#!/bin/bash source testlib || exit 1 DESCRIPTION1="Ssh beschikbaar?" VERIFYEXIT=0 sshtest || exit 1 DESCRIPTION1="Sla test over indien we niet de juiste licentieoptie hebben." CMD="cat /etc/webint/REG" VERIFYPOSITIVE='"F"' if ! sshtest; then echo "Dit is geen fileserver, test overgeslagen" exit 0 fi ./_maketestusers || exit 1 echo "### Ruim oude directorys op" CMD='rm -rf /home/shares/testshare/' sshtest || exit 1 #### Zijn alle paginas uberhaubt opvraagbaar zonder errors? DESCRIPTION1="Basic pagina check" PAGE="/samba/listshares.php" VERIFYPOSITIVE="Toevoegen" scc_add DESCRIPTION1="Basic pagina check" PAGE="samba/listprinters.php" VERIFYPOSITIVE="Toevoegen" scc_add DESCRIPTION1="Basic pagina check" PAGE="samba/listcomputers.php" VERIFYPOSITIVE="Computer naam" scc_add DESCRIPTION1="Basic pagina check" PAGE="samba/sambasettings.php" IGNOREERROR=1 VERIFYPOSITIVE="Opslaan" scc_add DESCRIPTION1="Basic pagina check groupquotas" PAGE="samba/groupquotas.php" VERIFYPOSITIVE="Gebruikt" scc_add DESCRIPTION1="Basic pagina check" PAGE="samba/userquotas.php" VERIFYPOSITIVE="Gebruikt" scc_add DESCRIPTION1="Oude share weghalen" PAGE="samba/editshare.php?share=testshare&del=1" IGNOREERROR=1 scc_add DESCRIPTION1="Zet alle global settings aan" PAGE="samba/sambasettings.php" IGNOREERROR=1 METHOD="post" POSTBODY="store=1&new_netlogon=on&new_homes=on&new_profiles=on&new_root=on&new_printstring=on"; scc_add scc_test || exit 1 echo "### Alle rechten op eigen homedirectory" VERIFYNEGATIVE=NT_ CMD='smbclient //localhost/testuser1 -U testuser1 syn3 -c "mkdir test;rmdir test"' sshtest || exit 1 echo "### Geen rechten op homedir door andere users" VERIFYPOSITIVE="(NT_STATUS_NETWORK_ACCESS_DENIED|NT_STATUS_ACCESS_DENIED)" CMD='smbclient //localhost/testuser1 -U testuser2 syn3 -c "ls"' sshtest || exit 1 echo "### Anoniem helemaal geen inlog toegang" VERIFYPOSITIVE="NT_STATUS_ACCESS_DENIED" CMD='smbclient //localhost/testuser1 -N' sshtest || exit 1 DESCRIPTION1="Administrator moet bij homedirs kunnen" CMD="smbclient //localhost/testuser1 -U Administrator syn3 -c 'mkdir d;ls;rmdir d'" VERIFYNEGATIVE="NT_" VERIFYPOSITIVE="blocks" sshtest || exit 1 scc_new DESCRIPTION1="Share maken" PAGE="samba/addshare.php" METHOD="post" POSTBODY="new_ShareName=testshare&new_ShareDiscription=testshare description&new_Browsable=on&Create=1" scc_add scc_test || exit 1 echo "### Default share read toegestaan" VERIFYNEGATIVE=NT_ CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "ls"' sshtest || exit 1 echo "### Default share write niet toegestaan" VERIFYPOSITIVE="(NT_STATUS_MEDIA_WRITE_PROTECTED|NT_STATUS_NETWORK_ACCESS_DENIED)" CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "mkdir nowrite"' sshtest || exit 1 DESCRIPTION1="Testuser1 expliciet toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="new_user=testuser1&useradd=1" scc_add DESCRIPTION1="Testuser1 write toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="EnableWriteUser=testuser1" scc_add scc_test || exit 1 echo "### Write is nu wel toegestaan voor testuser1" VERIFYNEGATIVE="NT_" CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "mkdir test;rmdir test"' sshtest || exit 1 echo "### Nu helemaal geen toegang meer voor andere users." VERIFYPOSITIVE="NT_STATUS_ACCESS_DENIED" CMD='smbclient //localhost/testshare -U testuser2 syn3' sshtest || exit 1 DESCRIPTION1="testuser2 expliciet toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="new_user=testuser2&useradd=1" scc_add scc_test || exit 1 echo "### Nu heeft testuser2 readrechten" VERIFYNEGATIVE="NT_" CMD='smbclient //localhost/testshare -U testuser2 syn3 -c "ls"' sshtest || exit 1 echo "### Testuser2 geen write rechten" VERIFYPOSITIVE="(NT_STATUS_MEDIA_WRITE_PROTECTED|NT_STATUS_NETWORK_ACCESS_DENIED)" CMD='smbclient //localhost/testshare -U testuser2 syn3 -c "mkdir nowrite"' sshtest || exit 1 DESCRIPTION1="Domain Users expliciet toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="new_group=Domain Users&groupadd=1" scc_add DESCRIPTION1="testuser1 zn expliciete rechten ontnemen" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="deluser=testuser1" scc_add scc_test || exit 1 echo "### Testuser 1 kan nu lezen via zn groeprechten" VERIFYNEGATIVE=NT_ CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "ls"' sshtest || exit 1 echo "### Testuser 1 mag nu niet schrijven via zn groepsrechten" VERIFYPOSITIVE="(NT_STATUS_MEDIA_WRITE_PROTECTED|NT_STATUS_NETWORK_ACCESS_DENIED)" CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "mkdir nowrite"' sshtest || exit 1 DESCRIPTION1="Testuser2 write toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="EnableWriteUser=testuser2" scc_add scc_test || exit 1 echo "### Testuser 2 mag nu toch schrijven terwijl groep dit niet mag. ERGENS writerechten overruled." VERIFYNEGATIVE=NT_ CMD='smbclient //localhost/testshare -U testuser2 syn3 -c "mkdir test;rmdir test"' sshtest || exit 1 DESCRIPTION1="Domain users write toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="EnableWriteGroup=Domain Users" scc_add scc_test || exit 1 echo "### Testuser 1 mag nu ook schrijven via zn groepsrechten" VERIFYNEGATIVE="NT_" CMD='smbclient //localhost/testshare -U testuser1 syn3 -c "mkdir test;rmdir test"' sshtest || exit 1 DESCRIPTION1="Testuser2 write toegang ontnemen" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="DisableWriteUser=testuser2" scc_add scc_test || exit 1 echo "### Testuser 2 nu nog steeds schrijven via zn groepsrechten, ondanks dat hij geen persoonlijke schrijfrechten heeft. ERGENS writerechten overruled." VERIFYNEGATIVE="NT_" CMD='smbclient //localhost/testshare -U testuser2 syn3 -c "mkdir test;rmdir test"' sshtest || exit 1 DESCRIPTION1="Testuser2 read toegang ontnemen" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="DisableReadUser=testuser2" scc_add scc_test || exit 1 echo "### Testuser 2 mag nu ineens niks meer, ondanks dat groep dat wel mag. ERGENS niet-readrechten overruled altijd." VERIFYPOSITIVE="NT_STATUS_ACCESS_DENIED" CMD='smbclient //localhost/testshare -U testuser2 syn3' sshtest || exit 1 DESCRIPTION1="Testuser2 read toegang geven" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="EnableReadUser=testuser2" scc_add DESCRIPTION1="Domain users read toegang ontnemen" PAGE="samba/editshare.php?share=testshare" METHOD="post" POSTBODY="DisableReadGroup=Domain Users" scc_add scc_test || exit 1 echo "### Testuser 2 mag nu niks meer met zn eigen readrechten, omdat zn groep niet-readrechten heeft. ERGENS niet-readrechten overruled wederom." VERIFYPOSITIVE="NT_STATUS_ACCESS_DENIED" CMD='smbclient //localhost/testshare -U testuser2 syn3' sshtest || exit 1