Fix new unit tests

2025-04-17 10:10:20 +00:00 · 2023-11-07 02:46:00 +01:00 · 2023-11-07 02:46:00 +01:00 · cf57e487e2
commit cf57e487e2
parent ae1d72ccef
2 changed files with 49 additions and 0 deletions
--- a/tests/pytests/unit/client/ssh/test_ssh.py
+++ b/tests/pytests/unit/client/ssh/test_ssh.py
@ -408,6 +408,7 @@ def test_key_deploy_permission_denied_file_scp(tmp_path, opts):

    ssh_ret = {
        "localhost": {
+            "_error": "The command resulted in a non-zero exit code",
            "stdout": "",
            "stderr": 'scp: dest open "/tmp/preflight.sh": Permission denied\nscp: failed to upload file /etc/salt/preflight.sh to /tmp/preflight.sh\n',
            "retcode": 1,
@ -418,6 +419,7 @@ def test_key_deploy_permission_denied_file_scp(tmp_path, opts):
        client = ssh.SSH(opts)
    ret, retcode = client.key_deploy(host, ssh_ret)
    assert ret == ssh_ret
+    assert retcode is None
    assert mock_key_run.call_count == 0


@ -449,6 +451,7 @@ def test_key_deploy_no_permission_denied(tmp_path, opts):
        client = ssh.SSH(opts)
    ret, retcode = client.key_deploy(host, ssh_ret)
    assert ret == ssh_ret
+    assert retcode is None
    assert mock_key_run.call_count == 0


--- a/tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py
+++ b/tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py
@ -0,0 +1,46 @@
+import salt.client.ssh.wrapper as wrap
+
+
+def test_parse_ret_permission_denied_scp():
+    """
+    Ensure that permission denied errors are raised when scp fails to copy
+    a file to a target because of an authentication failure.
+    """
+    stdout = "\rroot@192.168.1.187's password: \n\rroot@192.168.1.187's password: \n\rroot@192.168.1.187's password: \n"
+    stderr = "Permission denied, please try again.\nPermission denied, please try again.\nroot@192.168.1.187: Permission denied (publickey,gssapi-keyex,gssapi-with-micimport pudb; pu.dbassword).\nscp: Connection closed\n"
+    retcode = 255
+
+    try:
+        wrap.parse_ret(stdout, stderr, retcode)
+    except wrap.SSHPermissionDeniedError as err:
+        # need access to the exception instance, which pytest.raises
+        # does not provide
+        ret = err.to_ret()
+    else:
+        assert False, "Did not raise SSHPermissionDeniedError"
+    assert "_error" in ret
+    assert ret["_error"] == "Permission denied"
+    assert "stdout" in ret
+    assert "stderr" in ret
+    assert "Permission denied (publickey" in ret["stderr"]
+    assert "retcode" in ret
+    assert ret["retcode"] == 255
+
+
+def test_parse_ret_permission_denied_because_of_permissions():
+    """
+    Ensure that permission denied errors are NOT raised when scp fails
+    to copy a file to a target due to missing permissions of the user account.
+    The PermissionDeniedError should be exclusive to authentication failures and
+    not apply to authorization ones.
+    """
+    stdout = ""
+    stderr = 'scp: dest open "/tmp/preflight.sh": Permission denied\nscp: failed to upload file /etc/salt/preflight.sh to /tmp/preflight.sh\n'
+    retcode = 1
+
+    try:
+        wrap.parse_ret(stdout, stderr, retcode)
+    except wrap.SSHPermissionDeniedError:
+        assert False, "This should not have resulted in an SSHPermissionDeniedError"
+    except wrap.SSHCommandExecutionError:
+        pass