feat: refactor some tests and policies.

author: Max Resnick <max@ofmax.li> 2024-03-02 15:03:46 -0800
committer: Max Resnick <max@ofmax.li> 2024-03-02 15:03:46 -0800
commit: 11e393cbc6e7be6757ec8d92cb37ea9e14ed8c9d (patch)
tree: 453fbdcf13ba1a8252f843641fb60319f670549c
parent: 9fe8f31ae379d4b30823f3c4f19842bf32aae034 (diff)
download: go-git-server-11e393cbc6e7be6757ec8d92cb37ea9e14ed8c9d.tar.gz
9 files changed, 45 insertions, 12 deletions
diff --git a/gitserver.yaml b/gitserver.yaml
index 70d8eed..cb35011 100644
--- a/gitserver.yaml
+++ b/gitserver.yaml
@@ -7,6 +7,15 @@ repos:
   permissions:
   - role: admin
     mode: 1
+- name: restic-wrapper
+  public: true
+  permissions:
+  - role: maintainers
+    mode: 1
+  git_web_config:                                                             
+    owner: grumps                                                             
+    description: >-                                                           
+      A simple wrapper around restic wrapper
 - name: testmerepo
   public: true
   git_web_config:
diff --git a/internal/admin/model_test.go b/internal/admin/model_test.go
index 70ec738..ee0b72a 100644
--- a/internal/admin/model_test.go
+++ b/internal/admin/model_test.go
@@ -86,7 +86,7 @@ func TestLoadServerConfig(t *testing.T) {
 		localDir := t.TempDir()
 		// TODO Refactor next touch
 		localFile := filepath.Join(localDir, "stuff.yaml")
-		srcFile, err := os.Open(filepath.Clean("../../gitserver.yaml"))
+		srcFile, err := os.Open(filepath.Clean("../../tests/test_gitserver.yaml"))
 		if err != nil {
 			t.Fatalf("Error opening base config %s", err)
 		}
diff --git a/internal/admin/service_test.go b/internal/admin/service_test.go
index e13d28c..ae616c3 100644
--- a/internal/admin/service_test.go
+++ b/internal/admin/service_test.go
@@ -73,7 +73,7 @@ func TestInitServer(t *testing.T) {
 
 	// policy
 	destPolicyFile := filepath.Join(tempDir, "testpolicy.csv")
-	srcPolicyFile := "../../testpolicy.csv"
+	srcPolicyFile := "../../tests/testpolicy.csv"
 	copyFile(t, srcPolicyFile, destPolicyFile)
 	// end policy
 
diff --git a/internal/authz/middleware.go b/internal/authz/middleware.go
index abebcdb..441240f 100644
--- a/internal/authz/middleware.go
+++ b/internal/authz/middleware.go
@@ -65,7 +65,7 @@ func Authorization(adminSvc *admin.Servicer, next http.Handler) http.Handler {
 			return
 		}
 		if !ok {
-			log.Printf("Not Authorized - attempted access %s", urn)
+			log.Printf("Not Authorized - %s attempted access %s", urn, repo)
 			http.Error(rw, "Access denied", http.StatusForbidden)
 			return
 		}
diff --git a/internal/authz/middleware_test.go b/internal/authz/middleware_test.go
index 314c24e..99ca0b0 100644
--- a/internal/authz/middleware_test.go
+++ b/internal/authz/middleware_test.go
@@ -115,7 +115,7 @@ func TestAuthorization(t *testing.T) {
 	}
 	svcr := admin.NewService(
 		"../../auth_model.ini",
-		"../../testpolicy.csv",
+		"../../tests/testpolicy.csv",
 		"../../gitserver.yaml",
 		"../../repos",
 		false)
diff --git a/justfile b/justfile
index 8f30dbd..f7ea81f 100644
--- a/justfile
+++ b/justfile
@@ -12,6 +12,7 @@ test:
     golangci-lint run
     go test -v -coverprofile={{ TEMPDIR }}/testcover.out ./...
     go tool cover -func={{ TEMPDIR }}/testcover.out
+
 debug-run:
     dlv debug cmd/main.go -- -s {{justfile_directory()}}/gitserver.yaml -r $(mktemp -d) 
 
diff --git a/policy.csv b/policy.csv
index ec248b5..c3c632c 100644
--- a/policy.csv
+++ b/policy.csv
@@ -1,10 +1,3 @@
-p, role:admin, /mgmt/info/refs, GET
-p, role:admin, /mgmt/git-upload-pack, POST
-p, role:admin, /mgmt/git-receive-pack, POST
-p, role:maintainers, /testmerepo/info/refs, GET
-p, role:maintainers, /testmerepo/git-upload-pack, POST
-p, role:maintainers, /testmerepo/git-receive-pack, POST
 g, role:admin, role:maintainers
 g, uid:admin, role:admin
-g, uid:grumps, role:maintainers
-g, aid:argo, role:bots
+g, uid:maintainer, role:maintainers
diff --git a/tests/test_gitserver.yaml b/tests/test_gitserver.yaml
new file mode 100644
index 0000000..70d8eed
--- /dev/null
+++ b/tests/test_gitserver.yaml
@@ -0,0 +1,19 @@
+---
+name: "go-git-server"
+version: "v1alpha1"
+repos:
+- name: mgmt
+  public: false
+  permissions:
+  - role: admin
+    mode: 1
+- name: testmerepo
+  public: true
+  git_web_config:
+    owner: grumps
+    description: >-
+      A wrapper to git http-backend providing authentcation and authorization
+      inspired by gitolite.
+  permissions:
+  - role: maintainers
+    mode: 1
diff --git a/tests/testpolicy.csv b/tests/testpolicy.csv
new file mode 100644
index 0000000..1befec0
--- /dev/null
+++ b/tests/testpolicy.csv
@@ -0,0 +1,11 @@
+p, role:test, /repo/url, GET
+p, role:admin, /mgmt/info/refs, GET
+p, role:admin, /mgmt/git-upload-pack, POST
+p, role:admin, /mgmt/git-receive-pack, POST
+p, role:maintainers, /testmerepo/info/refs, GET
+p, role:maintainers, /testmerepo/git-upload-pack, POST
+p, role:maintainers, /testmerepo/git-receive-pack, POST
+p, role:maintainers, /restic-wrapper/info/refs, GET
+p, role:maintainers, /restic-wrapper/git-upload-pack, POST
+p, role:maintainers, /restic-wrapper/git-receive-pack, POST
+g, uid:jack, role:test
+\ No newline at end of file
author	Max Resnick <max@ofmax.li>	2024-03-02 15:03:46 -0800
committer	Max Resnick <max@ofmax.li>	2024-03-02 15:03:46 -0800
commit	11e393cbc6e7be6757ec8d92cb37ea9e14ed8c9d (patch)
tree	453fbdcf13ba1a8252f843641fb60319f670549c
parent	9fe8f31ae379d4b30823f3c4f19842bf32aae034 (diff)
download	go-git-server-11e393cbc6e7be6757ec8d92cb37ea9e14ed8c9d.tar.gz