zydronium/internetee-registry
1
0
Fork 0
mirror of https://github.com/internetee/registry.git synced 2025-07-28 05:26:17 +02:00
Code Issues Projects Releases Packages Wiki Activity

Covered with tests api users and white ips

Browse source
This commit is contained in:
Sergei Tsoganov 2023-06-01 16:27:34 +03:00
parent 9cbf9f88bf
commit a4d28a0ee2
14 changed files with 618 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/controllers/repp/v1/api_users_controller.rb
View file

@ -61,7 +61,7 @@ module Repp
private
def api_user_params
params.require(:api_user).permit(:id, :username, :plain_text_password, :active,
params.require(:api_user).permit(:username, :plain_text_password, :active,
:identity_code, { roles: [] })
end

4
app/controllers/repp/v1/white_ips_controller.rb
View file

@ -3,7 +3,7 @@ module Repp
class WhiteIpsController < BaseController
load_and_authorize_resource
THROTTLED_ACTIONS = %i[index create update destroy].freeze
THROTTLED_ACTIONS = %i[index show create update destroy].freeze
include Shunter::Integration::Throttle
api :GET, '/repp/v1/white_ips'
@ -58,7 +58,7 @@ module Repp
private
def white_ip_params
params.require(:white_ip).permit(:id, :ipv4, :ipv6, interfaces: [])
params.require(:white_ip).permit(:ipv4, :ipv6, interfaces: [])
end
end
end

10
test/fixtures/users.yml vendored
View file

@ -8,6 +8,16 @@ api_bestnames:
roles:
- super
api_bestnames_epp:
username: test_bestnames_epp
plain_text_password: testtest
identity_code:
type: ApiUser
registrar: bestnames
active: true
roles:
- epp
api_goodnames:
username: test_goodnames
plain_text_password: testtest

9
test/fixtures/white_ips.yml vendored
View file

@ -3,4 +3,11 @@ one:
ipv4: 127.0.0.1
interfaces:
- <%= WhiteIp::REGISTRAR %>
- <%= WhiteIp::API %>
- <%= WhiteIp::API %>
two:
registrar: bestnames
ipv6: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
interfaces:
- <%= WhiteIp::REGISTRAR %>
- <%= WhiteIp::API %>

82
test/integration/repp/v1/api_users/create_test.rb Normal file
View file

@ -0,0 +1,82 @@
require 'test_helper'
class ReppV1ApiUsersCreateTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_creates_new_api_user
request_body = {
api_user: {
username: 'username',
plain_text_password: 'password',
active: true,
identity_code: '123',
roles: ['super'],
},
}
post '/repp/v1/api_users', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
api_user = ApiUser.find(json[:data][:api_user][:id])
assert api_user.present?
assert api_user.active
assert_equal(request_body[:api_user][:username], api_user.username)
end
def test_validates_identity_code_per_registrar
request_body = {
api_user: {
username: 'username',
plain_text_password: 'password',
active: true,
identity_code: @user.identity_code,
roles: ['super'],
},
}
post '/repp/v1/api_users', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'Identity code already exists'
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
request_body = {
api_user: {
username: 'username',
plain_text_password: 'password',
active: true,
identity_code: '123',
roles: ['super'],
},
}
post '/repp/v1/api_users', headers: @auth_headers, params: request_body
post '/repp/v1/api_users', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

49
test/integration/repp/v1/api_users/delete_test.rb Normal file
View file

@ -0,0 +1,49 @@
require 'test_helper'
class ReppV1ApiUsersDeleteTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_deletes_api_user
epp_user = users(:api_bestnames_epp)
delete "/repp/v1/api_users/#{epp_user.id}", headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
refute ApiUser.exists?(epp_user.id)
end
def test_cannot_delete_api_user
delete '/repp/v1/api_users/wrong_id', headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :not_found
assert_equal 2303, json[:code]
assert_equal 'Object does not exist', json[:message]
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
delete "/repp/v1/api_users/#{users(:api_bestnames_epp).id}", headers: @auth_headers
delete "/repp/v1/api_users/#{users(:api_bestnames).id}", headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

39
test/integration/repp/v1/api_users/list_test.rb Normal file
View file

@ -0,0 +1,39 @@
require 'test_helper'
class ReppV1ApiUsersListTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_returns_api_users
get repp_v1_api_users_url, headers: @auth_headers
assert_response :success
response_json = JSON.parse(response.body, symbolize_names: true)
assert_equal @user.registrar.api_users.count, response_json[:data][:count]
assert_equal @user.registrar.api_users.count, response_json[:data][:users].length
assert response_json[:data][:users][0].is_a? Hash
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
get repp_v1_api_users_path, headers: @auth_headers
get repp_v1_api_users_path, headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

54
test/integration/repp/v1/api_users/show_test.rb Normal file
View file

@ -0,0 +1,54 @@
require 'test_helper'
class ReppV1ApiUsersShowTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_returns_error_when_not_found
get repp_v1_api_user_path(id: 'definitelynotexistant'), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :not_found
assert_equal 2303, json[:code]
assert_equal 'Object does not exist', json[:message]
end
def test_shows_existing_api_user
user = @user.registrar.api_users.first
get repp_v1_api_user_path(id: user.id), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
assert_equal user.id, json[:data][:user][:id]
assert_equal ApiUser::ROLES, json[:data][:roles]
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
user = @user.registrar.api_users.first
get repp_v1_api_user_path(id: user.id), headers: @auth_headers
get repp_v1_api_user_path(id: user.id), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

83
test/integration/repp/v1/api_users/update_test.rb Normal file
View file

@ -0,0 +1,83 @@
require 'test_helper'
class ReppV1ApiUsersUpdateTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_updates_api_user
request_body = {
api_user: {
active: false,
},
}
put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
api_user = ApiUser.find(json[:data][:api_user][:id])
assert_equal api_user.username, @user.username
refute api_user.active
end
def test_can_not_change_identity_code_if_already_exists_per_registrar
epp_user = users(:api_bestnames_epp)
request_body = {
api_user: {
identity_code: @user.identity_code,
},
}
put "/repp/v1/api_users/#{epp_user.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'Identity code already exists'
end
def test_returns_error_if_password_wrong_format
request_body = {
api_user: {
plain_text_password: '123',
},
}
put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'Password is too short'
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
request_body = {
api_user: {
active: true,
},
}
put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body
put "/repp/v1/api_users/#{@user.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

75
test/integration/repp/v1/white_ips/create_test.rb Normal file
View file

@ -0,0 +1,75 @@
require 'test_helper'
class ReppV1WhiteIpsCreateTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_creates_new_white_ip
request_body = {
white_ip: {
ipv4: '127.0.0.1',
ipv6: '',
interfaces: ['API'],
},
}
post '/repp/v1/white_ips', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
white_ip = WhiteIp.find(json[:data][:ip][:id])
assert white_ip.present?
assert_equal(request_body[:white_ip][:ipv4], white_ip.ipv4)
end
def test_validates_ip_max_count
request_body = {
white_ip: {
ipv4: '',
ipv6: '2001:db8::/120',
interfaces: ['API'],
},
}
post '/repp/v1/white_ips', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'IP address limit exceeded'
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
request_body = {
white_ip: {
ipv4: '127.0.0.1',
ipv6: '',
interfaces: ['API'],
},
}
post '/repp/v1/white_ips', headers: @auth_headers, params: request_body
post '/repp/v1/white_ips', headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

40
test/integration/repp/v1/white_ips/delete_test.rb Normal file
View file

@ -0,0 +1,40 @@
require 'test_helper'
class ReppV1WhiteIpsDeleteTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_deletes_white_ip
ip = white_ips(:one)
delete "/repp/v1/white_ips/#{ip.id}", headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
refute WhiteIp.exists?(ip.id)
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
delete "/repp/v1/white_ips/#{white_ips(:one).id}", headers: @auth_headers
delete "/repp/v1/white_ips/#{white_ips(:two).id}", headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

39
test/integration/repp/v1/white_ips/list_test.rb Normal file
View file

@ -0,0 +1,39 @@
require 'test_helper'
class ReppV1ApiWhiteIpsListTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_returns_white_ips
get repp_v1_white_ips_url, headers: @auth_headers
assert_response :success
response_json = JSON.parse(response.body, symbolize_names: true)
assert_equal @user.registrar.white_ips.count, response_json[:data][:count]
assert_equal @user.registrar.white_ips.count, response_json[:data][:ips].length
assert response_json[:data][:ips][0].is_a? Hash
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
get repp_v1_white_ips_path, headers: @auth_headers
get repp_v1_white_ips_path, headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

54
test/integration/repp/v1/white_ips/show_test.rb Normal file
View file

@ -0,0 +1,54 @@
require 'test_helper'
class ReppV1ApiWhiteIpsShowTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_returns_error_when_not_found
get repp_v1_white_ip_path(id: 'definitelynotexistant'), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :not_found
assert_equal 2303, json[:code]
assert_equal 'Object does not exist', json[:message]
end
def test_shows_existing_white_ip
white_ip = @user.registrar.white_ips.first
get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
assert_equal white_ip.id, json[:data][:ip][:id]
assert_equal WhiteIp::INTERFACES, json[:data][:interfaces]
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
white_ip = @user.registrar.white_ips.first
get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers
get repp_v1_white_ip_path(id: white_ip.id), headers: @auth_headers
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end

82
test/integration/repp/v1/white_ips/update_test.rb Normal file
View file

@ -0,0 +1,82 @@
require 'test_helper'
class ReppV1ApiWhiteIpsUpdateTest < ActionDispatch::IntegrationTest
def setup
@user = users(:api_bestnames)
@white_ip = white_ips(:one)
token = Base64.encode64("#{@user.username}:#{@user.plain_text_password}")
token = "Basic #{token}"
@auth_headers = { 'Authorization' => token }
adapter = ENV['shunter_default_adapter'].constantize.new
adapter&.clear!
end
def test_updates_white_ip
request_body = {
white_ip: {
ipv4: '127.0.0.1',
},
}
put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :ok
assert_equal 1000, json[:code]
assert_equal 'Command completed successfully', json[:message]
ip = WhiteIp.find(json[:data][:ip][:id])
assert_equal ip.ipv4, @white_ip.ipv4
end
def test_returns_error_if_ipv4_wrong_format
request_body = {
white_ip: {
ipv4: 'wrongip',
},
}
put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'IPv4 is invalid'
end
def test_returns_error_if_both_ips
request_body = {
white_ip: {
ipv6: '2001:0db8:85a3:0000:0000:8a2e:0370:7334',
},
}
put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert json[:message].include? 'Please enter only one IP address'
end
def test_returns_error_response_if_throttled
ENV['shunter_default_threshold'] = '1'
ENV['shunter_enabled'] = 'true'
request_body = {
white_ip: {
ipv4: '127.0.0.1',
},
}
put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body
put "/repp/v1/white_ips/#{@white_ip.id}", headers: @auth_headers, params: request_body
json = JSON.parse(response.body, symbolize_names: true)
assert_response :bad_request
assert_equal json[:code], 2502
assert response.body.include?(Shunter.default_error_message)
ENV['shunter_default_threshold'] = '10000'
ENV['shunter_enabled'] = 'false'
end
end