paste.chapril.org-privatebin/tst/Persistence/TrafficLimiterTest.php

<?php

use PrivateBin\Data\Filesystem;
use PrivateBin\Persistence\ServerSalt;
use PrivateBin\Persistence\TrafficLimiter;

class TrafficLimiterTest extends PHPUnit_Framework_TestCase
{
    private $_path;

    public function setUp()
    {
        /* Setup Routine */
        $this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'trafficlimit';
        $store       = new Filesystem(array('dir' => $this->_path));
        ServerSalt::setStore($store);
        TrafficLimiter::setStore($store);
    }

    public function tearDown()
    {
        /* Tear Down Routine */
        Helper::rmDir($this->_path . DIRECTORY_SEPARATOR);
    }

    public function testHtaccess()
    {
        $htaccess = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
        @unlink($htaccess);
        $_SERVER['REMOTE_ADDR'] = 'foobar';
        TrafficLimiter::canPass();
        $this->assertFileExists($htaccess, 'htaccess recreated');
    }

    public function testTrafficGetsLimited()
    {
        TrafficLimiter::setLimit(4);
        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
        $this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
        sleep(1);
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'second request is to fast, may not pass');
        }
        sleep(4);
        $this->assertTrue(TrafficLimiter::canPass(), 'third request waited long enough and may pass');
        $_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
        $this->assertTrue(TrafficLimiter::canPass(), 'fourth request has different ip and may pass');
        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'fifth request is to fast, may not pass');
        }
    }

    public function testTrafficLimitExempted()
    {
        TrafficLimiter::setExempted('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
        $this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'not exempted');
        }
        $_SERVER['REMOTE_ADDR'] = '10.10.10.10';
        $this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in exempted range');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv4 in exempted range');
        $_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
        $this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in exempted range');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv6 in exempted range');
        TrafficLimiter::setExempted('127.*,foobar');
        $this->assertTrue(TrafficLimiter::canPass(), 'first cached request may pass');
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'request is too fast, invalid range');
        }
        $_SERVER['REMOTE_ADDR'] = 'foobar';
        $this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but non-IP address matches exempted range');
    }

    public function testTrafficLimitCreators()
    {
        TrafficLimiter::setCreators('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
        $_SERVER['REMOTE_ADDR'] = '127.0.0.1';
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'not a creator');
        }
        $_SERVER['REMOTE_ADDR'] = '10.10.10.10';
        $this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in creator range');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv4 in creator range');
        $_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
        $this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in creator range');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv6 in creator range');
        TrafficLimiter::setCreators('127.*,foobar');
        try {
            $this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
        } catch (Exception $e) {
            $this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'request is to fast, not a creator');
        }
        $_SERVER['REMOTE_ADDR'] = 'foobar';
        $this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');
        $this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but non-IP address matches creator');
    }
}
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`<?php`
Introduce PSR-4 autoloading 2016-07-21 17:09:48 +02:00
folding Persistance\ServerSalt into Data\Filesystem 2021-06-08 22:01:29 +02:00			`use PrivateBin\Data\Filesystem;`
			`use PrivateBin\Persistence\ServerSalt;`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`use PrivateBin\Persistence\TrafficLimiter;`
Introduce PSR-4 autoloading 2016-07-21 17:09:48 +02:00
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`class TrafficLimiterTest extends PHPUnit_Framework_TestCase`
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`{`
			`private $_path;`

			`public function setUp()`
			`{`
			`/* Setup Routine */`
			`$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'trafficlimit';`
started script for storage backend migrations todo: GCS added GCS, no GLOBALS, two methods for saving pastes and comments use GLOBALS for verbosity again added getAllPastes() to all storage providers moved to bin, added --delete options, make use of $store->getAllPastes() added --delete-* options to help longopts without -- sigh fixed arguments drop singleton behaviour to allow multiple backends of the same type simultaneously remove singleton from Model, collapse loop in migrate.php comments is not indexed tests without data singleton fix exit if scandir() fails extended meta doc 2022-10-28 01:01:02 +02:00			`$store = new Filesystem(array('dir' => $this->_path));`
folding Persistance\ServerSalt into Data\Filesystem 2021-06-08 22:01:29 +02:00			`ServerSalt::setStore($store);`
			`TrafficLimiter::setStore($store);`
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`}`

			`public function tearDown()`
			`{`
			`/* Tear Down Routine */`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`Helper::rmDir($this->_path . DIRECTORY_SEPARATOR);`
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`}`

folding Persistance\ServerSalt into Data\Filesystem 2021-06-08 22:01:29 +02:00			`public function testHtaccess()`
			`{`
			`$htaccess = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';`
			`@unlink($htaccess);`
			`$_SERVER['REMOTE_ADDR'] = 'foobar';`
			`TrafficLimiter::canPass();`
			`$this->assertFileExists($htaccess, 'htaccess recreated');`
			`}`

reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`public function testTrafficGetsLimited()`
			`{`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`TrafficLimiter::setLimit(4);`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`$_SERVER['REMOTE_ADDR'] = '127.0.0.1';`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');`
improvements to get the HHVM build to pass 2016-07-06 09:01:10 +02:00			`sleep(1);`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
			`$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'second request is to fast, may not pass');`
			`}`
improvements to get the HHVM build to pass 2016-07-06 09:01:10 +02:00			`sleep(4);`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`$this->assertTrue(TrafficLimiter::canPass(), 'third request waited long enough and may pass');`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';`
Renamed classes for full PSR-2 compliance, some cleanup 2016-08-09 11:54:42 +02:00			`$this->assertTrue(TrafficLimiter::canPass(), 'fourth request has different ip and may pass');`
preparing unit test for model refactoring, refactoring traffic limiter 2015-09-26 17:57:46 +02:00			`$_SERVER['REMOTE_ADDR'] = '127.0.0.1';`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
			`$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'fifth request is to fast, may not pass');`
			`}`
small unit test refactoring, comment wording 2022-02-20 09:30:41 +01:00			`}`
testing IP exemption, handle corner cases found in testing 2021-05-22 10:59:47 +02:00
small unit test refactoring, comment wording 2022-02-20 09:30:41 +01:00			`public function testTrafficLimitExempted()`
			`{`
actually support the short CIDR notation 2022-02-28 16:24:06 +01:00			`TrafficLimiter::setExempted('1.2.3.4,10.10.10/24,2001:1620:2057::/48');`
small unit test refactoring, comment wording 2022-02-20 09:30:41 +01:00			`$_SERVER['REMOTE_ADDR'] = '127.0.0.1';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
			`$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'not exempted');`
			`}`
testing IP exemption, handle corner cases found in testing 2021-05-22 10:59:47 +02:00			`$_SERVER['REMOTE_ADDR'] = '10.10.10.10';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in exempted range');`
			`$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv4 in exempted range');`
			`$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in exempted range');`
			`$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv6 in exempted range');`
simplify/unify naming & wording of the two types of IP lists for the traffic limiter 2022-02-20 09:09:20 +01:00			`TrafficLimiter::setExempted('127.*,foobar');`
small unit test refactoring, comment wording 2022-02-20 09:30:41 +01:00			`$this->assertTrue(TrafficLimiter::canPass(), 'first cached request may pass');`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
Update tst/Persistence/TrafficLimiterTest.php Co-authored-by: rugk <rugk+git@posteo.de> 2022-02-26 06:58:41 +01:00			`$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'request is too fast, invalid range');`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`}`
testing IP exemption, handle corner cases found in testing 2021-05-22 10:59:47 +02:00			`$_SERVER['REMOTE_ADDR'] = 'foobar';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');`
Update tst/Persistence/TrafficLimiterTest.php Co-authored-by: rugk <rugk+git@posteo.de> 2022-02-26 06:58:54 +01:00			`$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but non-IP address matches exempted range');`
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`}`
add creator unit tests for refactoring target, currently failing 2022-02-20 09:35:05 +01:00
			`public function testTrafficLimitCreators()`
			`{`
actually support the short CIDR notation 2022-02-28 16:24:06 +01:00			`TrafficLimiter::setCreators('1.2.3.4,10.10.10/24,2001:1620:2057::/48');`
add creator unit tests for refactoring target, currently failing 2022-02-20 09:35:05 +01:00			`$_SERVER['REMOTE_ADDR'] = '127.0.0.1';`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
			`$this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'not a creator');`
			`}`
add creator unit tests for refactoring target, currently failing 2022-02-20 09:35:05 +01:00			`$_SERVER['REMOTE_ADDR'] = '10.10.10.10';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in creator range');`
Update tst/Persistence/TrafficLimiterTest.php Co-authored-by: rugk <rugk+git@posteo.de> 2022-02-26 06:59:02 +01:00			`$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv4 in creator range');`
add creator unit tests for refactoring target, currently failing 2022-02-20 09:35:05 +01:00			`$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in creator range');`
Update tst/Persistence/TrafficLimiterTest.php Co-authored-by: rugk <rugk+git@posteo.de> 2022-02-26 06:59:11 +01:00			`$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv6 in creator range');`
unify IP-related logic into traffic limiter 2022-02-20 11:25:19 +01:00			`TrafficLimiter::setCreators('127.*,foobar');`
			`try {`
			`$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');`
			`} catch (Exception $e) {`
			`$this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'request is to fast, not a creator');`
			`}`
add creator unit tests for refactoring target, currently failing 2022-02-20 09:35:05 +01:00			`$_SERVER['REMOTE_ADDR'] = 'foobar';`
			`$this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');`
			`$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but non-IP address matches creator');`
			`}`
reviewed unit tests, fixing line endings, added more tests 2015-08-15 18:32:31 +02:00			`}`