2016-03-30 14:23:09 +02:00
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
#
|
|
|
|
# ejabberd, Copyright (C) 2002-2016 ProcessOne
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU General Public License as
|
|
|
|
# published by the Free Software Foundation; either version 2 of the
|
|
|
|
# License, or (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
# General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License along
|
|
|
|
# with this program; if not, write to the Free Software Foundation, Inc.,
|
|
|
|
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
|
|
#
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
|
|
|
defmodule ModHttpApiTest do
|
|
|
|
@author "mremond@process-one.net"
|
|
|
|
|
|
|
|
use ExUnit.Case, async: true
|
|
|
|
|
|
|
|
require Record
|
|
|
|
Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl")
|
|
|
|
Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl")
|
|
|
|
|
|
|
|
setup_all do
|
|
|
|
:ok = :mnesia.start
|
2016-04-06 18:11:46 +02:00
|
|
|
:stringprep.start
|
2016-03-30 14:23:09 +02:00
|
|
|
:ok = :ejabberd_config.start(["localhost"], [])
|
2016-10-05 13:54:29 +02:00
|
|
|
{:ok, _} = :ejabberd_access_permissions.start_link()
|
2016-03-30 14:23:09 +02:00
|
|
|
:ok = :ejabberd_commands.init
|
|
|
|
:ok = :ejabberd_commands.register_commands(cmds)
|
2016-07-26 12:17:37 +02:00
|
|
|
on_exit fn ->
|
|
|
|
:meck.unload
|
|
|
|
unregister_commands(cmds) end
|
2016-03-30 14:23:09 +02:00
|
|
|
end
|
|
|
|
|
2016-03-31 12:38:53 +02:00
|
|
|
test "We can expose several commands to API at a time" do
|
2016-05-30 23:04:29 +02:00
|
|
|
setup_mocks()
|
2016-07-26 12:17:37 +02:00
|
|
|
:ejabberd_commands.expose_commands([:open_cmd, :user_cmd])
|
|
|
|
commands = :ejabberd_commands.get_exposed_commands()
|
2016-03-31 12:38:53 +02:00
|
|
|
assert Enum.member?(commands, :open_cmd)
|
|
|
|
assert Enum.member?(commands, :user_cmd)
|
|
|
|
end
|
|
|
|
|
2016-10-06 11:17:10 +02:00
|
|
|
# test "We can call open commands without authentication" do
|
|
|
|
# setup_mocks()
|
|
|
|
# :ejabberd_commands.expose_commands([:open_cmd])
|
|
|
|
# request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
|
|
|
|
# {200, _, _} = :mod_http_api.process(["open_cmd"], request)
|
|
|
|
# end
|
2016-03-30 14:23:09 +02:00
|
|
|
|
2016-03-30 15:59:29 +02:00
|
|
|
# This related to the commands config file option
|
2016-07-23 17:56:15 +02:00
|
|
|
test "Attempting to access a command that is not exposed as HTTP API returns 403" do
|
2016-05-30 23:04:29 +02:00
|
|
|
setup_mocks()
|
2016-07-26 12:17:37 +02:00
|
|
|
:ejabberd_commands.expose_commands([])
|
2016-05-30 23:04:29 +02:00
|
|
|
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
|
2016-07-23 17:56:15 +02:00
|
|
|
{403, _, _} = :mod_http_api.process(["open_cmd"], request)
|
2016-03-30 15:59:29 +02:00
|
|
|
end
|
|
|
|
|
2016-03-31 12:38:53 +02:00
|
|
|
test "Call to user, admin or restricted commands without authentication are rejected" do
|
2016-05-30 23:04:29 +02:00
|
|
|
setup_mocks()
|
2016-07-26 12:17:37 +02:00
|
|
|
:ejabberd_commands.expose_commands([:user_cmd, :admin_cmd, :restricted])
|
2016-05-30 23:04:29 +02:00
|
|
|
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
|
2016-07-23 17:56:15 +02:00
|
|
|
{403, _, _} = :mod_http_api.process(["user_cmd"], request)
|
|
|
|
{403, _, _} = :mod_http_api.process(["admin_cmd"], request)
|
|
|
|
{403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
|
2016-03-30 14:23:09 +02:00
|
|
|
end
|
|
|
|
|
2016-04-06 13:51:05 +02:00
|
|
|
@tag pending: true
|
|
|
|
test "If admin_ip_access is enabled, we can call restricted API without authentication from that IP" do
|
2016-05-30 23:04:29 +02:00
|
|
|
setup_mocks()
|
2016-04-06 13:51:05 +02:00
|
|
|
end
|
|
|
|
|
2016-03-30 14:23:09 +02:00
|
|
|
# Define a set of test commands that we expose through API
|
2016-03-31 12:38:53 +02:00
|
|
|
# We define one for each policy type
|
2016-03-30 14:23:09 +02:00
|
|
|
defp cmds do
|
2016-03-31 12:38:53 +02:00
|
|
|
[:open, :user, :admin, :restricted]
|
|
|
|
|> Enum.map(&({&1, String.to_atom(to_string(&1) <> "_cmd")}))
|
|
|
|
|> Enum.map(fn({cmd_type, cmd}) ->
|
|
|
|
ejabberd_commands(name: cmd, tags: [:test],
|
|
|
|
policy: cmd_type,
|
|
|
|
module: __MODULE__,
|
|
|
|
function: cmd,
|
|
|
|
args: [],
|
|
|
|
result: {:res, :rescode})
|
|
|
|
end)
|
2016-03-30 14:23:09 +02:00
|
|
|
end
|
|
|
|
|
2016-03-31 12:38:53 +02:00
|
|
|
def open_cmd, do: :ok
|
2016-05-30 23:04:29 +02:00
|
|
|
def user_cmd(_, _), do: :ok
|
2016-03-31 12:38:53 +02:00
|
|
|
def admin_cmd, do: :ok
|
|
|
|
def restricted_cmd, do: :ok
|
2016-03-30 14:23:09 +02:00
|
|
|
|
2016-05-30 23:04:29 +02:00
|
|
|
defp setup_mocks() do
|
|
|
|
:meck.unload
|
|
|
|
mock(:gen_mod, :get_module_opt,
|
2016-07-26 12:17:37 +02:00
|
|
|
fn (_server, :mod_http_api, _admin_ip_access, _, _) ->
|
2016-05-30 23:04:29 +02:00
|
|
|
[{:allow, [{:ip, {{127,0,0,2}, 32}}]}]
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
|
|
|
defp mock(module, function, fun) do
|
|
|
|
try do
|
|
|
|
:meck.new(module)
|
|
|
|
catch
|
|
|
|
:error, {:already_started, _pid} -> :ok
|
|
|
|
end
|
|
|
|
:meck.expect(module, function, fun)
|
|
|
|
end
|
|
|
|
|
2016-03-30 14:23:09 +02:00
|
|
|
defp unregister_commands(commands) do
|
|
|
|
try do
|
|
|
|
:ejabberd_commands.unregister_commands(commands)
|
|
|
|
catch
|
|
|
|
_,_ -> :ok
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|