beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

local api permissions

Browse source
This commit is contained in:
Marco Mariani 2023-11-15 12:48:07 +01:00
parent ef00f1b658
commit d1b7ac16cf
3 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cmd/crowdsec-cli/lapi.go
View file

@ -149,7 +149,7 @@ func runLapiRegister(cmd *cobra.Command, args []string) error {
log.Fatalf("unable to marshal api credentials: %s", err)
}
if dumpFile != "" {
err = os.WriteFile(dumpFile, apiConfigDump, 0644)
err = os.WriteFile(dumpFile, apiConfigDump, 0o600)
if err != nil {
log.Fatalf("write api credentials in '%s' failed: %s", dumpFile, err)
}

2
cmd/crowdsec-cli/machines.go
View file

@ -290,7 +290,7 @@ func runMachinesAdd(cmd *cobra.Command, args []string) error {
if dumpFile == "" {
fmt.Printf("%s\n", string(apiConfigDump))
} else {
err = os.WriteFile(dumpFile, apiConfigDump, 0644)
err = os.WriteFile(dumpFile, apiConfigDump, 0o600)
if err != nil {
return fmt.Errorf("writing api credentials to '%s': %s", dumpFile, err)
}

4
test/bats/30_machines.bats
View file

@ -13,6 +13,7 @@ teardown_file() {
setup() {
load "../lib/setup.sh"
load "../lib/bats-file/load.bash"
./instance-data load
./instance-crowdsec start
}
@ -46,11 +47,12 @@ teardown() {
rune -0 yq -o json . <(output)
assert_json '{login: "testmachine2", password: "testpassword", url: "http://127.0.0.1:8080"}'
tempfile="${BATS_TEST_DIRNAME}/testmachine.yml"
tempfile="${BATS_TEST_TMPDIR}/testmachine.yml"
rune -0 cscli machines add testmachine3 --password testpassword -f "${tempfile}"
assert_stderr --partial "API credentials dumped to '${tempfile}'"
rune -0 yq -o json . < "$tempfile"
assert_json '{login: "testmachine3", password: "testpassword", url: "http://127.0.0.1:8080"}'
assert_file_permission 600 "$tempfile"
}
@test "add a new machine and delete it" {