aboutsummaryrefslogblamecommitdiff
path: root/test/mod_http_api_test.exs
blob: 29405a3ec57b23fa558b7013c10f21ebdb0c002a (plain) (tree)
1
2
3
                                                                        
                                                


























                                                                                                                             
                          
                     
                              
                                                   
                   
                                                        
                                            
                                                    

                                   
     
                                                           
                 
                                                                            
                                                        


                                            




                                                                          
 
                                                   
                                                                                      
                 
                                                        
                                                                         
                                                              
     
                                                                                          
                 
                                                                                          
                                                                         

                                                                    
     
                                                                                                         
                 
     
                                                            
                                      
              








                                                                 
     
                       
                             
                             
 

                                   
                                                             











                                              







                                                      
# ----------------------------------------------------------------------
#
# ejabberd, Copyright (C) 2002-2017   ProcessOne
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# ----------------------------------------------------------------------

defmodule ModHttpApiTest do
  @author "mremond@process-one.net"

  use ExUnit.Case, async: true

  require Record
  Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl")
  Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl")

  setup_all do
    :ok = :mnesia.start
    :ejabberd_mnesia.start
    :stringprep.start
    :ejabberd_hooks.start_link
    :ok = :ejabberd_config.start(["localhost"], [])
    :acl.start_link
    {:ok, _} = :ejabberd_access_permissions.start_link()
    {:ok, _} = :ejabberd_commands.start_link
    :ok = :ejabberd_commands.register_commands(cmds)
    on_exit fn ->
      :meck.unload
      unregister_commands(cmds) end
  end

  test "We can expose several commands to API at a time" do
    setup_mocks()
    assert :ok == :ejabberd_commands.expose_commands([:open_cmd, :user_cmd])
    commands = :ejabberd_commands.get_exposed_commands()
    assert Enum.member?(commands, :open_cmd)
    assert Enum.member?(commands, :user_cmd)
  end

#  test "We can call open commands without authentication" do
#    setup_mocks()
#    :ejabberd_commands.expose_commands([:open_cmd])
#    request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
#    {200, _, _} = :mod_http_api.process(["open_cmd"], request)
#  end

  # This related to the commands config file option
  test "Attempting to access a command that is not exposed as HTTP API returns 403" do
    setup_mocks()
    assert :ok == :ejabberd_commands.expose_commands([])
    request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
    {403, _, _} = :mod_http_api.process(["open_cmd"], request)
  end

  test "Call to user, admin or restricted commands without authentication are rejected" do
    setup_mocks()
    assert :ok == :ejabberd_commands.expose_commands([:user_cmd, :admin_cmd, :restricted])
    request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
    {403, _, _} = :mod_http_api.process(["user_cmd"], request)
    {403, _, _} = :mod_http_api.process(["admin_cmd"], request)
    {403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
  end

  @tag pending: true
  test "If admin_ip_access is enabled, we can call restricted API without authentication from that IP" do
    setup_mocks()
  end

  # Define a set of test commands that we expose through API
  # We define one for each policy type
  defp cmds do
    [:open, :user, :admin, :restricted]
    |> Enum.map(&({&1, String.to_atom(to_string(&1) <> "_cmd")}))
    |> Enum.map(fn({cmd_type, cmd}) ->
      ejabberd_commands(name: cmd, tags: [:test],
                        policy: cmd_type,
                        module: __MODULE__,
                        function: cmd,
                        args: [],
                        result: {:res, :rescode})
    end)
  end

  def open_cmd, do: :ok
  def user_cmd(_, _), do: :ok
  def admin_cmd, do: :ok
  def restricted_cmd, do: :ok

  defp setup_mocks() do
    :meck.unload
    mock(:gen_mod, :get_module_opt,
      fn (_server, :mod_http_api, _admin_ip_access, _, _)  ->
        [{:allow, [{:ip, {{127,0,0,2}, 32}}]}]
      end)
  end

  defp mock(module, function, fun) do
    try do
      :meck.new(module)
    catch
      :error, {:already_started, _pid} -> :ok
    end
    :meck.expect(module, function, fun)
  end

  defp unregister_commands(commands) do
    try do
      :ejabberd_commands.unregister_commands(commands)
    catch
      _,_ -> :ok
    end
  end

end