Skip to content

Commit b40789e

Browse files
RafaelGSSmarco-ippolito
RafaelGSS
authored and
marco-ippolito
committed
test: add buffer to fs_permission tests
PR-URL: #55734 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
1 parent 39b89e9 commit b40789e

File tree

2 files changed

+117
-0
lines changed

2 files changed

+117
-0
lines changed

test/fixtures/permission/fs-read.js

+54
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,11 @@ const regularFile = __filename;
2020
permission: 'FileSystemRead',
2121
resource: path.toNamespacedPath(blockedFile),
2222
}));
23+
fs.readFile(bufferBlockedFile, common.expectsError({
24+
code: 'ERR_ACCESS_DENIED',
25+
permission: 'FileSystemRead',
26+
resource: path.toNamespacedPath(blockedFile),
27+
}));
2328
assert.throws(() => {
2429
fs.readFileSync(blockedFile);
2530
}, common.expectsError({
@@ -78,6 +83,11 @@ const regularFile = __filename;
7883
permission: 'FileSystemRead',
7984
resource: path.toNamespacedPath(blockedFile),
8085
}));
86+
fs.stat(bufferBlockedFile, common.expectsError({
87+
code: 'ERR_ACCESS_DENIED',
88+
permission: 'FileSystemRead',
89+
resource: path.toNamespacedPath(blockedFile),
90+
}));
8191
assert.throws(() => {
8292
fs.statSync(blockedFile);
8393
}, common.expectsError({
@@ -111,6 +121,11 @@ const regularFile = __filename;
111121
permission: 'FileSystemRead',
112122
resource: path.toNamespacedPath(blockedFile),
113123
}));
124+
fs.access(bufferBlockedFile, fs.constants.R_OK, common.expectsError({
125+
code: 'ERR_ACCESS_DENIED',
126+
permission: 'FileSystemRead',
127+
resource: path.toNamespacedPath(blockedFile),
128+
}));
114129
assert.throws(() => {
115130
fs.accessSync(blockedFileURL, fs.constants.R_OK);
116131
}, common.expectsError({
@@ -139,6 +154,11 @@ const regularFile = __filename;
139154
permission: 'FileSystemRead',
140155
resource: path.toNamespacedPath(blockedFile),
141156
}));
157+
fs.copyFile(bufferBlockedFile, path.join(blockedFolder, 'any-other-file'), common.expectsError({
158+
code: 'ERR_ACCESS_DENIED',
159+
permission: 'FileSystemRead',
160+
resource: path.toNamespacedPath(blockedFile),
161+
}));
142162
assert.throws(() => {
143163
fs.copyFileSync(blockedFileURL, path.join(blockedFolder, 'any-other-file'));
144164
}, common.expectsError({
@@ -165,6 +185,13 @@ const regularFile = __filename;
165185
// cpSync calls lstatSync before reading blockedFile
166186
resource: path.toNamespacedPath(blockedFile),
167187
}));
188+
assert.throws(() => {
189+
fs.cpSync(bufferBlockedFile, path.join(blockedFolder, 'any-other-file'));
190+
}, common.expectsError({
191+
code: 'ERR_ACCESS_DENIED',
192+
permission: 'FileSystemRead',
193+
resource: path.toNamespacedPath(blockedFile),
194+
}));
168195
assert.throws(() => {
169196
fs.cpSync(blockedFileURL, path.join(blockedFolder, 'any-other-file'));
170197
}, common.expectsError({
@@ -189,6 +216,11 @@ const regularFile = __filename;
189216
permission: 'FileSystemRead',
190217
resource: path.toNamespacedPath(blockedFile),
191218
}));
219+
fs.open(bufferBlockedFile, 'r', common.expectsError({
220+
code: 'ERR_ACCESS_DENIED',
221+
permission: 'FileSystemRead',
222+
resource: path.toNamespacedPath(blockedFile),
223+
}));
192224
assert.throws(() => {
193225
fs.openSync(blockedFileURL, 'r');
194226
}, common.expectsError({
@@ -313,6 +345,11 @@ const regularFile = __filename;
313345
permission: 'FileSystemRead',
314346
resource: path.toNamespacedPath(blockedFile),
315347
}));
348+
fs.rename(bufferBlockedFile, 'newfile', common.expectsError({
349+
code: 'ERR_ACCESS_DENIED',
350+
permission: 'FileSystemRead',
351+
resource: path.toNamespacedPath(blockedFile),
352+
}));
316353
assert.throws(() => {
317354
fs.renameSync(blockedFile, 'newfile');
318355
}, common.expectsError({
@@ -338,6 +375,13 @@ const regularFile = __filename;
338375
permission: 'FileSystemRead',
339376
resource: path.toNamespacedPath(blockedFile),
340377
}));
378+
assert.throws(() => {
379+
fs.openAsBlob(bufferBlockedFile);
380+
}, common.expectsError({
381+
code: 'ERR_ACCESS_DENIED',
382+
permission: 'FileSystemRead',
383+
resource: path.toNamespacedPath(blockedFile),
384+
}));
341385
assert.throws(() => {
342386
fs.openAsBlob(blockedFileURL);
343387
}, common.expectsError({
@@ -372,6 +416,11 @@ const regularFile = __filename;
372416
permission: 'FileSystemRead',
373417
resource: path.toNamespacedPath(blockedFile),
374418
}));
419+
fs.statfs(bufferBlockedFile, common.expectsError({
420+
code: 'ERR_ACCESS_DENIED',
421+
permission: 'FileSystemRead',
422+
resource: path.toNamespacedPath(blockedFile),
423+
}));
375424
assert.throws(() => {
376425
fs.statfsSync(blockedFile);
377426
}, common.expectsError({
@@ -406,6 +455,11 @@ const regularFile = __filename;
406455
}, common.expectsError({
407456
code: 'ERR_ACCESS_DENIED',
408457
}));
458+
assert.throws(() => {
459+
fs.lstatSync(bufferBlockedFile);
460+
}, common.expectsError({
461+
code: 'ERR_ACCESS_DENIED',
462+
}));
409463
assert.throws(() => {
410464
fs.lstatSync(path.join(blockedFolder, 'anyfile'));
411465
}, common.expectsError({

test/fixtures/permission/fs-write.js

+63
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ const regularFolder = process.env.ALLOWEDFOLDER;
1111
const regularFile = process.env.ALLOWEDFILE;
1212
const blockedFolder = process.env.BLOCKEDFOLDER;
1313
const blockedFile = process.env.BLOCKEDFILE;
14+
const bufferBlockedFile = Buffer.from(process.env.BLOCKEDFILE);
1415
const blockedFileURL = require('url').pathToFileURL(process.env.BLOCKEDFILE);
1516
const relativeProtectedFile = process.env.RELATIVEBLOCKEDFILE;
1617
const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
@@ -34,6 +35,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
3435
permission: 'FileSystemWrite',
3536
resource: path.toNamespacedPath(blockedFile),
3637
}));
38+
fs.writeFile(bufferBlockedFile, 'example', common.expectsError({
39+
code: 'ERR_ACCESS_DENIED',
40+
permission: 'FileSystemWrite',
41+
resource: path.toNamespacedPath(blockedFile),
42+
}));
3743
assert.throws(() => {
3844
fs.writeFileSync(blockedFileURL, 'example');
3945
}, {
@@ -102,6 +108,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
102108
permission: 'FileSystemWrite',
103109
resource: path.toNamespacedPath(blockedFile),
104110
});
111+
assert.throws(() => {
112+
fs.utimes(bufferBlockedFile, new Date(), new Date(), () => {});
113+
}, {
114+
code: 'ERR_ACCESS_DENIED',
115+
permission: 'FileSystemWrite',
116+
resource: path.toNamespacedPath(blockedFile),
117+
});
105118
assert.throws(() => {
106119
fs.utimes(blockedFileURL, new Date(), new Date(), () => {});
107120
}, {
@@ -135,6 +148,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
135148
permission: 'FileSystemWrite',
136149
resource: path.toNamespacedPath(blockedFile),
137150
});
151+
assert.throws(() => {
152+
fs.lutimes(bufferBlockedFile, new Date(), new Date(), () => {});
153+
},{
154+
code: 'ERR_ACCESS_DENIED',
155+
permission: 'FileSystemWrite',
156+
resource: path.toNamespacedPath(blockedFile),
157+
});
138158
assert.throws(() => {
139159
fs.lutimes(blockedFileURL, new Date(), new Date(), () => {});
140160
}, {
@@ -193,6 +213,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
193213
permission: 'FileSystemWrite',
194214
resource: path.toNamespacedPath(blockedFile),
195215
}));
216+
fs.rename(bufferBlockedFile, path.join(blockedFile, 'renamed'), common.expectsError({
217+
code: 'ERR_ACCESS_DENIED',
218+
permission: 'FileSystemWrite',
219+
resource: path.toNamespacedPath(blockedFile),
220+
}));
196221
assert.throws(() => {
197222
fs.renameSync(blockedFileURL, path.join(blockedFile, 'renamed'));
198223
}, {
@@ -245,6 +270,11 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
245270
permission: 'FileSystemWrite',
246271
resource: path.toNamespacedPath(path.join(relativeProtectedFolder, 'any-file')),
247272
}));
273+
fs.copyFile(bufferBlockedFile, path.join(relativeProtectedFolder, 'any-file'), common.expectsError({
274+
code: 'ERR_ACCESS_DENIED',
275+
permission: 'FileSystemWrite',
276+
resource: path.toNamespacedPath(path.join(relativeProtectedFolder, 'any-file')),
277+
}));
248278
}
249279

250280
// fs.cp
@@ -295,6 +325,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
295325
code: 'ERR_ACCESS_DENIED',
296326
permission: 'FileSystemWrite',
297327
}));
328+
fs.open(bufferBlockedFile, fs.constants.O_RDWR | 0x10000000, common.expectsError({
329+
code: 'ERR_ACCESS_DENIED',
330+
permission: 'FileSystemWrite',
331+
}));
298332
assert.rejects(async () => {
299333
await fs.promises.open(blockedFile, fs.constants.O_RDWR | fs.constants.O_NOFOLLOW);
300334
}, {
@@ -322,6 +356,12 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
322356
code: 'ERR_ACCESS_DENIED',
323357
permission: 'FileSystemWrite',
324358
});
359+
assert.throws(() => {
360+
fs.chmod(bufferBlockedFile, 0o755, common.mustNotCall());
361+
}, {
362+
code: 'ERR_ACCESS_DENIED',
363+
permission: 'FileSystemWrite',
364+
});
325365
assert.throws(() => {
326366
fs.chmod(blockedFileURL, 0o755, common.mustNotCall());
327367
}, {
@@ -358,6 +398,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
358398
code: 'ERR_ACCESS_DENIED',
359399
permission: 'FileSystemWrite',
360400
}));
401+
fs.appendFile(bufferBlockedFile, 'new data', common.expectsError({
402+
code: 'ERR_ACCESS_DENIED',
403+
permission: 'FileSystemWrite',
404+
}));
361405
assert.throws(() => {
362406
fs.appendFileSync(blockedFileURL, 'new data');
363407
}, {
@@ -378,6 +422,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
378422
code: 'ERR_ACCESS_DENIED',
379423
permission: 'FileSystemWrite',
380424
}));
425+
fs.chown(bufferBlockedFile, 1541, 999, common.expectsError({
426+
code: 'ERR_ACCESS_DENIED',
427+
permission: 'FileSystemWrite',
428+
}));
381429
assert.throws(() => {
382430
fs.chownSync(blockedFileURL, 1541, 999);
383431
}, {
@@ -399,6 +447,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
399447
code: 'ERR_ACCESS_DENIED',
400448
permission: 'FileSystemWrite',
401449
}));
450+
fs.lchown(bufferBlockedFile, 1541, 999, common.expectsError({
451+
code: 'ERR_ACCESS_DENIED',
452+
permission: 'FileSystemWrite',
453+
}));
402454
assert.throws(() => {
403455
fs.lchownSync(blockedFileURL, 1541, 999);
404456
}, {
@@ -426,6 +478,10 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
426478
code: 'ERR_ACCESS_DENIED',
427479
permission: 'FileSystemWrite',
428480
}));
481+
fs.link(bufferBlockedFile, path.join(blockedFolder, '/linked'), common.expectsError({
482+
code: 'ERR_ACCESS_DENIED',
483+
permission: 'FileSystemWrite',
484+
}));
429485
assert.throws(() => {
430486
fs.linkSync(blockedFileURL, path.join(blockedFolder, '/linked'));
431487
}, {
@@ -450,6 +506,13 @@ const relativeProtectedFolder = process.env.RELATIVEBLOCKEDFOLDER;
450506
permission: 'FileSystemWrite',
451507
resource: path.toNamespacedPath(blockedFile),
452508
});
509+
assert.throws(() => {
510+
fs.unlinkSync(bufferBlockedFile);
511+
}, {
512+
code: 'ERR_ACCESS_DENIED',
513+
permission: 'FileSystemWrite',
514+
resource: path.toNamespacedPath(blockedFile),
515+
});
453516
fs.unlink(blockedFile, common.expectsError({
454517
code: 'ERR_ACCESS_DENIED',
455518
permission: 'FileSystemWrite',

0 commit comments

Comments
 (0)