Test for excessive write permissions on nonexclusive checkout

EliahKagan · EliahKagan · commit 4d4bf892e50f · 2025-01-12T08:21:20.000-05:00
This expands the `overwriting_files_and_lone_directories_works`
test function to check not only that executable permissions have
been added at least for the owner, but that write permissions are
not added anywhere they would be excessive.

The write permissions bits of the current test runner process umask
is used to gauge this. This means we are expecting different
permissions in different environments.

`(umask ...; cargo nextest run ...)` can be used to try it with
different umasks if desired, but this should not typically be
necessary.

Possible under-restrictive umasks could make the test pass even if
the underlying bug is not fixed; this is avoided by also testing
that the umask is sufficient to facilitate the test.

(This is really why the test accesses the umask in the first place:
in environments where files would automatically be created with
completely unrestricted permissions, the expected behavior of the
code under test may be to do that, but running the tests in such an
environment is insufficient to check if the bug is fixed.)
diff --git a/gix-worktree-state/tests/state/checkout.rs b/gix-worktree-state/tests/state/checkout.rs
@@ -220,9 +220,32 @@ fn overwriting_files_and_lone_directories_works() -> crate::Result {
 
         let meta = std::fs::symlink_metadata(exe)?;
         assert!(meta.is_file());
+        #[cfg(unix)]
         if opts.fs.executable_bit {
-            #[cfg(unix)]
-            assert_eq!(meta.mode() & 0o700, 0o700, "the executable bit is set where supported");
+            let mode = meta.mode();
+            assert_eq!(
+                mode & 0o100,
+                0o100,
+                "executable bit set where supported ({:04o} & {:04o} = {:04o} should be {:04o})",
+                mode,
+                0o100,
+                mode & 0o100,
+                0o100
+            );
+            let umask_write = gix_testtools::umask() & 0o222;
+            assert_eq!(
+                mode & umask_write,
+                0,
+                "no excessive write bits are set ({:04o} & {:04o} = {:04o} should be {:04o})",
+                mode,
+                umask_write,
+                mode & umask_write,
+                0
+            );
+            assert_ne!(
+                umask_write, 0,
+                "test not meaningful unless runner umask restricts some writes"
+            );
         }
 
         assert_eq!(
