worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Append download unit test (#2458)

Browse Source
reject-browser-part-of-url
Christophe Maudoux 4 years ago
parent 1f66e03969
commit 4583108068
4 changed files with 204 additions and 11 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 1
      lemonldap-ng-portal/MANIFEST
  2. 6
      lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm
  3. 183
      lemonldap-ng-portal/t/56-CheckDevOps-with-Download.t
  4. 25
      lemonldap-ng-portal/t/56-CheckDevOps.t

1
lemonldap-ng-portal/MANIFEST
Unescape View File

@ -634,6 +634,7 @@ t/43-MailPasswordReset.t
t/44-CertificateResetByMail-Demo.t
t/44-CertificateResetByMail-LDAP.t
t/50-IssuerGet.t
t/56-CheckDevOps-with-Download.t
t/56-CheckDevOps.t
t/57-GlobalLogout-with-Double-cookies-Single-session.t
t/57-GlobalLogout-with-Double-cookies.t

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm
Unescape View File

@ -137,7 +137,7 @@ sub run {
. $response->{_msg} . '/'
. $response->{_rc} );
$self->logger->debug(
"Content from $url/rules.json: " . $response->{_content} );
"Content from $url: " . $response->{_content} );
$json = eval { from_json( $response->{_content} ) };
if ($@) {
@ -147,7 +147,7 @@ sub run {
$alert = 'alert-danger';
$json = '';
$self->userLogger->error(
"CheckDevOps: bad 'rules.json' file retrieved from $url/rules.json ($@)"
"CheckDevOps: bad 'rules.json' file retrieved from $url ($@)"
);
}
}
@ -185,7 +185,7 @@ sub run {
delete $json->{headers}->{$_};
my $user = $req->userData->{ $self->conf->{whatToTrace} };
$self->userLogger->warn(
"CheckDevOps: $user try to retrieve hidden attribute $v"
"CheckDevOps: $user tried to retrieve hidden attribute $v"
);
}
}

183
lemonldap-ng-portal/t/56-CheckDevOps-with-Download.t
Unescape View File

@ -0,0 +1,183 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use JSON;
BEGIN {
require 't/test-lib.pm';
}
my $res;
my $file = '{
"rules": {
"^/deny": "deny",
"^/testno": "$uid ne qq{dwho}",
"^/testyes": "$uid eq qq{dwho}",
"default": "accept"
},
"headers": {
"User": "$uid",
"Mail": "$mail",
"Name": "$cn",
"UA": "$UA"
}
}';
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
requireToken => 0,
checkDevOps => 1,
checkDevOpsDownload => 1,
hiddenAttributes => 'mail'
}
}
);
## Try to authenticate
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
count(1);
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
$query = 'user=dwho&password=dwho';
ok(
$res = $client->_post(
'/',
IO::String->new($query),
length => length($query),
accept => 'text/html',
),
'Auth query'
);
count(1);
my $id = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
# CheckDevOps form
# ----------------
ok(
$res = $client->_get(
'/checkdevops',
cookie => "lemonldap=$id",
accept => 'text/html'
),
'CheckDevOps form',
);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'url' );
ok( $res->[2]->[0] =~ m%<span trspan="checkDevOps">%,
'Found trspan="checkDevOps"' )
or explain( $res->[2]->[0], 'trspan="checkDevOps"' );
count(2);
# POST file
# ---------
$query = "checkDevOpsFile=$file";
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
accept => 'text/html'
),
'POST checkdevops with file'
);
ok(
$res->[2]->[0] =~
m%<pre><textarea id="checkDevOpsFile" name="checkDevOpsFile" class="form-control rounded-1" rows="6" trplaceholder="pasteHere">%,
'PRE not required'
) or explain( $res->[2]->[0], 'PRE not required' );
# Headers
ok( $res->[2]->[0] =~ m%<b><span trspan="headers">HEADERS</span></b>%,
'HEADERS' )
or explain( $res->[2]->[0], 'HEADERS' );
ok( $res->[2]->[0] =~ m%Name: Doctor Who<br/>%, 'Hearder Name found' )
or explain( $res->[2]->[0], 'Hearder Name' );
ok( $res->[2]->[0] =~ m%User: dwho<br/>%, 'Hearder User found' )
or explain( $res->[2]->[0], 'Hearder User' );
# Rules
ok( $res->[2]->[0] =~ m%<b><span trspan="rules">RULES</span></b>%, 'RULES' )
or explain( $res->[2]->[0], 'RULES' );
ok( $res->[2]->[0] =~ m%\^/testno: <span trspan="forbidden">%, 'testno' )
or explain( $res->[2]->[0], 'testno' );
ok( $res->[2]->[0] =~ m%default: <span trspan="allowed">%, 'default' )
or explain( $res->[2]->[0], 'default' );
ok( $res->[2]->[0] =~ m%\^/testyes: <span trspan="allowed">%, 'testyes' )
or explain( $res->[2]->[0], 'testyes' );
ok( $res->[2]->[0] =~ m%\^/deny: <span trspan="forbidden">%, 'deny' )
or explain( $res->[2]->[0], 'deny' );
ok( $res->[2]->[0] =~ m%\$uid eq qq{dwho}"%, 'file' )
or explain( $res->[2]->[0], 'file' );
ok( $res->[2]->[0] !~ m%Mail: dwho\@badwolf.org<br/>%, 'Hearder Mail not found' )
or explain( $res->[2]->[0], 'No hearder Mail' );
ok( $res->[2]->[0] =~ m%UA: <br/>%, 'Hearder UA found' )
or explain( $res->[2]->[0], 'Hearder UA' );
count(13);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile' );
# Download file
# -------------
$query = 'url=http://test3.example.com';
ok(
$res = $client->_post(
'/checkdevops',
IO::String->new($query),
cookie => "lemonldap=$id",
length => length($query),
),
'POST checkdevops with url'
);
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
or print STDERR "$@\n" . Dumper($res);
ok( $res->{ALERTE} eq 'alert-info', 'alert-info found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /headers/, 'headers found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /rules/, 'rules found' )
or print STDERR Dumper($res);
ok( $res->{FILE} =~ /"\$uid ne qq{dwho}"/, 'rule found' )
or print STDERR Dumper($res);
ok( $res->{URL} eq 'http://test3.example.com/rules.json', 'URL found' )
or print STDERR Dumper($res);
ok( $res->{MSG} eq 'checkDevOps', 'MSG found' )
or print STDERR Dumper($res);
count(8);
$client->logout($id);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
my $httpResp;
my $s = '{
"rules": {
"^/deny": "deny",
"^/testno": "$uid ne qq{dwho}",
"^/testyes": "$uid eq qq{dwho}",
"default": "accept"
},
"headers": {
"User": "$uid",
"Mail": "$mail",
"Name": "$cn"
}
}';
$httpResp = HTTP::Response->new( 200, 'OK' );
$httpResp->header( 'Content-Type', 'application/json' );
$httpResp->header( 'Content-Length', length($s) );
$httpResp->content($s);
return $httpResp;
}

25
lemonldap-ng-portal/t/56-CheckDevOps.t
Unescape View File

@ -31,15 +31,15 @@ my $bad_file = '{
"User": "$uid",
}
}';
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
requireToken => 1,
checkDevOps => 1,
hiddenAttributes => 'mail UA'
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
requireToken => 1,
checkDevOps => 1,
checkDevOpsDownload => 0,
hiddenAttributes => 'mail UA'
}
}
);
@ -134,6 +134,11 @@ ok(
),
'POST checkdevops with file'
);
ok(
$res->[2]->[0] =~
m%<pre><textarea id="checkDevOpsFile" name="checkDevOpsFile" class="form-control rounded-1" rows="6" trplaceholder="pasteHere" required>%,
'PRE required'
) or explain( $res->[2]->[0], 'PRE required' );
# Headers
ok( $res->[2]->[0] =~ m%<b><span trspan="headers">HEADERS</span></b>%,
@ -143,6 +148,10 @@ ok( $res->[2]->[0] =~ m%Name: Doctor Who<br/>%, 'Hearder Name found' )
or explain( $res->[2]->[0], 'Hearder Name' );
ok( $res->[2]->[0] =~ m%User: dwho<br/>%, 'Hearder User found' )
or explain( $res->[2]->[0], 'Hearder User' );
ok( $res->[2]->[0] !~ m%Mail: dwho\@badwolf.org<br/>%, 'Hearder Mail not found' )
or explain( $res->[2]->[0], 'No hearder Mail' );
ok( $res->[2]->[0] !~ m%UA: <br/>%, 'Hearder UA not found' )
or explain( $res->[2]->[0], 'No hearder UA' );
# Rules
ok( $res->[2]->[0] =~ m%<b><span trspan="rules">RULES</span></b>%, 'RULES' )
@ -157,7 +166,7 @@ ok( $res->[2]->[0] =~ m%\^/deny: <span trspan="forbidden">%, 'deny' )
or explain( $res->[2]->[0], 'deny' );
ok( $res->[2]->[0] =~ m%\$uid eq qq{dwho}"%, 'file' )
or explain( $res->[2]->[0], 'file' );
count(10);
count(13);
( $host, $url, $query ) =
expectForm( $res, undef, '/checkdevops', 'checkDevOpsFile', 'token' );

Write Preview
Loading…
Cancel
Save