trusted-sandbox 0.0.10.pre → 0.0.11.pre

data/spec/integration/integration_spec.rb

@@ -0,0 +1,85 @@
+require 'spec_helper'
+
+# This should not be run by CI as it requires server installation.
+
+describe 'integration testing' do
+
+  describe 'sanity test' do
+    it 'works for inline' do
+      TrustedSandbox.run_code!('input[:x] ** 2', input: {x: 10}).should == 100
+
+      response = TrustedSandbox.run_code('puts "hi"; input[:x] ** 2', input: {x: 10})
+      response.valid?.should == true
+      response.output.should == 100
+      response.stdout.should == ["hi\n"]
+    end
+
+    it 'works for a class' do
+      TrustedSandbox.run!(TrustedSandbox::GeneralPurpose, 'input[:x] ** 2', input: {x: 10}).should == 100
+
+      response = TrustedSandbox.run(TrustedSandbox::GeneralPurpose, 'puts "hi"; input[:x] ** 2', input: {x: 10})
+      response.valid?.should == true
+      response.output.should == 100
+      response.stdout.should == ["hi\n"]
+    end
+
+    it 'works when there is an error' do
+      expect {TrustedSandbox.run_code!('asfsadf')}.to raise_error(TrustedSandbox::UserCodeError)
+
+      response = TrustedSandbox.run_code('asfsadf')
+      response.valid?.should == false
+      response.output.should == nil
+      response.status.should == 'error'
+      response.error.is_a?(NameError).should == true
+      response.error_to_raise.is_a?(TrustedSandbox::UserCodeError).should == true
+    end
+  end
+
+  describe 'memory limit' do
+    it 'raises error when limited' do
+      response = TrustedSandbox.with_options(memory_limit: 50_000_000) do |s|
+        s.run_code('x = "*" * 50_000_000')
+      end
+      response.valid?.should == false
+      response.stderr.should == ["Killed\n"]
+    end
+
+    it 'works when not limited' do
+      response = TrustedSandbox.with_options(memory_limit: 100_000_000) do |s|
+        s.run_code('x = "*" * 50_000_000')
+      end
+      response.stderr.should be_empty
+      response.stdout.should be_empty
+      response.valid?.should == true
+    end
+  end
+
+  describe 'network limit' do
+    it 'raises error when limited' do
+      response = TrustedSandbox.with_options(network_access: false) do |s|
+        s.run_code('`ping www.google.com -c 1; echo $?`.split("\n").last')
+      end
+      response.stderr.should == ["ping: unknown host www.google.com\n"]
+      response.output.to_i.should_not == 0
+    end
+
+    it 'works when not limited' do
+      response = TrustedSandbox.with_options(network_access: true) do |s|
+        s.run_code('`ping www.google.com -c 1; echo $?`.split("\n").last')
+      end
+      response.stderr.should be_empty
+      response.output.to_i.should == 0
+    end
+  end
+
+  describe 'time limit' do
+    it 'raises error' do
+      response = TrustedSandbox.with_options(execution_timeout: 1) do |s|
+        s.run_code('puts "hi"; while true; end')
+      end
+      response.valid?.should == false
+      response.error.is_a?(Timeout::Error).should == true
+      response.error_to_raise.is_a?(TrustedSandbox::ExecutionTimeoutError).should == true
+    end
+  end
+end

data/spec/integration/quota_spec.rb

@@ -0,0 +1,25 @@
+require 'spec_helper'
+
+# Note! Will only work on linux machine that is configured appropriately with user quotas of 10 MB.
+# This should not be run by CI.
+
+# Usage from a configured server:
+# rspec spec/integration/quota_spec.rb
+
+describe 'quota limit integration testing' do
+  it 'works when quotas are unlimited' do
+    response = TrustedSandbox.with_options(enable_quotas: false) do |s|
+      s.run_code "File.open('test','w') {|f| f.write '*' * 15_000_000}"
+    end
+    response.valid?.should == true
+  end
+
+  # rspec spec/integration/quota_spec.rb --example "quota limit integration testing does not work when quotas are limited"
+  it 'does not work when quotas are limited' do
+    response = TrustedSandbox.with_options(enable_quotas: true) do |s|
+      s.run_code "File.open('test','w') {|f| f.write '*' * 15_000_000}"
+    end
+    response.valid?.should == false
+    response.stderr.any? {|row| row =~ /disk quota exceeded/i}.should == true
+  end
+end

data/spec/lib/trusted_sandbox/config_spec.rb

@@ -0,0 +1,91 @@
+require 'spec_helper'
+
+describe TrustedSandbox::Config do
+  before do
+    @defaults = TrustedSandbox::Defaults.send(:new)
+  end
+
+  describe 'override mechanism' do
+    before do
+      @subject = @defaults.override cpu_shares: 2
+    end
+
+    it 'ensures defaults have what we expect' do
+      @defaults.cpu_shares.should == 1
+      @defaults.execution_timeout.should == 15
+    end
+
+    it 'works' do
+      @subject.cpu_shares.should == 2
+      @subject.execution_timeout.should == 15
+    end
+  end
+
+  describe '#pool_max_id' do
+    before do
+      @subject = @defaults.override pool_min_uid: 100, pool_size: 10
+    end
+    it 'works' do
+      @subject.pool_max_uid.should == 109
+    end
+  end
+
+  describe 'docker_url=' do
+    before do
+      @url = 'http://localhost'
+      @subject = @defaults.override docker_url: @url
+    end
+    it 'sets up Docker' do
+      Docker.url.should == @url
+    end
+  end
+
+  describe 'host_code_root_path= and host_uid_pool_lock_path=' do
+    before do
+      @subject = @defaults.override host_code_root_path: '~/tmp', host_uid_pool_lock_path: '~/tmp2'
+    end
+    it 'expands the path' do
+      @subject.host_code_root_path.should == File.expand_path('~/tmp')
+      @subject.host_uid_pool_lock_path.should == File.expand_path('~/tmp2')
+    end
+  end
+
+  describe 'docker_cert_path and docker_options' do
+    before do
+      @subject = @defaults.override docker_cert_path: '~/tmp', docker_options: { ssl_verify_peer: true }
+    end
+
+    it 'works' do
+      @subject.finished_configuring
+      Docker.options = { private_key_path: File.expand_path('~/tmp/key.pem'),
+                         certificate_path: File.expand_path('~/tmp/cert.pem'),
+                         ssl_verify_peer: true }
+    end
+  end
+
+  describe 'docker authentication' do
+    context 'user did not request to authenticate' do
+      before do
+        @subject = @defaults.override
+        dont_allow(Docker).authenticate!
+      end
+      it 'does not perform authentication' do
+        @subject.finished_configuring
+      end
+    end
+    context 'user requested to authenticate' do
+      before do
+        @subject = @defaults.override docker_login: {user: 'user', password: 'password', email: 'email'}
+        mock(Docker).authenticate!(username: 'user', password: 'password', email: 'email').times(1)
+      end
+
+      it 'call Docker.authenticate!' do
+        @subject.finished_configuring
+      end
+
+      it 'does not call Docker.authenticate! twice' do
+        2.times { @subject.finished_configuring }
+      end
+    end
+  end
+end

data/spec/lib/trusted_sandbox/request_serializer_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+
+describe TrustedSandbox::RequestSerializer do
+  before do
+    @tmp_path = 'tmp/test/request_serializer'
+    @file_name = 'args'
+    @args_file_path = File.expand_path File.join(@tmp_path, @file_name)
+    FileUtils.rm_rf @tmp_path
+    FileUtils.mkdir_p @tmp_path
+  end
+
+  describe '#initialize' do
+    before do
+      @subject = TrustedSandbox::RequestSerializer.new(@tmp_path, @file_name)
+    end
+
+    it 'initializes attributes correctly' do
+      @subject.host_code_dir_path.should == @tmp_path
+      @subject.input_file_name.should == @file_name
+    end
+
+  end
+
+  describe '#serialize' do
+    before do
+      @subject = TrustedSandbox::RequestSerializer.new(@tmp_path, @file_name)
+      @arg1 = { test: 'working' }
+      @arg2 = { another_test: 'working too' }
+      @subject.serialize TrustedSandbox::RequestSerializer, @arg1, @arg2
+
+      @source_class_file = File.expand_path('lib/trusted_sandbox/request_serializer.rb')
+      @target_class_file = File.expand_path File.join(@tmp_path, 'request_serializer.rb')
+    end
+
+    it 'copies the class file' do
+      File.exists?(@target_class_file).should == true
+      File.read(@target_class_file).should == File.read(@source_class_file)
+    end
+
+    it 'serializes arguments' do
+      File.exists?(@args_file_path).should == true
+      data = File.binread(@args_file_path)
+      Marshal.load(data).should == ['TrustedSandbox::RequestSerializer', 'request_serializer.rb', [@arg1, @arg2]]
+    end
+  end
+
+end

data/spec/lib/trusted_sandbox/response_spec.rb

@@ -0,0 +1,90 @@
+require 'spec_helper'
+
+describe TrustedSandbox::Response do
+  before do
+    @tmp_path = 'tmp/test/response'
+    @file_name = 'hello'
+    @file_path = File.expand_path File.join(@tmp_path, @file_name)
+    FileUtils.rm_rf @tmp_path
+    FileUtils.mkdir_p @tmp_path
+  end
+
+  context 'no error' do
+    before do
+      File.binwrite @file_path, Marshal.dump(status: 'success', output: 'hi')
+      @subject = TrustedSandbox::Response.new('stdout', 'stderr', @tmp_path, @file_name)
+      @subject.parse!
+    end
+
+    it 'instantiates correctly' do
+      @subject.host_code_dir_path.should == @tmp_path
+      @subject.output_file_name.should == @file_name
+      @subject.stdout.should == 'stdout'
+      @subject.stderr.should == 'stderr'
+    end
+
+    it 'parses the file correctly' do
+      @subject.raw_response.should == {status: 'success', output: 'hi'}
+      @subject.status.should == 'success'
+      @subject.output.should == 'hi'
+      @subject.error.should be_nil
+      @subject.error_to_raise.should be_nil
+      @subject.valid?.should == true
+    end
+  end
+
+  context 'user error' do
+    before do
+      @err = 1 / 0 rescue $!
+      File.binwrite @file_path, Marshal.dump(status: 'error', error: @err)
+      @subject = TrustedSandbox::Response.new(nil, nil, @tmp_path, @file_name)
+      @subject.parse!
+    end
+
+    it 'initializes with an error' do
+      @subject.raw_response.should == {status: 'error', error: @err}
+      @subject.status.should == 'error'
+      @subject.output.should == nil
+      @subject.error.should == @err
+      @subject.error_to_raise.is_a?(TrustedSandbox::UserCodeError).should == true
+      expect {@subject.output!}.to raise_error(TrustedSandbox::UserCodeError)
+      @subject.valid?.should == false
+    end
+  end
+
+  context 'unexpected file format' do
+    before do
+      @err = 1 / 0 rescue $!
+      File.binwrite @file_path, Marshal.dump(status: 'unexpected', output: 'hi', error: @err)
+      @subject = TrustedSandbox::Response.new(nil, nil, @tmp_path, @file_name)
+      @subject.parse!
+    end
+
+    it 'initializes with an error' do
+      @subject.raw_response.should == {status: 'unexpected', output: 'hi', error: @err}
+      @subject.status.should == 'error'
+      @subject.output.should == nil
+      @subject.error.is_a?(TrustedSandbox::ContainerError).should == true
+      @subject.error_to_raise.is_a?(TrustedSandbox::ContainerError).should == true
+      expect {@subject.output!}.to raise_error(TrustedSandbox::ContainerError)
+      @subject.valid?.should == false
+    end
+  end
+
+  context 'file is missing' do
+    before do
+      @subject = TrustedSandbox::Response.new(nil, nil, @tmp_path, @file_name)
+      @subject.parse!
+    end
+
+    it 'initializes with an error' do
+      @subject.raw_response.should == nil
+      @subject.status.should == 'error'
+      @subject.output.should == nil
+      @subject.error.is_a?(Errno::ENOENT).should == true
+      @subject.error_to_raise.is_a?(TrustedSandbox::ContainerError).should == true
+      expect {@subject.output!}.to raise_error(TrustedSandbox::ContainerError)
+      @subject.valid?.should == false
+    end
+  end
+end

data/spec/lib/trusted_sandbox/runner_spec.rb

@@ -0,0 +1,171 @@
+require 'spec_helper'
+
+describe TrustedSandbox::Runner do
+
+  before do
+    @defaults = TrustedSandbox::Defaults.send(:new).override(quiet_mode: true)
+    @uid_pool = Object.new
+  end
+
+  describe 'UID pool and code dir handling' do
+    context 'keep_code_folders=false' do
+      before do
+        mock(@uid_pool).lock { 100 }
+        mock(@uid_pool).release(100) {}
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, keep_code_folders: false
+        stub(@subject).create_container
+        stub(@subject).start_container
+      end
+
+      it 'locks and releases from UID pool' do
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'deletes the code folder' do
+        @subject.run TrustedSandbox::Runner
+        Dir.exists?(@subject.send(:code_dir_path)).should == false
+      end
+    end
+
+    context 'keep_code_folders=true' do
+      before do
+        mock(@uid_pool).lock { 100 }
+        dont_allow(@uid_pool).release
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, keep_code_folders: true
+        stub(@subject).create_container
+        stub(@subject).start_container
+      end
+
+      it 'locks but does not release from UID pool' do
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'does not delete the code folder' do
+        @subject.run TrustedSandbox::Runner
+        Dir.exists?(@subject.send(:code_dir_path)).should == true
+      end
+    end
+  end
+
+  describe 'container creation' do
+    before do
+      stub(@uid_pool).lock { 100 }
+      stub(@uid_pool).release(100) {}
+
+      container = Object.new
+      @container = container
+
+      create_req = {}
+      stub(Docker::Container).create { |req| create_req.clear; create_req.merge!(req); container }
+      @create_req = create_req
+
+      start_req = {}
+      stub(container).start { |req| start_req.clear; start_req.merge!(req) }
+      @start_req = start_req
+
+      mock(container).attach(stream: true, stdin: nil, stdout: true, stderr: true, logs: true, tty: false) { ['stdout', 'stderr'] }
+    end
+
+    context 'keep_containers=true' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, keep_containers: true
+        dont_allow(@container).delete
+      end
+
+      it 'does not delete the container' do
+        @subject.run TrustedSandbox::Runner
+      end
+    end
+
+    context 'keep_containers=false' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, keep_containers: false
+        mock(@container).delete(force: true) {}
+      end
+
+      it 'does not delete the container' do
+        @subject.run TrustedSandbox::Runner
+      end
+    end
+
+    context 'basic request parameters' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, cpu_shares: 5, memory_limit: 100,
+                                              docker_image_name: 'image', container_code_path: '/code',
+                                              network_access: false, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right requests' do
+        @create_req.should == {"CpuShares"=>5, "Memory"=>100, "AttachStdin"=>false, "AttachStdout"=>true, "AttachStderr"=>true, "Tty"=>false, "OpenStdin"=>false, "StdinOnce"=>false, "Cmd"=>["100"], "Image"=>"image", "Volumes"=>{"/code"=>{}}, "NetworkDisabled"=>true}
+        @start_req.should == {"Binds"=>["#{File.expand_path('tmp/code_dirs/100')}:/code"]}
+      end
+    end
+
+    context 'enable_quotas=true' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, enable_quotas: true, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['Env'].should == ['USE_QUOTAS=1']
+      end
+    end
+
+    context 'enable_quotas=false' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, enable_quotas: false, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['Env'].should be_nil
+      end
+    end
+
+    context 'enable_swap_limit=true' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, enable_swap_limit: true, memory_swap_limit: 200, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['MemorySwap'].should == 200
+      end
+    end
+
+    context 'enable_swap_limit=false' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, enable_swap_limit: false, memory_swap_limit: 200, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['MemorySwap'].should be_nil
+      end
+    end
+
+    context 'network_access=true' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, network_access: true, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['NetworkDisabled'].should == false
+      end
+    end
+
+    context 'network_access=false' do
+      before do
+        @subject = TrustedSandbox::Runner.new @defaults, @uid_pool, network_access: false, keep_containers: true
+        @subject.run TrustedSandbox::Runner
+      end
+
+      it 'sends the right request' do
+        @create_req['NetworkDisabled'].should == true
+      end
+    end
+  end
+end

data/spec/lib/trusted_sandbox/uid_pool_spec.rb

@@ -0,0 +1,110 @@
+require 'spec_helper'
+
+describe TrustedSandbox::UidPool do
+  before do
+    @tmp_dir = 'tmp/test/uid_pool'
+    FileUtils.rm_rf @tmp_dir
+    FileUtils.mkdir_p @tmp_dir
+    @class = TrustedSandbox::UidPool
+  end
+
+  describe '#initialize' do
+    context 'with defaults' do
+      before do
+        @subject = @class.new(@tmp_dir, 1, 3)
+      end
+
+      it 'sets up defaults correctly' do
+        @subject.timeout.should == 3
+        @subject.retries.should == 5
+        @subject.delay.should == 0.5
+      end
+
+    end
+
+    context 'with other values' do
+      before do
+        @subject = @class.new(@tmp_dir, 1, 3, 'timeout' => 5, retries: 10, 'delay' => 1)
+      end
+
+      it 'sets up values correctly' do
+        @subject.timeout.should == 5
+        @subject.retries.should == 10
+        @subject.delay.should == 1
+      end
+    end
+
+  end
+
+  describe 'usage' do
+    before do
+      @subject = @class.new(@tmp_dir, 1, 3, retries: 1, timeout: 0.1, delay: 0.1)
+      @subject.release_all
+    end
+
+    describe '#lock' do
+      context 'There are still available IDs' do
+        it 'gives the UIDs' do
+          [@subject.lock, @subject.lock, @subject.lock].should == [1, 2, 3]
+        end
+      end
+
+      context 'There are no available IDs' do
+        before do
+          3.times { @subject.lock }
+        end
+
+        it 'raises an error' do
+          expect {@subject.lock}.to raise_error(TrustedSandbox::PoolTimeoutError)
+        end
+      end
+    end
+
+    describe '#available, #used, #release' do
+      before do
+        @subject.release_all
+        @uid = @subject.lock
+      end
+      it 'sets the right available and used' do
+        @subject.available.should == 2
+        @subject.used.should == 1
+        @subject.available_uids.should == [2,3]
+        @subject.used_uids.should == [1]
+      end
+      it 'releases the right uid' do
+        @subject.release @uid
+        @subject.available.should == 3
+        @subject.used.should == 0
+        @subject.available_uids.should == [1,2,3]
+        @subject.used_uids.should == []
+      end
+      it 'does not release the wrong uid' do
+        @subject.release @uid + 1
+        @subject.available.should == 2
+        @subject.used.should == 1
+        @subject.available_uids.should == [2,3]
+        @subject.used_uids.should == [1]
+      end
+    end
+
+    describe '#release_all' do
+      before do
+        @subject.release_all
+        3.times { @subject.lock }
+      end
+      it 'passes sanity tests' do
+        @subject.available.should == 0
+        @subject.used.should == 3
+        @subject.available_uids.should == []
+        @subject.used_uids.should == [1,2,3]
+      end
+      it 'works' do
+        @subject.release_all
+        @subject.available.should == 3
+        @subject.used.should == 0
+        @subject.available_uids.should == [1,2,3]
+        @subject.used_uids.should == []
+      end
+    end
+  end
+end

data/spec/lib/trusted_sandbox_spec.rb

@@ -0,0 +1,15 @@
+require 'spec_helper'
+
+describe TrustedSandbox do
+  describe '#with_options' do
+    before do
+      @default_network_access = TrustedSandbox.config.network_access
+    end
+
+    it 'overrides configuration' do
+      TrustedSandbox.with_options(network_access: !@default_network_access) do |runner|
+        runner.config.network_access.should == !@default_network_access
+      end
+    end
+  end
+end