Mercurial > kallithea

changeset 7479:be37a0b982e9

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
tests: make IP access control tests more stable - make one unified test_add_delete_ips test
author Mads Kiilerich <mads@kiilerich.com>
date Tue, 25 Dec 2018 20:31:12 +0100
parents b49ea1926119
children d22a7430999f
files kallithea/tests/functional/test_admin_permissions.py
diffstat 1 files changed, 39 insertions(+), 42 deletions(-) [+]
line wrap: on
line diff
--- a/kallithea/tests/functional/test_admin_permissions.py	Tue Dec 25 20:31:12 2018 +0100
+++ b/kallithea/tests/functional/test_admin_permissions.py	Tue Dec 25 20:31:12 2018 +0100
@@ -21,58 +21,55 @@
         # Test response...
         response.mustcontain('All IP addresses are allowed')
 
-    def test_add_ips(self, auto_clear_ip_permissions):
-        self.log_user()
-        default_user_id = User.get_default_user().user_id
-        response = self.app.post(url('edit_user_ips_update', id=default_user_id),
-                                 params=dict(new_ip='127.0.0.0/24',
-                                 _authentication_token=self.authentication_token()))
-
-        # IP permissions are cached, need to invalidate this cache explicitly
-        invalidate_all_caches()
-
-        self.app.get(url('admin_permissions_ips'), status=302)
-
-        # REMOTE_ADDR must match 127.0.0.0/24
-        response = self.app.get(url('admin_permissions_ips'),
-                                extra_environ={'REMOTE_ADDR': '127.0.0.1'})
-        response.mustcontain('127.0.0.0/24')
-        response.mustcontain('127.0.0.0 - 127.0.0.255')
-
-    def test_delete_ips(self, auto_clear_ip_permissions):
+    def test_add_delete_ips(self, auto_clear_ip_permissions):
         self.log_user()
         default_user_id = User.get_default_user().user_id
 
-        ## first add
-        new_ip = '127.0.0.0/24'
-        with test_context(self.app):
-            user_model = UserModel()
-            ip_obj = user_model.add_extra_ip(default_user_id, new_ip)
-            Session().commit()
+        # Add IP and verify it is shown in UI and both gives access and rejects
 
-        ## double check that add worked
-        # IP permissions are cached, need to invalidate this cache explicitly
+        response = self.app.post(url('edit_user_ips_update', id=default_user_id),
+                                 params=dict(new_ip='0.0.0.0/24',
+                                 _authentication_token=self.authentication_token()))
         invalidate_all_caches()
-        self.app.get(url('admin_permissions_ips'), status=302)
-        # REMOTE_ADDR must match 127.0.0.0/24
         response = self.app.get(url('admin_permissions_ips'),
-                                extra_environ={'REMOTE_ADDR': '127.0.0.1'})
-        response.mustcontain('127.0.0.0/24')
-        response.mustcontain('127.0.0.0 - 127.0.0.255')
+                                extra_environ={'REMOTE_ADDR': '0.0.0.1'})
+        response.mustcontain('0.0.0.0/24')
+        response.mustcontain('0.0.0.0 - 0.0.0.255')
 
-        ## now delete
-        response = self.app.post(url('edit_user_ips_delete', id=default_user_id),
-                                 params=dict(del_ip_id=ip_obj.ip_id,
-                                             _authentication_token=self.authentication_token()),
-                                 extra_environ={'REMOTE_ADDR': '127.0.0.1'})
+        response = self.app.get(url('admin_permissions_ips'),
+                                extra_environ={'REMOTE_ADDR': '0.0.1.1'}, status=403)
 
-        # IP permissions are cached, need to invalidate this cache explicitly
+        # Add another IP and verify previously rejected now works
+
+        response = self.app.post(url('edit_user_ips_update', id=default_user_id),
+                                 params=dict(new_ip='0.0.1.0/24',
+                                 _authentication_token=self.authentication_token()))
         invalidate_all_caches()
 
-        response = self.app.get(url('admin_permissions_ips'))
-        response.mustcontain('All IP addresses are allowed')
-        response.mustcontain(no=['127.0.0.0/24'])
-        response.mustcontain(no=['127.0.0.0 - 127.0.0.255'])
+        response = self.app.get(url('admin_permissions_ips'),
+                                extra_environ={'REMOTE_ADDR': '0.0.1.1'})
+
+        # Delete latest IP and verify same IP is rejected again
+
+        x = UserIpMap.query().filter_by(ip_addr='0.0.1.0/24').first()
+        response = self.app.post(url('edit_user_ips_delete', id=default_user_id),
+                                 params=dict(del_ip_id=x.ip_id,
+                                             _authentication_token=self.authentication_token()))
+        invalidate_all_caches()
+
+        response = self.app.get(url('admin_permissions_ips'),
+                                extra_environ={'REMOTE_ADDR': '0.0.1.1'}, status=403)
+
+        # Delete first IP and verify unlimited access again
+
+        x = UserIpMap.query().filter_by(ip_addr='0.0.0.0/24').first()
+        response = self.app.post(url('edit_user_ips_delete', id=default_user_id),
+                                 params=dict(del_ip_id=x.ip_id,
+                                             _authentication_token=self.authentication_token()))
+        invalidate_all_caches()
+
+        response = self.app.get(url('admin_permissions_ips'),
+                                extra_environ={'REMOTE_ADDR': '0.0.1.1'})
 
     def test_index_overview(self):
         self.log_user()