Changeset - 95a33e5d0596
Parent rev.
Child rev.
[Not reviewed]
default
0 1 0
Mads Kiilerich - 10 years ago 2016-03-02 17:03:23
madski@unity3d.com
tests: clarify user IP range test dependency on beaker caching of user objects

Requests with invalid request address would pass after configuring user IP
ranges because the IP range would not be validated as long as the user object
was found in the beaker cache.

Instead, wait until the beaker cache has expired and verify the user cannot log
in without a valid IP. Then provide a valid IP for later requests until the IP
range is removed again.

Based on original patch and research by Dominik Ruf.
1 file changed with 14 insertions and 2 deletions:
kallithea/tests/functional/test_admin_permissions.py
14
2
0 comments (0 inline, 0 general)
kallithea/tests/functional/test_admin_permissions.py
Show inline comments
 
import time
 

			




	
	
	
		
 
from kallithea.model.db import User, UserIpMap

			




	
	
	
		
 
from kallithea.tests import *

			




	
	
	
		
 

			




	
	
		
 
@@ -21,7 +23,13 @@ class TestAdminPermissionsController(Tes

			




	
	
	
		
 
                                 params=dict(new_ip='127.0.0.0/24',

			




	
	
	
		
 
                                 _authentication_token=self.authentication_token()))

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.get(url('admin_permissions_ips'))

			




	
	
	
		
 
        # sleep more than beaker.cache.sql_cache_short.expire to expire user cache

			




	
	
	
		
 
        time.sleep(1.5)

			




	
	
	
		
 
        self.app.get(url('admin_permissions_ips'), status=302)

			




	
	
	
		
 

			




	
	
	
		
 
        # REMOTE_ADDR must match 127.0.0.0/24

			




	
	
	
		
 
        response = self.app.get(url('admin_permissions_ips'),

			




	
	
	
		
 
                                extra_environ={'REMOTE_ADDR': '127.0.0.1'})

			




	
	
	
		
 
        response.mustcontain('127.0.0.0/24')

			




	
	
	
		
 
        response.mustcontain('127.0.0.0 - 127.0.0.255')

			




	
	
	
		
 

			




	
	
		
 
@@ -33,7 +41,11 @@ class TestAdminPermissionsController(Tes

			




	
	
	
		
 
        response = self.app.post(url('edit_user_ips', id=default_user_id),

			




	
	
	
		
 
                                 params=dict(_method='delete',

			




	
	
	
		
 
                                             del_ip_id=del_ip_id,

			




	
	
	
		
 
                                             _authentication_token=self.authentication_token()))

			




	
	
	
		
 
                                             _authentication_token=self.authentication_token()),

			




	
	
	
		
 
                                 extra_environ={'REMOTE_ADDR': '127.0.0.1'})

			




	
	
	
		
 

			




	
	
	
		
 
        # sleep more than beaker.cache.sql_cache_short.expire to expire user cache

			




	
	
	
		
 
        time.sleep(1.5)

			




	
	
	
		
 

			




	
	
	
		
 
        response = self.app.get(url('admin_permissions_ips'))

			




	
	
	
		
 
        response.mustcontain('All IP addresses are allowed')

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.