From 6f25122f8c083a14aad8e5be13600bd8872cd73b Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Wed, 30 Mar 2016 13:59:01 +0200 Subject: Support flagging so Elixir tests as pending --- test/elixir_SUITE.erl | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/elixir_SUITE.erl b/test/elixir_SUITE.erl index b9a0b1a2..041d0603 100644 --- a/test/elixir_SUITE.erl +++ b/test/elixir_SUITE.erl @@ -65,7 +65,9 @@ undefined_function(Module, Func, Args) -> error_handler:undefined_function(Module, Func,Args). run_elixir_test(Func) -> - 'Elixir.ExUnit':start([]), + %% Elixir tests can be tagged as follow to be ignored (place before test start) + %% @tag pending: true + 'Elixir.ExUnit':start([{exclude, [{pending, true}]}]), 'Elixir.Code':load_file(list_to_binary(filename:join(test_dir(), atom_to_list(Func)))), %% I did not use map syntax, so that this file can still be build under R16 ResultMap = 'Elixir.ExUnit':run(), -- cgit v1.2.3 From ead83b008c25e2619cbc7cfbf4bde5fb46c4e677 Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Wed, 30 Mar 2016 14:23:09 +0200 Subject: HTTP ReST API now supports 'open' ejabberd commands --- test/ejabberd_commands_test.exs | 4 ++ test/mod_http_api_test.exs | 81 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 85 insertions(+) create mode 100644 test/mod_http_api_test.exs (limited to 'test') diff --git a/test/ejabberd_commands_test.exs b/test/ejabberd_commands_test.exs index 0c06fc2c..db5b82cf 100644 --- a/test/ejabberd_commands_test.exs +++ b/test/ejabberd_commands_test.exs @@ -36,6 +36,10 @@ defmodule EjabberdCommandsTest do assert Enum.member?(commands, {:test_user, [], "Test user"}) end + # TODO Test that we can add command to list of expose commands + # This can be done with: + # ejabberd_config:add_local_option(commands, [[{add_commands, [open_cmd]}]]). + # test "Check that a user can use a user command" do # [Command] = ets:lookup(ejabberd_commands, test_user), # AccessCommands = ejabberd_commands:get_access_commands(undefined), diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs new file mode 100644 index 00000000..11aad068 --- /dev/null +++ b/test/mod_http_api_test.exs @@ -0,0 +1,81 @@ +# ---------------------------------------------------------------------- +# +# ejabberd, Copyright (C) 2002-2016 ProcessOne +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# ---------------------------------------------------------------------- + +defmodule ModHttpApiTest do + @author "mremond@process-one.net" + + use ExUnit.Case, async: true + + require Record + Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl") + Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl") + + setup_all do + :ok = :mnesia.start + :ok = :ejabberd_config.start(["localhost"], []) + + :ok = :ejabberd_commands.init + + :ok = :ejabberd_commands.register_commands(cmds) + on_exit fn -> unregister_commands(cmds) end + end + + test "We can call open commands without authentication" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd]}]]) + request = request(method: :POST, data: "[]") + {200, _, _} = :mod_http_api.process(["open_cmd"], request) + end + + @tag pending: true + test "Call to user, admin, restricted commands without authentication are rejected" do + request = request(method: :POST, data: "[]") + {401, _, _} = :mod_http_api.process(["user_cmd"], request) + end + + # Define a set of test commands that we expose through API + defp cmds do + # TODO Refactor + [ejabberd_commands(name: :open_cmd, tags: [:test], + policy: :open, + module: __MODULE__, + function: :open_cmd_fun, + args: [], + result: {:res, :rescode}), + ejabberd_commands(name: :user_cmd, tags: [:test], + policy: :user, + module: __MODULE__, + function: :user_cmd_fun, + args: [], + result: {:res, :rescode}) + ] + end + + def open_cmd_fun, do: :ok + def user_cmd_fun, do: :ok + + defp unregister_commands(commands) do + try do + :ejabberd_commands.unregister_commands(commands) + catch + _,_ -> :ok + end + end + +end -- cgit v1.2.3 From 36ac1cd6c7a86cd57e14121756efa590f2d8b1b7 Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Wed, 30 Mar 2016 14:49:19 +0200 Subject: Returns unauthorized error when we do not have correct credentials --- test/mod_http_api_test.exs | 1 - 1 file changed, 1 deletion(-) (limited to 'test') diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs index 11aad068..adcb4706 100644 --- a/test/mod_http_api_test.exs +++ b/test/mod_http_api_test.exs @@ -43,7 +43,6 @@ defmodule ModHttpApiTest do {200, _, _} = :mod_http_api.process(["open_cmd"], request) end - @tag pending: true test "Call to user, admin, restricted commands without authentication are rejected" do request = request(method: :POST, data: "[]") {401, _, _} = :mod_http_api.process(["user_cmd"], request) -- cgit v1.2.3 From 809057678b2872062ae052965bcc73dd0413b9b9 Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Wed, 30 Mar 2016 15:59:29 +0200 Subject: Better error report when command is not exposed through API --- test/mod_http_api_test.exs | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs index adcb4706..cc5aed5a 100644 --- a/test/mod_http_api_test.exs +++ b/test/mod_http_api_test.exs @@ -43,7 +43,15 @@ defmodule ModHttpApiTest do {200, _, _} = :mod_http_api.process(["open_cmd"], request) end - test "Call to user, admin, restricted commands without authentication are rejected" do + # This related to the commands config file option + test "Attempting to access a command that is not exposed as HTTP API returns 401" do + :ejabberd_config.add_local_option(:commands, []) + request = request(method: :POST, data: "[]") + {401, _, _} = :mod_http_api.process(["open_cmd"], request) + end + + test "Call to user commands without authentication are rejected" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd]}]]) request = request(method: :POST, data: "[]") {401, _, _} = :mod_http_api.process(["user_cmd"], request) end -- cgit v1.2.3 From 3cfcdbb24548da457c40c1e640b7c7d77aa8fe0c Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Thu, 31 Mar 2016 12:38:53 +0200 Subject: Check that various type of commands are properly rejected without auth --- test/mod_http_api_test.exs | 44 ++++++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 18 deletions(-) (limited to 'test') diff --git a/test/mod_http_api_test.exs b/test/mod_http_api_test.exs index cc5aed5a..2ec33bcb 100644 --- a/test/mod_http_api_test.exs +++ b/test/mod_http_api_test.exs @@ -37,6 +37,13 @@ defmodule ModHttpApiTest do on_exit fn -> unregister_commands(cmds) end end + test "We can expose several commands to API at a time" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd, :user_cmd]}]]) + commands = :ejabberd_commands.get_commands() + assert Enum.member?(commands, :open_cmd) + assert Enum.member?(commands, :user_cmd) + end + test "We can call open commands without authentication" do :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd]}]]) request = request(method: :POST, data: "[]") @@ -50,32 +57,33 @@ defmodule ModHttpApiTest do {401, _, _} = :mod_http_api.process(["open_cmd"], request) end - test "Call to user commands without authentication are rejected" do - :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd]}]]) + test "Call to user, admin or restricted commands without authentication are rejected" do + :ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]]) request = request(method: :POST, data: "[]") {401, _, _} = :mod_http_api.process(["user_cmd"], request) + {401, _, _} = :mod_http_api.process(["admin_cmd"], request) + {401, _, _} = :mod_http_api.process(["restricted_cmd"], request) end # Define a set of test commands that we expose through API + # We define one for each policy type defp cmds do - # TODO Refactor - [ejabberd_commands(name: :open_cmd, tags: [:test], - policy: :open, - module: __MODULE__, - function: :open_cmd_fun, - args: [], - result: {:res, :rescode}), - ejabberd_commands(name: :user_cmd, tags: [:test], - policy: :user, - module: __MODULE__, - function: :user_cmd_fun, - args: [], - result: {:res, :rescode}) - ] + [:open, :user, :admin, :restricted] + |> Enum.map(&({&1, String.to_atom(to_string(&1) <> "_cmd")})) + |> Enum.map(fn({cmd_type, cmd}) -> + ejabberd_commands(name: cmd, tags: [:test], + policy: cmd_type, + module: __MODULE__, + function: cmd, + args: [], + result: {:res, :rescode}) + end) end - def open_cmd_fun, do: :ok - def user_cmd_fun, do: :ok + def open_cmd, do: :ok + def user_cmd, do: :ok + def admin_cmd, do: :ok + def restricted_cmd, do: :ok defp unregister_commands(commands) do try do -- cgit v1.2.3 From d35c5ebde506fcb05dc8971eb68e5db4557d9025 Mon Sep 17 00:00:00 2001 From: Mickael Remond Date: Thu, 31 Mar 2016 13:14:06 +0200 Subject: Test / Document ejabberd_commands checks --- test/ejabberd_commands_test.exs | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'test') diff --git a/test/ejabberd_commands_test.exs b/test/ejabberd_commands_test.exs index db5b82cf..f415fee5 100644 --- a/test/ejabberd_commands_test.exs +++ b/test/ejabberd_commands_test.exs @@ -31,11 +31,19 @@ defmodule EjabberdCommandsTest do end test "Check that we can register a command" do - assert :ejabberd_commands.register_commands([user_test_command]) == :ok + :ok = :ejabberd_commands.register_commands([user_test_command]) commands = :ejabberd_commands.list_commands assert Enum.member?(commands, {:test_user, [], "Test user"}) end + test "Check that admin commands are rejected with noauth credentials" do + :ok = :ejabberd_commands.register_commands([admin_test_command]) + {:error, :account_unprivileged} = :ejabberd_commands.execute_command(:undefined, :noauth, :test_admin, []) + # Command executed from ejabberdctl passes anyway with access commands trick + # TODO: We should refactor to have explicit call when bypassing auth check for command-line + :ok = :ejabberd_commands.execute_command([], :noauth, :test_admin, []) + end + # TODO Test that we can add command to list of expose commands # This can be done with: # ejabberd_config:add_local_option(commands, [[{add_commands, [open_cmd]}]]). @@ -58,4 +66,16 @@ defmodule EjabberdCommandsTest do {:nick, :string} ]}}}}) end + + defp admin_test_command do + ejabberd_commands(name: :test_admin, tags: [:roster], + desc: "Test admin", + policy: :restricted, + module: __MODULE__, + function: :test_admin, + args: [], + result: {:res, :rescode}) + end + + def test_admin, do: :ok end -- cgit v1.2.3