test that a child role gets removed from the update if it doesn't exist in the parent

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-16 19:27:04 -08:00 · 2015-12-16 19:27:04 -08:00 · ad0582ae9c
parent a27e4f7471
commit ad0582ae9c
2 changed files with 62 additions and 1 deletions
--- a/server/handlers/validation.go
+++ b/server/handlers/validation.go
@ -37,7 +37,6 @@ func validateUpdate(cs signed.CryptoService, gun string, updates []storage.MetaU
 	// updates with only the things we should actually update
 	updatesToApply := make([]storage.MetaUpdate, 0, len(updates))

-	// check that the necessary roles are present:
 	roles := make(map[string]storage.MetaUpdate)
 	for _, v := range updates {
 		roles[v.Role] = v
@ -163,6 +162,12 @@ func loadAndValidateTargets(gun string, repo *tuf.Repo, roles map[string]storage
 			err error
 		)
 		if t, err = validateTargets(role, roles, kdb); err != nil {
+			if err == signed.ErrUnknownRole {
+				// role wasn't found in its parent. It has been removed
+				// or never existed. Drop this role from the update
+				// (by not adding it to updatesToApply)
+				continue
+			}
 			logrus.Error("ErrBadTargets: ", err.Error())
 			return nil, validation.ErrBadTargets{Msg: err.Error()}
 		}
--- a/server/handlers/validation_test.go
+++ b/server/handlers/validation_test.go
@ -962,4 +962,60 @@ func TestValidateTargetsParentNotFound(t *testing.T) {
 	assert.IsType(t, storage.ErrNotFound{}, err)
 }

+func TestValidateTargetsRoleNotInParent(t *testing.T) {
+	kdb, baseRepo, cs := testutils.EmptyRepo()
+	store := storage.NewMemStorage()
+
+	k, err := cs.Create("targets/level1", data.ED25519Key)
+	assert.NoError(t, err)
+	r, err := data.NewRole("targets/level1", 1, []string{k.ID()}, nil, nil)
+	assert.NoError(t, err)
+
+	kdb.AddKey(k)
+	err = kdb.AddRole(r)
+	assert.NoError(t, err)
+
+	baseRepo.InitTargets("targets/level1")
+
+	targets, err := baseRepo.SignTargets("targets", data.DefaultExpires(data.CanonicalTargetsRole))
+
+	tgtsJSON, err := json.Marshal(targets)
+	assert.NoError(t, err)
+	update := storage.MetaUpdate{
+		Role:    data.CanonicalTargetsRole,
+		Version: 1,
+		Data:    tgtsJSON,
+	}
+	store.UpdateCurrent("gun", update)
+
+	del, err := baseRepo.SignTargets("targets/level1", data.DefaultExpires(data.CanonicalTargetsRole))
+	assert.NoError(t, err)
+	delJSON, err := json.Marshal(del)
+	assert.NoError(t, err)
+
+	delUpdate := storage.MetaUpdate{
+		Role:    "targets/level1",
+		Version: 1,
+		Data:    delJSON,
+	}
+
+	roles := map[string]storage.MetaUpdate{
+		"targets/level1": delUpdate,
+		"targets":        update,
+	}
+
+	kdb = keys.NewDB()
+	valRepo := tuf.NewRepo(kdb, nil)
+	valRepo.SetRoot(baseRepo.Root)
+
+	// because we sort the roles, the list of returned updates
+	// will contain shallower roles first, in this case "targets",
+	// and then "targets/level1"
+	updates, err := loadAndValidateTargets("gun", valRepo, roles, kdb, store)
+	assert.NoError(t, err)
+	assert.Len(t, updates, 1)
+	assert.Equal(t, "targets", updates[0].Role)
+	assert.Equal(t, tgtsJSON, updates[0].Data)
+}
+
 // ### End target validation with delegations tests