1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# ----------------------------------------------------------------------
#
# ejabberd, Copyright (C) 2002-2016 ProcessOne
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# ----------------------------------------------------------------------
defmodule ModHttpApiTest do
@author "mremond@process-one.net"
use ExUnit.Case, async: true
require Record
Record.defrecord :request, Record.extract(:request, from_lib: "ejabberd/include/ejabberd_http.hrl")
Record.defrecord :ejabberd_commands, Record.extract(:ejabberd_commands, from_lib: "ejabberd/include/ejabberd_commands.hrl")
setup_all do
:ok = :mnesia.start
:stringprep.start
:ok = :ejabberd_config.start(["localhost"], [])
:ok = :ejabberd_commands.init
:ok = :ejabberd_commands.register_commands(cmds)
on_exit fn -> unregister_commands(cmds) end
end
test "We can expose several commands to API at a time" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd, :user_cmd]}]])
commands = :ejabberd_commands.get_commands()
assert Enum.member?(commands, :open_cmd)
assert Enum.member?(commands, :user_cmd)
end
test "We can call open commands without authentication" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:open_cmd]}]])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{200, _, _} = :mod_http_api.process(["open_cmd"], request)
end
# This related to the commands config file option
test "Attempting to access a command that is not exposed as HTTP API returns 403" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{403, _, _} = :mod_http_api.process(["open_cmd"], request)
end
test "Call to user, admin or restricted commands without authentication are rejected" do
setup_mocks()
:ejabberd_config.add_local_option(:commands, [[{:add_commands, [:user_cmd, :admin_cmd, :restricted]}]])
request = request(method: :POST, ip: {{127,0,0,1},50000}, data: "[]")
{403, _, _} = :mod_http_api.process(["user_cmd"], request)
{403, _, _} = :mod_http_api.process(["admin_cmd"], request)
{403, _, _} = :mod_http_api.process(["restricted_cmd"], request)
end
@tag pending: true
test "If admin_ip_access is enabled, we can call restricted API without authentication from that IP" do
setup_mocks()
end
# Define a set of test commands that we expose through API
# We define one for each policy type
defp cmds do
[:open, :user, :admin, :restricted]
|> Enum.map(&({&1, String.to_atom(to_string(&1) <> "_cmd")}))
|> Enum.map(fn({cmd_type, cmd}) ->
ejabberd_commands(name: cmd, tags: [:test],
policy: cmd_type,
module: __MODULE__,
function: cmd,
args: [],
result: {:res, :rescode})
end)
end
def open_cmd, do: :ok
def user_cmd(_, _), do: :ok
def admin_cmd, do: :ok
def restricted_cmd, do: :ok
defp setup_mocks() do
:meck.unload
mock(:gen_mod, :get_module_opt,
fn (_server, :mod_http_api, admin_ip_access, _, _) ->
[{:allow, [{:ip, {{127,0,0,2}, 32}}]}]
end)
end
defp mock(module, function, fun) do
try do
:meck.new(module)
catch
:error, {:already_started, _pid} -> :ok
end
:meck.expect(module, function, fun)
end
defp unregister_commands(commands) do
try do
:ejabberd_commands.unregister_commands(commands)
catch
_,_ -> :ok
end
end
end
|
