1#!/usr/local/bin/ksh93 -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26#
27# ident	"@(#)zfs_allow_002_pos.ksh	1.3	08/11/03 SMI"
28#
29
30. $STF_SUITE/tests/delegate/delegate_common.kshlib
31
32#################################################################################
33#
34# __stc_assertion_start
35#
36# ID: zfs_allow_002_pos
37#
38# DESCRIPTION:
39# <user|group> argument is interpreted as a user if possible, then as a group as
40# possible.
41#
42# STRATEGY:
43#	1. Create user $STAFF_GROUP
44#	2. Delegate permissions to $STAFF_GROUP
45#	3. Verify user $STAFF_GROUP has the permissions.
46#	4. Delete user $STAFF_GROUP and allow the permission to $STAFF_GROUP
47#	5. Verify $STAFF_GROUP is interpreted as group.
48#
49# TESTABILITY: explicit
50#
51# TEST_AUTOMATION_LEVEL: automated
52#
53# CODING_STATUS: COMPLETED (2006-09-14)
54#
55# __stc_assertion_end
56#
57################################################################################
58
59verify_runnable "both"
60
61function cleanup
62{
63	if $ID $STAFF_GROUP > /dev/null 2>&1; then
64		log_must del_user $STAFF_GROUP
65	fi
66}
67
68log_assert "<user|group> is interpreted as user if possible, then as group."
69log_onexit cleanup
70
71eval set -A dataset $DATASETS
72enc=$(get_prop encryption $dataset)
73if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then
74	typeset perms="snapshot,reservation,compression,send,allow,\
75userprop"
76else
77	typeset perms="snapshot,reservation,compression,checksum,\
78send,allow,userprop"
79fi
80
81log_must $USERADD $STAFF_GROUP
82for dtst in $DATASETS ; do
83	log_must $ZFS allow $STAFF_GROUP $perms $dtst
84	log_must verify_perm $dtst $perms $STAFF_GROUP
85	log_must verify_noperm $dtst $perms $STAFF1 $STAFF2
86done
87
88log_must restore_root_datasets
89
90log_must del_user $STAFF_GROUP
91for dtst in $datasets ; do
92	log_must $ZFS allow $STAFF_GROUP $perms $dtst
93	log_must verify_perm $dtst $perms $STAFF1 $STAFF2
94done
95
96log_pass "<user|group> is interpreted as user if possible, then as group passed."
97