# ----------------------------------------------------------------------
#
# ejabberd, Copyright (C) 2002-2017 ProcessOne
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# ----------------------------------------------------------------------
defmodule ModHttpApiTest do
@author "mremond@process-one.net"
use ExUnit.Case, async: true
require Record
Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl")
Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl")
setup_all do
:ok = :mnesia.start
:ejabberd_mnesia.start
:stringprep.start
:ejabberd_hooks.start_link
:ok = :ejabberd_config.start(["localhost"], [])
:acl.start_link
{:ok, _} = :ejabberd_access_permissions.start_link()
{:ok, _} = :ejabberd_commands.start_link
:ok = :ejabberd_commands.register_commands(cmds)
on_exit fn ->
:meck.unload
unregister_commands(cmds) end
end
test "We can expose several commands to API at a time" do
setup_mocks()
assert :ok == :ejabberd_commands.expose_commands([:open_cmd, :user_cmd])
commands = :ejabberd_commands.get_exposed_commands()
assert Enum.member?(commands, :open_cmd)
assert Enum.member?(commands, :user_cmd)
end
# test "We can call open commands without authentication" do
# setup_mocks()
# :ejabberd_commands.expose_commands([:open_cmd])
# request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
# {200, _, _} = :mod_http_api.process(["open_cmd"], request)
# end
# This related to the commands config file option
test "Attempting to access a command that is not exposed as HTTP API returns 403" do
setup_mocks()
assert :ok == :ejabberd_commands.expose_commands([])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{403, _, _} = :mod_http_api.process(["open_cmd"], request)
end
test "Call to user, admin or restricted commands without authentication are rejected" do
setup_mocks()
assert :ok == :ejabberd_commands.expose_commands([:user_cmd, :admin_cmd, :restricted])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{403, _, _} = :mod_http_api.process(["user_cmd"], request)
{403, _, _} = :mod_http_api.process(["admin_cmd"], request)
{403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
end
@tag pending: true
test "If admin_ip_access is enabled, we can call restricted API without authentication from that IP" do
setup_mocks()
end
# Define a set of test commands that we expose through API
# We define one for each policy type
defp cmds do
[:open, :user, :admin, :restricted]
|> Enum.map(&({&1, String.to_atom(to_string(&1) <> "_cmd")}))
|> Enum.map(fn({cmd_type, cmd}) ->
ejabberd_commands(name: cmd, tags: [:test],
policy: cmd_type,
module: __MODULE__,
function: cmd,
args: [],
result: {:res, :rescode})
end)
end
def open_cmd, do: :ok
def user_cmd(_, _), do: :ok
def admin_cmd, do: :ok
def restricted_cmd, do: :ok
defp setup_mocks() do
:meck.unload
mock(:gen_mod, :get_module_opt,
fn (_server, :mod_http_api, _admin_ip_access, _, _) ->
[{:allow, [{:ip, {{127,0,0,2}, 32}}]}]
end)
end
defp mock(module, function, fun) do
try do
:meck.new(module)
catch
:error, {:already_started, _pid} -> :ok
end
:meck.expect(module, function, fun)
end
defp unregister_commands(commands) do
try do
:ejabberd_commands.unregister_commands(commands)
catch
_,_ -> :ok
end
end
end