diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/derivations.scm | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/tests/derivations.scm b/tests/derivations.scm index 0b785029a7..87609108d6 100644 --- a/tests/derivations.scm +++ b/tests/derivations.scm @@ -390,6 +390,43 @@ ((p2 . _) (string<? p1 p2))))))))))))))) +(test-assert "derivation #:allowed-references, ok" + (let ((drv (derivation %store "allowed" %bash + '("-c" "echo hello > $out") + #:inputs `((,%bash)) + #:allowed-references '()))) + (build-derivations %store (list drv)))) + +(test-assert "derivation #:allowed-references, not allowed" + (let* ((txt (add-text-to-store %store "foo" "Hello, world.")) + (drv (derivation %store "disallowed" %bash + `("-c" ,(string-append "echo " txt "> $out")) + #:inputs `((,%bash) (,txt)) + #:allowed-references '()))) + (guard (c ((nix-protocol-error? c) + ;; There's no specific error message to check for. + #t)) + (build-derivations %store (list drv)) + #f))) + +(test-assert "derivation #:allowed-references, self allowed" + (let ((drv (derivation %store "allowed" %bash + '("-c" "echo $out > $out") + #:inputs `((,%bash)) + #:allowed-references '("out")))) + (build-derivations %store (list drv)))) + +(test-assert "derivation #:allowed-references, self not allowed" + (let ((drv (derivation %store "disallowed" %bash + `("-c" ,"echo $out > $out") + #:inputs `((,%bash)) + #:allowed-references '()))) + (guard (c ((nix-protocol-error? c) + ;; There's no specific error message to check for. + #t)) + (build-derivations %store (list drv)) + #f))) + (define %coreutils (false-if-exception |