Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 23:00:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

Allow individual protocols to be enabled per user

Browse Source 
Fixes #154
This commit is contained in:
Nicola Murino
2020-08-17 12:49:20 +02:00
parent fa5333784b
commit f3228713bc
18 changed files with 186 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
sftpd/sftpd_test.go
View File

@@ -1157,6 +1157,30 @@ func TestLoginInvalidFs(t *testing.T) {
assert.NoError(t, err)
}
func TestDeniedProtocols(t *testing.T) {
u := getTestUser(true)
u.Filters.DeniedProtocols = []string{common.ProtocolSSH}
user, _, err := httpd.AddUser(u, http.StatusOK)
assert.NoError(t, err)
client, err := getSftpClient(user, true)
if !assert.Error(t, err, "SSH protocol is disabled, authentication must fail") {
client.Close()
}
user.Filters.DeniedProtocols = []string{common.ProtocolFTP, common.ProtocolWebDAV}
user, _, err = httpd.UpdateUser(user, http.StatusOK)
assert.NoError(t, err)
client, err = getSftpClient(user, true)
if assert.NoError(t, err) {
defer client.Close()
assert.NoError(t, checkBasicSFTP(client))
}
_, err = httpd.RemoveUser(user, http.StatusOK)
assert.NoError(t, err)
err = os.RemoveAll(user.GetHomeDir())
assert.NoError(t, err)
}
func TestDeniedLoginMethods(t *testing.T) {
u := getTestUser(true)
u.Filters.DeniedLoginMethods = []string{dataprovider.SSHLoginMethodPublicKey, dataprovider.LoginMethodPassword}