Mercurial > kallithea
changeset 5739:95a33e5d0596
tests: clarify user IP range test dependency on beaker caching of user objects
Requests with invalid request address would pass after configuring user IP
ranges because the IP range would not be validated as long as the user object
was found in the beaker cache.
Instead, wait until the beaker cache has expired and verify the user cannot log
in without a valid IP. Then provide a valid IP for later requests until the IP
range is removed again.
Based on original patch and research by Dominik Ruf.
author | Mads Kiilerich <madski@unity3d.com> |
---|---|
date | Wed, 02 Mar 2016 17:03:23 +0100 |
parents | 3d09266ba8cb |
children | ff9eba8e2541 |
files | kallithea/tests/functional/test_admin_permissions.py |
diffstat | 1 files changed, 14 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/kallithea/tests/functional/test_admin_permissions.py Mon Feb 29 22:36:09 2016 +0100 +++ b/kallithea/tests/functional/test_admin_permissions.py Wed Mar 02 17:03:23 2016 +0100 @@ -1,3 +1,5 @@ +import time + from kallithea.model.db import User, UserIpMap from kallithea.tests import * @@ -21,7 +23,13 @@ params=dict(new_ip='127.0.0.0/24', _authentication_token=self.authentication_token())) - response = self.app.get(url('admin_permissions_ips')) + # sleep more than beaker.cache.sql_cache_short.expire to expire user cache + time.sleep(1.5) + self.app.get(url('admin_permissions_ips'), status=302) + + # REMOTE_ADDR must match 127.0.0.0/24 + response = self.app.get(url('admin_permissions_ips'), + extra_environ={'REMOTE_ADDR': '127.0.0.1'}) response.mustcontain('127.0.0.0/24') response.mustcontain('127.0.0.0 - 127.0.0.255') @@ -33,7 +41,11 @@ response = self.app.post(url('edit_user_ips', id=default_user_id), params=dict(_method='delete', del_ip_id=del_ip_id, - _authentication_token=self.authentication_token())) + _authentication_token=self.authentication_token()), + extra_environ={'REMOTE_ADDR': '127.0.0.1'}) + + # sleep more than beaker.cache.sql_cache_short.expire to expire user cache + time.sleep(1.5) response = self.app.get(url('admin_permissions_ips')) response.mustcontain('All IP addresses are allowed')