLimiter}; | ||||||
| use proxmox_http::ProxyConfig; |  | ||||||
| use proxmox_http::uri::{build_authority, json_object_to_query}; | use proxmox_http::uri::{build_authority, json_object_to_query}; | ||||||
|  | use proxmox_http::ProxyConfig; | ||||||
| 
 | 
 | ||||||
| use pbs_api_types::percent_encoding::DEFAULT_ENCODE_SET; | use pbs_api_types::percent_encoding::DEFAULT_ENCODE_SET; | ||||||
| use pbs_api_types::{Authid, RateLimitConfig, Userid}; | use pbs_api_types::{Authid, RateLimitConfig, Userid}; | ||||||
|  | |||||||
| @ -511,44 +511,40 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator | |||||||
|     }; |     }; | ||||||
| 
 | 
 | ||||||
|     // should work without ACLs
 |     // should work without ACLs
 | ||||||
|     assert!( |     assert!(check_sync_job_read_access(&user_info, root_auth_id, &job)); | ||||||
|         check_sync_job_read_access(&user_info, root_auth_id, &job) |     assert!(check_sync_job_modify_access(&user_info, root_auth_id, &job)); | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         check_sync_job_modify_access(&user_info, root_auth_id, &job) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     // user without permissions must fail
 |     // user without permissions must fail
 | ||||||
|     assert!( |     assert!(!check_sync_job_read_access( | ||||||
|         !check_sync_job_read_access(&user_info, &no_perm_auth_id, &job) |         &user_info, | ||||||
|     ); |         &no_perm_auth_id, | ||||||
|     assert!( |         &job | ||||||
|         !check_sync_job_modify_access(&user_info, &no_perm_auth_id, &job) |     )); | ||||||
|     ); |     assert!(!check_sync_job_modify_access( | ||||||
|  |         &user_info, | ||||||
|  |         &no_perm_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // reading without proper read permissions on either remote or local must fail
 |     // reading without proper read permissions on either remote or local must fail
 | ||||||
|     assert!( |     assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job)); | ||||||
|         !check_sync_job_read_access(&user_info, &read_auth_id, &job) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     // reading without proper read permissions on local end must fail
 |     // reading without proper read permissions on local end must fail
 | ||||||
|     job.remote = "remote1".to_string(); |     job.remote = "remote1".to_string(); | ||||||
|     assert!( |     assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job)); | ||||||
|         !check_sync_job_read_access(&user_info, &read_auth_id, &job) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     // reading without proper read permissions on remote end must fail
 |     // reading without proper read permissions on remote end must fail
 | ||||||
|     job.remote = "remote0".to_string(); |     job.remote = "remote0".to_string(); | ||||||
|     job.store = "localstore1".to_string(); |     job.store = "localstore1".to_string(); | ||||||
|     assert!( |     assert!(!check_sync_job_read_access(&user_info, &read_auth_id, &job)); | ||||||
|         !check_sync_job_read_access(&user_info, &read_auth_id, &job) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     // writing without proper write permissions on either end must fail
 |     // writing without proper write permissions on either end must fail
 | ||||||
|     job.store = "localstore0".to_string(); |     job.store = "localstore0".to_string(); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // writing without proper write permissions on local end must fail
 |     // writing without proper write permissions on local end must fail
 | ||||||
|     job.remote = "remote1".to_string(); |     job.remote = "remote1".to_string(); | ||||||
| @ -556,72 +552,90 @@ acl:1:/remote/remote1/remotestore1:write@pbs:RemoteSyncOperator | |||||||
|     // writing without proper write permissions on remote end must fail
 |     // writing without proper write permissions on remote end must fail
 | ||||||
|     job.remote = "remote0".to_string(); |     job.remote = "remote0".to_string(); | ||||||
|     job.store = "localstore1".to_string(); |     job.store = "localstore1".to_string(); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // reset remote to one where users have access
 |     // reset remote to one where users have access
 | ||||||
|     job.remote = "remote1".to_string(); |     job.remote = "remote1".to_string(); | ||||||
| 
 | 
 | ||||||
|     // user with read permission can only read, but not modify/run
 |     // user with read permission can only read, but not modify/run
 | ||||||
|     assert!( |     assert!(check_sync_job_read_access(&user_info, &read_auth_id, &job)); | ||||||
|         check_sync_job_read_access(&user_info, &read_auth_id, &job) |  | ||||||
|     ); |  | ||||||
|     job.owner = Some(read_auth_id.clone()); |     job.owner = Some(read_auth_id.clone()); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &read_auth_id, &job) |         &user_info, | ||||||
|     ); |         &read_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
|     job.owner = None; |     job.owner = None; | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &read_auth_id, &job) |         &user_info, | ||||||
|     ); |         &read_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
|     job.owner = Some(write_auth_id.clone()); |     job.owner = Some(write_auth_id.clone()); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &read_auth_id, &job) |         &user_info, | ||||||
|     ); |         &read_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // user with simple write permission can modify/run
 |     // user with simple write permission can modify/run
 | ||||||
|     assert!( |     assert!(check_sync_job_read_access(&user_info, &write_auth_id, &job)); | ||||||
|         check_sync_job_read_access(&user_info, &write_auth_id, &job) |     assert!(check_sync_job_modify_access( | ||||||
|     ); |         &user_info, | ||||||
|     assert!( |         &write_auth_id, | ||||||
|         check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &job | ||||||
|     ); |     )); | ||||||
| 
 | 
 | ||||||
|     // but can't modify/run with deletion
 |     // but can't modify/run with deletion
 | ||||||
|     job.remove_vanished = Some(true); |     job.remove_vanished = Some(true); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // unless they have Datastore.Prune as well
 |     // unless they have Datastore.Prune as well
 | ||||||
|     job.store = "localstore2".to_string(); |     job.store = "localstore2".to_string(); | ||||||
|     assert!( |     assert!(check_sync_job_modify_access( | ||||||
|         check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // changing owner is not possible
 |     // changing owner is not possible
 | ||||||
|     job.owner = Some(read_auth_id.clone()); |     job.owner = Some(read_auth_id.clone()); | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // also not to the default 'root@pam'
 |     // also not to the default 'root@pam'
 | ||||||
|     job.owner = None; |     job.owner = None; | ||||||
|     assert!( |     assert!(!check_sync_job_modify_access( | ||||||
|         !check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     // unless they have Datastore.Modify as well
 |     // unless they have Datastore.Modify as well
 | ||||||
|     job.store = "localstore3".to_string(); |     job.store = "localstore3".to_string(); | ||||||
|     job.owner = Some(read_auth_id); |     job.owner = Some(read_auth_id); | ||||||
|     assert!( |     assert!(check_sync_job_modify_access( | ||||||
|         check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
|     job.owner = None; |     job.owner = None; | ||||||
|     assert!( |     assert!(check_sync_job_modify_access( | ||||||
|         check_sync_job_modify_access(&user_info, &write_auth_id, &job) |         &user_info, | ||||||
|     ); |         &write_auth_id, | ||||||
|  |         &job | ||||||
|  |     )); | ||||||
| 
 | 
 | ||||||
|     Ok(()) |     Ok(()) | ||||||
| } | } | ||||||
|  | |||||||
| @ -38,7 +38,7 @@ async fn do_update(rpcenv: &mut dyn RpcEnvironment) -> Result<(), Error> { | |||||||
|         Err(err) => { |         Err(err) => { | ||||||
|             log::error!("Error reading subscription - {}", err); |             log::error!("Error reading subscription - {}", err); | ||||||
|             false |             false | ||||||
|         }, |         } | ||||||
|     }; |     }; | ||||||
| 
 | 
 | ||||||
|     let param = json!({ |     let param = json!({ | ||||||
|  | |||||||
| @ -118,37 +118,17 @@ fn test_media_expire_time() -> Result<(), Error> { | |||||||
|         &MediaStatus::Writable |         &MediaStatus::Writable | ||||||
|     ); |     ); | ||||||
| 
 | 
 | ||||||
|     assert!( |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 0)); | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 0) |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 60)); | ||||||
|     ); |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 120)); | ||||||
|     assert!( |     assert!(pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 180)); | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 60) |  | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 120) |  | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         pool.media_is_expired(&pool.lookup_media(&tape0_uuid)?, 180) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     assert!( |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 0)); | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 0) |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 60)); | ||||||
|     ); |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 120)); | ||||||
|     assert!( |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 180)); | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 60) |     assert!(!pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 190)); | ||||||
|     ); |     assert!(pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 240)); | ||||||
|     assert!( |  | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 120) |  | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 180) |  | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         !pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 190) |  | ||||||
|     ); |  | ||||||
|     assert!( |  | ||||||
|         pool.media_is_expired(&pool.lookup_media(&tape1_uuid)?, 240) |  | ||||||
|     ); |  | ||||||
| 
 | 
 | ||||||
|     Ok(()) |     Ok(()) | ||||||
| } | } | ||||||
|  | |||||||
| @ -53,16 +53,10 @@ fn create_info_protected(snapshot: &str, partial: bool) -> BackupInfo { | |||||||
| #[test] | #[test] | ||||||
| fn test_prune_protected() -> Result<(), Error> { | fn test_prune_protected() -> Result<(), Error> { | ||||||
|     let orig_list = vec![ |     let orig_list = vec![ | ||||||
|         create_info_protected( |         create_info_protected("host/elsa/2019-11-15T09:39:15Z", false), | ||||||
|             "host/elsa/2019-11-15T09:39:15Z", |  | ||||||
|             false, |  | ||||||
|         ), |  | ||||||
|         create_info("host/elsa/2019-11-15T10:39:15Z", false), |         create_info("host/elsa/2019-11-15T10:39:15Z", false), | ||||||
|         create_info("host/elsa/2019-11-15T10:49:15Z", false), |         create_info("host/elsa/2019-11-15T10:49:15Z", false), | ||||||
|         create_info_protected( |         create_info_protected("host/elsa/2019-11-15T10:59:15Z", false), | ||||||
|             "host/elsa/2019-11-15T10:59:15Z", |  | ||||||
|             false, |  | ||||||
|         ), |  | ||||||
|     ]; |     ]; | ||||||
| 
 | 
 | ||||||
|     eprintln!("{:?}", orig_list); |     eprintln!("{:?}", orig_list); | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Fabian Grünbichler
						Fabian Grünbichler