#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   runtest.sh of /CoreOS/openCryptoki/Sanity/bz1054661-init-token-as-a-nonroot-user
#   Description: basic token initialization as a nonroot user
#   Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
#   Copyright (c) 2014 Red Hat, Inc.
#
#   This copyrighted material is made available to anyone wishing
#   to use, modify, copy, or redistribute it subject to the terms
#   and conditions of the GNU General Public License version 2.
#
#   This program is distributed in the hope that it will be
#   useful, but WITHOUT ANY WARRANTY; without even the implied
#   warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
#   PURPOSE. See the GNU General Public License for more details.
#
#   You should have received a copy of the GNU General Public
#   License along with this program; if not, write to the Free
#   Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
#   Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# Include Beaker environment
. /usr/share/beakerlib/beakerlib.sh || exit 1

PACKAGE="opencryptoki"
USER="user$RANDOM"

TESTDIR=`pwd`

rlJournalStart
    rlPhaseStartSetup
        rlRun "rlImport nvr/nvr" || rlDie "cannot import distribution/nvr library"
	# need to find out the library path so a user can import it too
	rlRun "rlImport ./token-manipulation" 2> import.log || rlDie "Could not import opencryptoki/token-manipulation library"
	LIBPATH=`grep 'Will try to import .\/token-manipulation from' import.log | sed 's/^.*token-manipulation from//'`
	echo "LIBPATH=$LIBPATH"
        rlAssertRpm $PACKAGE
        rlRun "TmpDir=\$(mktemp -d)" 0 "Creating tmp directory"
        rlRun "pushd $TmpDir"
	rlRun "useradd -m $USER -G pkcs11"
	rlServiceStop pkcsslotd
	rlRun "pkcsResetTokens"
	rlServiceStart pkcsslotd
    rlPhaseEnd

    rlPhaseStartTest "listing available tokens as a testuser"
	rlRun "su $USER -c 'pkcsconf -t' &> query1.log"
	cat query1.log
    if nvrTestPackage opencryptoki '<' 3.14.0; then
	    rlAssertGrep "Model: IBM SoftTok" query1.log
    else
        rlAssertGrep "Model: Soft " query1.log
    fi
    rlPhaseEnd

  # initialize every token available
  for SLOT in `sed -n 's/^Token #\([0-9]\).*/\1/gp' query1.log`; do

    rlPhaseStartTest "initialize token #$SLOT"
	rlRun "su $USER -c 'source $LIBPATH && pkcsInitToken $SLOT'"
	rlRun "su $USER -c 'pkcsconf -t -c $SLOT' &> query2.log"
	cat query2.log
	rlAssertGrep 'Flags:.*LOGIN_REQUIRED.*USER_PIN_INITIALIZED.*TOKEN_INITIALIZED' query2.log -E
    rlPhaseEnd

  done

    rlPhaseStartCleanup
	rlServiceStop pkcsslotd
	rlRun "pkcsRestoreTokens"
	    rlServiceRestore pkcsslotd
        rlRun "popd"
        rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
        rlLog "Waiting 12 for systemd --user process to exit..."
        sleep 15
        rlRun "userdel -r $USER" || ps -ef
    rlPhaseEnd
rlJournalPrintText
rlJournalEnd