REPP: Extend V1 base test

2025-06-08 13:44:47 +02:00 · 2020-10-20 17:00:25 +03:00 · 2020-10-20 17:00:25 +03:00 · 516b2180ca
commit 516b2180ca
parent ddc26b81b1
2 changed files with 43 additions and 10 deletions
--- a/test/integration/repp/v1/base_test.rb
+++ b/test/integration/repp/v1/base_test.rb
@ -15,6 +15,15 @@ class ReppV1BaseTest < ActionDispatch::IntegrationTest

    assert_response :unauthorized
    assert_equal 'Invalid authorization information', response_json[:message]
+
+    invalid_token = Base64.encode64("nonexistant:user")
+    headers = { 'Authorization' => "Basic #{invalid_token}" }
+
+    get repp_v1_contacts_path, headers: headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 'Invalid authorization information', response_json[:message]
  end

  def test_authenticates_valid_user
@ -23,4 +32,32 @@ class ReppV1BaseTest < ActionDispatch::IntegrationTest

    assert_response :ok
  end
+
+  def test_processes_invalid_base64_token_format_properly
+    token = '??as8d9sf kjsdjh klsdfjjf'
+    headers = { 'Authorization' => "Basic #{token}"}
+    get repp_v1_contacts_path, headers: headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 'Invalid authorization information', response_json[:message]
+  end
+
+  def test_takes_ip_whitelist_into_account
+    Setting.api_ip_whitelist_enabled = true
+    Setting.registrar_ip_whitelist_enabled = true
+
+    whiteip = white_ips(:one)
+    whiteip.update(ipv4: '1.1.1.1')
+
+    get repp_v1_contacts_path, headers: @auth_headers
+    response_json = JSON.parse(response.body, symbolize_names: true)
+
+    assert_response :unauthorized
+    assert_equal 2202, response_json[:code]
+    assert response_json[:message].include? 'Access denied from IP'
+
+    Setting.api_ip_whitelist_enabled = false
+    Setting.registrar_ip_whitelist_enabled = false
+  end
 end