Compare commits
3 Commits
cfc10e0acd
...
0a76fb12d8
| Author | SHA1 | Date | |
|---|---|---|---|
| 0a76fb12d8 | |||
| aa6d5ebbfb | |||
| d83040478e |
@ -171,6 +171,7 @@ update)
|
||||
clean) clean_images ;;
|
||||
status) podman images ;;
|
||||
remove) remove_containers "${args[@]}" ;;
|
||||
rmi) podman rmi "${args[@]}" ;;
|
||||
*)
|
||||
log ERROR "Unknown command: '$cmd'"
|
||||
exit 127
|
||||
|
||||
@ -8,13 +8,18 @@ pallav:
|
||||
- base
|
||||
- workspace
|
||||
- all
|
||||
update:
|
||||
- access
|
||||
clean:
|
||||
status:
|
||||
multiArgsCommands:
|
||||
remove:
|
||||
- pallav
|
||||
- palak
|
||||
- param
|
||||
- darshan
|
||||
arbitArgsCommands:
|
||||
- rmi
|
||||
EOF
|
||||
|
||||
source ./validate_command_access.sh
|
||||
@ -29,19 +34,33 @@ testcase() {
|
||||
fi
|
||||
}
|
||||
|
||||
# ----- Fixed Args Commands -----
|
||||
testcase "build base (valid)" build base
|
||||
testcase "build all (valid)" build all
|
||||
testcase "build base workspace (invalid)" build base workspace || true
|
||||
testcase "build (no arg, invalid)" build || true
|
||||
testcase "update access (valid)" update access
|
||||
testcase "clean (zero-arg, valid)" clean
|
||||
testcase "clean with arg (invalid)" clean foo || true
|
||||
|
||||
testcase "status (zero-arg, valid)" status
|
||||
testcase "status foo (invalid)" status foo || true
|
||||
|
||||
# ----- Multi Args Commands -----
|
||||
testcase "remove palak (valid)" remove palak
|
||||
testcase "remove param palak (valid, any order)" remove param palak
|
||||
testcase "remove palak param darshan (valid, any order)" remove palak param darshan
|
||||
testcase "remove pallav (valid)" remove pallav -f
|
||||
testcase "remove (no arg, invalid)" remove || true
|
||||
testcase "remove foo (invalid)" remove foo || true
|
||||
testcase "remove palak palak (duplicate, invalid)" remove palak palak || true
|
||||
|
||||
testcase "status (zero-arg, valid)" status
|
||||
testcase "status foo (invalid)" status foo || true
|
||||
# ----- Arbitrary Args Commands -----
|
||||
testcase "rmi no args (valid)" rmi
|
||||
testcase "rmi one arg (valid)" rmi image1
|
||||
testcase "rmi multiple args (valid)" rmi image1 image2 image3
|
||||
testcase "rmi with flag (valid)" rmi -f image1 image2
|
||||
testcase "rmi with only flag (valid)" rmi -f
|
||||
|
||||
# ----- Disallowed command -----
|
||||
testcase "foo (invalid command)" foo image1 # should fail
|
||||
|
||||
@ -7,19 +7,18 @@ validate_command() {
|
||||
local tokens=("$@")
|
||||
local yaml="access.yml"
|
||||
|
||||
# Check if fixedArgsCommands.<cmd> exists
|
||||
local is_fixed
|
||||
# Check for fixed, multi, or arbitrary args commands
|
||||
local is_fixed is_multi is_arbit
|
||||
is_fixed="$(yq e ".\"$PERSON\".fixedArgsCommands | has(\"$cmd\")" "$yaml")"
|
||||
# Check if multiArgsCommands.<cmd> exists
|
||||
local is_multi
|
||||
is_multi="$(yq e ".\"$PERSON\".multiArgsCommands | has(\"$cmd\")" "$yaml")"
|
||||
is_arbit="$(yq e ".\"$PERSON\".arbitArgsCommands[]" "$yaml" | grep -qx "$cmd" && echo true || echo false)"
|
||||
|
||||
if [[ "$is_fixed" != "true" && "$is_multi" != "true" ]]; then
|
||||
if [[ "$is_fixed" != "true" && "$is_multi" != "true" && "$is_arbit" != "true" ]]; then
|
||||
echo "ERROR: Command '$cmd' not allowed for $PERSON" >&2
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Exclude flags from positional args
|
||||
# Exclude flags from positional args for fixed/multi; pass all for arbit
|
||||
local args=()
|
||||
for tok in "${tokens[@]}"; do
|
||||
[[ "$tok" == -* ]] && continue
|
||||
@ -80,4 +79,9 @@ validate_command() {
|
||||
done
|
||||
return 0
|
||||
fi
|
||||
|
||||
if [[ "$is_arbit" == "true" ]]; then
|
||||
# Arbitrary arguments allowed, always valid
|
||||
return 0
|
||||
fi
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user