From cf57e487e263cc4c47f5eaf39916cb5434d720e8 Mon Sep 17 00:00:00 2001 From: jeanluc Date: Tue, 7 Nov 2023 02:46:00 +0100 Subject: [PATCH] Fix new unit tests --- tests/pytests/unit/client/ssh/test_ssh.py | 3 ++ .../unit/client/ssh/wrapper/test_parse_ret.py | 46 +++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py diff --git a/tests/pytests/unit/client/ssh/test_ssh.py b/tests/pytests/unit/client/ssh/test_ssh.py index 32259c749e2..7f2bcb1b40f 100644 --- a/tests/pytests/unit/client/ssh/test_ssh.py +++ b/tests/pytests/unit/client/ssh/test_ssh.py @@ -408,6 +408,7 @@ def test_key_deploy_permission_denied_file_scp(tmp_path, opts): ssh_ret = { "localhost": { + "_error": "The command resulted in a non-zero exit code", "stdout": "", "stderr": 'scp: dest open "/tmp/preflight.sh": Permission denied\nscp: failed to upload file /etc/salt/preflight.sh to /tmp/preflight.sh\n', "retcode": 1, @@ -418,6 +419,7 @@ def test_key_deploy_permission_denied_file_scp(tmp_path, opts): client = ssh.SSH(opts) ret, retcode = client.key_deploy(host, ssh_ret) assert ret == ssh_ret + assert retcode is None assert mock_key_run.call_count == 0 @@ -449,6 +451,7 @@ def test_key_deploy_no_permission_denied(tmp_path, opts): client = ssh.SSH(opts) ret, retcode = client.key_deploy(host, ssh_ret) assert ret == ssh_ret + assert retcode is None assert mock_key_run.call_count == 0 diff --git a/tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py b/tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py new file mode 100644 index 00000000000..ab3732dd461 --- /dev/null +++ b/tests/pytests/unit/client/ssh/wrapper/test_parse_ret.py @@ -0,0 +1,46 @@ +import salt.client.ssh.wrapper as wrap + + +def test_parse_ret_permission_denied_scp(): + """ + Ensure that permission denied errors are raised when scp fails to copy + a file to a target because of an authentication failure. + """ + stdout = "\rroot@192.168.1.187's password: \n\rroot@192.168.1.187's password: \n\rroot@192.168.1.187's password: \n" + stderr = "Permission denied, please try again.\nPermission denied, please try again.\nroot@192.168.1.187: Permission denied (publickey,gssapi-keyex,gssapi-with-micimport pudb; pu.dbassword).\nscp: Connection closed\n" + retcode = 255 + + try: + wrap.parse_ret(stdout, stderr, retcode) + except wrap.SSHPermissionDeniedError as err: + # need access to the exception instance, which pytest.raises + # does not provide + ret = err.to_ret() + else: + assert False, "Did not raise SSHPermissionDeniedError" + assert "_error" in ret + assert ret["_error"] == "Permission denied" + assert "stdout" in ret + assert "stderr" in ret + assert "Permission denied (publickey" in ret["stderr"] + assert "retcode" in ret + assert ret["retcode"] == 255 + + +def test_parse_ret_permission_denied_because_of_permissions(): + """ + Ensure that permission denied errors are NOT raised when scp fails + to copy a file to a target due to missing permissions of the user account. + The PermissionDeniedError should be exclusive to authentication failures and + not apply to authorization ones. + """ + stdout = "" + stderr = 'scp: dest open "/tmp/preflight.sh": Permission denied\nscp: failed to upload file /etc/salt/preflight.sh to /tmp/preflight.sh\n' + retcode = 1 + + try: + wrap.parse_ret(stdout, stderr, retcode) + except wrap.SSHPermissionDeniedError: + assert False, "This should not have resulted in an SSHPermissionDeniedError" + except wrap.SSHCommandExecutionError: + pass