Chapril/xmpp.chapril.org-ejabberd
25
1
Fork 0
mirror of https://github.com/processone/ejabberd.git synced 2024-11-20 16:15:59 +01:00
Code Releases Activity

Error when not authorized should be 403

Browse Source
This commit is contained in:
Mickael Remond 2016-07-23 17:56:15 +02:00
parent 1485b56211
commit caf2c20210
No known key found for this signature in database
GPG Key ID: E6F6045D79965AA3
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
test/mod_http_api_test.exs
View File

@ -54,20 +54,20 @@ defmodule ModHttpApiTest do
end
# This related to the commands config file option
test "Attempting to access a command that is not exposed as HTTP API returns 401" do
test "Attempting to access a command that is not exposed as HTTP API returns 403" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{401, _, _} = :mod_http_api.process(["open_cmd"], request)
{403, _, _} = :mod_http_api.process(["open_cmd"], request)
end
test "Call to user, admin or restricted commands without authentication are rejected" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{401, _, _} = :mod_http_api.process(["user_cmd"], request)
{401, _, _} = :mod_http_api.process(["admin_cmd"], request)
{401, _, _} = :mod_http_api.process(["restricted_cmd"], request)
{403, _, _} = :mod_http_api.process(["user_cmd"], request)
{403, _, _} = :mod_http_api.process(["admin_cmd"], request)
{403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
end
@tag pending: true