jail2ban/tests/test_flush.py

'''
Test flushing pf tables
'''
from types import SimpleNamespace
from subprocess import CalledProcessError


def test_flush(client, mocker, valid_credentials):
    '''
    Test flushing existing entry
    '''
    def noop():
        pass
    run_res = SimpleNamespace()
    run_res.stdout = b''
    run_res.stderr = b'1/1 addresses deleted.\n'
    run_res.returncode = 0
    run_res.check_returncode = noop

    mocker.patch('jail2ban.pfctl.run', return_value=run_res)

    name = 'sshd'
    response = client.get(f"/flush/{name}",
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.json['operation'] == 'flush'


def test_flush_nonexistent(client, mocker, valid_credentials):
    '''
    Test flushing non existing entry
    '''

    cmd = ['/usr/local/bin/sudo',
           '/sbin/pfctl', '-a', 'some/anchor',
           '-t', 'nonexistent', '-T', 'flush']

    side_effect = CalledProcessError(255, cmd, output=b'',
                                     stderr=b'pfctl: Table does not exist')

    mocker.patch('jail2ban.pfctl.run',
                 side_effect=side_effect)

    name = 'nonexistent'
    response = client.get(f"/flush/{name}",
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert 'error' in response.json


def test_wrong_method(client, mocker, valid_credentials):
    '''
    Test invalid method
    '''

    cmd = ['/usr/local/bin/sudo',
           '/sbin/pfctl', '-a', 'some/anchor',
           '-t', 'nonexistent', '-T', 'flush']

    side_effect = CalledProcessError(255, cmd, output=b'',
                                     stderr=b'pfctl: Table does not exist')

    mocker.patch('jail2ban.pfctl.run',
                 side_effect=side_effect)

    name = 'nonexistent'
    response = client.put(f"/flush/{name}",
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.status_code == 405


def test_filenotfound(app, valid_credentials):
    '''
    Test for when AUTHFILE cannot be found
    '''

    app.config.update({
        "AUTHFILE": '../tests/nonexistent-users-test.txt'
    })

    client = app.test_client()

    name = 'nonexistent'
    response = client.get(f"/flush/{name}",
                          headers={"Authorization":
                                   "Basic " + valid_credentials})

    assert response.status_code == 500