1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

test: add test for loading read-only modules

Browse Source 
Adds a test-case to cover loading modules
the user does not have permission to write to.

Covers issue logged in https://github.com/nodejs/node/issues/20112

PR-URL: https://github.com/nodejs/node/pull/20138
Refs: https://github.com/nodejs/node/issues/20112
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Bartosz Sosnowski <bartosz@janeasystems.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Bill Ticehurst 2018-04-18 11:55:35 -07:00 committed by Vse Mozhet Byt
parent 63d991b7cf
commit 3ba81e34e8
1 changed files with 48 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
test/parallel/test-module-readonly.js Normal file
View File

@ -0,0 +1,48 @@
'use strict';
const common = require('../common');
if (!common.isWindows) {
// TODO: Similar checks on *nix-like systems (e.g using chmod or the like)
common.skip('test only runs on Windows');
}
const assert = require('assert');
const fs = require('fs');
const path = require('path');
const cp = require('child_process');
const tmpdir = require('../common/tmpdir');
tmpdir.refresh();
// Create readOnlyMod.js and set to read only
const readOnlyMod = path.join(tmpdir.path, 'readOnlyMod');
const readOnlyModRelative = path.relative(__dirname, readOnlyMod);
const readOnlyModFullPath = `${readOnlyMod}.js`;
fs.writeFileSync(readOnlyModFullPath, 'module.exports = 42;');
// Removed any inherited ACEs, and any explicitly granted ACEs for the
// current user
cp.execSync(
`icacls.exe "${readOnlyModFullPath}" /inheritance:r /remove "%USERNAME%"`);
// Grant the current user read & execute only
cp.execSync(`icacls.exe "${readOnlyModFullPath}" /grant "%USERNAME%":RX`);
let except = null;
try {
// Attempt to load the module. Will fail if write access is required
require(readOnlyModRelative);
} catch (err) {
except = err;
}
// Remove the expliclty granted rights, and reenable inheritance
cp.execSync(
`icacls.exe "${readOnlyModFullPath}" /remove "%USERNAME%" /inheritance:e`);
// Delete the test module (note: tmpdir should get cleaned anyway)
fs.unlinkSync(readOnlyModFullPath);
assert.ifError(except);