jail2ban/tests/test_ban.py

'''
Test banning
'''
from types import SimpleNamespace


def test_ban_ipv6(client, mocker, valid_credentials):
    '''
    Test ban an IPv6 address
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses added.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    json_payload = {"name": "sshd", "ip": "2001:db8::abad:cafe"}
    response = client.put("/ban",
                          json=json_payload,
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.json['operation'] == 'add'


def test_ban_ipv4(client, mocker, valid_credentials):
    '''
    Test ban an IPv4 address
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses added.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    json_payload = {"name": "sshd", "ip": "192.0.2.42"}
    response = client.put("/ban",
                          json=json_payload,
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.json['operation'] == 'add'


def test_ban_invalid(client, mocker, valid_credentials):
    '''
    Test ban an invalid address
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses added.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    json_payload = {"name": "sshd", "ip": "not:an::addr:ess"}
    response = client.put("/ban",
                          json=json_payload,
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.json['error'] == "'not:an::addr:ess' does not " \
                                     "appear to be an IPv4 or IPv6 address"


def test_unban_ipv6(client, mocker, valid_credentials):
    '''
    Test unbanning an IPv6 address
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses deleted.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    json_payload = {"name": "sshd", "ip": "2001:db8::abad:cafe"}
    response = client.delete("/ban",
                             json=json_payload,
                             headers={"Authorization":
                                      "Basic " + valid_credentials})

    assert response.json['operation'] == 'delete'


def test_unban_ipv4(client, mocker, valid_credentials):
    '''
    Test unbanning an IPv4 address
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses deleted.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    json_payload = {"name": "sshd", "ip": "192.0.2.42"}
    response = client.delete("/ban",
                             json=json_payload,
                             headers={"Authorization":
                                      "Basic " + valid_credentials})

    assert response.json['operation'] == 'delete'