diff --git a/apps/restconf/Makefile.in b/apps/restconf/Makefile.in index d47cf6af..bd73ae91 100644 --- a/apps/restconf/Makefile.in +++ b/apps/restconf/Makefile.in @@ -86,11 +86,11 @@ APPSRC = APPSRC += restconf_api.c # maybe empty APPSRC += restconf_api_$(with_restconf).c # cant be .so since libevhtp is a. APPSRC += restconf_err.c -APPSRC += restconf_root.c -APPSRC += restconf_$(with_restconf)_main.c APPSRC += restconf_methods.c APPSRC += restconf_methods_post.c APPSRC += restconf_methods_get.c +APPSRC += restconf_root.c +APPSRC += restconf_main_$(with_restconf).c # Fcgi-specific source including main ifeq ($(with_restconf),fcgi) diff --git a/apps/restconf/restconf_api_evhtp.c b/apps/restconf/restconf_api_evhtp.c index 2b833fe2..753a2de7 100644 --- a/apps/restconf/restconf_api_evhtp.c +++ b/apps/restconf/restconf_api_evhtp.c @@ -138,8 +138,10 @@ restconf_reply_send(void *req0, req->status = code; if ((reason_phrase = restconf_code2reason(code)) == NULL) reason_phrase=""; +#if 1 /* XXX remove status header för evhtp? */ if (restconf_reply_header(req, "Status", "%d %s", code, reason_phrase) < 0) goto done; +#endif #if 1 /* Optional? */ if ((conn = evhtp_request_get_connection(req)) == NULL){ clicon_err(OE_DAEMON, EFAULT, "evhtp_request_get_connection"); diff --git a/apps/restconf/restconf_evhtp_main.c b/apps/restconf/restconf_main_evhtp.c similarity index 100% rename from apps/restconf/restconf_evhtp_main.c rename to apps/restconf/restconf_main_evhtp.c diff --git a/apps/restconf/restconf_fcgi_main.c b/apps/restconf/restconf_main_fcgi.c similarity index 100% rename from apps/restconf/restconf_fcgi_main.c rename to apps/restconf/restconf_main_fcgi.c diff --git a/test/lib.sh b/test/lib.sh index d725062b..b596ae2c 100755 --- a/test/lib.sh +++ b/test/lib.sh @@ -94,8 +94,12 @@ fi : ${RCERROR:="HTTP/1.1 502 Bad Gateway"} # www user (on linux typically www-data, freebsd www) -# could be taken from configure -: ${wwwuser:=www-data} +# @see wwwstartuser which can be dropped to this +: ${wwwuser:=www-data} + +# www user (on linux typically www-data, freebsd www) +# Start restconf user, can be root which is dropped to wwwuser +: ${wwwstartuser:=root} # Parse yangmodels from https://github.com/YangModels/yang # Recommended: checkout yangmodels elsewhere in the tree and set the env @@ -230,15 +234,25 @@ wait_backend(){ # @see wait_restconf start_restconf(){ # Start in background -# echo "sudo -u $wwwuser -s $clixon_restconf $RCLOG -D $DBG $*" - sudo -u $wwwuser -s $clixon_restconf $RCLOG -D $DBG $* & + echo "sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $*" + sudo -u $wwwstartuser -s $clixon_restconf $RCLOG -D $DBG $* & if [ $? -ne 0 ]; then err fi } +# Stop restconf daemon before test +stop_restconf_pre(){ + sudo pkill -f clixon_restconf +} + +# Stop restconf daemon after test +# Two caveats in pkill: +# 1) Dont use $clixon_restconf (dont work in valgrind) +# 2) Dont use -u $wwwuser since clixon_restconf may drop privileges. stop_restconf(){ - sudo pkill -u $wwwuser -f clixon_restconf # Dont use $clixon_restoconf doesnt work in valgrind + # sudo pkill -u $wwwuser -f clixon_restconf # Dont use $clixon_restoconf doesnt work in valgrind + sudo pkill -f clixon_restconf if [ $valgrindtest -eq 3 ]; then sleep 1 checkvalgrind @@ -557,6 +571,14 @@ expecteof_file(){ # clixon tester. First arg is command second is stdin and # third is expected outcome, fourth is how long to wait +# - (not-evaluated) expression +# - stdin string +# - expected command return value (0 if OK) +# - expected stdout outcome* +# - the token "--not--" +# - not expected stdout outcome* +# +# XXX do expectwait like expectpart with multiple matches expectwait(){ cmd=$1 input=$2 @@ -569,6 +591,7 @@ expectwait(){ sleep $wait | cat <(echo $input) -| $cmd | while [ 1 ] ; do read -t 20 r # echo "r:$r" + # Append $r to $ret ret="$ret$r" match=$(echo "$ret" | grep -Eo "$expect"); if [ -z "$match" ]; then diff --git a/test/test_api.sh b/test/test_api.sh index 0cc171a9..f0312a16 100755 --- a/test/test_api.sh +++ b/test/test_api.sh @@ -226,10 +226,10 @@ if [ $BE -ne 0 ]; then new "waiting" wait_backend - + if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u www-data -f "/www-data/clixon_restconf" + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -242,13 +242,13 @@ XML='235 $xml5 for (( i=0; i<$nr; i++ )); do echo -n "a$ifoo$i" >> $xml5 done - + new "api-path direct under root single string key k1=a$rnd" expectpart "$($clixon_util_path -f $xml5 -y $ydir -p /moda:x5=a$rnd)" 0 "^0: a$rndfoo$rnd$" diff --git a/test/test_augment.sh b/test/test_augment.sh index 8b0c28a9..e47df29a 100755 --- a/test/test_augment.sh +++ b/test/test_augment.sh @@ -168,8 +168,9 @@ new "waiting" wait_backend if [ $RC -ne 0 ]; then + new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -215,12 +216,12 @@ new "netconf commit ok" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" '^]]>]]>$' # restconf and augment - new "restconf get augment json" -expectpart "$(curl -s -i -X GET http://localhost/restconf/data/ietf-interfaces:interfaces)" 0 'HTTP/1.1 200 OK ' '{"ietf-interfaces:interfaces":{"interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080},{"name":"e2","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:other":"ietf-interfaces:fddi","example-augment:port":80,"example-augment:lport":8080},{"name":"e3","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:me":"you","example-augment:port":80,"example-augment:lport":8080}\]}} ' +echo "curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces" +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces)" 0 "HTTP/1.1 200 OK" '{"ietf-interfaces:interfaces":{"interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080},{"name":"e2","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:other":"ietf-interfaces:fddi","example-augment:port":80,"example-augment:lport":8080},{"name":"e3","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:me":"you","example-augment:port":80,"example-augment:lport":8080}\]}}' new "restconf get augment xml" -expectpart "$(curl -s -i -X GET -H 'Accept: application/yang-data+xml' http://localhost/restconf/data/ietf-interfaces:interfaces)" 0 'HTTP/1.1 200 OK ' 'e1mymod:some-new-iftypetrue808080e2fdditrueif:fddi808080e3fdditruemymod:you808080' +expectpart "$(curl -sik -X GET -H 'Accept: application/yang-data+xml' $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces)" 0 'HTTP/1.1 200 OK ' 'e1mymod:some-new-iftypetrue808080e2fdditrueif:fddi808080e3fdditruemymod:you808080' #e123' @@ -232,7 +233,7 @@ EOF # XXX: Since derived-from etc are NOT implemented, this test may have false positives # revisit when it is implemented. new "restconf PUT augment multi-namespace path e1 (whole path)" -expectpart "$(curl -s -X PUT -H 'Content-Type: application/yang-data+xml' http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1 -d "$XML")" 0 '' +expectpart "$(curl -sik -X PUT -H 'Content-Type: application/yang-data+xml' $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1 -d "$XML")" 0 "HTTP/1.1 204 No Content" XML=$(cat <23 @@ -240,19 +241,19 @@ EOF ) new "restconf POST augment multi-namespace path e2 (middle path)" -expectpart "$(curl -s -X POST -H 'Content-Type: application/yang-data+xml' http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e2 -d "$XML" )" 0 '' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+xml' $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e2 -d "$XML" )" 0 "HTTP/1.1 201 Created" new "restconf GET augment multi-namespace top" -expectpart "$(curl -si -X GET http://localhost/restconf/data/ietf-interfaces:interfaces)" 0 'HTTP/1.1 200 OK' '{"ietf-interfaces:interfaces":{"interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080},{"name":"e2","type":"fddi","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:other":"ietf-interfaces:fddi","example-augment:port":80,"example-augment:lport":8080},{"name":"e3","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:me":"you","example-augment:port":80,"example-augment:lport":8080}\]}}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces)" 0 'HTTP/1.1 200 OK' '{"ietf-interfaces:interfaces":{"interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080},{"name":"e2","type":"fddi","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:other":"ietf-interfaces:fddi","example-augment:port":80,"example-augment:lport":8080},{"name":"e3","type":"fddi","example-augment:mandatory-leaf":"true","example-augment:me":"you","example-augment:port":80,"example-augment:lport":8080}\]}}' new "restconf GET augment multi-namespace level 1" -expectpart "$(curl -si -X GET http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1)" 0 'HTTP/1.1 200 OK' '{"ietf-interfaces:interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080}\]}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1)" 0 'HTTP/1.1 200 OK' '{"ietf-interfaces:interface":\[{"name":"e1","type":"example-augment:some-new-iftype","example-augment:ospf":{"reference-bandwidth":23},"example-augment:mandatory-leaf":"true","example-augment:port":80,"example-augment:lport":8080}\]}' new "restconf GET augment multi-namespace cross" -expectpart "$(curl -si -X GET http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1/example-augment:ospf)" 0 'HTTP/1.1 200 OK' '{"example-augment:ospf":{"reference-bandwidth":23}}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1/example-augment:ospf)" 0 'HTTP/1.1 200 OK' '{"example-augment:ospf":{"reference-bandwidth":23}}' new "restconf GET augment multi-namespace cross level 2" -expectpart "$(curl -si -X GET http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1/example-augment:ospf/reference-bandwidth)" 0 'HTTP/1.1 200 OK' '{"example-augment:reference-bandwidth":23}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e1/example-augment:ospf/reference-bandwidth)" 0 'HTTP/1.1 200 OK' '{"example-augment:reference-bandwidth":23}' if [ $RC -ne 0 ]; then new "Kill restconf daemon" diff --git a/test/test_choice.sh b/test/test_choice.sh index 32f4aed9..b40839bb 100755 --- a/test/test_choice.sh +++ b/test/test_choice.sh @@ -121,7 +121,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg diff --git a/test/test_identity.sh b/test/test_identity.sh index 693a4703..d8fd1bac 100755 --- a/test/test_identity.sh +++ b/test/test_identity.sh @@ -156,7 +156,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -270,37 +270,37 @@ expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^< # 2. set identity in other module with restconf , read it with restconf and netconf # 3. set identity in other module with netconf, read it with restconf and netconf new "restconf add own identity" -expectpart "$(curl -s -i -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/example:crypto -d '{"example:crypto":"example:aes"}')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/example:crypto -d '{"example:crypto":"example:aes"}')" 0 'HTTP/1.1 201 Created' new "restconf get own identity" -expectpart "$(curl -s -i -X GET http://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"aes"}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"aes"}' new "netconf get own identity as set by restconf" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" '^aes]]>]]>$' new "restconf delete identity" -expectpart "$(curl -s -i -X DELETE http://localhost/restconf/data/example:crypto)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -sik -X DELETE $RCPROTO://localhost/restconf/data/example:crypto)" 0 "HTTP/1.1 204 No Content" # 2. set identity in other module with restconf , read it with restconf and netconf if ! $YANG_UNKNOWN_ANYDATA ; then new "restconf add POST instead of PUT (should fail)" -expectpart "$(curl -s -i -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/example:crypto -d '{"example:crypto":"example-des:des3"}')" 0 'HTTP/1.1 400 Bad Request' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"bad-element","error-info":{"bad-element":"crypto"},"error-severity":"error","error-message":"Failed to find YANG spec of XML node: crypto with parent: crypto in namespace: urn:example:my-crypto"}}}' +expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/example:crypto -d '{"example:crypto":"example-des:des3"}')" 0 'HTTP/1.1 400 Bad Request' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"bad-element","error-info":{"bad-element":"crypto"},"error-severity":"error","error-message":"Failed to find YANG spec of XML node: crypto with parent: crypto in namespace: urn:example:my-crypto"}}}' fi # Alternative error: #'{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"unknown-element","error-info":{"bad-element":"crypto"},"error-severity":"error","error-message":"Leaf contains sub-element"}}}' new "restconf add other (des) identity using POST" -expectpart "$(curl -s -i -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data -d '{"example:crypto":"example-des:des3"}')" 0 'HTTP/1.1 201 Created' 'Location: http://localhost/restconf/data/example:crypto' +expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data -d '{"example:crypto":"example-des:des3"}')" 0 'HTTP/1.1 201 Created' "Location: $RCPROTO://localhost/restconf/data/example:crypto" new "restconf get other identity" -expectpart "$(curl -s -i -X GET http://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"example-des:des3"}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"example-des:des3"}' new "netconf get other identity" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" '^des:des3]]>]]>$' new "restconf delete identity" -expectpart "$(curl -s -i -X DELETE http://localhost/restconf/data/example:crypto)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -sik -X DELETE $RCPROTO://localhost/restconf/data/example:crypto)" 0 "HTTP/1.1 204 No Content" # 3. set identity in other module with netconf, read it with restconf and netconf new "netconf set other identity" @@ -310,7 +310,7 @@ new "netconf commit" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>$" new "restconf get other identity (set by netconf)" -expectpart "$(curl -s -i -X GET http://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"example-des:des3"}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:crypto)" 0 'HTTP/1.1 200 OK' '{"example:crypto":"example-des:des3"}' new "netconf get other identity" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" '^des:des3]]>]]>$' diff --git a/test/test_nacm.sh b/test/test_nacm.sh index e15bc0fe..008525a6 100755 --- a/test/test_nacm.sh +++ b/test/test_nacm.sh @@ -127,7 +127,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a diff --git a/test/test_nacm_datanode.sh b/test/test_nacm_datanode.sh index 7e94748c..cf01256d 100755 --- a/test/test_nacm_datanode.sh +++ b/test/test_nacm_datanode.sh @@ -229,7 +229,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a @@ -248,69 +248,69 @@ new "commit it" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>$" new "enable nacm" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" #--------------- nacm enabled #user:admin,wilma,guest new "admin can read /nacm" -expectpart "$(curl -u andy:bar -siS -X GET http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 200 OK' '{"ietf-netconf-acm:enable-nacm":true}' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 200 OK' '{"ietf-netconf-acm:enable-nacm":true}' new "1. limit can read /nacm" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 200 OK' '{"ietf-netconf-acm:enable-nacm":true}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 200 OK' '{"ietf-netconf-acm:enable-nacm":true}' # Comment: it should NOT be access-denied, it should be not found, since then you say it exists but you # dont have access to it which is insecure new "2. guest cannot read /nacm" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' # 3. limited can read and set /config-parameters new "3. limited can read config-parameters" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:acme-netconf/config-parameters)" 0 'HTTP/1.1 200 OK' '{"nacm-example:config-parameters":{"parameter":\[{"name":"a","value":"72"}\]}}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:acme-netconf/config-parameters)" 0 'HTTP/1.1 200 OK' '{"nacm-example:config-parameters":{"parameter":\[{"name":"a","value":"72"}\]}}' new "3. limited can set config-parameters" -expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:acme-netconf/config-parameters/parameter=a -d '{"nacm-example:parameter":[{"name":"a","value":"93"}]}')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:acme-netconf/config-parameters/parameter=a -d '{"nacm-example:parameter":[{"name":"a","value":"93"}]}')" 0 'HTTP/1.1 204 No Content' new "4. guest cannot set /config-parameter" -expectpart "$(curl -u guest:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:acme-netconf/config-parameters/parameter=a -d '{"nacm-example:parameter":[{"name":"a","value":"93"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:acme-netconf/config-parameters/parameter=a -d '{"nacm-example:parameter":[{"name":"a","value":"93"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' # 5. limit can read and update but not create or delete dummy interface new "5a. limit cannot create dummy interface" -expectpart "$(curl -u wilma:bar -siS -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"dummy","value":"93"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u wilma:bar -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"dummy","value":"93"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "5b. admin can create dummy interface" -expectpart "$(curl -u andy:bar -siS -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"dummy","value":"93"}]}')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -u andy:bar -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"dummy","value":"93"}]}')" 0 'HTTP/1.1 201 Created' new "5b. admin can create other interface x as reference" -expectpart "$(curl -u andy:bar -siS -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"x","value":"200"}]}')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -u andy:bar -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces -d '{"itf:interface":[{"name":"x","value":"200"}]}')" 0 'HTTP/1.1 201 Created' new "5c. limit can read dummy interface" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"dummy","value":"93"}\]}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"dummy","value":"93"}\]}' new "5c. limit can read other interface" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/itf:interfaces/interface=x)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"x","value":"200"}\]}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/itf:interfaces/interface=x)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"x","value":"200"}\]}' new "5d. limit can update dummy interface" -expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces/interface=dummy -d '{"itf:interface":[{"name":"dummy","value":"42"}]}')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy -d '{"itf:interface":[{"name":"dummy","value":"42"}]}')" 0 'HTTP/1.1 204 No Content' new "5d. admin can update dummy interface" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces/interface=dummy -d '{"itf:interface":[{"name":"dummy","value":"17"}]}')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy -d '{"itf:interface":[{"name":"dummy","value":"17"}]}')" 0 'HTTP/1.1 204 No Content' new "5d. limit can not update other interface" -expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces/interface=x -d '{"itf:interface":[{"name":"x","value":"42"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces/interface=x -d '{"itf:interface":[{"name":"x","value":"42"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "5d. admin can update other interface" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/itf:interfaces/interface=x -d '{"itf:interface":[{"name":"x","value":"42"}]}')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/itf:interfaces/interface=x -d '{"itf:interface":[{"name":"x","value":"42"}]}')" 0 'HTTP/1.1 204 No Content' new "5d. limit can read dummy interface (again)" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"dummy","value":"17"}\]}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 200 OK' '{"itf:interface":\[{"name":"dummy","value":"17"}\]}' new "5e. limit can not delete dummy interface" -expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "5e. admin can delete dummy interface" -expectpart "$(curl -u andy:bar -siS -X DELETE http://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u andy:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/itf:interfaces/interface=dummy)" 0 'HTTP/1.1 204 No Content' if [ $RC -ne 0 ]; then new "Kill restconf daemon" diff --git a/test/test_nacm_datanode_read.sh b/test/test_nacm_datanode_read.sh index 881682e5..dc1e7386 100755 --- a/test/test_nacm_datanode_read.sh +++ b/test/test_nacm_datanode_read.sh @@ -176,43 +176,43 @@ testrun(){ new "read-default:$readdefault module:$module table:$table parameter:$parameter" new "set read-default $readdefault" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/read-default -d "{\"ietf-netconf-acm:read-default\":\"$readdefault\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/read-default -d "{\"ietf-netconf-acm:read-default\":\"$readdefault\"}" )" 0 "HTTP/1.1 204 No Content" new "set module rule $module" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=module/action -d "{\"ietf-netconf-acm:action\":\"$module\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=module/action -d "{\"ietf-netconf-acm:action\":\"$module\"}" )" 0 "HTTP/1.1 204 No Content" new "set table rule $table" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=table/action -d "{\"ietf-netconf-acm:action\":\"$table\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=table/action -d "{\"ietf-netconf-acm:action\":\"$table\"}" )" 0 "HTTP/1.1 204 No Content" new "set parameter rule $parameter" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/action -d "{\"ietf-netconf-acm:action\":\"$parameter\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/action -d "{\"ietf-netconf-acm:action\":\"$parameter\"}" )" 0 "HTTP/1.1 204 No Content" #--------------- Here check new "get other module" if $test1; then - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example2:other2/value)" 0 'HTTP/1.1 200 OK' '{"nacm-example2:value":"88"}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example2:other2/value)" 0 'HTTP/1.1 200 OK' '{"nacm-example2:value":"88"}' else - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example2:other2/value)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example2:other2/value)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' fi new "get other in same module" if $test2; then - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:other/value)" 0 'HTTP/1.1 200 OK' '{"nacm-example:value":"99"}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:other/value)" 0 'HTTP/1.1 200 OK' '{"nacm-example:value":"99"}' else - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:other/value)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:other/value)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' fi new "get table" if $test3; then - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table?depth=1)" 0 'HTTP/1.1 200 OK' '{"nacm-example:table":{}}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table?depth=1)" 0 'HTTP/1.1 200 OK' '{"nacm-example:table":{}}' else - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table?depth=1)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table?depth=1)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' fi new "get parameter" if $test4; then - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table/parameters/parameter=a)" 0 'HTTP/1.1 200 OK' '{"nacm-example:parameter":\[{"name":"a","value":"72"}\]}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table/parameters/parameter=a)" 0 'HTTP/1.1 200 OK' '{"nacm-example:parameter":\[{"name":"a","value":"72"}\]}' else - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table/parameters/parameter=a)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table/parameters/parameter=a)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' fi } # testrun @@ -234,7 +234,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a @@ -253,7 +253,7 @@ new "commit it" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>$" new "enable nacm" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" #--------------- nacm enabled # config: def module table parameter @@ -295,6 +295,4 @@ if [ $BE -ne 0 ]; then # Bring your own backend stop_backend -f $cfg fi - - rm -rf $dir diff --git a/test/test_nacm_datanode_write.sh b/test/test_nacm_datanode_write.sh index d351539c..5871cbf4 100755 --- a/test/test_nacm_datanode_write.sh +++ b/test/test_nacm_datanode_write.sh @@ -153,48 +153,48 @@ testrun(){ testd=$9 new "set write-default $writedefault" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/write-default -d "{\"ietf-netconf-acm:write-default\":\"$writedefault\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/write-default -d "{\"ietf-netconf-acm:write-default\":\"$writedefault\"}" )" 0 "HTTP/1.1 204 No Content" new "set param rule access: $paramaccess" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/access-operations -d "{\"ietf-netconf-acm:access-operations\":\"$paramaccess\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/access-operations -d "{\"ietf-netconf-acm:access-operations\":\"$paramaccess\"}" )" 0 "HTTP/1.1 204 No Content" new "set param rule access: $paramaction" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/action -d "{\"ietf-netconf-acm:action\":\"$paramaction\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=parameter/action -d "{\"ietf-netconf-acm:action\":\"$paramaction\"}" )" 0 "HTTP/1.1 204 No Content" new "set value rule access: $valueaccess" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=value/access-operations -d "{\"ietf-netconf-acm:access-operations\":\"$valueaccess\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=value/access-operations -d "{\"ietf-netconf-acm:access-operations\":\"$valueaccess\"}" )" 0 "HTTP/1.1 204 No Content" new "set value rule access: $valueaction" - expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=value/action -d "{\"ietf-netconf-acm:action\":\"$valueaction\"}" )" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/rule-list=limited-acl/rule=value/action -d "{\"ietf-netconf-acm:action\":\"$valueaction\"}" )" 0 "HTTP/1.1 204 No Content" #--------------- Here tests: create/update/read/delete new "create object b" if $testc; then - expectpart "$(curl -u wilma:bar -siS -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:table/parameter=a/next -d '{"nacm-example:parameter":[{"name":"b","value":"17"}]}')" 0 'HTTP/1.1 201 Created' + expectpart "$(curl -u wilma:bar -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next -d '{"nacm-example:parameter":[{"name":"b","value":"17"}]}')" 0 'HTTP/1.1 201 Created' else - expectpart "$(curl -u wilma:bar -siS -X POST -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:table/parameter=a/next -d '{"nacm-example:parameter":[{"name":"b","value":"17"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' + expectpart "$(curl -u wilma:bar -sik -X POST -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next -d '{"nacm-example:parameter":[{"name":"b","value":"17"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' fi new "read object b" if $testr; then - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 200 OK' '{"nacm-example:parameter":\[{"name":"b","value":"17"}\]}' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 200 OK' '{"nacm-example:parameter":\[{"name":"b","value":"17"}\]}' else - expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 404 Not Found' + expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 404 Not Found' fi new "update object b" if $testu; then - expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b -d '{"nacm-example:parameter":[{"name":"b","value":"92"}]}')" 0 'HTTP/1.1 204 No Content' + expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b -d '{"nacm-example:parameter":[{"name":"b","value":"92"}]}')" 0 'HTTP/1.1 204 No Content' else - expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b -d '{"nacm-example:parameter":[{"name":"b","value":"92"}]}')" 0 'HTTP/1.1 403 Forbidden' + expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b -d '{"nacm-example:parameter":[{"name":"b","value":"92"}]}')" 0 'HTTP/1.1 403 Forbidden' # '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' fi new "delete object b" if $testd; then - expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 204 No Content' + expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1 204 No Content' else # XXX can vara olika - ret=$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b) + ret=$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b) r=$? if [ $r != 0 ]; then err "retval: $r" "0" @@ -208,7 +208,7 @@ testrun(){ fi # Ensure delete new "ensure delete object b" - expectpart "$(curl -u andy:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1' # ignore error + expectpart "$(curl -u andy:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:table/parameter=a/next/parameter=b)" 0 'HTTP/1.1' # ignore error fi } # testrun @@ -230,7 +230,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a @@ -249,7 +249,7 @@ new "commit it" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>$" new "enable nacm" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" #--------------- nacm enabled # config: def param:access/action value:access/action diff --git a/test/test_nacm_default.sh b/test/test_nacm_default.sh index 41226f6d..b9266d24 100755 --- a/test/test_nacm_default.sh +++ b/test/test_nacm_default.sh @@ -124,7 +124,7 @@ EOF wait_backend new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a diff --git a/test/test_nacm_ext.sh b/test/test_nacm_ext.sh index f852941f..b27f796a 100755 --- a/test/test_nacm_ext.sh +++ b/test/test_nacm_ext.sh @@ -147,7 +147,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable http basic auth)" start_restconf -f $cfg -- -a diff --git a/test/test_nacm_module_read.sh b/test/test_nacm_module_read.sh index 3ebb2d17..64a01dff 100755 --- a/test/test_nacm_module_read.sh +++ b/test/test_nacm_module_read.sh @@ -131,7 +131,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon (-a is enable basic authentication)" start_restconf -f $cfg -- -a @@ -147,29 +147,29 @@ new "commit it" expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>$" new "enable nacm" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" -d '{"ietf-netconf-acm:enable-nacm": true}' $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" #--------------- nacm enabled #----READ access #user:admin new "admin read ok" -expectpart "$(curl -u andy:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 200 OK' '{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]}}' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 200 OK' '{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]}}' new "admin read netconf ok" expecteof "$clixon_netconf -U andy -qf $cfg" 0 ']]>]]>' '^key42val42key43val43]]>]]>$' new "admin read element ok" -expectpart "$(curl -u andy:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 200 OK' '{"clixon-example:value":"val42"}' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 200 OK' '{"clixon-example:value":"val42"}' new "admin read other module OK" -expectpart "$(curl -u andy:bar -siS -X GET http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 200 OK' '{"nacm-example:x":42}' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 200 OK' '{"nacm-example:x":42}' new "admin read state OK" -expectpart "$(curl -u andy:bar -siS -X GET http://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 200 OK' '{"clixon-example:state":{"op":\["41","42","43"\]}}' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 200 OK' '{"clixon-example:state":{"op":\["41","42","43"\]}}' new "admin read top ok (all)" -ret=$(curl -u andy:bar -sS -X GET http://localhost/restconf/data) +ret=$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data) expect='{"data":{"nacm-example:x":42,"clixon-example:translate":' match=`echo $ret | grep --null -Eo "$expect"` if [ -z "$match" ]; then @@ -179,59 +179,59 @@ fi #user:limit new "limit read ok" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 200 OK' '{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]}}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 200 OK' '{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]}}' new "limit read netconf ok" expecteof "$clixon_netconf -U wilma -qf $cfg" 0 ']]>]]>' '^key42val42key43val43]]>]]>$' new "limit read element ok" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 200 OK' '{"clixon-example:value":"val42"}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 200 OK' '{"clixon-example:value":"val42"}' new "limit read other module fail" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 404 Not Found' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"Instance does not exist"}}}' new "limit read state OK" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 200 OK' '{"clixon-example:state":{"op":\["41","42","43"\]}}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 200 OK' '{"clixon-example:state":{"op":\["41","42","43"\]}}' new "limit read top ok (part)" -expectpart "$(curl -u wilma:bar -siS -X GET http://localhost/restconf/data)" 0 'HTTP/1.1 200 OK' '{"data":{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]},"clixon-example:state":{"op":\["41","42","43"\]}}}' +expectpart "$(curl -u wilma:bar -sik -X GET $RCPROTO://localhost/restconf/data)" 0 'HTTP/1.1 200 OK' '{"data":{"clixon-example:translate":{"translate":\[{"k":"key42","value":"val42"},{"k":"key43","value":"val43"}\]},"clixon-example:state":{"op":\["41","42","43"\]}}}' #user:guest new "guest read forbidden" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "guest read netconf fail" expecteof "$clixon_netconf -U guest -qf $cfg" 0 ']]>]]>' '^applicationaccess-deniederrordefault deny]]>]]>$' new "guest read element forbidden" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42/value)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "guest read other module fail" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "guest read state fail" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:state)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' new "guest read top ok (part)" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' #------- RPC operation new "admin rpc ok" -expectpart "$(curl -u andy:bar -si -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":"78"}}' http://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 200 OK' '{"clixon-example:output":{"x":"78","y":"42"}}' +expectpart "$(curl -u andy:bar -sik -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":"78"}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 200 OK' '{"clixon-example:output":{"x":"78","y":"42"}}' new "admin rpc netconf ok" expecteof "$clixon_netconf -U andy -qf $cfg" 0 '0]]>]]>' 0 '^042]]>]]>$' new "limit rpc ok" -expectpart "$(curl -u wilma:bar -si -X POST http://localhost/restconf/operations/clixon-example:example -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":42}}' )" 0 'HTTP/1.1 200 OK' '{"clixon-example:output":{"x":"42","y":"42"}}' +expectpart "$(curl -u wilma:bar -sik -X POST $RCPROTO://localhost/restconf/operations/clixon-example:example -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":42}}' )" 0 'HTTP/1.1 200 OK' '{"clixon-example:output":{"x":"42","y":"42"}}' new "limit rpc netconf ok" expecteof "$clixon_netconf -U wilma -qf $cfg" 0 '0]]>]]>' 0 '^042]]>]]>$' new "guest rpc fail" -expectpart "$(curl -u guest:bar -si -X POST http://localhost/restconf/operations/clixon-example:example -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":42}}' )" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' +expectpart "$(curl -u guest:bar -sik -X POST $RCPROTO://localhost/restconf/operations/clixon-example:example -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":42}}' )" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' new "guest rpc netconf fail" expecteof "$clixon_netconf -U guest -qf $cfg" 0 '0]]>]]>' 0 '^applicationaccess-deniederroraccess denied]]>]]>$' @@ -239,16 +239,16 @@ expecteof "$clixon_netconf -U guest -qf $cfg" 0 ']]>]]>" "^]]>]]>$" new "enable nacm" - expectpart "$(curl -u andy:bar -siS -X PUT -H 'Content-Type: application/yang-data+json' -d '{"ietf-netconf-acm:enable-nacm":true}' http://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" + expectpart "$(curl -u andy:bar -sik -X PUT -H 'Content-Type: application/yang-data+json' -d '{"ietf-netconf-acm:enable-nacm":true}' $RCPROTO://localhost/restconf/data/ietf-netconf-acm:nacm/enable-nacm)" 0 "HTTP/1.1 204 No Content" } #--------------- enable nacm @@ -183,75 +183,75 @@ nacm # replace all, then must include NACM rules as well MSG="$RULES" new "update root list permit" -expectpart "$(curl -u andy:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data -d "$MSG")" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u andy:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data -d "$MSG")" 0 'HTTP/1.1 204 No Content' # Usually a 'HTTP/1.1 100 Continue' as well new "delete root list deny" -expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}} ' +expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}} ' new "delete root permit" -expectpart "$(curl -u andy:bar -siS -X DELETE http://localhost/restconf/data)" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u andy:bar -sik -X DELETE $RCPROTO://localhost/restconf/data)" 0 'HTTP/1.1 204 No Content' #--------------- re-enable nacm nacm #----------leaf new "create leaf deny" -expectpart "$(curl -u guest:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:x -d '42')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' +expectpart "$(curl -u guest:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:x -d '42')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' new "create leaf permit" -expectpart "$(curl -u wilma:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:x -d '42')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -u wilma:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:x -d '42')" 0 'HTTP/1.1 201 Created' new "update leaf deny" -expectpart "$(curl -u wilma:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:x -d '99')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' +expectpart "$(curl -u wilma:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:x -d '99')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' new "update leaf permit" -expectpart "$(curl -u guest:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:x -d '99')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u guest:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:x -d '99')" 0 'HTTP/1.1 204 No Content' new "read leaf check" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 200 OK' '{"nacm-example:x":99}' +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 200 OK' '{"nacm-example:x":99}' new "delete leaf deny" -expectpart "$(curl -u guest:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' +expectpart "$(curl -u guest:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' new "delete leaf permit" -expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 'HTTP/1.1 204 No Content' #----- list/container new "create list deny" -expectpart "$(curl -u guest:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:a=key42 -d 'key42str')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' +expectpart "$(curl -u guest:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:a=key42 -d 'key42str')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}}' new "create list permit" -expectpart "$(curl -u wilma:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:a=key42 -d 'key42str')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -u wilma:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:a=key42 -d 'key42str')" 0 'HTTP/1.1 201 Created' new "update list deny" -expectpart "$(curl -u wilma:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:a=key42 -d 'key42update')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}' +expectpart "$(curl -u wilma:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:a=key42 -d 'key42update')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}' new "update list permit" -expectpart "$(curl -u guest:bar -siS -H 'Content-Type: application/yang-data+xml' -X PUT http://localhost/restconf/data/nacm-example:a=key42 -d 'key42update')" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u guest:bar -sik -H 'Content-Type: application/yang-data+xml' -X PUT $RCPROTO://localhost/restconf/data/nacm-example:a=key42 -d 'key42update')" 0 'HTTP/1.1 204 No Content' new "read list check" -expectpart "$(curl -u guest:bar -siS -X GET http://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 200 OK' '{"nacm-example:a":[{"k":"key42","b":{"c":"update"}}]} +expectpart "$(curl -u guest:bar -sik -X GET $RCPROTO://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 200 OK' '{"nacm-example:a":[{"k":"key42","b":{"c":"update"}}]} ' new "delete list deny" -expectpart "$(curl -u guest:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' +expectpart "$(curl -u guest:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"access denied"}}} ' new "delete list permit" -expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 204 No Content' +expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/nacm-example:a=key42)" 0 'HTTP/1.1 204 No Content' #----- default deny (clixon-example limit and guest have default access) new "default create list deny" -expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate":[{"k":"key42","value":"val42"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' +expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate":[{"k":"key42","value":"val42"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' new "create list permit" -expectpart "$(curl -u andy:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate": [{"k":"key42","value":"val42"}]}')" 0 'HTTP/1.1 201 Created' +expectpart "$(curl -u andy:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate": [{"k":"key42","value":"val42"}]}')" 0 'HTTP/1.1 201 Created' new "default update list deny" -expectpart "$(curl -u wilma:bar -siS -X PUT -H "Content-Type: application/yang-data+json" http://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate": [{"k":"key42","value":"val99"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' +expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/clixon-example:translate/translate=key42 -d '{"clixon-example:translate": [{"k":"key42","value":"val99"}]}')" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' new "default delete list deny" -expectpart "$(curl -u wilma:bar -siS -X DELETE http://localhost/restconf/data/clixon-example:translate=key42)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' +expectpart "$(curl -u wilma:bar -sik -X DELETE $RCPROTO://localhost/restconf/data/clixon-example:translate=key42)" 0 'HTTP/1.1 403 Forbidden' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}' if [ $RC -ne 0 ]; then new "Kill restconf daemon" diff --git a/test/test_nacm_protocol.sh b/test/test_nacm_protocol.sh index bd4e392d..0caf1736 100755 --- a/test/test_nacm_protocol.sh +++ b/test/test_nacm_protocol.sh @@ -148,14 +148,17 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then -new "start restconf daemon (-a is enable basic authentication)" -start_restconf -f $cfg -- -a + new "kill old restconf daemon" + stop_restconf_pre -new "waiting" -wait_restconf + new "start restconf daemon (-a is enable basic authentication)" + start_restconf -f $cfg -- -a + + new "waiting" + wait_restconf +fi new "auth set authentication config" expecteof "$clixon_netconf -qf $cfg" 0 "$RULES]]>]]>" "^]]>]]>$" @@ -215,8 +218,10 @@ expectpart "$(curl -u wilma:bar -sik -X PUT -H "Content-Type: application/yang-d new "permit-edit-config: guest fail restconf" expectpart "$(curl -u guest:bar -sik -X PUT -H "Content-Type: application/yang-data+json" -d '{"nacm-example:x":2}' $RCPROTO://localhost/restconf/data/nacm-example:x)" 0 "HTTP/1.1 403 Forbidden" '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_perf.sh b/test/test_perf.sh index 3a0064cc..6dd2ac0f 100755 --- a/test/test_perf.sh +++ b/test/test_perf.sh @@ -86,14 +86,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "generate config with $perfnr list entries" echo -n "" > $fconfig @@ -147,7 +149,7 @@ done | $clixon_netconf -qf $cfg > /dev/null; } 2>&1 | awk '/real/ {print $2}' new "restconf get $perfreq small config 1 key index" { time -p for (( i=0; i<$perfreq; i++ )); do rnd=$(( ( RANDOM % $perfnr ) )) - curl -sG http://localhost/restconf/data/scaling:x/y=$rnd > /dev/null + curl -sik -X GET $RCPROTO://localhost/restconf/data/scaling:x/y=$rnd > /dev/null done } 2>&1 | awk '/real/ {print $2}' # RESTCONF put @@ -157,7 +159,7 @@ done } 2>&1 | awk '/real/ {print $2}' new "restconf add $perfreq small config" { time -p for (( i=0; i<$perfreq; i++ )); do rnd=$(( ( RANDOM % $perfnr ) )) - curl -s -X PUT http://localhost/restconf/data/scaling:x/y=$rnd -d '{"scaling:y":{"a":"'$rnd'","b":"'$rnd'"}}' + curl -sik -X PUT $RCPROTO://localhost/restconf/data/scaling:x/y=$rnd -d '{"scaling:y":{"a":"'$rnd'","b":"'$rnd'"}}' done } 2>&1 | awk '/real/ {print $2}' # CLI get (XXX why does this take so much time?) @@ -182,7 +184,7 @@ expecteof "time -p $clixon_netconf -qf $cfg" 0 "&1 > /dev/null | awk '/real/ {print $2}' +$TIMEFN curl -sik -X GET $RCPROTO://localhost/restconf/data 2>&1 > /dev/null | awk '/real/ {print $2}' new "cli get large config" $TIMEFN $clixon_cli -1f $cfg show config xml 2>&1 > /dev/null | awk '/real/ {print $2}' @@ -213,7 +215,7 @@ expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^< new "restconf delete $perfreq small config" { time -p for (( i=0; i<$perfreq; i++ )); do rnd=$(( ( RANDOM % $perfnr ) )) - curl -s -X DELETE http://localhost/restconf/data/scaling:x/y=$rnd + curl -sik -X DELETE $RCPROTO://localhost/restconf/data/scaling:x/y=$rnd done > /dev/null; } 2>&1 | awk '/real/ {print $2}' # Now do leaf-lists istead of leafs @@ -246,8 +248,10 @@ expecteof "time -p $clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>" '^01' 2>&1 | awk '/real/ {print $2}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_perf_state.sh b/test/test_perf_state.sh index 8b0c701a..5c91d044 100755 --- a/test/test_perf_state.sh +++ b/test/test_perf_state.sh @@ -106,14 +106,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "generate 'large' config with $perfnr list entries" echo -n "foo" > $fconfig @@ -150,12 +152,11 @@ new "restconf get test single req" expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a=foo/b/interface=e1)" 0 "HTTP/1.1 200 OK" '{"example:interface":\[{"name":"e1","type":"ex:eth","enabled":true,"status":"up"}\]}' new "restconf get $perfreq single reqs" -#echo "curl -sG http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e0" -#curl -sG http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e67 +#curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e67 { time -p for (( i=0; i<$perfreq; i++ )); do rnd=$(( ( RANDOM % $perfnr ) )) - curl -sG http://localhost/restconf/data/example:interfaces/a/b/interface=e$rnd > /dev/null + curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a/b/interface=e$rnd > /dev/null done } 2>&1 | awk '/real/ {print $2}' # CLI get @@ -178,13 +179,15 @@ new "netconf get large config" { time -p echo " ]]>]]>" | $clixon_netconf -qf $cfg > /tmp/netconf; } 2>&1 | awk '/real/ {print $2}' new "restconf get large config" -$TIMEFN curl -sG http://localhost/restconf/data/example:interfaces/a=foo/b 2>&1 | awk '/real/ {print $2}' +$TIMEFN curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a=foo/b 2>&1 | awk '/real/ {print $2}' new "cli get large config" $TIMEFN $clixon_cli -1f $cfg show state xml interfaces a foo b 2>&1 | awk '/real/ {print $2}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_perf_state_only.sh b/test/test_perf_state_only.sh index 02a94dc8..73fbc3f5 100755 --- a/test/test_perf_state_only.sh +++ b/test/test_perf_state_only.sh @@ -107,14 +107,17 @@ if [ $BE -ne 0 ]; then wait_backend fi -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then -new "start restconf daemon" -start_restconf -f $cfg + new "kill old restconf daemon" + stop_restconf_pre -new "waiting" -wait_restconf + new "start restconf daemon" + start_restconf -f $cfg + + new "waiting" + wait_restconf +fi new "cli get large config" # baseline on thinkpad i5-3320M CPU @ 2.60GHz and 500K entries: 39.71s @@ -137,17 +140,16 @@ new "netconf get $perfreq single reqs" done | $clixon_netconf -qf $cfg > /dev/null; } 2>&1 | awk '/real/ {print $2}' # RESTCONF get -#echo "curl -s -X GET http://localhost/restconf/data/example:interfaces/a=foo/b/interface=e1" +#echo "curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a=foo/b/interface=e1" new "restconf get test single req" time -p expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a=foo/b/interface=e1)" 0 '{"example:interface":[{"name":"e1","type":"ex:eth","status":"up"}]}' | awk '/real/ {print $2}' new "restconf get $perfreq single reqs" -#echo "curl -sG http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e0" -#curl -sG http://localhost/restconf/data/ietf-interfaces:interfaces/interface=e67 +#curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-interfaces:interfaces/interface=e67 { time -p for (( i=0; i<$perfreq; i++ )); do rnd=$(( ( RANDOM % $perfnr ) )) - curl -sG http://localhost/restconf/data/example:interfaces/a/b/interface=e$rnd > /dev/null + curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a/b/interface=e$rnd > /dev/null done } 2>&1 | awk '/real/ {print $2}' if false; then @@ -171,13 +173,15 @@ new "netconf get large config" { time -p echo " ]]>]]>" | $clixon_netconf -qf $cfg > /tmp/netconf; } 2>&1 | awk '/real/ {print $2}' new "restconf get large config" -$TIMEFN curl -sG http://localhost/restconf/data/example:interfaces/a=foo/b 2>&1 | awk '/real/ {print $2}' +$TIMEFN curl -sik -X GET $RCPROTO://localhost/restconf/data/example:interfaces/a=foo/b 2>&1 | awk '/real/ {print $2}' new "cli get large config" $TIMEFN $clixon_cli -1f $cfg show state xml 2>&1 | awk '/real/ {print $2}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -ne 0 ]; then new "Kill backend" diff --git a/test/test_restconf.sh b/test/test_restconf.sh index d94f7336..28f1339b 100755 --- a/test/test_restconf.sh +++ b/test/test_restconf.sh @@ -43,6 +43,7 @@ if [ $BE -ne 0 ]; then err fi sudo pkill -f clixon_backend # to be sure + new "start backend -s init -f $cfg -- -s" start_backend -s init -f $cfg -- -s fi @@ -52,7 +53,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -124,10 +125,10 @@ expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" -d #expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" -d {\"clixon-lib:input\":{\"level\":0}} $RCPROTO://localhost/restconf/operations/clixon-lib:debug)" 0 "HTTP/1.1 204 No Content" new "restconf get empty config + state json" -expectpart "$(curl -kisS -X GET $RCPROTO://localhost/restconf/data/clixon-example:state)" 0 "HTTP/1.1 200 OK" '{"clixon-example:state":{"op":\["41","42","43"\]}}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/clixon-example:state)" 0 "HTTP/1.1 200 OK" '{"clixon-example:state":{"op":\["41","42","43"\]}}' new "restconf get empty config + state json with wrong module name" -expectpart "$(curl -sikS -X GET $RCPROTO://localhost/restconf/data/badmodule:state)" 0 'HTTP/1.1 400 Bad Request' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"unknown-element","error-info":{"bad-element":"badmodule"},"error-severity":"error","error-message":"No such yang module prefix"}}}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/badmodule:state)" 0 'HTTP/1.1 400 Bad Request' '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"unknown-element","error-info":{"bad-element":"badmodule"},"error-severity":"error","error-message":"No such yang module prefix"}}}' #'HTTP/1.1 404 Not Found' #'{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"invalid-value","error-severity":"error","error-message":"No such yang module: badmodule"}}}' diff --git a/test/test_restconf2.sh b/test/test_restconf2.sh index 101fe950..894dc556 100755 --- a/test/test_restconf2.sh +++ b/test/test_restconf2.sh @@ -84,7 +84,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg diff --git a/test/test_restconf_err.sh b/test/test_restconf_err.sh index 8e0e0aa8..275a9890 100755 --- a/test/test_restconf_err.sh +++ b/test/test_restconf_err.sh @@ -159,7 +159,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -173,7 +173,7 @@ expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+xml' -d new "restconf GET initial datastore" expectpart "$(curl -sik -X GET -H 'Accept: application/yang-data+xml' $RCPROTO://localhost/restconf/data/example:a=0)" 0 'HTTP/1.1 200 OK' "$XML" -exit + new "restconf GET non-qualified list" expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example:a)" 0 'HTTP/1.1 400 Bad Request' "{\"ietf-restconf:errors\":{\"error\":{\"error-type\":\"rpc\",\"error-tag\":\"malformed-message\",\"error-severity\":\"error\",\"error-message\":\"malformed key =example:a, expected '=restval'\"}}}" diff --git a/test/test_restconf_jukebox.sh b/test/test_restconf_jukebox.sh index 5e58574e..1b749462 100755 --- a/test/test_restconf_jukebox.sh +++ b/test/test_restconf_jukebox.sh @@ -79,7 +79,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -197,8 +197,8 @@ JSON="{\"example-jukebox:song\":[{\"index\":0,\"id\":\"/example-jukebox:jukebox/ expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+json' $RCPROTO://localhost/restconf/data/example-jukebox:jukebox/playlist=Foo-One?insert=first -d "$JSON")" 0 "HTTP/1.1 201 Created" "Location: $RCPROTO://localhost/restconf/data/example-jukebox:jukebox/playlist=Foo-One/song=0" new 'B.3.4. "insert" Parameter check order' -RES="Foo-One0/example-jukebox:jukebox/library/artist\[name='Foo Fighters'\]/album\[name='Wasting Light'\]/song\[name='Bridge Burning'\]1/example-jukebox:jukebox/library/artist\[name='Foo Fighters'\]/album\[name='Wasting Light'\]/song\[name='Rope'\]" -expectpart "$(curl -sik -X GET http://localhost/restconf/data/example-jukebox:jukebox/playlist=Foo-One -H 'Accept: application/yang-data+xml')" 0 'HTTP/1.1 200 OK' "$RES" +RES="Foo-One0/example-jukebox:jukebox/library/artist\[name='Foo Fighters'\]/album\[name='Wasting Light'\]/song\[name='Bridge Burning'\]1/example-jukebox:jukebox/library/artist\[name='Foo Fighters'\]/album\[name='Wasting Light'\]/song\[name='Rope'\]" +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example-jukebox:jukebox/playlist=Foo-One -H 'Accept: application/yang-data+xml')" 0 'HTTP/1.1 200 OK' "$RES" new 'B.3.5. "point" Parameter (before for more interesting order: 0,2,1)' JSON="{\"example-jukebox:song\":[{\"index\":2,\"id\":\"/example-jukebox:jukebox/library/artist[name='Foo Fighters']/album[name='Wasting Light']/song[name='Bridge Burning']\"}]}" diff --git a/test/test_restconf_listkey.sh b/test/test_restconf_listkey.sh index a27ad2dd..51bc00df 100755 --- a/test/test_restconf_listkey.sh +++ b/test/test_restconf_listkey.sh @@ -82,7 +82,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg diff --git a/test/test_restconf_patch.sh b/test/test_restconf_patch.sh index 05df4bb9..029af923 100755 --- a/test/test_restconf_patch.sh +++ b/test/test_restconf_patch.sh @@ -101,6 +101,7 @@ if [ $BE -ne 0 ]; then err fi sudo pkill -f clixon_backend # to be sure + new "start backend -s startup -f $cfg" start_backend -s startup -f $cfg fi @@ -108,14 +109,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon (-a is enable basic authentication)" -start_restconf -f $cfg -- -a + new "start restconf daemon (-a is enable basic authentication)" + start_restconf -f $cfg -- -a -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi # also in test_restconf.sh new "MUST support the PATCH method for a plain patch" @@ -134,7 +137,7 @@ new "Check content (json)" expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/example-jukebox:jukebox -H 'Accept: application/yang-data+json')" 0 'HTTP/1.1 200 OK' '{"example-jukebox:jukebox":{"library":{"artist":\[{"name":"Clash"}\]}}}' new "Check content (xml)" -expectpart "$(curl -u andy:bar -si -X GET $RCPROTO://localhost/restconf/data/example-jukebox:jukebox -H 'Accept: application/yang-data+xml')" 0 'HTTP/1.1 200 OK' 'Clash' +expectpart "$(curl -u andy:bar -sik -X GET $RCPROTO://localhost/restconf/data/example-jukebox:jukebox -H 'Accept: application/yang-data+xml')" 0 'HTTP/1.1 200 OK' 'Clash' new 'If the user is not authorized, "403 Forbidden" SHOULD be returned.' expectpart "$(curl -u wilma:bar -sik -X PATCH -H 'Content-Type: application/yang-data+json' $RCPROTO://localhost/restconf/data/example-jukebox:jukebox/library/artist=Clash -d '{"example-jukebox:artist":{"name":"Clash","album":{"name":"London Calling"}}}')" 0 "HTTP/1.1 403 Forbidden" '{"ietf-restconf:errors":{"error":{"error-type":"application","error-tag":"access-denied","error-severity":"error","error-message":"default deny"}}}' @@ -202,8 +205,10 @@ expectpart "$(curl -u andy:bar -sik -X PATCH -H 'Content-Type: application/yang- new "The key leaf values MUST be the same as the key leaf values in the request" expectpart "$(curl -u andy:bar -sik -X PATCH -H "Content-Type: application/yang-data+json" $RCPROTO://localhost/restconf/data/example-jukebox:jukebox/library/artist=Clash/album=London%20Calling -d '{"example-jukebox:album":{"name":"The Clash"}}')" 0 'HTTP/1.1 412 Precondition Failed' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_restconf_startup.sh b/test/test_restconf_startup.sh index ab6e457c..67ceed07 100755 --- a/test/test_restconf_startup.sh +++ b/test/test_restconf_startup.sh @@ -65,7 +65,7 @@ testrun(){ wait_backend new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg -y $fyang $option diff --git a/test/test_rpc.sh b/test/test_rpc.sh index 7aa7f0f7..bb66cfb5 100755 --- a/test/test_rpc.sh +++ b/test/test_rpc.sh @@ -45,21 +45,23 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "rpc tests" # 1.First some positive tests vary media types # extra complex because pattern matching on return haders new "restconf empty rpc" -ret=$(curl -is -X POST http://localhost/restconf/operations/clixon-example:empty) +ret=$(curl -sik -X POST $RCPROTO://localhost/restconf/operations/clixon-example:empty) expect="204 No Content" match=`echo $ret | grep --null -Eo "$expect"` if [ -z "$match" ]; then @@ -70,29 +72,29 @@ new "netconf empty rpc" expecteof "$clixon_netconf -qf $cfg" 0 ']]>]]>' '^]]>]]>$' new "restconf example rpc json/json default - no http media headers" -expectpart "$(curl -is -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":0}}' http://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 200 OK' 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' +expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":0}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 200 OK' 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' new "restconf example rpc json/json change y default" -expectpart "$(curl -is -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":"0","y":"99"}}' http://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"99"}}' +expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" -d '{"clixon-example:input":{"x":"0","y":"99"}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"99"}}' new "restconf example rpc json/json" # XXX example:input example:output -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+json' -d '{"clixon-example:input":{"x":"0"}}' http://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+json' -d '{"clixon-example:input":{"x":"0"}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' new "restconf example rpc xml/json" -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+json' -d '0' http://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+json' -d '0' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+json' '{"clixon-example:output":{"x":"0","y":"42"}}' new "restconf example rpc json/xml" -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+xml' -d '{"clixon-example:input":{"x":"0"}}' http://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+xml' '042' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+xml' -d '{"clixon-example:input":{"x":"0"}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+xml' '042' new "restconf example rpc xml/xml" -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+xml' -d '0' http://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+xml' '042' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+xml' -d '0' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'Content-Type: application/yang-data+xml' '042' new "restconf example rpc xml in w json encoding (expect fail)" -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+xml' -d '0' http://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 400 Bad Request' "rpcmalformed-messageerrorjson_parse: line 1: syntax error at or before: '<'" +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+json' -H 'Accept: application/yang-data+xml' -d '0' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 400 Bad Request' "rpcmalformed-messageerrorjson_parse: line 1: syntax error at or before: '<'" new "restconf example rpc json in xml encoding (expect fail)" -expectpart "$(curl -is -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+xml' -d '{"clixon-example:input":{"x":"0"}}' http://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 400 Bad Reques' 'rpcmalformed-messageerrorxml_parse: line 0: syntax error: at or before: "' +expectpart "$(curl -sik -X POST -H 'Content-Type: application/yang-data+xml' -H 'Accept: application/yang-data+xml' -d '{"clixon-example:input":{"x":"0"}}' $RCPROTO://localhost/restconf/operations/clixon-example:example)" 0 'HTTP/1.1 400 Bad Reques' 'rpcmalformed-messageerrorxml_parse: line 0: syntax error: at or before: "' new "netconf example rpc" expecteof "$clixon_netconf -qf $cfg" 0 '0]]>]]>' '^042]]>]]>$' @@ -100,7 +102,7 @@ expecteof "$clixon_netconf -qf $cfg" 0 ']]>]]>' '^applicationmissing-elementsession-iderrorMandatory variable]]>]]>$' @@ -158,10 +160,12 @@ new "netconf wrong rpc namespace (should fail)" expecteof "$clixon_netconf -qf $cfg" 0 ']]>]]>' '^applicationunknown-elementgeterror]]>]]>$' new "restconf wrong rpc (should fail" -expectpart "$(curl -is -X POST -H "Content-Type: application/yang-data+json" u http://localhost/restconf/operations/clixon-foo:get)" 0 'HTTP/1.1 412 Precondition Failed' '{"ietf-restconf:errors":{"error":{"error-type":"protocol","error-tag":"operation-failed","error-severity":"error","error-message":"yang module not found"}}}' +expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" u $RCPROTO://localhost/restconf/operations/clixon-foo:get)" 0 'HTTP/1.1 412 Precondition Failed' '{"ietf-restconf:errors":{"error":{"error-type":"protocol","error-tag":"operation-failed","error-severity":"error","error-message":"yang module not found"}}}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_stream.sh b/test/test_stream.sh index 098b2ffe..94e106a1 100755 --- a/test/test_stream.sh +++ b/test/test_stream.sh @@ -120,7 +120,7 @@ wait_backend if [ $RC -ne 0 ]; then new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg @@ -170,21 +170,21 @@ sleep 1 new "2. Restconf RFC8040 stream testing" # 2.1 Stream discovery new "restconf event stream discovery RFC8040 Sec 6.2" -expectfn "curl -s -X GET http://localhost/restconf/data/ietf-restconf-monitoring:restconf-state/streams" 0 '{"ietf-restconf-monitoring:streams":{"stream":\[{"name":"EXAMPLE","description":"Example event stream","replay-support":true,"access":\[{"encoding":"xml","location":"https://localhost/streams/EXAMPLE"}\]}\]}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-restconf-monitoring:restconf-state/streams)" 0 "HTTP/1.1 200 OK" '{"ietf-restconf-monitoring:streams":{"stream":\[{"name":"EXAMPLE","description":"Example event stream","replay-support":true,"access":\[{"encoding":"xml","location":"https://localhost/streams/EXAMPLE"}\]}\]}' sleep 1 new "restconf subscribe RFC8040 Sec 6.3, get location" -expectfn "curl -s -X GET http://localhost/restconf/data/ietf-restconf-monitoring:restconf-state/streams/stream=EXAMPLE/access=xml/location" 0 '{"ietf-restconf-monitoring:location":"https://localhost/streams/EXAMPLE"}' +expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/ietf-restconf-monitoring:restconf-state/streams/stream=EXAMPLE/access=xml/location)" 0 "HTTP/1.1 200 OK" '{"ietf-restconf-monitoring:location":"https://localhost/streams/EXAMPLE"}' sleep 1 # Restconf stream subscription RFC8040 Sec 6.3 # Start Subscription w error new "restconf monitor event nonexist stream" -expectwait 'curl -s -X GET -H "Accept: text/event-stream" -H "Cache-Control: no-cache" -H "Connection: keep-alive" http://localhost/streams/NOTEXIST' 0 'applicationinvalid-valueerrorNo such stream' 2 +expectwait "curl -sk -X GET -H \"Accept: text/event-stream\" -H \"Cache-Control: no-cache\" -H \"Connection: keep-alive\" $RCPROTO://localhost/streams/NOTEXIST" 0 'applicationinvalid-valueerrorNo such stream' 2 # 2a) start subscription 8s - expect 1-2 notifications new "2a) start subscriptions 8s - expect 1-2 notifications" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 8) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 8) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") @@ -200,7 +200,7 @@ sleep 1 # 2b) start subscription 8s - stoptime after 5s - expect 1-2 notifications new "2b) start subscriptions 8s - stoptime after 5s - expect 1-2 notifications" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 8 -e +10) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 8 -e +10) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") if [ -z "$match" ]; then @@ -215,7 +215,7 @@ sleep 1 # 2c new "2c) start sub 8s - replay from start -8s - expect 3-4 notifications" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 10 -s -8) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 10 -s -8) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") if [ -z "$match" ]; then @@ -230,7 +230,7 @@ sleep 1 # 2d) start sub 8s - replay from start -8s to stop +4s - expect 3 notifications new "2d) start sub 8s - replay from start -8s to stop +4s - expect 3 notifications" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 10 -s -30 -e +4) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 10 -s -30 -e +4) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") if [ -z "$match" ]; then @@ -244,9 +244,9 @@ fi sleep 1 -# 2e) start sub 8s - replay from -90s w retention 60s - expect 10 notifications +# 2e) start sub 8s - replay from -90s w retention 60s - expect 9-14 notifications new "2e) start sub 8s - replay from -90s w retention 60s - expect 10 notifications" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 10 -s -90 -e +0) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 10 -s -90 -e +0) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") if [ -z "$match" ]; then @@ -255,18 +255,18 @@ fi nr=$(echo "$ret" | grep -c "data:") if [ $nr -lt 9 -o $nr -gt 14 ]; then - err 10 "$nr" + err "9-14" "$nr" fi sleep 1 # Try parallell # start background job -curl -s -X GET -H "Accept: text/event-stream" -H "Cache-Control: no-cache" -H "Connection: keep-alive" "http://localhost/streams/EXAMPLE" > /dev/null & +curl -sik -X GET -H "Accept: text/event-stream" -H "Cache-Control: no-cache" -H "Connection: keep-alive" "$RCPROTO://localhost/streams/EXAMPLE" > /dev/null & PID=$! new "Start subscriptions in parallell" -ret=$($clixon_util_stream -u http://localhost/streams/EXAMPLE -t 8) +ret=$($clixon_util_stream -u $RCPROTO://localhost/streams/EXAMPLE -t 8) expect="data: ${DATE}T[0-9:.]*ZfaultEthernet0major" match=$(echo "$ret" | grep -Eo "$expect") @@ -284,7 +284,7 @@ kill $PID # NCHAN Need manual testing echo "Nchan streams requires manual testing" echo "Add http://localhost/pub to config" -echo "Eg: curl -H \"Accept: text/event-stream\" -s -X GET http://localhost/sub/EXAMPLE" +echo "Eg: curl -sik -H \"Accept: text/event-stream\" -s -X GET $RCPROTO://localhost/sub/EXAMPLE" #----------------- sleep 5 diff --git a/test/test_submodule.sh b/test/test_submodule.sh index 082b3e27..4677350c 100755 --- a/test/test_submodule.sh +++ b/test/test_submodule.sh @@ -161,14 +161,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "netconfig edit main module" expecteof "$clixon_netconf -qf $cfg" 0 '
foofoo
]]>]]>' "^]]>]]>$" @@ -216,8 +218,10 @@ expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" $R new "restconf check main/sub1/sub2 contents" expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data?content=config)" 0 'HTTP/1.1 200 OK' '{"data":{"main:main":{"ext":"foo","x":"foo"},"main:sub1":{"ext1":"foo","x":"foo"},"main:sub2":{"ext2":"foo","x":"foo"}}}' -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE diff --git a/test/test_upgrade.sh b/test/test_upgrade.sh index d4ae7674..9ee25bad 100755 --- a/test/test_upgrade.sh +++ b/test/test_upgrade.sh @@ -137,7 +137,7 @@ cat < $dir/compat-valid.xml EOF -# Create compatiblae startup db +# Create compatible startup db # startup config XML with following cat < $dir/compat-invalid.xml diff --git a/test/test_upgrade_auto.sh b/test/test_upgrade_auto.sh index 0169f29c..f1cff706 100755 --- a/test/test_upgrade_auto.sh +++ b/test/test_upgrade_auto.sh @@ -258,20 +258,24 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "Check running db content" expecteof "$clixon_netconf -qf $cfg" 0 ']]>]]>' "^$XML]]>]]>$" -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -ne 0 ]; then new "Kill backend" diff --git a/test/test_upgrade_interfaces.sh b/test/test_upgrade_interfaces.sh index 564cbf60..0c230e2f 100755 --- a/test/test_upgrade_interfaces.sh +++ b/test/test_upgrade_interfaces.sh @@ -270,7 +270,7 @@ testrun(){ wait_backend new "kill old restconf daemon" - sudo pkill -u $wwwuser -f clixon_restconf + stop_restconf_pre new "start restconf daemon" start_restconf -f $cfg diff --git a/test/test_upgrade_repair.sh b/test/test_upgrade_repair.sh index bb0a3301..8ec0f860 100755 --- a/test/test_upgrade_repair.sh +++ b/test/test_upgrade_repair.sh @@ -116,14 +116,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "Check running db content is failsafe" expecteof "$clixon_netconf -qf $cfg" 0 ']]>]]>' "^$SAMEXML]]>]]>$" @@ -147,8 +149,10 @@ expecteof "$clixon_netconf -qf $cfg" 0 "]]>]]>" "^]]>]]>' "^$SAMEXML$NEWXML]]>]]>$" -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -ne 0 ]; then new "Kill backend" diff --git a/test/test_yang_namespace.sh b/test/test_yang_namespace.sh index 6047a9d1..e56700d6 100755 --- a/test/test_yang_namespace.sh +++ b/test/test_yang_namespace.sh @@ -78,14 +78,16 @@ fi new "waiting" wait_backend -new "kill old restconf daemon" -sudo pkill -u $wwwuser -f clixon_restconf +if [ $RC -ne 0 ]; then + new "kill old restconf daemon" + stop_restconf_pre -new "start restconf daemon" -start_restconf -f $cfg + new "start restconf daemon" + start_restconf -f $cfg -new "waiting" -wait_restconf + new "waiting" + wait_restconf +fi new "netconf set x in example1" expecteof "$clixon_netconf -qf $cfg" 0 '42]]>]]>' '^]]>]]>$' @@ -122,15 +124,17 @@ expectpart "$(curl -sik -X POST -H "Content-Type: application/yang-data+json" -d #expectpart "$(curl -sik -X GET $RCPROTO://localhost/restconf/data/example2:x)" 0 "HTTP/1.1 200 OK" '{"example2:x":{"y":42}}' new "restconf get config example1 and example2" -ret=$(curl -s -X GET http://localhost/restconf/data) +ret=$(curl -sik -X GET $RCPROTO://localhost/restconf/data) expect='"example1:x":42,"example2:x":{"y":99}' match=`echo $ret | grep --null -Eo "$expect"` if [ -z "$match" ]; then err "$expect" "$ret" fi -new "Kill restconf daemon" -stop_restconf +if [ $RC -ne 0 ]; then + new "Kill restconf daemon" + stop_restconf +fi if [ $BE -eq 0 ]; then exit # BE