using Rainbow.Services;
using Xunit;
namespace XUnitTest.Rainbow.Services;
public class SudoWhitelistTests
{
[Fact(DisplayName = "空配置全拒绝")]
public void Empty()
{
var w = new SudoWhitelist("");
Assert.False(w.IsAllowed("/sbin/ip"));
}
[Fact(DisplayName = "精确匹配")]
public void Exact()
{
var w = new SudoWhitelist("/sbin/ip");
Assert.True(w.IsAllowed("/sbin/ip"));
Assert.False(w.IsAllowed("/bin/rm"));
}
[Fact(DisplayName = "通配匹配_前缀匹配成功")]
public void Wildcard_PrefixMatch()
{
var w = new SudoWhitelist("/usr/sbin/iptables *");
Assert.True(w.IsAllowed("/usr/sbin/iptables"));
Assert.True(w.IsAllowed("/usr/sbin/iptables -A INPUT"));
Assert.False(w.IsAllowed("/usr/sbin/iptables-restore"));
}
[Fact(DisplayName = "多规则_逗号分隔")]
public void MultipleRules_CommaSeparated()
{
var w = new SudoWhitelist("/sbin/ip, /usr/sbin/iptables *, /bin/echo");
Assert.True(w.IsAllowed("/sbin/ip"));
Assert.True(w.IsAllowed("/usr/sbin/iptables"));
Assert.True(w.IsAllowed("/bin/echo"));
Assert.False(w.IsAllowed("/bin/rm"));
}
[Fact(DisplayName = "Null命令返回false")]
public void NullCommand_ReturnsFalse()
{
var w = new SudoWhitelist("/sbin/ip");
Assert.False(w.IsAllowed(null!));
}
[Fact(DisplayName = "空字符串命令返回false")]
public void EmptyCommand_ReturnsFalse()
{
var w = new SudoWhitelist("/sbin/ip");
Assert.False(w.IsAllowed(""));
}
[Fact(DisplayName = "配置带空格_Trim后正确匹配")]
public void ConfigWithSpaces_Trimmed()
{
var w = new SudoWhitelist(" /sbin/ip , /bin/echo ");
Assert.True(w.IsAllowed("/sbin/ip"));
Assert.True(w.IsAllowed("/bin/echo"));
Assert.Equal(2, w.Count);
}
}
|