diff --git a/conftest.py b/conftest.py index 6a61dbf..1332eda 100644 --- a/conftest.py +++ b/conftest.py @@ -4,15 +4,21 @@ configuration for the tests import pytest +from django.conf import settings + # this is to create a Domain entries in the database, so they can be used for unit tests: BASEDOMAIN = "nsupdate.info" TEST_HOST = 'test.' + BASEDOMAIN # unit tests can update this host ONLY +TEST_SECRET = "secret" NAMESERVER_IP = "85.10.192.104" NAMESERVER_UPDATE_ALGORITHM = "HMAC_SHA512" # no problem, you can ONLY update the TEST_HOST with this key, nothing else: NAMESERVER_UPDATE_KEY = "YWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYWFhYQ==" NAMESERVER_PUBLIC = True +USERNAME = 'test' +PASSWORD = 'pass' + from django.utils.translation import activate @@ -22,7 +28,11 @@ def db_init(db): # note: db is a predefined fixture and required here to have t """ Init the database contents for testing, so we have a service domain, ... """ - from nsupdate.main.models import Domain + from django.contrib.auth.models import User + from nsupdate.main.models import Host, Domain + # create a fresh test user + u = User.objects.create_user(USERNAME, settings.DEFAULT_FROM_EMAIL, PASSWORD) + u.save() # this is for updating: Domain.objects.create( domain=TEST_HOST, # special: single-host update secret! @@ -32,13 +42,16 @@ def db_init(db): # note: db is a predefined fixture and required here to have t public=NAMESERVER_PUBLIC, ) # this is for querying: - Domain.objects.create( + d = Domain.objects.create( domain=BASEDOMAIN, nameserver_ip=NAMESERVER_IP, nameserver_update_algorithm=NAMESERVER_UPDATE_ALGORITHM, nameserver_update_key='invalid=', # we don't send updates there (and the real key is really secret) public=NAMESERVER_PUBLIC, ) + # a Host for api / session update tests + h = Host(subdomain='test', domain=d, created_by=u) + h.generate_secret(secret=TEST_SECRET) def pytest_runtest_setup(item): diff --git a/nsupdate/api/_tests/test_api.py b/nsupdate/api/_tests/test_api.py index 5160c6f..499af3c 100644 --- a/nsupdate/api/_tests/test_api.py +++ b/nsupdate/api/_tests/test_api.py @@ -7,6 +7,10 @@ import pytest from django.core.urlresolvers import reverse +TEST_HOST = "test.nsupdate.info" +TEST_SECRET = "secret" + + def test_myip(client): response = client.get(reverse('myip')) assert response.status_code == 200 @@ -18,6 +22,19 @@ def test_nic_update(client): assert response.status_code == 401 +def make_basic_auth_header(username, password): + import base64 + return "Basic " + base64.b64encode("%s:%s" % (username, password)) + + +def test_nic_update_authorized(client): + response = client.get(reverse('nic_update'), + HTTP_AUTHORIZATION=make_basic_auth_header(TEST_HOST, TEST_SECRET)) + assert response.status_code == 200 + # we don't care whether it is nochg or good, but should be one of them: + assert response.content.startswith('good ') or response.content.startswith('nochg ') + + def test_nic_update_session(client): response = client.get(reverse('nic_update_authorized')) assert response.status_code == 302 # redirects to login view @@ -31,4 +48,3 @@ def test_detect_ip(client): def test_ajax_get_ips(client): response = client.get(reverse('ajax_get_ips')) assert response.status_code == 200 - diff --git a/nsupdate/main/models.py b/nsupdate/main/models.py index 67465e8..bdbbb9b 100644 --- a/nsupdate/main/models.py +++ b/nsupdate/main/models.py @@ -165,12 +165,13 @@ class Host(models.Model): self.ssl_update_ipv6 = ssl self.save() - def generate_secret(self): + def generate_secret(self, secret=None): # note: we use a quick hasher for the update_secret as expensive # more modern hashes might put too much load on the servers. also # many update clients might use http without ssl, so it is not too # secure anyway. - secret = User.objects.make_random_password() + if secret is None: + secret = User.objects.make_random_password() self.update_secret = make_password( secret, hasher='sha1'