summaryrefslogtreecommitdiffstats
path: root/test/testcases/acl
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--test/testcases/acl60
-rw-r--r--test/testcases/acl.excl1
-rw-r--r--test/testcases/acl.exp94
3 files changed, 155 insertions, 0 deletions
diff --git a/test/testcases/acl b/test/testcases/acl
new file mode 100644
index 0000000..ebc9531
--- /dev/null
+++ b/test/testcases/acl
@@ -0,0 +1,60 @@
+show ACL
+node node1
+property enable-acl=true
+primitive st stonith:ssh \
+ params hostlist='node1' \
+ meta target-role="Started" requires=nothing \
+ op start timeout=60s \
+ op monitor interval=60m timeout=60s
+primitive d0 ocf:pacemaker:Dummy
+primitive d1 ocf:pacemaker:Dummy
+role basic-read \
+ read status \
+ read type:node attribute:uname \
+ read type:node attribute:type \
+ read property
+role basic-read-basic \
+ read cib
+role d0-admin \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0
+role silly-role \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0 \
+ read status \
+ read type:node attribute:uname \
+ read type:node attribute:type \
+ read utilization:d0 \
+ read property:stonith-enabled \
+ write property \
+ read node \
+ read node:node1 \
+ read nodeattr \
+ read nodeattr:a1 \
+ read nodeutil \
+ read nodeutil:node1 \
+ read status \
+ read cib
+role silly-role-two \
+ read xpath:"//nodes//attributes" \
+ deny tag:nvpair \
+ deny ref:d0
+acl_target alice \
+ basic-read-basic
+acl_target bob \
+ d0-admin \
+ basic-read-basic
+role cyrus-role \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0 \
+ read status \
+ read type:node attribute:uname \
+ read type:node attribute:type \
+ read property
+acl_target cyrus cyrus-role
+_test
+verify
+.
diff --git a/test/testcases/acl.excl b/test/testcases/acl.excl
new file mode 100644
index 0000000..31d13f7
--- /dev/null
+++ b/test/testcases/acl.excl
@@ -0,0 +1 @@
+INFO: 5: already using schema pacemaker-1.2
diff --git a/test/testcases/acl.exp b/test/testcases/acl.exp
new file mode 100644
index 0000000..f00405c
--- /dev/null
+++ b/test/testcases/acl.exp
@@ -0,0 +1,94 @@
+.TRY ACL
+.INP: configure
+.INP: _regtest on
+.INP: erase
+.INP: erase nodes
+.INP: node node1
+.INP: property enable-acl=true
+.INP: primitive st stonith:ssh params hostlist='node1' meta target-role="Started" requires=nothing op start timeout=60s op monitor interval=60m timeout=60s
+.EXT crm_resource --show-metadata stonith:ssh
+.EXT stonithd metadata
+.INP: primitive d0 ocf:pacemaker:Dummy
+.EXT crm_resource --show-metadata ocf:pacemaker:Dummy
+.INP: primitive d1 ocf:pacemaker:Dummy
+.INP: role basic-read read status read type:node attribute:uname read type:node attribute:type read property
+.INP: role basic-read-basic read cib
+.INP: role d0-admin write meta:d0:target-role write meta:d0:is-managed read ref:d0
+.INP: role silly-role write meta:d0:target-role write meta:d0:is-managed read ref:d0 read status read type:node attribute:uname read type:node attribute:type read utilization:d0 read property:stonith-enabled write property read node read node:node1 read nodeattr read nodeattr:a1 read nodeutil read nodeutil:node1 read status read cib
+.INP: role silly-role-two read xpath:"//nodes//attributes" deny tag:nvpair deny ref:d0
+.INP: acl_target alice basic-read-basic
+.INP: acl_target bob d0-admin basic-read-basic
+.INP: role cyrus-role write meta:d0:target-role write meta:d0:is-managed read ref:d0 read status read type:node attribute:uname read type:node attribute:type read property
+.INP: acl_target cyrus cyrus-role
+.INP: _test
+.INP: verify
+.EXT crmd metadata
+.EXT pengine metadata
+.EXT cib metadata
+.INP: show
+node node1
+primitive d0 ocf:pacemaker:Dummy \
+ op monitor timeout=20s interval=10s \
+ op start timeout=20s interval=0s \
+ op stop timeout=20s interval=0s
+primitive d1 ocf:pacemaker:Dummy \
+ op monitor timeout=20s interval=10s \
+ op start timeout=20s interval=0s \
+ op stop timeout=20s interval=0s
+primitive st stonith:ssh \
+ params hostlist=node1 \
+ meta target-role=Started requires=nothing \
+ op start timeout=60s interval=0s \
+ op monitor interval=60m timeout=60s \
+ op stop timeout=15 interval=0s
+property cib-bootstrap-options: \
+ enable-acl=true
+role basic-read \
+ read status \
+ read attr:uname type:node \
+ read attr:type type:node \
+ read property
+role basic-read-basic \
+ read cib
+role cyrus-role \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0 \
+ read status \
+ read attr:uname type:node \
+ read attr:type type:node \
+ read property
+role d0-admin \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0
+role silly-role \
+ write meta:d0:target-role \
+ write meta:d0:is-managed \
+ read ref:d0 \
+ read status \
+ read attr:uname type:node \
+ read attr:type type:node \
+ read utilization:d0 \
+ read property:stonith-enabled \
+ write property \
+ read node \
+ read node:node1 \
+ read nodeattr \
+ read nodeattr:a1 \
+ read nodeutil \
+ read nodeutil:node1 \
+ read status \
+ read cib
+role silly-role-two \
+ read xpath:"//nodes//attributes" \
+ deny type:nvpair \
+ deny ref:d0
+acl_target alice \
+ basic-read-basic
+acl_target bob \
+ d0-admin \
+ basic-read-basic
+acl_target cyrus \
+ cyrus-role
+.INP: commit