diff --git a/app/controllers/repp/v1/api_users_controller.rb b/app/controllers/repp/v1/api_users_controller.rb index 56e294be0..41e1187b1 100644 --- a/app/controllers/repp/v1/api_users_controller.rb +++ b/app/controllers/repp/v1/api_users_controller.rb @@ -61,7 +61,7 @@ module Repp private def api_user_params - params.require(:api_user).permit(:id, :username, :plain_text_password, :active, + params.require(:api_user).permit(:username, :plain_text_password, :active, :identity_code, { roles: [] }) end diff --git a/app/controllers/repp/v1/white_ips_controller.rb b/app/controllers/repp/v1/white_ips_controller.rb index 2d9a67805..259120f20 100644 --- a/app/controllers/repp/v1/white_ips_controller.rb +++ b/app/controllers/repp/v1/white_ips_controller.rb @@ -3,7 +3,7 @@ module Repp class WhiteIpsController < BaseController load_and_authorize_resource - THROTTLED_ACTIONS = %i[index create update destroy].freeze + THROTTLED_ACTIONS = %i[index show create update destroy].freeze include Shunter::Integration::Throttle api :GET, '/repp/v1/white_ips' @@ -58,7 +58,7 @@ module Repp private def white_ip_params - params.require(:white_ip).permit(:id, :ipv4, :ipv6, interfaces: []) + params.require(:white_ip).permit(:ipv4, :ipv6, interfaces: []) end end end diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index c507a6b8a..0ce7bae23 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -8,6 +8,16 @@ api_bestnames: roles: - super +api_bestnames_epp: + username: test_bestnames_epp + plain_text_password: testtest + identity_code: + type: ApiUser + registrar: bestnames + active: true + roles: + - epp + api_goodnames: username: test_goodnames plain_text_password: testtest diff --git a/test/fixtures/white_ips.yml b/test/fixtures/white_ips.yml index bc756f06e..10a33f359 100644 --- a/test/fixtures/white_ips.yml +++ b/test/fixtures/white_ips.yml @@ -3,4 +3,11 @@ one: ipv4: 127.0.0.1 interfaces: - <%= WhiteIp::REGISTRAR %> - - <%= WhiteIp::API %> \ No newline at end of file + - <%= WhiteIp::API %> + +two: + registrar: bestnames + ipv6: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 + interfaces: + - <%= WhiteIp::REGISTRAR %> + - <%= WhiteIp::API %> diff --git a/test/integration/repp/v1/api_users/create_test.rb b/test/integration/repp/v1/api_users/create_test.rb new file mode 100644 index 000000000..897350773 --- /dev/null +++ b/test/integration/repp/v1/api_users/create_test.rb @@ -0,0 +1,82 @@ +require 'test_helper' + +class ReppV1ApiUsersCreateTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_creates_new_api_user + request_body = { + api_user: { + username: 'username', + plain_text_password: 'password', + active: true, + identity_code: '123', + roles: ['super'], + }, + } + + post '/repp/v1/api_users', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + api_user = ApiUser.find(json[:data][:api_user][:id]) + assert api_user.present? + assert api_user.active + + assert_equal(request_body[:api_user][:username], api_user.username) + end + + def test_validates_identity_code_per_registrar + request_body = { + api_user: { + username: 'username', + plain_text_password: 'password', + active: true, + identity_code: @user.identity_code, + roles: ['super'], + }, + } + + post '/repp/v1/api_users', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'Identity code already exists' + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + request_body = { + api_user: { + username: 'username', + plain_text_password: 'password', + active: true, + identity_code: '123', + roles: ['super'], + }, + } + + post '/repp/v1/api_users', headers: @auth_headers, params: request_body + post '/repp/v1/api_users', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/api_users/delete_test.rb b/test/integration/repp/v1/api_users/delete_test.rb new file mode 100644 index 000000000..01cf54d51 --- /dev/null +++ b/test/integration/repp/v1/api_users/delete_test.rb @@ -0,0 +1,49 @@ +require 'test_helper' + +class ReppV1ApiUsersDeleteTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_deletes_api_user + epp_user = users(:api_bestnames_epp) + delete "/repp/v1/api_users/#{epp_user.id}", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + refute ApiUser.exists?(epp_user.id) + end + + def test_cannot_delete_api_user + delete '/repp/v1/api_users/wrong_id', headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :not_found + assert_equal 2303, json[:code] + assert_equal 'Object does not exist', json[:message] + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + delete "/repp/v1/api_users/#{users(:api_bestnames_epp).id}", headers: @auth_headers + delete "/repp/v1/api_users/#{users(:api_bestnames).id}", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/api_users/list_test.rb b/test/integration/repp/v1/api_users/list_test.rb new file mode 100644 index 000000000..6f20bbd74 --- /dev/null +++ b/test/integration/repp/v1/api_users/list_test.rb @@ -0,0 +1,39 @@ +require 'test_helper' + +class ReppV1ApiUsersListTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_returns_api_users + get repp_v1_api_users_url, headers: @auth_headers + assert_response :success + + response_json = JSON.parse(response.body, symbolize_names: true) + assert_equal @user.registrar.api_users.count, response_json[:data][:count] + assert_equal @user.registrar.api_users.count, response_json[:data][:users].length + assert response_json[:data][:users][0].is_a? Hash + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + get repp_v1_api_users_path, headers: @auth_headers + get repp_v1_api_users_path, headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/api_users/show_test.rb b/test/integration/repp/v1/api_users/show_test.rb new file mode 100644 index 000000000..95f8f3a1a --- /dev/null +++ b/test/integration/repp/v1/api_users/show_test.rb @@ -0,0 +1,54 @@ +require 'test_helper' + +class ReppV1ApiUsersShowTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_returns_error_when_not_found + get repp_v1_api_user_path(id: 'definitelynotexistant'), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :not_found + assert_equal 2303, json[:code] + assert_equal 'Object does not exist', json[:message] + end + + def test_shows_existing_api_user + user = @user.registrar.api_users.first + + get repp_v1_api_user_path(id: user.id), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal user.id, json[:data][:user][:id] + assert_equal ApiUser::ROLES, json[:data][:roles] + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + user = @user.registrar.api_users.first + + get repp_v1_api_user_path(id: user.id), headers: @auth_headers + get repp_v1_api_user_path(id: user.id), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/api_users/update_test.rb b/test/integration/repp/v1/api_users/update_test.rb new file mode 100644 index 000000000..5c61856b4 --- /dev/null +++ b/test/integration/repp/v1/api_users/update_test.rb @@ -0,0 +1,83 @@ +require 'test_helper' + +class ReppV1ApiUsersUpdateTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_updates_api_user + request_body = { + api_user: { + active: false, + }, + } + + put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + api_user = ApiUser.find(json[:data][:api_user][:id]) + assert_equal api_user.username, @user.username + refute api_user.active + end + + def test_can_not_change_identity_code_if_already_exists_per_registrar + epp_user = users(:api_bestnames_epp) + request_body = { + api_user: { + identity_code: @user.identity_code, + }, + } + + put "/repp/v1/api_users/#{epp_user.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'Identity code already exists' + end + + def test_returns_error_if_password_wrong_format + request_body = { + api_user: { + plain_text_password: '123', + }, + } + + put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'Password is too short' + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + request_body = { + api_user: { + active: true, + }, + } + + put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body + put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/white_ips/create_test.rb b/test/integration/repp/v1/white_ips/create_test.rb new file mode 100644 index 000000000..2b152d41c --- /dev/null +++ b/test/integration/repp/v1/white_ips/create_test.rb @@ -0,0 +1,75 @@ +require 'test_helper' + +class ReppV1WhiteIpsCreateTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_creates_new_white_ip + request_body = { + white_ip: { + ipv4: '127.0.0.1', + ipv6: '', + interfaces: ['API'], + }, + } + + post '/repp/v1/white_ips', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + white_ip = WhiteIp.find(json[:data][:ip][:id]) + assert white_ip.present? + + assert_equal(request_body[:white_ip][:ipv4], white_ip.ipv4) + end + + def test_validates_ip_max_count + request_body = { + white_ip: { + ipv4: '', + ipv6: '2001:db8::/120', + interfaces: ['API'], + }, + } + + post '/repp/v1/white_ips', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'IP address limit exceeded' + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + request_body = { + white_ip: { + ipv4: '127.0.0.1', + ipv6: '', + interfaces: ['API'], + }, + } + + post '/repp/v1/white_ips', headers: @auth_headers, params: request_body + post '/repp/v1/white_ips', headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/white_ips/delete_test.rb b/test/integration/repp/v1/white_ips/delete_test.rb new file mode 100644 index 000000000..e37d346e5 --- /dev/null +++ b/test/integration/repp/v1/white_ips/delete_test.rb @@ -0,0 +1,40 @@ +require 'test_helper' + +class ReppV1WhiteIpsDeleteTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_deletes_white_ip + ip = white_ips(:one) + delete "/repp/v1/white_ips/#{ip.id}", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + refute WhiteIp.exists?(ip.id) + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + delete "/repp/v1/white_ips/#{white_ips(:one).id}", headers: @auth_headers + delete "/repp/v1/white_ips/#{white_ips(:two).id}", headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/white_ips/list_test.rb b/test/integration/repp/v1/white_ips/list_test.rb new file mode 100644 index 000000000..a52530faf --- /dev/null +++ b/test/integration/repp/v1/white_ips/list_test.rb @@ -0,0 +1,39 @@ +require 'test_helper' + +class ReppV1ApiWhiteIpsListTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_returns_white_ips + get repp_v1_white_ips_url, headers: @auth_headers + assert_response :success + + response_json = JSON.parse(response.body, symbolize_names: true) + assert_equal @user.registrar.white_ips.count, response_json[:data][:count] + assert_equal @user.registrar.white_ips.count, response_json[:data][:ips].length + assert response_json[:data][:ips][0].is_a? Hash + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + get repp_v1_white_ips_path, headers: @auth_headers + get repp_v1_white_ips_path, headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end \ No newline at end of file diff --git a/test/integration/repp/v1/white_ips/show_test.rb b/test/integration/repp/v1/white_ips/show_test.rb new file mode 100644 index 000000000..226b5ad9d --- /dev/null +++ b/test/integration/repp/v1/white_ips/show_test.rb @@ -0,0 +1,54 @@ +require 'test_helper' + +class ReppV1ApiWhiteIpsShowTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_returns_error_when_not_found + get repp_v1_white_ip_path(id: 'definitelynotexistant'), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :not_found + assert_equal 2303, json[:code] + assert_equal 'Object does not exist', json[:message] + end + + def test_shows_existing_white_ip + white_ip = @user.registrar.white_ips.first + + get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + assert_equal white_ip.id, json[:data][:ip][:id] + assert_equal WhiteIp::INTERFACES, json[:data][:interfaces] + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + white_ip = @user.registrar.white_ips.first + + get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers + get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end diff --git a/test/integration/repp/v1/white_ips/update_test.rb b/test/integration/repp/v1/white_ips/update_test.rb new file mode 100644 index 000000000..03b34ef01 --- /dev/null +++ b/test/integration/repp/v1/white_ips/update_test.rb @@ -0,0 +1,82 @@ +require 'test_helper' + +class ReppV1ApiWhiteIpsUpdateTest < ActionDispatch::IntegrationTest + def setup + @user = users(:api_bestnames) + @white_ip = white_ips(:one) + token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}") + token = "Basic #{token}" + + @auth_headers = { 'Authorization' => token } + + adapter = ENV['shunter_default_adapter'].constantize.new + adapter&.clear! + end + + def test_updates_white_ip + request_body = { + white_ip: { + ipv4: '127.0.0.1', + }, + } + + put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :ok + assert_equal 1000, json[:code] + assert_equal 'Command completed successfully', json[:message] + + ip = WhiteIp.find(json[:data][:ip][:id]) + assert_equal ip.ipv4, @white_ip.ipv4 + end + + def test_returns_error_if_ipv4_wrong_format + request_body = { + white_ip: { + ipv4: 'wrongip', + }, + } + + put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'IPv4 is invalid' + end + + def test_returns_error_if_both_ips + request_body = { + white_ip: { + ipv6: '2001:0db8:85a3:0000:0000:8a2e:0370:7334', + }, + } + + put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert json[:message].include? 'Please enter only one IP address' + end + + def test_returns_error_response_if_throttled + ENV['shunter_default_threshold'] = '1' + ENV['shunter_enabled'] = 'true' + + request_body = { + white_ip: { + ipv4: '127.0.0.1', + }, + } + + put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body + put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body + json = JSON.parse(response.body, symbolize_names: true) + + assert_response :bad_request + assert_equal json[:code], 2502 + assert response.body.include?(Shunter.default_error_message) + ENV['shunter_default_threshold'] = '10000' + ENV['shunter_enabled'] = 'false' + end +end