25
1
mirror of https://github.com/processone/ejabberd.git synced 2024-11-24 16:23:40 +01:00

Error when not authorized should be 403

This commit is contained in:
Mickael Remond 2016-07-23 17:56:15 +02:00
parent 1485b56211
commit caf2c20210
No known key found for this signature in database
GPG Key ID: E6F6045D79965AA3

View File

@ -54,20 +54,20 @@ defmodule ModHttpApiTest do
end end
# This related to the commands config file option # This related to the commands config file option
test "Attempting to access a command that is not exposed as HTTP API returns 401" do test "Attempting to access a command that is not exposed as HTTP API returns 403" do
setup_mocks() setup_mocks()
:ejabberd_config.add_local_option(:commands, []) :ejabberd_config.add_local_option(:commands, [])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]") request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{401, _, _} = :mod_http_api.process(["open_cmd"], request) {403, _, _} = :mod_http_api.process(["open_cmd"], request)
end end
test "Call to user, admin or restricted commands without authentication are rejected" do test "Call to user, admin or restricted commands without authentication are rejected" do
setup_mocks() setup_mocks()
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]]) :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]") request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{401, _, _} = :mod_http_api.process(["user_cmd"], request) {403, _, _} = :mod_http_api.process(["user_cmd"], request)
{401, _, _} = :mod_http_api.process(["admin_cmd"], request) {403, _, _} = :mod_http_api.process(["admin_cmd"], request)
{401, _, _} = :mod_http_api.process(["restricted_cmd"], request) {403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
end end
@tag pending: true @tag pending: true