diff --git a/Cargo.lock b/Cargo.lock index af07fbabb65..daa2c48e2d7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4023,7 +4023,6 @@ dependencies = [ "tedge_utils", "tokio", "uzers", - "whoami", ] [[package]] diff --git a/crates/extensions/tedge_config_manager/src/actor.rs b/crates/extensions/tedge_config_manager/src/actor.rs index 350aba623de..f6e1353a40e 100644 --- a/crates/extensions/tedge_config_manager/src/actor.rs +++ b/crates/extensions/tedge_config_manager/src/actor.rs @@ -335,8 +335,7 @@ impl ConfigManagerWorker { return Err(anyhow::anyhow!("tedge_url not present in config update payload").into()); }; - let download_request = DownloadRequest::new(tedge_url, temp_path.as_std_path()) - .with_permission(file_entry.file_permissions.to_owned()); + let download_request = DownloadRequest::new(tedge_url, temp_path.as_std_path()); info!( "Awaiting download for config type: {} from url: {}", diff --git a/crates/extensions/tedge_downloader_ext/Cargo.toml b/crates/extensions/tedge_downloader_ext/Cargo.toml index bc558c65dff..ce104e8bb63 100644 --- a/crates/extensions/tedge_downloader_ext/Cargo.toml +++ b/crates/extensions/tedge_downloader_ext/Cargo.toml @@ -24,7 +24,6 @@ mockito = { workspace = true } tedge_test_utils = { workspace = true } tokio = { workspace = true, default_features = false, features = ["time"] } uzers = { workspace = true } -whoami = { workspace = true } [lints] workspace = true diff --git a/crates/extensions/tedge_downloader_ext/src/actor.rs b/crates/extensions/tedge_downloader_ext/src/actor.rs index ae0ed005061..f0a250e475f 100644 --- a/crates/extensions/tedge_downloader_ext/src/actor.rs +++ b/crates/extensions/tedge_downloader_ext/src/actor.rs @@ -40,13 +40,6 @@ impl DownloadRequest { ..self } } - - pub fn with_permission(self, permission: PermissionEntry) -> Self { - Self { - permission: Some(permission), - ..self - } - } } pub type DownloadResult = Result; diff --git a/crates/extensions/tedge_downloader_ext/src/tests.rs b/crates/extensions/tedge_downloader_ext/src/tests.rs index e0d6b5de124..7b2fbebc640 100644 --- a/crates/extensions/tedge_downloader_ext/src/tests.rs +++ b/crates/extensions/tedge_downloader_ext/src/tests.rs @@ -4,7 +4,6 @@ use download::Auth; use std::time::Duration; use tedge_actors::ClientMessageBox; use tedge_test_utils::fs::TempTedgeDir; -use tedge_utils::file::PermissionEntry; use tokio::time::timeout; const TEST_TIMEOUT: Duration = Duration::from_secs(5); @@ -71,43 +70,6 @@ async fn download_with_auth() { assert_eq!(response.as_ref().unwrap().url, server_url); } -#[tokio::test] -async fn download_with_permission() { - let ttd = TempTedgeDir::new(); - let mut server = mockito::Server::new(); - let _mock = server - .mock("GET", "/") - .with_status(200) - .with_header("content-type", "text/plain") - .with_body("without auth") - .create(); - - let target_path = ttd.path().join("downloaded_file"); - let server_url = server.url(); - let user = whoami::username(); - let group = uzers::get_current_groupname() - .unwrap() - .into_string() - .unwrap(); - - let download_request = DownloadRequest::new(&server_url, &target_path) - .with_permission(PermissionEntry::new(Some(user), Some(group), Some(0o775))); - - let mut requester = spawn_downloader_actor().await; - - let (id, response) = timeout( - TEST_TIMEOUT, - requester.await_response(("id".to_string(), download_request)), - ) - .await - .expect("timeout") - .expect("channel error"); - - assert_eq!(id.as_str(), "id"); - assert_eq!(response.as_ref().unwrap().file_path, target_path.as_path()); - assert_eq!(response.as_ref().unwrap().url, server_url); -} - async fn spawn_downloader_actor( ) -> ClientMessageBox<(String, DownloadRequest), (String, DownloadResult)> { let mut downloader_actor_builder = diff --git a/tests/RobotFramework/tests/cumulocity/configuration/config-root.json b/tests/RobotFramework/tests/cumulocity/configuration/config-root.json new file mode 100644 index 00000000000..8ef932f6b83 --- /dev/null +++ b/tests/RobotFramework/tests/cumulocity/configuration/config-root.json @@ -0,0 +1 @@ +{"name":"configuration1"} \ No newline at end of file diff --git a/tests/RobotFramework/tests/cumulocity/configuration/configuration_operation.robot b/tests/RobotFramework/tests/cumulocity/configuration/configuration_operation.robot index eeaff9100da..11481f9ba47 100644 --- a/tests/RobotFramework/tests/cumulocity/configuration/configuration_operation.robot +++ b/tests/RobotFramework/tests/cumulocity/configuration/configuration_operation.robot @@ -29,6 +29,8 @@ Set Configuration when file does not exist Binary file (Main Device) ${PARENT_SN} ${PARENT_SN} CONFIG1_BINARY /etc/binary-config1.tar.gz ${CURDIR}/binary-config1.tar.gz 640 tedge:tedge delete_file_before=${true} Text file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG1 /etc/config1.json ${CURDIR}/config1-version2.json 640 tedge:tedge delete_file_before=${true} Binary file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG1_BINARY /etc/binary-config1.tar.gz ${CURDIR}/binary-config1.tar.gz 640 tedge:tedge delete_file_before=${true} + Root-owned file (Main Device) ${PARENT_SN} ${PARENT_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${true} + Root-owned file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${true} Set Configuration when file exists and agent run normally [Documentation] If the configuration file already exists, it should be overwritten, but owner and permissions @@ -39,6 +41,8 @@ Set Configuration when file exists and agent run normally Binary file (Main Device) ${PARENT_SN} ${PARENT_SN} CONFIG1_BINARY /etc/binary-config1.tar.gz ${CURDIR}/binary-config1.tar.gz 664 root:root delete_file_before=${false} Text file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG1 /etc/config1.json ${CURDIR}/config1-version2.json 664 root:root delete_file_before=${false} Binary file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG1_BINARY /etc/binary-config1.tar.gz ${CURDIR}/binary-config1.tar.gz 664 root:root delete_file_before=${false} + Root-owned file (Main Device) ${PARENT_SN} ${PARENT_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${false} + Root-owned file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${true} Set Configuration when file exists and tedge run by root [Documentation] If the configuration file already exists, it should be overwritten, but owner and permissions @@ -53,6 +57,10 @@ Set Configuration when file exists and tedge run by root ... agent_as_root=${true} Binary file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG1_BINARY /etc/binary-config1.tar.gz ${CURDIR}/binary-config1.tar.gz 664 root:root delete_file_before=${false} ... agent_as_root=${true} + Root-owned file (Main Device) ${PARENT_SN} ${PARENT_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${true} + ... agent_as_root=${true} + Root-owned file (Child Device) ${CHILD_SN} ${PARENT_SN}:device:${CHILD_SN} CONFIG-ROOT /etc/config-root.json ${CURDIR}/config-root.json 600 root:root delete_file_before=${true} + ... agent_as_root=${true} Set Configuration when tedge-write is in another location [Template] Set Configuration from Device with tedge-write at another location @@ -433,6 +441,7 @@ Update configuration plugin config via cloud ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... CONFIG1_BINARY ${config_url}= Cumulocity.Create Inventory Binary ... tedge-configuration-plugin @@ -445,6 +454,7 @@ Update configuration plugin config via cloud ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... Config@2.0.0 Modify configuration plugin config via local filesystem modify inplace @@ -456,6 +466,7 @@ Modify configuration plugin config via local filesystem modify inplace ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... CONFIG1_BINARY ThinEdgeIO.Set Device Context ${device} ThinEdgeIO.Execute Command sed -i 's/CONFIG1/CONFIG3/g' /etc/tedge/plugins/tedge-configuration-plugin.toml @@ -465,6 +476,7 @@ Modify configuration plugin config via local filesystem modify inplace ... system.toml ... CONFIG3 ... CONFIG3_BINARY + ... CONFIG-ROOT ${operation}= Cumulocity.Get Configuration CONFIG3 Operation Should Be SUCCESSFUL ${operation} @@ -479,6 +491,7 @@ Modify configuration plugin config via local filesystem overwrite ... system.toml ... CONFIG1 ... CONFIG1_BINARY + ... CONFIG-ROOT ${NEW_CONFIG}= ThinEdgeIO.Execute Command ... sed 's/CONFIG1/CONFIG3/g' /etc/tedge/plugins/tedge-configuration-plugin.toml ThinEdgeIO.Execute Command echo "${NEW_CONFIG}" > /etc/tedge/plugins/tedge-configuration-plugin.toml @@ -488,6 +501,7 @@ Modify configuration plugin config via local filesystem overwrite ... system.toml ... CONFIG3 ... CONFIG3_BINARY + ... CONFIG-ROOT ${operation}= Cumulocity.Get Configuration CONFIG3 Operation Should Be SUCCESSFUL ${operation} @@ -502,6 +516,7 @@ Update configuration plugin config via local filesystem copy ... system.toml ... CONFIG1 ... CONFIG1_BINARY + ... CONFIG-ROOT Transfer To Device ${CURDIR}/tedge-configuration-plugin-updated.toml /etc/tedge/plugins/ Execute Command ... cp /etc/tedge/plugins/tedge-configuration-plugin-updated.toml /etc/tedge/plugins/tedge-configuration-plugin.toml @@ -511,6 +526,7 @@ Update configuration plugin config via local filesystem copy ... system.toml ... CONFIG1 ... Config@2.0.0 + ... CONFIG-ROOT ${operation}= Cumulocity.Get Configuration Config@2.0.0 Operation Should Be SUCCESSFUL ${operation} @@ -524,6 +540,7 @@ Update configuration plugin config via local filesystem move (different director ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... CONFIG1_BINARY Transfer To Device ${CURDIR}/tedge-configuration-plugin-updated.toml /etc/ Execute Command @@ -533,6 +550,8 @@ Update configuration plugin config via local filesystem move (different director ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT + ... Config@2.0.0 ${operation}= Cumulocity.Get Configuration Config@2.0.0 Operation Should Be SUCCESSFUL ${operation} @@ -547,6 +566,7 @@ Update configuration plugin config via local filesystem move (same directory) ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... CONFIG1_BINARY Transfer To Device ${CURDIR}/tedge-configuration-plugin-updated.toml /etc/tedge/plugins/ Execute Command @@ -556,6 +576,7 @@ Update configuration plugin config via local filesystem move (same directory) ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... Config@2.0.0 ${operation}= Cumulocity.Get Configuration Config@2.0.0 Operation Should Be SUCCESSFUL ${operation} diff --git a/tests/RobotFramework/tests/cumulocity/configuration/configuration_with_file_transfer_https.robot b/tests/RobotFramework/tests/cumulocity/configuration/configuration_with_file_transfer_https.robot index f0dbdb69535..9757c64d0e8 100644 --- a/tests/RobotFramework/tests/cumulocity/configuration/configuration_with_file_transfer_https.robot +++ b/tests/RobotFramework/tests/cumulocity/configuration/configuration_with_file_transfer_https.robot @@ -116,6 +116,7 @@ Update Configuration Should Fail ... system.toml ... CONFIG1 ... CONFIG1_BINARY + ... CONFIG-ROOT ${config_url}= Cumulocity.Create Inventory Binary ... tedge-configuration-plugin ... tedge-configuration-plugin @@ -128,6 +129,7 @@ Update Configuration Should Fail ... system.toml ... CONFIG1 ... CONFIG1_BINARY + ... CONFIG-ROOT Update Configuration Should Succeed [Arguments] ${external_id} @@ -138,6 +140,7 @@ Update Configuration Should Succeed ... system.toml ... CONFIG1 ... CONFIG1_BINARY + ... CONFIG-ROOT ${config_url}= Cumulocity.Create Inventory Binary ... tedge-configuration-plugin ... tedge-configuration-plugin @@ -149,6 +152,7 @@ Update Configuration Should Succeed ... /etc/tedge/tedge.toml ... system.toml ... CONFIG1 + ... CONFIG-ROOT ... Config@2.0.0 Enable Certificate Authentication for File Transfer Service diff --git a/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin-updated.toml b/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin-updated.toml index dbce68b6b2e..38ec7e2307c 100644 --- a/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin-updated.toml +++ b/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin-updated.toml @@ -3,4 +3,5 @@ files = [ { path = '/etc/tedge/system.toml', type = 'system.toml', user = 'tedge', group = 'tedge', mode = 0o444 }, { path = '/etc/config1.json', type = 'CONFIG1', user = 'tedge', group = 'tedge', mode = 0o444 }, { path = '/etc/config2.json', type = 'Config@2.0.0', user = 'tedge', group = 'tedge', mode = 0o444 }, -] \ No newline at end of file + { path = '/etc/config-root.json', type = 'CONFIG-ROOT', user = 'root', group = 'root', mode = 0o600 }, +] diff --git a/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin.toml b/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin.toml index 1bb5d393647..f11b02c4297 100644 --- a/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin.toml +++ b/tests/RobotFramework/tests/cumulocity/configuration/tedge-configuration-plugin.toml @@ -3,4 +3,5 @@ files = [ { path = '/etc/tedge/system.toml', type = 'system.toml', user = 'tedge', group = 'tedge', mode = 0o444 }, { path = '/etc/config1.json', type = 'CONFIG1', user = 'tedge', group = 'tedge', mode = 0o640 }, { path = '/etc/binary-config1.tar.gz', type = 'CONFIG1_BINARY', user = 'tedge', group = 'tedge', mode = 0o640 }, -] \ No newline at end of file + { path = '/etc/config-root.json', type = 'CONFIG-ROOT', user = 'root', group = 'root', mode = 0o600 }, +]