diff options
Diffstat (limited to '')
-rw-r--r-- | test/testcases/acl | 60 | ||||
-rw-r--r-- | test/testcases/acl.excl | 1 | ||||
-rw-r--r-- | test/testcases/acl.exp | 94 |
3 files changed, 155 insertions, 0 deletions
diff --git a/test/testcases/acl b/test/testcases/acl new file mode 100644 index 0000000..ebc9531 --- /dev/null +++ b/test/testcases/acl @@ -0,0 +1,60 @@ +show ACL +node node1 +property enable-acl=true +primitive st stonith:ssh \ + params hostlist='node1' \ + meta target-role="Started" requires=nothing \ + op start timeout=60s \ + op monitor interval=60m timeout=60s +primitive d0 ocf:pacemaker:Dummy +primitive d1 ocf:pacemaker:Dummy +role basic-read \ + read status \ + read type:node attribute:uname \ + read type:node attribute:type \ + read property +role basic-read-basic \ + read cib +role d0-admin \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 +role silly-role \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 \ + read status \ + read type:node attribute:uname \ + read type:node attribute:type \ + read utilization:d0 \ + read property:stonith-enabled \ + write property \ + read node \ + read node:node1 \ + read nodeattr \ + read nodeattr:a1 \ + read nodeutil \ + read nodeutil:node1 \ + read status \ + read cib +role silly-role-two \ + read xpath:"//nodes//attributes" \ + deny tag:nvpair \ + deny ref:d0 +acl_target alice \ + basic-read-basic +acl_target bob \ + d0-admin \ + basic-read-basic +role cyrus-role \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 \ + read status \ + read type:node attribute:uname \ + read type:node attribute:type \ + read property +acl_target cyrus cyrus-role +_test +verify +. diff --git a/test/testcases/acl.excl b/test/testcases/acl.excl new file mode 100644 index 0000000..31d13f7 --- /dev/null +++ b/test/testcases/acl.excl @@ -0,0 +1 @@ +INFO: 5: already using schema pacemaker-1.2 diff --git a/test/testcases/acl.exp b/test/testcases/acl.exp new file mode 100644 index 0000000..f00405c --- /dev/null +++ b/test/testcases/acl.exp @@ -0,0 +1,94 @@ +.TRY ACL +.INP: configure +.INP: _regtest on +.INP: erase +.INP: erase nodes +.INP: node node1 +.INP: property enable-acl=true +.INP: primitive st stonith:ssh params hostlist='node1' meta target-role="Started" requires=nothing op start timeout=60s op monitor interval=60m timeout=60s +.EXT crm_resource --show-metadata stonith:ssh +.EXT stonithd metadata +.INP: primitive d0 ocf:pacemaker:Dummy +.EXT crm_resource --show-metadata ocf:pacemaker:Dummy +.INP: primitive d1 ocf:pacemaker:Dummy +.INP: role basic-read read status read type:node attribute:uname read type:node attribute:type read property +.INP: role basic-read-basic read cib +.INP: role d0-admin write meta:d0:target-role write meta:d0:is-managed read ref:d0 +.INP: role silly-role write meta:d0:target-role write meta:d0:is-managed read ref:d0 read status read type:node attribute:uname read type:node attribute:type read utilization:d0 read property:stonith-enabled write property read node read node:node1 read nodeattr read nodeattr:a1 read nodeutil read nodeutil:node1 read status read cib +.INP: role silly-role-two read xpath:"//nodes//attributes" deny tag:nvpair deny ref:d0 +.INP: acl_target alice basic-read-basic +.INP: acl_target bob d0-admin basic-read-basic +.INP: role cyrus-role write meta:d0:target-role write meta:d0:is-managed read ref:d0 read status read type:node attribute:uname read type:node attribute:type read property +.INP: acl_target cyrus cyrus-role +.INP: _test +.INP: verify +.EXT crmd metadata +.EXT pengine metadata +.EXT cib metadata +.INP: show +node node1 +primitive d0 ocf:pacemaker:Dummy \ + op monitor timeout=20s interval=10s \ + op start timeout=20s interval=0s \ + op stop timeout=20s interval=0s +primitive d1 ocf:pacemaker:Dummy \ + op monitor timeout=20s interval=10s \ + op start timeout=20s interval=0s \ + op stop timeout=20s interval=0s +primitive st stonith:ssh \ + params hostlist=node1 \ + meta target-role=Started requires=nothing \ + op start timeout=60s interval=0s \ + op monitor interval=60m timeout=60s \ + op stop timeout=15 interval=0s +property cib-bootstrap-options: \ + enable-acl=true +role basic-read \ + read status \ + read attr:uname type:node \ + read attr:type type:node \ + read property +role basic-read-basic \ + read cib +role cyrus-role \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 \ + read status \ + read attr:uname type:node \ + read attr:type type:node \ + read property +role d0-admin \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 +role silly-role \ + write meta:d0:target-role \ + write meta:d0:is-managed \ + read ref:d0 \ + read status \ + read attr:uname type:node \ + read attr:type type:node \ + read utilization:d0 \ + read property:stonith-enabled \ + write property \ + read node \ + read node:node1 \ + read nodeattr \ + read nodeattr:a1 \ + read nodeutil \ + read nodeutil:node1 \ + read status \ + read cib +role silly-role-two \ + read xpath:"//nodes//attributes" \ + deny type:nvpair \ + deny ref:d0 +acl_target alice \ + basic-read-basic +acl_target bob \ + d0-admin \ + basic-read-basic +acl_target cyrus \ + cyrus-role +.INP: commit |