Compare commits
3 Commits
cfc10e0acd
...
0a76fb12d8
| Author | SHA1 | Date | |
|---|---|---|---|
| 0a76fb12d8 | |||
| aa6d5ebbfb | |||
| d83040478e |
@ -171,6 +171,7 @@ update)
|
|||||||
clean) clean_images ;;
|
clean) clean_images ;;
|
||||||
status) podman images ;;
|
status) podman images ;;
|
||||||
remove) remove_containers "${args[@]}" ;;
|
remove) remove_containers "${args[@]}" ;;
|
||||||
|
rmi) podman rmi "${args[@]}" ;;
|
||||||
*)
|
*)
|
||||||
log ERROR "Unknown command: '$cmd'"
|
log ERROR "Unknown command: '$cmd'"
|
||||||
exit 127
|
exit 127
|
||||||
|
|||||||
@ -8,13 +8,18 @@ pallav:
|
|||||||
- base
|
- base
|
||||||
- workspace
|
- workspace
|
||||||
- all
|
- all
|
||||||
|
update:
|
||||||
|
- access
|
||||||
clean:
|
clean:
|
||||||
status:
|
status:
|
||||||
multiArgsCommands:
|
multiArgsCommands:
|
||||||
remove:
|
remove:
|
||||||
|
- pallav
|
||||||
- palak
|
- palak
|
||||||
- param
|
- param
|
||||||
- darshan
|
- darshan
|
||||||
|
arbitArgsCommands:
|
||||||
|
- rmi
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
source ./validate_command_access.sh
|
source ./validate_command_access.sh
|
||||||
@ -29,19 +34,33 @@ testcase() {
|
|||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# ----- Fixed Args Commands -----
|
||||||
testcase "build base (valid)" build base
|
testcase "build base (valid)" build base
|
||||||
testcase "build all (valid)" build all
|
testcase "build all (valid)" build all
|
||||||
testcase "build base workspace (invalid)" build base workspace || true
|
testcase "build base workspace (invalid)" build base workspace || true
|
||||||
testcase "build (no arg, invalid)" build || true
|
testcase "build (no arg, invalid)" build || true
|
||||||
|
testcase "update access (valid)" update access
|
||||||
testcase "clean (zero-arg, valid)" clean
|
testcase "clean (zero-arg, valid)" clean
|
||||||
testcase "clean with arg (invalid)" clean foo || true
|
testcase "clean with arg (invalid)" clean foo || true
|
||||||
|
|
||||||
|
testcase "status (zero-arg, valid)" status
|
||||||
|
testcase "status foo (invalid)" status foo || true
|
||||||
|
|
||||||
|
# ----- Multi Args Commands -----
|
||||||
testcase "remove palak (valid)" remove palak
|
testcase "remove palak (valid)" remove palak
|
||||||
testcase "remove param palak (valid, any order)" remove param palak
|
testcase "remove param palak (valid, any order)" remove param palak
|
||||||
testcase "remove palak param darshan (valid, any order)" remove palak param darshan
|
testcase "remove palak param darshan (valid, any order)" remove palak param darshan
|
||||||
|
testcase "remove pallav (valid)" remove pallav -f
|
||||||
testcase "remove (no arg, invalid)" remove || true
|
testcase "remove (no arg, invalid)" remove || true
|
||||||
testcase "remove foo (invalid)" remove foo || true
|
testcase "remove foo (invalid)" remove foo || true
|
||||||
testcase "remove palak palak (duplicate, invalid)" remove palak palak || true
|
testcase "remove palak palak (duplicate, invalid)" remove palak palak || true
|
||||||
|
|
||||||
testcase "status (zero-arg, valid)" status
|
# ----- Arbitrary Args Commands -----
|
||||||
testcase "status foo (invalid)" status foo || true
|
testcase "rmi no args (valid)" rmi
|
||||||
|
testcase "rmi one arg (valid)" rmi image1
|
||||||
|
testcase "rmi multiple args (valid)" rmi image1 image2 image3
|
||||||
|
testcase "rmi with flag (valid)" rmi -f image1 image2
|
||||||
|
testcase "rmi with only flag (valid)" rmi -f
|
||||||
|
|
||||||
|
# ----- Disallowed command -----
|
||||||
|
testcase "foo (invalid command)" foo image1 # should fail
|
||||||
|
|||||||
@ -7,19 +7,18 @@ validate_command() {
|
|||||||
local tokens=("$@")
|
local tokens=("$@")
|
||||||
local yaml="access.yml"
|
local yaml="access.yml"
|
||||||
|
|
||||||
# Check if fixedArgsCommands.<cmd> exists
|
# Check for fixed, multi, or arbitrary args commands
|
||||||
local is_fixed
|
local is_fixed is_multi is_arbit
|
||||||
is_fixed="$(yq e ".\"$PERSON\".fixedArgsCommands | has(\"$cmd\")" "$yaml")"
|
is_fixed="$(yq e ".\"$PERSON\".fixedArgsCommands | has(\"$cmd\")" "$yaml")"
|
||||||
# Check if multiArgsCommands.<cmd> exists
|
|
||||||
local is_multi
|
|
||||||
is_multi="$(yq e ".\"$PERSON\".multiArgsCommands | has(\"$cmd\")" "$yaml")"
|
is_multi="$(yq e ".\"$PERSON\".multiArgsCommands | has(\"$cmd\")" "$yaml")"
|
||||||
|
is_arbit="$(yq e ".\"$PERSON\".arbitArgsCommands[]" "$yaml" | grep -qx "$cmd" && echo true || echo false)"
|
||||||
|
|
||||||
if [[ "$is_fixed" != "true" && "$is_multi" != "true" ]]; then
|
if [[ "$is_fixed" != "true" && "$is_multi" != "true" && "$is_arbit" != "true" ]]; then
|
||||||
echo "ERROR: Command '$cmd' not allowed for $PERSON" >&2
|
echo "ERROR: Command '$cmd' not allowed for $PERSON" >&2
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Exclude flags from positional args
|
# Exclude flags from positional args for fixed/multi; pass all for arbit
|
||||||
local args=()
|
local args=()
|
||||||
for tok in "${tokens[@]}"; do
|
for tok in "${tokens[@]}"; do
|
||||||
[[ "$tok" == -* ]] && continue
|
[[ "$tok" == -* ]] && continue
|
||||||
@ -80,4 +79,9 @@ validate_command() {
|
|||||||
done
|
done
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [[ "$is_arbit" == "true" ]]; then
|
||||||
|
# Arbitrary arguments allowed, always valid
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user