From 620247a015f6cd894a119bb5173a3da7e5913064 Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Tue, 12 May 2020 17:12:27 +0100 Subject: Add database configuration whitelist --- test/web/admin_api/admin_api_controller_test.exs | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'test/web/admin_api/admin_api_controller_test.exs') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 4697af50e..31e73d6a5 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2943,6 +2943,30 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do ] } end + + test "doesn't set keys not in the whitelist", %{conn: conn} do + clear_config(:database_config_whitelist, [ + {:pleroma, :key1}, + {:pleroma, :key2}, + {:pleroma, Pleroma.Captcha.NotReal} + ]) + + post(conn, "/api/pleroma/admin/config", %{ + configs: [ + %{group: ":pleroma", key: ":key1", value: "value1"}, + %{group: ":pleroma", key: ":key2", value: "value2"}, + %{group: ":pleroma", key: ":key3", value: "value3"}, + %{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"}, + %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"} + ] + }) + + assert Application.get_env(:pleroma, :key1) == "value1" + assert Application.get_env(:pleroma, :key2) == "value2" + assert Application.get_env(:pleroma, :key3) == nil + assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil + assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5" + end end describe "GET /api/pleroma/admin/restart" do -- cgit v1.2.3 From a2fcfc78c9dcf33081db47292d96ffa7c7709abb Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Tue, 12 May 2020 21:07:33 +0100 Subject: Filter config descriptions by config whitelist --- test/web/admin_api/admin_api_controller_test.exs | 51 +++++++++++++++++++----- 1 file changed, 41 insertions(+), 10 deletions(-) (limited to 'test/web/admin_api/admin_api_controller_test.exs') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 31e73d6a5..7d42a400c 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -3604,19 +3604,50 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do end end - test "GET /api/pleroma/admin/config/descriptions", %{conn: conn} do - admin = insert(:user, is_admin: true) + describe "GET /api/pleroma/admin/config/descriptions" do + test "structure", %{conn: conn} do + admin = insert(:user, is_admin: true) - conn = - assign(conn, :user, admin) - |> get("/api/pleroma/admin/config/descriptions") + conn = + assign(conn, :user, admin) + |> get("/api/pleroma/admin/config/descriptions") + + assert [child | _others] = json_response(conn, 200) - assert [child | _others] = json_response(conn, 200) + assert child["children"] + assert child["key"] + assert String.starts_with?(child["group"], ":") + assert child["description"] + end - assert child["children"] - assert child["key"] - assert String.starts_with?(child["group"], ":") - assert child["description"] + test "filters by database configuration whitelist", %{conn: conn} do + clear_config(:database_config_whitelist, [ + {:pleroma, :instance}, + {:pleroma, :activitypub}, + {:pleroma, Pleroma.Upload} + ]) + + admin = insert(:user, is_admin: true) + + conn = + assign(conn, :user, admin) + |> get("/api/pleroma/admin/config/descriptions") + + children = json_response(conn, 200) + + assert length(children) == 3 + + assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end) + + instance = Enum.find(children, fn c -> c["key"] == ":instance" end) + assert instance["children"] + + activitypub = Enum.find(children, fn c -> c["key"] == ":activitypub" end) + assert activitypub["children"] + + web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end) + assert web_endpoint["children"] + end end describe "/api/pleroma/admin/stats" do -- cgit v1.2.3 From 712055612f2696b2677f830be154e18f2396223d Mon Sep 17 00:00:00 2001 From: Alexander Strizhakov Date: Mon, 11 May 2020 15:07:05 +0300 Subject: don't run tests which change env in async --- test/web/admin_api/admin_api_controller_test.exs | 51 +++++++++++------------- 1 file changed, 24 insertions(+), 27 deletions(-) (limited to 'test/web/admin_api/admin_api_controller_test.exs') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 4697af50e..94c59de9c 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2862,26 +2862,25 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do group: ":pleroma", key: ":http", value: [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} + %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]} ] } ] }) - assert json_response(conn, 200) == %{ + assert %{ "configs" => [ %{ "group" => ":pleroma", "key" => ":http", - "value" => [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} - ], - "db" => [":proxy_url", ":send_user_agent"] + "value" => value, + "db" => db } ] - } + } = json_response(conn, 200) + + assert %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "localhost", 1234]}]} in value + assert ":proxy_url" in db end test "proxy tuple domain", %{conn: conn} do @@ -2892,26 +2891,25 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do group: ":pleroma", key: ":http", value: [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} + %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]} ] } ] }) - assert json_response(conn, 200) == %{ + assert %{ "configs" => [ %{ "group" => ":pleroma", "key" => ":http", - "value" => [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} - ], - "db" => [":proxy_url", ":send_user_agent"] + "value" => value, + "db" => db } ] - } + } = json_response(conn, 200) + + assert %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "domain.com", 1234]}]} in value + assert ":proxy_url" in db end test "proxy tuple ip", %{conn: conn} do @@ -2922,26 +2920,25 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do group: ":pleroma", key: ":http", value: [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} + %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]} ] } ] }) - assert json_response(conn, 200) == %{ + assert %{ "configs" => [ %{ "group" => ":pleroma", "key" => ":http", - "value" => [ - %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]}, - %{"tuple" => [":send_user_agent", false]} - ], - "db" => [":proxy_url", ":send_user_agent"] + "value" => value, + "db" => db } ] - } + } = json_response(conn, 200) + + assert %{"tuple" => [":proxy_url", %{"tuple" => [":socks5", "127.0.0.1", 1234]}]} in value + assert ":proxy_url" in db end end -- cgit v1.2.3 From 20cbfb5cb5515044de03cc48e8464ec45ad0ca50 Mon Sep 17 00:00:00 2001 From: Stephanie Wilde-Hobbs Date: Thu, 14 May 2020 12:34:46 +0100 Subject: Allow whitelisting whole groups --- test/web/admin_api/admin_api_controller_test.exs | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'test/web/admin_api/admin_api_controller_test.exs') diff --git a/test/web/admin_api/admin_api_controller_test.exs b/test/web/admin_api/admin_api_controller_test.exs index 7d42a400c..e573220ba 100644 --- a/test/web/admin_api/admin_api_controller_test.exs +++ b/test/web/admin_api/admin_api_controller_test.exs @@ -2948,7 +2948,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do clear_config(:database_config_whitelist, [ {:pleroma, :key1}, {:pleroma, :key2}, - {:pleroma, Pleroma.Captcha.NotReal} + {:pleroma, Pleroma.Captcha.NotReal}, + {:not_real} ]) post(conn, "/api/pleroma/admin/config", %{ @@ -2957,7 +2958,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do %{group: ":pleroma", key: ":key2", value: "value2"}, %{group: ":pleroma", key: ":key3", value: "value3"}, %{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"}, - %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"} + %{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"}, + %{group: ":not_real", key: ":anything", value: "value6"} ] }) @@ -2966,6 +2968,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do assert Application.get_env(:pleroma, :key3) == nil assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5" + assert Application.get_env(:not_real, :anything) == "value6" end end @@ -3624,7 +3627,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do clear_config(:database_config_whitelist, [ {:pleroma, :instance}, {:pleroma, :activitypub}, - {:pleroma, Pleroma.Upload} + {:pleroma, Pleroma.Upload}, + {:esshd} ]) admin = insert(:user, is_admin: true) @@ -3635,9 +3639,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do children = json_response(conn, 200) - assert length(children) == 3 + assert length(children) == 4 - assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end) + assert Enum.count(children, fn c -> c["group"] == ":pleroma" end) == 3 instance = Enum.find(children, fn c -> c["key"] == ":instance" end) assert instance["children"] @@ -3647,6 +3651,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end) assert web_endpoint["children"] + + esshd = Enum.find(children, fn c -> c["group"] == ":esshd" end) + assert esshd["children"] end end -- cgit v1.2.3