open-vault/vault/mount_test.go

package vault

import (
	"reflect"
	"testing"
)

func TestCore_DefaultMountTable(t *testing.T) {
	c, key := testUnsealedCore(t)
	verifyDefaultTable(t, c.mounts)

	// Start a second core with same physical
	conf := &CoreConfig{Physical: c.physical}
	c2, err := NewCore(conf)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	unseal, err := c2.Unseal(key)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	if !unseal {
		t.Fatalf("should be unsealed")
	}

	// Verify matching mount tables
	if !reflect.DeepEqual(c.mounts, c2.mounts) {
		t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)
	}
}

func TestCore_MountEntry(t *testing.T) {
	c, key := testUnsealedCore(t)
	me := &MountEntry{
		Path: "foo",
		Type: "generic",
	}
	err := c.mountEntry(me)
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	match := c.router.MatchingMount("foo/bar")
	if match != "foo/" {
		t.Fatalf("missing mount")
	}

	conf := &CoreConfig{Physical: c.physical}
	c2, err := NewCore(conf)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	unseal, err := c2.Unseal(key)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	if !unseal {
		t.Fatalf("should be unsealed")
	}

	// Verify matching mount tables
	if !reflect.DeepEqual(c.mounts, c2.mounts) {
		t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)
	}
}

func TestCore_UnmountPath(t *testing.T) {
	c, key := testUnsealedCore(t)
	err := c.unmountPath("secret")
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	match := c.router.MatchingMount("secret/foo")
	if match != "" {
		t.Fatalf("backend present")
	}

	conf := &CoreConfig{Physical: c.physical}
	c2, err := NewCore(conf)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	unseal, err := c2.Unseal(key)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	if !unseal {
		t.Fatalf("should be unsealed")
	}

	// Verify matching mount tables
	if !reflect.DeepEqual(c.mounts, c2.mounts) {
		t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)
	}
}

func TestCore_RemountPath(t *testing.T) {
	c, key := testUnsealedCore(t)
	err := c.remountPath("secret", "foo")
	if err != nil {
		t.Fatalf("err: %v", err)
	}

	match := c.router.MatchingMount("foo/bar")
	if match != "foo/" {
		t.Fatalf("failed remount")
	}

	conf := &CoreConfig{Physical: c.physical}
	c2, err := NewCore(conf)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	unseal, err := c2.Unseal(key)
	if err != nil {
		t.Fatalf("err: %v", err)
	}
	if !unseal {
		t.Fatalf("should be unsealed")
	}

	// Verify matching mount tables
	if !reflect.DeepEqual(c.mounts, c2.mounts) {
		t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)
	}
}

func TestCore_RemountPath_Protected(t *testing.T) {
	c, _ := testUnsealedCore(t)
	err := c.remountPath("sys", "foo")
	if err.Error() != "cannot remount 'sys/'" {
		t.Fatalf("err: %v", err)
	}
}

func TestDefaultMountTable(t *testing.T) {
	table := defaultMountTable()
	verifyDefaultTable(t, table)
}

func verifyDefaultTable(t *testing.T, table *MountTable) {
	if len(table.Entries) != 2 {
		t.Fatalf("bad: %v", table.Entries)
	}
	for idx, entry := range table.Entries {
		switch idx {
		case 0:
			if entry.Path != "secret/" {
				t.Fatalf("bad: %v", entry)
			}
			if entry.Type != "generic" {
				t.Fatalf("bad: %v", entry)
			}
		case 1:
			if entry.Path != "sys/" {
				t.Fatalf("bad: %v", entry)
			}
			if entry.Type != "system" {
				t.Fatalf("bad: %v", entry)
			}
		}
		if entry.Description == "" {
			t.Fatalf("bad: %v", entry)
		}
		if entry.UUID == "" {
			t.Fatalf("bad: %v", entry)
		}
	}

}
vault: Testing mount table setup 2015-03-11 22:33:25 +00:00			`package vault`

			`import (`
			`"reflect"`
			`"testing"`
			`)`

			`func TestCore_DefaultMountTable(t *testing.T) {`
			`c, key := testUnsealedCore(t)`
			`verifyDefaultTable(t, c.mounts)`

			`// Start a second core with same physical`
vault: the config has to be exported 2015-03-12 17:22:12 +00:00			`conf := &CoreConfig{Physical: c.physical}`
vault: Testing mount table setup 2015-03-11 22:33:25 +00:00			`c2, err := NewCore(conf)`
			`if err != nil {`
vault: testing mount/unmount 2015-03-12 01:29:49 +00:00			`t.Fatalf("err: %v", err)`
			`}`
			`unseal, err := c2.Unseal(key)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`if !unseal {`
			`t.Fatalf("should be unsealed")`
			`}`

			`// Verify matching mount tables`
			`if !reflect.DeepEqual(c.mounts, c2.mounts) {`
			`t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)`
			`}`
			`}`

			`func TestCore_MountEntry(t *testing.T) {`
			`c, key := testUnsealedCore(t)`
			`me := &MountEntry{`
			`Path: "foo",`
			`Type: "generic",`
			`}`
			`err := c.mountEntry(me)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`match := c.router.MatchingMount("foo/bar")`
			`if match != "foo/" {`
			`t.Fatalf("missing mount")`
			`}`

vault: the config has to be exported 2015-03-12 17:22:12 +00:00			`conf := &CoreConfig{Physical: c.physical}`
vault: testing mount/unmount 2015-03-12 01:29:49 +00:00			`c2, err := NewCore(conf)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`unseal, err := c2.Unseal(key)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`if !unseal {`
			`t.Fatalf("should be unsealed")`
			`}`

			`// Verify matching mount tables`
			`if !reflect.DeepEqual(c.mounts, c2.mounts) {`
			`t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)`
			`}`
			`}`

			`func TestCore_UnmountPath(t *testing.T) {`
			`c, key := testUnsealedCore(t)`
			`err := c.unmountPath("secret")`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`match := c.router.MatchingMount("secret/foo")`
			`if match != "" {`
			`t.Fatalf("backend present")`
			`}`

vault: the config has to be exported 2015-03-12 17:22:12 +00:00			`conf := &CoreConfig{Physical: c.physical}`
vault: testing mount/unmount 2015-03-12 01:29:49 +00:00			`c2, err := NewCore(conf)`
			`if err != nil {`
vault: Testing mount table setup 2015-03-11 22:33:25 +00:00			`t.Fatalf("err: %v", err)`
			`}`
			`unseal, err := c2.Unseal(key)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`if !unseal {`
			`t.Fatalf("should be unsealed")`
			`}`

			`// Verify matching mount tables`
			`if !reflect.DeepEqual(c.mounts, c2.mounts) {`
			`t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)`
			`}`
			`}`

vault: support remount 2015-03-12 19:09:30 +00:00			`func TestCore_RemountPath(t *testing.T) {`
			`c, key := testUnsealedCore(t)`
			`err := c.remountPath("secret", "foo")`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`

			`match := c.router.MatchingMount("foo/bar")`
			`if match != "foo/" {`
			`t.Fatalf("failed remount")`
			`}`

			`conf := &CoreConfig{Physical: c.physical}`
			`c2, err := NewCore(conf)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`unseal, err := c2.Unseal(key)`
			`if err != nil {`
			`t.Fatalf("err: %v", err)`
			`}`
			`if !unseal {`
			`t.Fatalf("should be unsealed")`
			`}`

			`// Verify matching mount tables`
			`if !reflect.DeepEqual(c.mounts, c2.mounts) {`
			`t.Fatalf("mismatch: %v %v", c.mounts, c2.mounts)`
			`}`
			`}`

			`func TestCore_RemountPath_Protected(t *testing.T) {`
			`c, _ := testUnsealedCore(t)`
			`err := c.remountPath("sys", "foo")`
			`if err.Error() != "cannot remount 'sys/'" {`
			`t.Fatalf("err: %v", err)`
			`}`
			`}`

vault: Testing mount table setup 2015-03-11 22:33:25 +00:00			`func TestDefaultMountTable(t *testing.T) {`
			`table := defaultMountTable()`
			`verifyDefaultTable(t, table)`
			`}`

			`func verifyDefaultTable(t testing.T, table MountTable) {`
			`if len(table.Entries) != 2 {`
			`t.Fatalf("bad: %v", table.Entries)`
			`}`
			`for idx, entry := range table.Entries {`
			`switch idx {`
			`case 0:`
			`if entry.Path != "secret/" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`if entry.Type != "generic" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`case 1:`
			`if entry.Path != "sys/" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`if entry.Type != "system" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`}`
			`if entry.Description == "" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`if entry.UUID == "" {`
			`t.Fatalf("bad: %v", entry)`
			`}`
			`}`

			`}`