diff --git a/labs/lab-01-iam/tests/test-01-user-creation.sh b/labs/lab-01-iam/tests/test-01-user-creation.sh index fc85bd6..c241357 100755 --- a/labs/lab-01-iam/tests/test-01-user-creation.sh +++ b/labs/lab-01-iam/tests/test-01-user-creation.sh @@ -1,6 +1,6 @@ #!/bin/bash # Test: Linux user creation and Docker group membership -# Phase: RED - This test will fail initially (no users configured) +# Phase: GREEN - Tests pass after tutorial completion set -euo pipefail @@ -17,71 +17,68 @@ NC='\033[0m' # No Color pass_count=0 fail_count=0 -test_user_not_exists() { +test_user_exists() { local user="lab01_student" if id "$user" &>/dev/null; then - echo -e "${YELLOW}SKIP${NC}: User $user already exists" - return 0 - fi - echo -e "${GREEN}PASS${NC}: User $user does not exist (test environment clean)" - inc_pass - return 0 -} - -test_user_without_docker_group() { - local user="lab01_student" - # Create test user if doesn't exist (may fail if no sudo) - if ! id "$user" &>/dev/null; then - sudo useradd -m -s /bin/bash "$user" 2>/dev/null || true - fi - - # If user still doesn't exist, skip this test - if ! id "$user" &>/dev/null; then - echo -e "${YELLOW}SKIP${NC}: Cannot create test user (sudo required)" + echo -e "${GREEN}PASS${NC}: User $user exists" inc_pass return 0 fi + echo -e "${RED}FAIL${NC}: User $user does not exist" + inc_fail + return 1 +} + +test_user_with_docker_group() { + local user="lab01_student" + + # If user doesn't exist, fail this test + if ! id "$user" &>/dev/null; then + echo -e "${RED}FAIL${NC}: User $user does not exist" + inc_fail + return 1 + fi # Check if user is in docker group if groups "$user" 2>/dev/null | grep -q docker; then - echo -e "${RED}FAIL${NC}: User $user is in docker group (should not be yet)" - inc_fail - return 1 - fi - - echo -e "${GREEN}PASS${NC}: User $user is not in docker group" - inc_pass - return 0 -} - -test_docker_access_denied() { - local user="lab01_student" - - # If user doesn't exist, skip this test - if ! id "$user" &>/dev/null; then - echo -e "${YELLOW}SKIP${NC}: Test user does not exist" + echo -e "${GREEN}PASS${NC}: User $user is in docker group" inc_pass return 0 fi - # Test that user cannot access docker socket - if sudo -u "$user" docker ps &>/dev/null; then - echo -e "${RED}FAIL${NC}: User $user can access docker without docker group membership" + echo -e "${RED}FAIL${NC}: User $user is not in docker group" + inc_fail + return 1 +} + +test_docker_access_granted() { + local user="lab01_student" + + # If user doesn't exist, fail this test + if ! id "$user" &>/dev/null; then + echo -e "${RED}FAIL${NC}: Test user does not exist" inc_fail return 1 fi - echo -e "${GREEN}PASS${NC}: Docker access correctly denied for $user" - inc_pass - return 0 + # Test that user can access docker socket + if sudo -u "$user" docker ps &>/dev/null; then + echo -e "${GREEN}PASS${NC}: Docker access granted for $user" + inc_pass + return 0 + fi + + echo -e "${RED}FAIL${NC}: Docker access denied for $user" + inc_fail + return 1 } # Run all tests echo "Running user creation tests..." echo "================================" -test_user_not_exists -test_user_without_docker_group -test_docker_access_denied +test_user_exists +test_user_with_docker_group +test_docker_access_granted echo "================================" echo "Tests passed: $pass_count" echo "Tests failed: $fail_count"