def test_unmodified_database_retains_permissions(self):
# ConfigurationFile.open() leaves the file permissions of existing
# configuration databases if they're not modified.
config_file = os.path.join(self.make_dir(), "config")
open(config_file, "wb").close() # touch.
os.chmod(config_file, 0o644) # u=rw,go=r
with ConfigurationFile.open_for_update(config_file):
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-r--r--", perms.shorthand())
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-r--r--", perms.shorthand())
def test_open_permissions_new_database(self):
# ProfileConfig.open() applies restrictive file permissions to newly
# created configuration databases.
config_file = os.path.join(self.make_dir(), "config")
with api.ProfileConfig.open(config_file, create=True):
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-------", perms.shorthand())
def test_open_permissions_new_database(self):
# ProfileConfig.open() applies restrictive file permissions to newly
# created configuration databases.
config_file = os.path.join(self.make_dir(), "config")
with api.ProfileConfig.open(config_file):
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-------", perms.shorthand())
def test_open_permissions_new_database(self):
# ProfileStore.open() applies restrictive file permissions to newly
# created configuration databases.
config_file = self.makeDir().joinpath("config")
with ProfileStore.open(config_file):
perms = FilePath(str(config_file)).getPermissions()
self.assertEqual("rw-------", perms.shorthand())
def test_open_permissions_existing_database(self):
# ProfileConfig.open() leaves the file permissions of existing
# configuration databases.
config_file = os.path.join(self.make_dir(), "config")
open(config_file, "wb").close() # touch.
os.chmod(config_file, 0o644) # u=rw,go=r
with api.ProfileConfig.open(config_file):
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-r--r--", perms.shorthand())
def test_open_permissions_existing_database(self):
# ProfileConfig.open() leaves the file permissions of existing
# configuration databases.
config_file = os.path.join(self.make_dir(), "config")
open(config_file, "wb").close() # touch.
os.chmod(config_file, 0644) # u=rw,go=r
with api.ProfileConfig.open(config_file):
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-r--r--", perms.shorthand())
def test_open_permissions_existing_database(self):
# ProfileStore.open() leaves the file permissions of existing
# configuration databases.
config_file = self.makeDir().joinpath("config")
config_file.touch()
config_file.chmod(0o644) # u=rw,go=r
with ProfileStore.open(config_file):
perms = FilePath(str(config_file)).getPermissions()
self.assertEqual("rw-r--r--", perms.shorthand())
def test_modified_database_uses_safe_permissions_if_file_missing(self):
# ConfigurationFile.open() uses a sensible u=rw,g=r file mode when
# saving if the database file has been inexplicably removed. This is
# the same mode as used when opening a new database.
config_file = os.path.join(self.make_dir(), "config")
open(config_file, "wb").close() # touch.
os.chmod(config_file, 0o644) # u=rw,go=r
with ConfigurationFile.open_for_update(config_file) as config:
config["foobar"] = "I am a modification"
os.unlink(config_file)
perms = FilePath(config_file).getPermissions()
self.assertEqual("rw-r-----", perms.shorthand())
