From 1494f1a5e03accf1f0734bdc9a8b1d09373c0a16 Mon Sep 17 00:00:00 2001 From: Ruben van Staveren Date: Thu, 10 Mar 2022 11:22:04 +0100 Subject: [PATCH] First tests! --- .gitlab-ci.yml | 13 +++++++++++++ setup.cfg | 5 +++++ setup.py | 13 +++++++++++++ tests/conftest.py | 28 ++++++++++++++++++++++++++++ tests/test_register.py | 37 +++++++++++++++++++++++++++++++++++++ tests/users-test.txt | 1 + 6 files changed, 97 insertions(+) create mode 100644 .gitlab-ci.yml create mode 100644 setup.cfg create mode 100644 setup.py create mode 100644 tests/conftest.py create mode 100644 tests/test_register.py create mode 100644 tests/users-test.txt diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..7b9d871 --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,13 @@ +run tests: + stage: test + image: python:3.8 + script: + - pip install pytest pytest-cov + - coverage run -m pytest + - coverage report + - coverage xml + artifacts: + reports: + cobertura: coverage.xml + tags: + - docker diff --git a/setup.cfg b/setup.cfg new file mode 100644 index 0000000..07a90fb --- /dev/null +++ b/setup.cfg @@ -0,0 +1,5 @@ +[tool:pytest] +testpaths = tests +[coverage:run] +branch = True +source = jail2ban diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..215ffc0 --- /dev/null +++ b/setup.py @@ -0,0 +1,13 @@ +from setuptools import find_packages, setup + +setup( + name='jail2ban', + version='0.0.1', + packages=find_packages(), + include_package_data=True, + zip_safe=False, + install_requires=[ + 'flask', + 'flask_httpauth', + ], +) diff --git a/tests/conftest.py b/tests/conftest.py new file mode 100644 index 0000000..2ebdf68 --- /dev/null +++ b/tests/conftest.py @@ -0,0 +1,28 @@ +import pytest +from jail2ban import create_app + + +@pytest.fixture() +def app(): + app = create_app() + app.config.update({ + "TESTING": True, + "SECRET_KEY": 'Testing', + "AUTHFILE": 'tests/users-test.txt' + }) + + # other setup can go here + + yield app + + # clean up / reset resources here + + +@pytest.fixture() +def client(app): + return app.test_client() + + +@pytest.fixture() +def runner(app): + return app.test_cli_runner() diff --git a/tests/test_register.py b/tests/test_register.py new file mode 100644 index 0000000..b061ad6 --- /dev/null +++ b/tests/test_register.py @@ -0,0 +1,37 @@ +import base64 +from types import SimpleNamespace + +pfctl_stdout_lines = b''' +block drop quick proto tcp from to any port = submission +block drop quick proto tcp from to any port = smtps +block drop quick proto tcp from to any port = smtp +block drop quick proto tcp from to any port = ssh +block drop quick proto tcp from to any +''' + + +def test_request_unauth(client): + json_payload = {"port": "any port {pop3,pop3s,imap,imaps,submission,465,sieve}", "name": "dovecot", "protocol": "tcp"} + response = client.put("/register", json=json_payload) + + assert response.json['error'] == 'Access Denied' + + +def test_request_example(client, mocker): + def noop(): + pass + run_res = SimpleNamespace() + run_res.stdout = pfctl_stdout_lines + run_res.check_returncode = noop + + mocker.patch('jail2ban.pfctl.run', return_value=run_res) + + + valid_credentials = base64.b64encode(b"test.example.com:testpassword").decode("utf-8") + json_payload = {"port": "any port {pop3,pop3s,imap,imaps,submission,465,sieve}", "name": "dovecot", "protocol": "tcp"} + response = client.put("/register", + json=json_payload, + headers={"Authorization": "Basic " + valid_credentials}) + + + assert response.json['remote_user'] == 'test.example.com' diff --git a/tests/users-test.txt b/tests/users-test.txt new file mode 100644 index 0000000..f2b3457 --- /dev/null +++ b/tests/users-test.txt @@ -0,0 +1 @@ +test.example.com:pbkdf2:sha256:260000$FttDzpIIvalJKmxV$a4d19e0b11fce6996f69cc5b03495533da8f9bd1275268827bddc53e9a78c881