island: Move file_has_expected_permissions() to file_utils.py
Rename to `has_expected_permissions()` as `file_has_expected_permissions()` is now reduntant. Add unit tests
This commit is contained in:
parent
36314f09ae
commit
a45848ce0c
|
@ -3,3 +3,10 @@ import os
|
||||||
|
|
||||||
def expand_path(path: str) -> str:
|
def expand_path(path: str) -> str:
|
||||||
return os.path.expandvars(os.path.expanduser(path))
|
return os.path.expandvars(os.path.expanduser(path))
|
||||||
|
|
||||||
|
|
||||||
|
def has_expected_permissions(path: str, expected_permissions: int) -> bool:
|
||||||
|
file_mode = os.stat(path).st_mode
|
||||||
|
file_permissions = file_mode & 0o777
|
||||||
|
|
||||||
|
return file_permissions == expected_permissions
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
import os
|
import os
|
||||||
|
|
||||||
from common.utils.exceptions import InsecurePermissionsError
|
from common.utils.exceptions import InsecurePermissionsError
|
||||||
|
from monkey_island.cc.server_utils.file_utils import has_expected_permissions
|
||||||
|
|
||||||
|
|
||||||
def ensure_file_existence(file: str) -> None:
|
def ensure_file_existence(file: str) -> None:
|
||||||
|
@ -9,14 +10,7 @@ def ensure_file_existence(file: str) -> None:
|
||||||
|
|
||||||
|
|
||||||
def ensure_file_permissions(file: str) -> None:
|
def ensure_file_permissions(file: str) -> None:
|
||||||
if not file_has_expected_permissions(path=file, expected_permissions="0o400"):
|
if not has_expected_permissions(path=file, expected_permissions="0o400"):
|
||||||
raise InsecurePermissionsError(
|
raise InsecurePermissionsError(
|
||||||
f"{file} has insecure permissions. Required permissions: 400. Exiting."
|
f"{file} has insecure permissions. Required permissions: 400. Exiting."
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
def file_has_expected_permissions(path: str, expected_permissions: str) -> bool:
|
|
||||||
file_mode = os.stat(path).st_mode
|
|
||||||
file_permissions = oct(file_mode & 0o777)
|
|
||||||
|
|
||||||
return file_permissions == expected_permissions
|
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
import os
|
import os
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
|
||||||
from monkey_island.cc.server_utils import file_utils
|
from monkey_island.cc.server_utils import file_utils
|
||||||
|
|
||||||
|
|
||||||
|
@ -15,3 +17,28 @@ def test_expand_vars(patched_home_env):
|
||||||
expected_path = os.path.join(patched_home_env, "test")
|
expected_path = os.path.join(patched_home_env, "test")
|
||||||
|
|
||||||
assert file_utils.expand_path(input_path) == expected_path
|
assert file_utils.expand_path(input_path) == expected_path
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
|
def test_has_expected_permissions_true(tmpdir):
|
||||||
|
file_name = f"{tmpdir}/test"
|
||||||
|
|
||||||
|
create_empty_file(file_name)
|
||||||
|
os.chmod(file_name, 0o754)
|
||||||
|
|
||||||
|
assert file_utils.has_expected_permissions(file_name, 0o754)
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.skipif(os.name != "posix", reason="Tests Posix (not Windows) permissions.")
|
||||||
|
def test_has_expected_permissions_false(tmpdir):
|
||||||
|
file_name = f"{tmpdir}/test"
|
||||||
|
|
||||||
|
create_empty_file(file_name)
|
||||||
|
os.chmod(file_name, 0o755)
|
||||||
|
|
||||||
|
assert not file_utils.has_expected_permissions(file_name, 0o700)
|
||||||
|
|
||||||
|
|
||||||
|
def create_empty_file(file_name):
|
||||||
|
with open(file_name, "w"):
|
||||||
|
pass
|
||||||
|
|
Loading…
Reference in New Issue