#! /bin/bash
# FS QA Test 369
#
# RichACL delete test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc.  All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
#-----------------------------------------------------------------------
#

seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"

here=`pwd`
tmp=/tmp/$$
status=1	# failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15

_cleanup()
{
	cd /
	rm -f $tmp.*
}

# get standard environment, filters and checks
. ./common/rc

# remove previous $seqres.full before test
rm -f $seqres.full

# real QA test starts here

_supported_fs generic
_supported_os Linux

_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas

_scratch_mkfs_richacl >> $seqres.full
_scratch_mount

cd $SCRATCH_MNT

r()
{
	echo "--- runas -u 99 -g 99 $*"
	_runas -u 99 -g 99 -- "$@"
}

umask 022

chmod go+w .
mkdir d1 d2 d3 d4 d5 d6 d7
touch d1/f d1/g d2/f d3/f d4/f d5/f d6/f d7/f d7/g d7/h
chmod o+w d1/g
chown 99 d2
chgrp 99 d3
chmod g+w d3
$SETRICHACL_PROG --set 'u:99:wx::allow' d4
$SETRICHACL_PROG --set 'u:99:d::allow' d5
$SETRICHACL_PROG --set 'u:99:xd::allow' d6
$SETRICHACL_PROG --set 'u:99:D::allow' d7/f d7/g d7/h
chmod 664 d7/g

mkdir s2 s3 s4 s5 s6 s7
chmod +t s2 s3 s4 s5 s6 s7
touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g s7/h
chown 99 s2
chgrp 99 s3
chmod g+w s3
$SETRICHACL_PROG --set 'u:99:wx::allow' s4
$SETRICHACL_PROG --set 'u:99:d::allow' s5
$SETRICHACL_PROG --set 'u:99:xd::allow' s6
$SETRICHACL_PROG --set 'u:99:D::allow' s7/f s7/g s7/h
chmod 664 s7/g

# Cannot delete files with no or only with write permissions on the directory
r rm -f d1/f d1/g

# Can delete files in directories we own
r rm -f d2/f s2/f

# Can delete files in non-sticky directories we have write access to
r rm -f d3/f s3/f

# "Write_data/execute" access does not include delete_child access, so deleting
# is not allowed:
r rm -f d4/f s4/f

# "Delete_child" access alone also is not sufficient
r rm -f d5/f s5/f

# "Execute/delete_child" access is sufficient for non-sticky directories
r rm -f d6/f s6/f

# "Delete" access on the child is sufficient, even in sticky directories.
r rm -f d7/f s7/f

# Regression: Delete access must not override add_file / add_subdirectory
# access.
r touch h
r mv -f h d7/
r mv -f h s7/

# A chmod turns off the "delete" permission
r rm -f d7/g s7/g

# success, all done
status=0
exit
