Added error-info to netconf error-msg for duplicate leaf-lists

Test: removed potential duplicate user in nacm.sh
2024-03-26 14:32:41 +01:00 · 2024-03-26 14:32:41 +01:00 · c9c5d4f813
commit c9c5d4f813
parent df2af320c2
6 changed files with 38 additions and 22 deletions
--- a/test/nacm.sh
+++ b/test/nacm.sh
@ -2,7 +2,9 @@
 # Authentication and authorization and IETF NACM
 # Library variable and functions

-USER=$(whoami)
+if [ $(whoami) != root ]; then
+    EXTRAUSER="<user-name>$(whoami)</user-name>"
+fi

 # Three groups from RFC8341 A.1 (admin extended with $USER)
 NGROUPS=$(cat <<EOF
@ -12,7 +14,7 @@ NGROUPS=$(cat <<EOF
         <user-name>root</user-name>
         <user-name>admin</user-name>
         <user-name>andy</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
       </group>
       <group>
         <name>limited</name>
--- a/test/test_nacm_credentials.sh
+++ b/test/test_nacm_credentials.sh
@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang

+NACMUSER=$(whoami)
+
 cat <<EOF > $fyang
 module nacm-example{
  yang-version 1.1;
@ -182,13 +184,13 @@ testrun except "" UNIX $dir/backend.sock "$OK" ""

 # UNIX socket, myuser, loop mode. All should work
 new "Credentials: mode=none, fam=UNIX user=me"
-testrun none "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun none "$NACMUSER" UNIX $dir/backend.sock "$OK" ""

 new "Credentials: mode=exact, fam=UNIX user=me"
-testrun exact "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun exact "$NACMUSER" UNIX $dir/backend.sock "$OK" ""

 new "Credentials: mode=except, fam=UNIX user=me"
-testrun except "$USER" UNIX $dir/backend.sock "$OK" ""
+testrun except "$NACMUSER" UNIX $dir/backend.sock "$OK" ""

 # UNIX socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin"
@ -212,15 +214,17 @@ testrun except admin UNIX $dir/backend.sock "$OK" sudo

 # IPv4 socket, admin user. First should work
 new "Credentials: mode=none, fam=UNIX user=admin sudo"
-testrun none $USER IPv4 127.0.0.1 "$OK" ""
+testrun none $NACMUSER IPv4 127.0.0.1 "$OK" ""

 new "Credentials: mode=exact, fam=UNIX user=admin sudo"
-testrun exact $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun exact $NACMUSER IPv4 127.0.0.1 "$ERROR" ""

 new "Credentials: mode=except, fam=UNIX user=admin sudo"
-testrun except $USER IPv4 127.0.0.1 "$ERROR" ""
+testrun except $NACMUSER IPv4 127.0.0.1 "$ERROR" ""

 rm -rf $dir

+unset NACMUSER
+
 new "endtest"
 endtest
--- a/test/test_nacm_recovery.sh
+++ b/test/test_nacm_recovery.sh
@ -18,6 +18,8 @@ APPNAME=example
 cfg=$dir/conf_yang.xml
 fyang=$dir/nacm-example.yang

+NACMUSER=$(whoami)
+
 # cred:none, exact, except

 # Define default restconfig config: RESTCONFIG
@ -147,20 +149,20 @@ EOF
 }

 #------- CRED: except USER: non-root
-if [ "$USER" != root ]; then # Skip if USER is root
+if [ "$NACMUSER" != root ]; then # Skip if USER is root
 # This is default, therefore first
 CRED=except 
-REALUSER=$USER
+REALUSER=$NACMUSER

 # Recovery as a seperate user does not work
-PSEUDO=$USER
+PSEUDO=$NACMUSER
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true false

 # Recovery as actual user works
-PSEUDO=$USER
-RECOVERY=$USER
+PSEUDO=$NACMUSER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY true true

@ -171,13 +173,13 @@ new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false

 PSEUDO=_recovery
-RECOVERY=$USER
+RECOVERY=$NACMUSER
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
 testrun $CRED $REALUSER $PSEUDO $RECOVERY false false

-fi # skip is USER is root
+fi # skip is NACMUSER is root

-#------- CRED: except USER: root
+#------- CRED: except NACMUSER: root
 CRED=except 
 REALUSER=root 

@ -207,7 +209,7 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY true false
 #------- CRED: none
 # Check you can use any pseudo user if cred is none
 CRED=none
-REALUSER=$USER
+REALUSER=$NACMUSER
 PSEUDO=_recovery
 RECOVERY=_recovery
 new "cred: $CRED realuser:$REALUSER pseudo:$PSEUDO recovery:$RECOVERY"
@ -225,4 +227,6 @@ testrun $CRED $REALUSER $PSEUDO $RECOVERY false false
 new "endtest"
 endtest

+unset NACMUSER
+
 rm -rf $dir
--- a/test/test_netconf_duplicate.sh
+++ b/test/test_netconf_duplicate.sh
@ -66,7 +66,6 @@ fi
 new "wait backend"
 wait_backend

-if false; then
 new "Add list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
     <server>
@ -78,14 +77,13 @@ expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS>
       <value>foo</value>
     </server>
 </c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/server[name=\"one\"]/name</non-unique></error-info></rpc-error></rpc-reply>"
-fi

 new "Add leaf-list with duplicate"
 expecteof_netconf "$clixon_netconf -qf $cfg" 0 "$DEFAULTHELLO" "<rpc $DEFAULTNS><edit-config><target><candidate/></target><default-operation>replace</default-operation><config><c xmlns=\"urn:example:clixon\">
       <b>one</b>
       <b>two</b>
       <b>one</b>
-</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity></rpc-error></rpc-reply>"
+</c></config></edit-config></rpc>" "" "<rpc-reply $DEFAULTNS><rpc-error><error-type>application</error-type><error-tag>operation-failed</error-tag><error-app-tag>data-not-unique</error-app-tag><error-severity>error</error-severity><error-info><non-unique xmlns=\"urn:ietf:params:xml:ns:yang:1\">/rpc/edit-config/config/c/b[.=\"one\"]/one</non-unique></error-info></rpc-error></rpc-reply>"

 if [ $BE -ne 0 ]; then
    new "Kill backend"
--- a/test/test_restconf_basic_auth.sh
+++ b/test/test_restconf_basic_auth.sh
@ -101,7 +101,7 @@ cat <<EOF > $dir/startup_db
       <group>
         <name>admin</name>
         <user-name>root</user-name>
-         <user-name>$USER</user-name>
+         $EXTRAUSER
       </group>
     </groups>
     <rule-list>