flo/nsupdate.info
1
0
Fork 0
Code Issues 1 Pull Requests 2 Packages Releases Activity

a real nic update api test, using basic auth

Browse Source 
generate_secret was modified to support giving a secret (not generating a random one), so it matches the test database

add a User and a Host to the test db
This commit is contained in:
Thomas Waldmann 2013-11-16 01:25:05 +01:00
parent b1ef5ed6b4
commit d6b5041573
3 changed files with 35 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
conftest.py
View File

@ -4,15 +4,21 @@ configuration for the tests
import pytest
from django.conf import settings
# this is to create a Domain entries in the database, so they can be used for unit tests:
BASEDOMAIN = "nsupdate.info"
TEST_HOST = 'test.' + BASEDOMAIN # unit tests can update this host ONLY
TEST_SECRET = "secret"
NAMESERVER_IP = "85.10.192.104"
NAMESERVER_UPDATE_ALGORITHM = "HMAC_SHA512"
# no problem, you can ONLY update the TEST_HOST with this key, nothing else:
NAMESERVER_UPDATE_KEY = "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYQ=="
NAMESERVER_PUBLIC = True
USERNAME = 'test'
PASSWORD = 'pass'
from django.utils.translation import activate
@ -22,7 +28,11 @@ def db_init(db): # note: db is a predefined fixture and required here to have t
"""
Init the database contents for testing, so we have a service domain, ...
"""
from nsupdate.main.models import Domain
from django.contrib.auth.models import User
from nsupdate.main.models import Host, Domain
# create a fresh test user
u = User.objects.create_user(USERNAME, settings.DEFAULT_FROM_EMAIL, PASSWORD)
u.save()
# this is for updating:
Domain.objects.create(
domain=TEST_HOST, # special: single-host update secret!
@ -32,13 +42,16 @@ def db_init(db): # note: db is a predefined fixture and required here to have t
public=NAMESERVER_PUBLIC,
)
# this is for querying:
Domain.objects.create(
d = Domain.objects.create(
domain=BASEDOMAIN,
nameserver_ip=NAMESERVER_IP,
nameserver_update_algorithm=NAMESERVER_UPDATE_ALGORITHM,
nameserver_update_key='invalid=', # we don't send updates there (and the real key is really secret)
public=NAMESERVER_PUBLIC,
)
# a Host for api / session update tests
h = Host(subdomain='test', domain=d, created_by=u)
h.generate_secret(secret=TEST_SECRET)
def pytest_runtest_setup(item):

18
nsupdate/api/_tests/test_api.py
View File

@ -7,6 +7,10 @@ import pytest
from django.core.urlresolvers import reverse
TEST_HOST = "test.nsupdate.info"
TEST_SECRET = "secret"
def test_myip(client):
response = client.get(reverse('myip'))
assert response.status_code == 200
@ -18,6 +22,19 @@ def test_nic_update(client):
assert response.status_code == 401
def make_basic_auth_header(username, password):
import base64
return "Basic " + base64.b64encode("%s:%s" % (username, password))
def test_nic_update_authorized(client):
response = client.get(reverse('nic_update'),
HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET))
assert response.status_code == 200
# we don't care whether it is nochg or good, but should be one of them:
assert response.content.startswith('good ') or response.content.startswith('nochg ')
def test_nic_update_session(client):
response = client.get(reverse('nic_update_authorized'))
assert response.status_code == 302 # redirects to login view
@ -31,4 +48,3 @@ def test_detect_ip(client):
def test_ajax_get_ips(client):
response = client.get(reverse('ajax_get_ips'))
assert response.status_code == 200

5
nsupdate/main/models.py
View File

@ -165,12 +165,13 @@ class Host(models.Model):
self.ssl_update_ipv6 = ssl
self.save()
def generate_secret(self):
def generate_secret(self, secret=None):
# note: we use a quick hasher for the update_secret as expensive
# more modern hashes might put too much load on the servers. also
# many update clients might use http without ssl, so it is not too
# secure anyway.
secret = User.objects.make_random_password()
if secret is None:
secret = User.objects.make_random_password()
self.update_secret = make_password(
secret,
hasher='sha1'