2021-08-20 15:18:29 +02:00
package server
import (
2022-11-07 17:37:28 +01:00
"fmt"
nbdns "github.com/netbirdio/netbird/dns"
2022-11-07 12:10:56 +01:00
"github.com/netbirdio/netbird/route"
2022-05-05 08:58:34 +02:00
"net"
2022-11-07 17:37:28 +01:00
"reflect"
2022-06-04 22:02:22 +02:00
"sync"
2022-05-05 08:58:34 +02:00
"testing"
2022-03-26 12:08:54 +01:00
"github.com/netbirdio/netbird/management/server/jwtclaims"
2022-05-05 08:58:34 +02:00
"github.com/stretchr/testify/assert"
2022-03-01 15:22:18 +01:00
"github.com/stretchr/testify/require"
2021-08-20 15:44:18 +02:00
"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
2021-08-20 15:18:29 +02:00
)
2022-06-09 13:14:34 +02:00
func verifyCanAddPeerToAccount ( t * testing . T , manager AccountManager , account * Account , userID string ) {
peer := & Peer {
Key : "BhRPtynAAYRDy08+q4HTMsos8fs4plTP4NOSh7C1ry8=" ,
Name : "test-host@netbird.io" ,
Meta : PeerSystemMeta {
Hostname : "test-host@netbird.io" ,
GoOS : "linux" ,
Kernel : "Linux" ,
Core : "21.04" ,
Platform : "x86_64" ,
OS : "Ubuntu" ,
WtVersion : "development" ,
UIVersion : "development" ,
} ,
}
var setupKey string
for _ , key := range account . SetupKeys {
setupKey = key . Key
}
_ , err := manager . AddPeer ( setupKey , userID , peer )
if err != nil {
t . Error ( "expected to add new peer successfully after creating new account, but failed" , err )
}
}
func verifyNewAccountHasDefaultFields ( t * testing . T , account * Account , createdBy string , domain string , expectedUsers [ ] string ) {
if len ( account . Peers ) != 0 {
t . Errorf ( "expected account to have len(Peers) = %v, got %v" , 0 , len ( account . Peers ) )
}
if len ( account . SetupKeys ) != 2 {
t . Errorf ( "expected account to have len(SetupKeys) = %v, got %v" , 2 , len ( account . SetupKeys ) )
}
ipNet := net . IPNet { IP : net . ParseIP ( "100.64.0.0" ) , Mask : net . IPMask { 255 , 192 , 0 , 0 } }
if ! ipNet . Contains ( account . Network . Net . IP ) {
t . Errorf ( "expected account's Network to be a subnet of %v, got %v" , ipNet . String ( ) , account . Network . Net . String ( ) )
}
g , err := account . GetGroupAll ( )
if err != nil {
t . Fatal ( err )
}
if g . Name != "All" {
t . Errorf ( "expecting account to have group ALL added by default" )
}
if len ( account . Users ) != len ( expectedUsers ) {
t . Errorf ( "expecting account to have %d users, got %d" , len ( expectedUsers ) , len ( account . Users ) )
}
if account . Users [ createdBy ] == nil {
t . Errorf ( "expecting account to have createdBy user %s in a user map " , createdBy )
}
for _ , expectedUserID := range expectedUsers {
if account . Users [ expectedUserID ] == nil {
t . Errorf ( "expecting account to have a user %s in a user map" , expectedUserID )
}
}
if account . CreatedBy != createdBy {
t . Errorf ( "expecting newly created account to be created by user %s, got %s" , createdBy , account . CreatedBy )
}
if account . Domain != domain {
t . Errorf ( "expecting newly created account to have domain %s, got %s" , domain , account . Domain )
}
if len ( account . Rules ) != 1 {
t . Errorf ( "expecting newly created account to have 1 rule, got %d" , len ( account . Rules ) )
}
for _ , rule := range account . Rules {
if rule . Name != "Default" {
t . Errorf ( "expecting newly created account to have Default rule, got %s" , rule . Name )
}
}
}
func TestNewAccount ( t * testing . T ) {
domain := "netbird.io"
userId := "account_creator"
2022-06-20 18:20:43 +02:00
accountID := "account_id"
account := newAccountWithId ( accountID , userId , domain )
2022-06-09 13:14:34 +02:00
verifyNewAccountHasDefaultFields ( t , account , userId , domain , [ ] string { userId } )
}
2021-12-27 13:17:15 +01:00
func TestAccountManager_GetOrCreateAccountByUser ( t * testing . T ) {
2021-08-20 15:44:18 +02:00
manager , err := createManager ( t )
2021-08-20 15:18:29 +02:00
if err != nil {
t . Fatal ( err )
2021-08-20 15:44:18 +02:00
return
2021-08-20 15:18:29 +02:00
}
2021-12-27 13:17:15 +01:00
userId := "test_user"
2022-02-11 17:18:18 +01:00
account , err := manager . GetOrCreateAccountByUser ( userId , "" )
2021-08-20 15:18:29 +02:00
if err != nil {
t . Fatal ( err )
}
2021-12-27 13:17:15 +01:00
if account == nil {
t . Fatalf ( "expected to create an account for a user %s" , userId )
2021-08-20 15:18:29 +02:00
}
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccountByUser ( userId )
2021-12-27 13:17:15 +01:00
if err != nil {
t . Errorf ( "expected to get existing account after creation, no account was found for a user %s" , userId )
2021-08-20 15:18:29 +02:00
}
2021-12-27 13:17:15 +01:00
if account != nil && account . Users [ userId ] == nil {
2022-03-01 15:22:18 +01:00
t . Fatalf ( "expected to create an account for a user %s but no user was found after creation udner the account %s" , userId , account . Id )
}
}
2022-10-13 18:26:31 +02:00
func TestDefaultAccountManager_GetAccountFromToken ( t * testing . T ) {
2022-03-01 15:22:18 +01:00
type initUserParams jwtclaims . AuthorizationClaims
type test struct {
2022-03-10 13:47:36 +01:00
name string
inputClaims jwtclaims . AuthorizationClaims
inputInitUserParams initUserParams
inputUpdateAttrs bool
inputUpdateClaimAccount bool
testingFunc require . ComparisonAssertionFunc
expectedMSG string
expectedUserRole UserRole
expectedDomainCategory string
2022-09-29 10:51:18 +02:00
expectedDomain string
2022-03-10 13:47:36 +01:00
expectedPrimaryDomainStatus bool
2022-06-09 13:14:34 +02:00
expectedCreatedBy string
expectedUsers [ ] string
2022-03-01 15:22:18 +01:00
}
var (
publicDomain = "public.com"
privateDomain = "private.com"
unknownDomain = "unknown.com"
)
defaultInitAccount := initUserParams {
Domain : publicDomain ,
UserId : "defaultUser" ,
}
testCase1 := test {
name : "New User With Public Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : publicDomain ,
UserId : "pub-domain-user" ,
DomainCategory : PublicCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputInitUserParams : defaultInitAccount ,
testingFunc : require . NotEqual ,
expectedMSG : "account IDs shouldn't match" ,
expectedUserRole : UserRoleAdmin ,
expectedDomainCategory : "" ,
2022-09-29 10:51:18 +02:00
expectedDomain : publicDomain ,
2022-03-10 13:47:36 +01:00
expectedPrimaryDomainStatus : false ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : "pub-domain-user" ,
expectedUsers : [ ] string { "pub-domain-user" } ,
2022-03-01 15:22:18 +01:00
}
initUnknown := defaultInitAccount
initUnknown . DomainCategory = UnknownCategory
initUnknown . Domain = unknownDomain
testCase2 := test {
name : "New User With Unknown Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : unknownDomain ,
UserId : "unknown-domain-user" ,
DomainCategory : UnknownCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputInitUserParams : initUnknown ,
testingFunc : require . NotEqual ,
expectedMSG : "account IDs shouldn't match" ,
expectedUserRole : UserRoleAdmin ,
2022-09-29 10:51:18 +02:00
expectedDomain : unknownDomain ,
2022-03-10 13:47:36 +01:00
expectedDomainCategory : "" ,
expectedPrimaryDomainStatus : false ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : "unknown-domain-user" ,
expectedUsers : [ ] string { "unknown-domain-user" } ,
2022-03-01 15:22:18 +01:00
}
testCase3 := test {
name : "New User With Private Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : privateDomain ,
UserId : "pvt-domain-user" ,
DomainCategory : PrivateCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputInitUserParams : defaultInitAccount ,
testingFunc : require . NotEqual ,
expectedMSG : "account IDs shouldn't match" ,
expectedUserRole : UserRoleAdmin ,
2022-09-29 10:51:18 +02:00
expectedDomain : privateDomain ,
2022-03-10 13:47:36 +01:00
expectedDomainCategory : PrivateCategory ,
expectedPrimaryDomainStatus : true ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : "pvt-domain-user" ,
expectedUsers : [ ] string { "pvt-domain-user" } ,
2022-03-01 15:22:18 +01:00
}
privateInitAccount := defaultInitAccount
privateInitAccount . Domain = privateDomain
privateInitAccount . DomainCategory = PrivateCategory
testCase4 := test {
name : "New Regular User With Existing Private Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : privateDomain ,
2022-06-09 13:14:34 +02:00
UserId : "new-pvt-domain-user" ,
2022-03-01 15:22:18 +01:00
DomainCategory : PrivateCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputUpdateAttrs : true ,
inputInitUserParams : privateInitAccount ,
testingFunc : require . Equal ,
expectedMSG : "account IDs should match" ,
expectedUserRole : UserRoleUser ,
2022-09-29 10:51:18 +02:00
expectedDomain : privateDomain ,
2022-03-10 13:47:36 +01:00
expectedDomainCategory : PrivateCategory ,
expectedPrimaryDomainStatus : true ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : defaultInitAccount . UserId ,
expectedUsers : [ ] string { defaultInitAccount . UserId , "new-pvt-domain-user" } ,
2022-03-01 15:22:18 +01:00
}
testCase5 := test {
name : "Existing User With Existing Reclassified Private Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : defaultInitAccount . Domain ,
UserId : defaultInitAccount . UserId ,
DomainCategory : PrivateCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputInitUserParams : defaultInitAccount ,
testingFunc : require . Equal ,
expectedMSG : "account IDs should match" ,
expectedUserRole : UserRoleAdmin ,
2022-09-29 10:51:18 +02:00
expectedDomain : defaultInitAccount . Domain ,
2022-03-10 13:47:36 +01:00
expectedDomainCategory : PrivateCategory ,
expectedPrimaryDomainStatus : true ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : defaultInitAccount . UserId ,
expectedUsers : [ ] string { defaultInitAccount . UserId } ,
2022-03-01 15:22:18 +01:00
}
2022-03-09 13:31:42 +01:00
testCase6 := test {
name : "Existing Account Id With Existing Reclassified Private Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : defaultInitAccount . Domain ,
UserId : defaultInitAccount . UserId ,
DomainCategory : PrivateCategory ,
} ,
2022-03-10 13:47:36 +01:00
inputUpdateClaimAccount : true ,
inputInitUserParams : defaultInitAccount ,
testingFunc : require . Equal ,
expectedMSG : "account IDs should match" ,
expectedUserRole : UserRoleAdmin ,
2022-09-29 10:51:18 +02:00
expectedDomain : defaultInitAccount . Domain ,
2022-03-10 13:47:36 +01:00
expectedDomainCategory : PrivateCategory ,
expectedPrimaryDomainStatus : true ,
2022-06-09 13:14:34 +02:00
expectedCreatedBy : defaultInitAccount . UserId ,
expectedUsers : [ ] string { defaultInitAccount . UserId } ,
2022-03-09 13:31:42 +01:00
}
2022-09-29 10:51:18 +02:00
testCase7 := test {
name : "User With Private Category And Empty Domain" ,
inputClaims : jwtclaims . AuthorizationClaims {
Domain : "" ,
UserId : "pvt-domain-user" ,
DomainCategory : PrivateCategory ,
} ,
inputInitUserParams : defaultInitAccount ,
testingFunc : require . NotEqual ,
expectedMSG : "account IDs shouldn't match" ,
expectedUserRole : UserRoleAdmin ,
expectedDomain : "" ,
expectedDomainCategory : "" ,
expectedPrimaryDomainStatus : false ,
expectedCreatedBy : "pvt-domain-user" ,
expectedUsers : [ ] string { "pvt-domain-user" } ,
}
for _ , testCase := range [ ] test { testCase1 , testCase2 , testCase3 , testCase4 , testCase5 , testCase6 , testCase7 } {
2022-03-01 15:22:18 +01:00
t . Run ( testCase . name , func ( t * testing . T ) {
manager , err := createManager ( t )
require . NoError ( t , err , "unable to create account manager" )
2022-11-07 17:52:23 +01:00
initAccount , err := manager . GetAccountByUserOrAccountID ( testCase . inputInitUserParams . UserId , testCase . inputInitUserParams . AccountId , testCase . inputInitUserParams . Domain )
2022-03-01 15:22:18 +01:00
require . NoError ( t , err , "create init user failed" )
if testCase . inputUpdateAttrs {
err = manager . updateAccountDomainAttributes ( initAccount , jwtclaims . AuthorizationClaims { UserId : testCase . inputInitUserParams . UserId , Domain : testCase . inputInitUserParams . Domain , DomainCategory : testCase . inputInitUserParams . DomainCategory } , true )
require . NoError ( t , err , "update init user failed" )
}
2022-03-09 13:31:42 +01:00
if testCase . inputUpdateClaimAccount {
testCase . inputClaims . AccountId = initAccount . Id
}
2022-11-11 20:36:45 +01:00
account , _ , err := manager . GetAccountFromToken ( testCase . inputClaims )
2022-03-01 15:22:18 +01:00
require . NoError ( t , err , "support function failed" )
2022-06-09 13:14:34 +02:00
verifyNewAccountHasDefaultFields ( t , account , testCase . expectedCreatedBy , testCase . inputClaims . Domain , testCase . expectedUsers )
verifyCanAddPeerToAccount ( t , manager , account , testCase . expectedCreatedBy )
2022-03-01 15:22:18 +01:00
testCase . testingFunc ( t , initAccount . Id , account . Id , testCase . expectedMSG )
2022-03-10 13:47:36 +01:00
require . EqualValues ( t , testCase . expectedUserRole , account . Users [ testCase . inputClaims . UserId ] . Role , "expected user role should match" )
require . EqualValues ( t , testCase . expectedDomainCategory , account . DomainCategory , "expected account domain category should match" )
require . EqualValues ( t , testCase . expectedPrimaryDomainStatus , account . IsDomainPrimaryAccount , "expected account primary status should match" )
2022-09-29 10:51:18 +02:00
require . EqualValues ( t , testCase . expectedDomain , account . Domain , "expected account domain should match" )
2022-03-01 15:22:18 +01:00
} )
}
}
2022-05-05 08:58:34 +02:00
2022-03-01 15:22:18 +01:00
func TestAccountManager_PrivateAccount ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
userId := "test_user"
account , err := manager . GetOrCreateAccountByUser ( userId , "" )
if err != nil {
t . Fatal ( err )
}
if account == nil {
t . Fatalf ( "expected to create an account for a user %s" , userId )
}
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccountByUser ( userId )
2022-03-01 15:22:18 +01:00
if err != nil {
t . Errorf ( "expected to get existing account after creation, no account was found for a user %s" , userId )
}
if account != nil && account . Users [ userId ] == nil {
2021-12-27 13:17:15 +01:00
t . Fatalf ( "expected to create an account for a user %s but no user was found after creation udner the account %s" , userId , account . Id )
2021-08-20 15:18:29 +02:00
}
2021-08-20 15:44:18 +02:00
}
2022-02-11 17:18:18 +01:00
func TestAccountManager_SetOrUpdateDomain ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
userId := "test_user"
domain := "hotmail.com"
account , err := manager . GetOrCreateAccountByUser ( userId , domain )
if err != nil {
t . Fatal ( err )
}
if account == nil {
t . Fatalf ( "expected to create an account for a user %s" , userId )
}
if account . Domain != domain {
t . Errorf ( "setting account domain failed, expected %s, got %s" , domain , account . Domain )
}
domain = "gmail.com"
account , err = manager . GetOrCreateAccountByUser ( userId , domain )
if err != nil {
t . Fatalf ( "got the following error while retrieving existing acc: %v" , err )
}
if account == nil {
t . Fatalf ( "expected to get an account for a user %s" , userId )
}
if account . Domain != domain {
t . Errorf ( "updating domain. expected %s got %s" , domain , account . Domain )
}
}
2022-01-24 11:21:30 +01:00
func TestAccountManager_GetAccountByUserOrAccountId ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
userId := "test_user"
2022-11-07 17:52:23 +01:00
account , err := manager . GetAccountByUserOrAccountID ( userId , "" , "" )
2022-01-24 11:21:30 +01:00
if err != nil {
t . Fatal ( err )
}
if account == nil {
t . Fatalf ( "expected to create an account for a user %s" , userId )
}
accountId := account . Id
2022-11-07 17:52:23 +01:00
_ , err = manager . GetAccountByUserOrAccountID ( "" , accountId , "" )
2022-01-24 11:21:30 +01:00
if err != nil {
t . Errorf ( "expected to get existing account after creation using userid, no account was found for a account %s" , accountId )
}
2022-11-07 17:52:23 +01:00
_ , err = manager . GetAccountByUserOrAccountID ( "" , "" , "" )
2022-01-24 11:21:30 +01:00
if err == nil {
t . Errorf ( "expected an error when user and account IDs are empty" )
}
}
2022-06-09 13:14:34 +02:00
func createAccount ( am * DefaultAccountManager , accountID , userID , domain string ) ( * Account , error ) {
account := newAccountWithId ( accountID , userID , domain )
err := am . Store . SaveAccount ( account )
if err != nil {
return nil , err
}
return account , nil
}
2021-08-20 15:44:18 +02:00
func TestAccountManager_AccountExists ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
expectedId := "test_account"
2021-12-27 13:17:15 +01:00
userId := "account_creator"
2022-06-09 13:14:34 +02:00
_ , err = createAccount ( manager , expectedId , userId , "" )
2021-08-20 15:44:18 +02:00
if err != nil {
t . Fatal ( err )
}
exists , err := manager . AccountExists ( expectedId )
if err != nil {
t . Fatal ( err )
}
if ! * exists {
t . Errorf ( "expected account to exist after creation, got false" )
}
}
func TestAccountManager_GetAccount ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
expectedId := "test_account"
2021-12-27 13:17:15 +01:00
userId := "account_creator"
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , expectedId , userId , "" )
2021-08-20 15:44:18 +02:00
if err != nil {
t . Fatal ( err )
}
2022-05-21 15:21:39 +02:00
// AddAccount has been already tested so we can assume it is correct and compare results
2022-11-07 17:52:23 +01:00
getAccount , err := manager . Store . GetAccount ( account . Id )
2021-08-20 15:44:18 +02:00
if err != nil {
t . Fatal ( err )
return
}
if account . Id != getAccount . Id {
2021-08-20 22:33:43 +02:00
t . Errorf ( "expected account.Id %s, got %s" , account . Id , getAccount . Id )
2021-08-20 15:44:18 +02:00
}
for _ , peer := range account . Peers {
if _ , ok := getAccount . Peers [ peer . Key ] ; ! ok {
t . Errorf ( "expected account to have peer %s, not found" , peer . Key )
}
}
for _ , key := range account . SetupKeys {
if _ , ok := getAccount . SetupKeys [ key . Key ] ; ! ok {
t . Errorf ( "expected account to have setup key %s, not found" , key . Key )
}
}
2021-08-20 15:18:29 +02:00
}
func TestAccountManager_AddPeer ( t * testing . T ) {
2021-08-20 15:44:18 +02:00
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
2021-08-20 15:18:29 +02:00
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , "test_account" , "account_creator" , "" )
2021-08-20 15:18:29 +02:00
if err != nil {
t . Fatal ( err )
}
2022-05-21 15:21:39 +02:00
serial := account . Network . CurrentSerial ( ) // should be 0
2022-01-14 14:34:27 +01:00
2021-08-20 15:44:18 +02:00
var setupKey * SetupKey
for _ , key := range account . SetupKeys {
setupKey = key
}
if setupKey == nil {
t . Errorf ( "expecting account to have a default setup key" )
return
}
2021-08-20 15:18:29 +02:00
2022-03-10 18:18:38 +01:00
if account . Network . Serial != 0 {
t . Errorf ( "expecting account network to have an initial Serial=0" )
2022-01-14 14:34:27 +01:00
return
}
2022-01-16 17:10:36 +01:00
key , err := wgtypes . GeneratePrivateKey ( )
2021-08-20 15:18:29 +02:00
if err != nil {
t . Fatal ( err )
2021-08-20 15:44:18 +02:00
return
}
expectedPeerKey := key . PublicKey ( ) . String ( )
2022-05-05 20:02:15 +02:00
expectedSetupKey := setupKey . Key
2021-08-20 15:44:18 +02:00
2022-05-05 20:02:15 +02:00
peer , err := manager . AddPeer ( setupKey . Key , "" , & Peer {
2021-08-24 11:50:19 +02:00
Key : expectedPeerKey ,
Meta : PeerSystemMeta { } ,
Name : expectedPeerKey ,
} )
2021-08-20 15:44:18 +02:00
if err != nil {
t . Errorf ( "expecting peer to be added, got failure %v" , err )
return
}
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccount ( account . Id )
2022-01-14 14:34:27 +01:00
if err != nil {
t . Fatal ( err )
return
}
2021-08-20 15:44:18 +02:00
if peer . Key != expectedPeerKey {
t . Errorf ( "expecting just added peer to have key = %s, got %s" , expectedPeerKey , peer . Key )
}
2022-05-29 22:43:39 +02:00
if ! account . Network . Net . Contains ( peer . IP ) {
t . Errorf ( "expecting just added peer's IP %s to be in a network range %s" , peer . IP . String ( ) , account . Network . Net . String ( ) )
2022-05-05 20:02:15 +02:00
}
if peer . SetupKey != expectedSetupKey {
t . Errorf ( "expecting just added peer to have SetupKey = %s, got %s" , expectedSetupKey , peer . SetupKey )
}
if account . Network . CurrentSerial ( ) != 1 {
t . Errorf ( "expecting Network Serial=%d to be incremented by 1 and be equal to %d when adding new peer to account" , serial , account . Network . CurrentSerial ( ) )
}
}
func TestAccountManager_AddPeerWithUserID ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
userId := "account_creator"
account , err := manager . GetOrCreateAccountByUser ( userId , "" )
if err != nil {
t . Fatal ( err )
}
2022-05-21 15:21:39 +02:00
serial := account . Network . CurrentSerial ( ) // should be 0
2022-05-05 20:02:15 +02:00
if account . Network . Serial != 0 {
t . Errorf ( "expecting account network to have an initial Serial=0" )
return
}
key , err := wgtypes . GeneratePrivateKey ( )
if err != nil {
t . Fatal ( err )
return
}
expectedPeerKey := key . PublicKey ( ) . String ( )
expectedUserId := userId
peer , err := manager . AddPeer ( "" , userId , & Peer {
Key : expectedPeerKey ,
Meta : PeerSystemMeta { } ,
Name : expectedPeerKey ,
} )
if err != nil {
t . Errorf ( "expecting peer to be added, got failure %v, account users: %v" , err , account . CreatedBy )
return
}
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccount ( account . Id )
2022-05-05 20:02:15 +02:00
if err != nil {
t . Fatal ( err )
return
}
2021-08-20 15:44:18 +02:00
if peer . Key != expectedPeerKey {
2022-05-05 20:02:15 +02:00
t . Errorf ( "expecting just added peer to have key = %s, got %s" , expectedPeerKey , peer . Key )
}
2022-05-29 22:43:39 +02:00
if ! account . Network . Net . Contains ( peer . IP ) {
t . Errorf ( "expecting just added peer's IP %s to be in a network range %s" , peer . IP . String ( ) , account . Network . Net . String ( ) )
2021-08-20 15:18:29 +02:00
}
2022-05-05 20:02:15 +02:00
if peer . UserID != expectedUserId {
t . Errorf ( "expecting just added peer to have UserID = %s, got %s" , expectedUserId , peer . UserID )
}
2022-03-10 18:18:38 +01:00
if account . Network . CurrentSerial ( ) != 1 {
t . Errorf ( "expecting Network Serial=%d to be incremented by 1 and be equal to %d when adding new peer to account" , serial , account . Network . CurrentSerial ( ) )
2022-01-14 14:34:27 +01:00
}
2021-08-20 15:44:18 +02:00
}
2022-01-14 14:34:27 +01:00
2022-06-04 22:02:22 +02:00
func TestAccountManager_NetworkUpdates ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , "test_account" , "account_creator" , "" )
2022-06-04 22:02:22 +02:00
if err != nil {
t . Fatal ( err )
}
var setupKey * SetupKey
for _ , key := range account . SetupKeys {
setupKey = key
if setupKey . Type == SetupKeyReusable {
break
}
}
if setupKey == nil {
t . Errorf ( "expecting account to have a default setup key" )
return
}
if account . Network . Serial != 0 {
t . Errorf ( "expecting account network to have an initial Serial=0" )
return
}
getPeer := func ( ) * Peer {
key , err := wgtypes . GeneratePrivateKey ( )
if err != nil {
t . Fatal ( err )
return nil
}
expectedPeerKey := key . PublicKey ( ) . String ( )
peer , err := manager . AddPeer ( setupKey . Key , "" , & Peer {
Key : expectedPeerKey ,
Meta : PeerSystemMeta { } ,
Name : expectedPeerKey ,
} )
if err != nil {
t . Fatalf ( "expecting peer1 to be added, got failure %v" , err )
return nil
}
return peer
}
peer1 := getPeer ( )
peer2 := getPeer ( )
peer3 := getPeer ( )
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccount ( account . Id )
2022-06-04 22:02:22 +02:00
if err != nil {
t . Fatal ( err )
return
}
updMsg := manager . peersUpdateManager . CreateChannel ( peer1 . Key )
defer manager . peersUpdateManager . CloseChannel ( peer1 . Key )
group := Group {
ID : "group-id" ,
Name : "GroupA" ,
Peers : [ ] string { peer1 . Key , peer2 . Key , peer3 . Key } ,
}
rule := Rule {
Source : [ ] string { "group-id" } ,
Destination : [ ] string { "group-id" } ,
Flow : TrafficFlowBidirect ,
}
wg := sync . WaitGroup { }
t . Run ( "save group update" , func ( t * testing . T ) {
wg . Add ( 1 )
go func ( ) {
defer wg . Done ( )
message := <- updMsg
networkMap := message . Update . GetNetworkMap ( )
if len ( networkMap . RemotePeers ) != 2 {
t . Errorf ( "mismatch peers count: 2 expected, got %v" , len ( networkMap . RemotePeers ) )
}
} ( )
if err := manager . SaveGroup ( account . Id , & group ) ; err != nil {
t . Errorf ( "save group: %v" , err )
return
}
wg . Wait ( )
} )
t . Run ( "delete rule update" , func ( t * testing . T ) {
wg . Add ( 1 )
go func ( ) {
defer wg . Done ( )
message := <- updMsg
networkMap := message . Update . GetNetworkMap ( )
if len ( networkMap . RemotePeers ) != 0 {
t . Errorf ( "mismatch peers count: 0 expected, got %v" , len ( networkMap . RemotePeers ) )
}
} ( )
var defaultRule * Rule
for _ , r := range account . Rules {
defaultRule = r
}
if err := manager . DeleteRule ( account . Id , defaultRule . ID ) ; err != nil {
t . Errorf ( "delete default rule: %v" , err )
return
}
wg . Wait ( )
} )
t . Run ( "save rule update" , func ( t * testing . T ) {
wg . Add ( 1 )
go func ( ) {
defer wg . Done ( )
message := <- updMsg
networkMap := message . Update . GetNetworkMap ( )
if len ( networkMap . RemotePeers ) != 2 {
t . Errorf ( "mismatch peers count: 2 expected, got %v" , len ( networkMap . RemotePeers ) )
}
} ( )
if err := manager . SaveRule ( account . Id , & rule ) ; err != nil {
t . Errorf ( "delete default rule: %v" , err )
return
}
wg . Wait ( )
} )
t . Run ( "delete peer update" , func ( t * testing . T ) {
wg . Add ( 1 )
go func ( ) {
defer wg . Done ( )
message := <- updMsg
networkMap := message . Update . GetNetworkMap ( )
if len ( networkMap . RemotePeers ) != 1 {
t . Errorf ( "mismatch peers count: 1 expected, got %v" , len ( networkMap . RemotePeers ) )
}
} ( )
if _ , err := manager . DeletePeer ( account . Id , peer3 . Key ) ; err != nil {
t . Errorf ( "delete peer: %v" , err )
return
}
wg . Wait ( )
} )
t . Run ( "delete group update" , func ( t * testing . T ) {
wg . Add ( 1 )
go func ( ) {
defer wg . Done ( )
message := <- updMsg
networkMap := message . Update . GetNetworkMap ( )
if len ( networkMap . RemotePeers ) != 0 {
t . Errorf ( "mismatch peers count: 0 expected, got %v" , len ( networkMap . RemotePeers ) )
}
} ( )
if err := manager . DeleteGroup ( account . Id , group . ID ) ; err != nil {
t . Errorf ( "delete group rule: %v" , err )
return
}
wg . Wait ( )
} )
}
2022-01-14 14:34:27 +01:00
func TestAccountManager_DeletePeer ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , "test_account" , "account_creator" , "" )
2022-01-14 14:34:27 +01:00
if err != nil {
t . Fatal ( err )
}
var setupKey * SetupKey
for _ , key := range account . SetupKeys {
setupKey = key
}
key , err := wgtypes . GenerateKey ( )
if err != nil {
t . Fatal ( err )
return
}
peerKey := key . PublicKey ( ) . String ( )
2022-05-05 20:02:15 +02:00
_ , err = manager . AddPeer ( setupKey . Key , "" , & Peer {
2022-01-14 14:34:27 +01:00
Key : peerKey ,
Meta : PeerSystemMeta { } ,
Name : peerKey ,
} )
if err != nil {
t . Errorf ( "expecting peer to be added, got failure %v" , err )
return
}
_ , err = manager . DeletePeer ( account . Id , peerKey )
if err != nil {
return
}
2022-11-07 17:52:23 +01:00
account , err = manager . Store . GetAccount ( account . Id )
2022-01-14 14:34:27 +01:00
if err != nil {
t . Fatal ( err )
return
}
2022-03-10 18:18:38 +01:00
if account . Network . CurrentSerial ( ) != 2 {
t . Errorf ( "expecting Network Serial=%d to be incremented and be equal to 2 after adding and deleteing a peer" , account . Network . CurrentSerial ( ) )
2022-01-14 14:34:27 +01:00
}
}
2022-05-05 08:58:34 +02:00
func TestGetUsersFromAccount ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
}
users := map [ string ] * User { "1" : { Id : "1" , Role : "admin" } , "2" : { Id : "2" , Role : "user" } , "3" : { Id : "3" , Role : "user" } }
accountId := "test_account_id"
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , accountId , users [ "1" ] . Id , "" )
2022-05-05 08:58:34 +02:00
if err != nil {
t . Fatal ( err )
}
// add a user to the account
for _ , user := range users {
account . Users [ user . Id ] = user
}
2022-11-05 10:24:50 +01:00
userInfos , err := manager . GetUsersFromAccount ( accountId , "1" )
2022-05-05 08:58:34 +02:00
if err != nil {
t . Fatal ( err )
}
for _ , userInfo := range userInfos {
id := userInfo . ID
assert . Equal ( t , userInfo . ID , users [ id ] . Id )
2022-05-29 22:43:39 +02:00
assert . Equal ( t , userInfo . Role , string ( users [ id ] . Role ) )
2022-05-05 08:58:34 +02:00
assert . Equal ( t , userInfo . Name , "" )
assert . Equal ( t , userInfo . Email , "" )
}
}
2022-05-23 13:03:57 +02:00
func TestAccountManager_UpdatePeerMeta ( t * testing . T ) {
manager , err := createManager ( t )
if err != nil {
t . Fatal ( err )
return
}
2022-06-09 13:14:34 +02:00
account , err := createAccount ( manager , "test_account" , "account_creator" , "" )
2022-05-23 13:03:57 +02:00
if err != nil {
t . Fatal ( err )
}
var setupKey * SetupKey
for _ , key := range account . SetupKeys {
setupKey = key
}
key , err := wgtypes . GeneratePrivateKey ( )
if err != nil {
t . Fatal ( err )
return
}
peer , err := manager . AddPeer ( setupKey . Key , "" , & Peer {
Key : key . PublicKey ( ) . String ( ) ,
Meta : PeerSystemMeta {
Hostname : "Hostname" ,
GoOS : "GoOS" ,
Kernel : "Kernel" ,
Core : "Core" ,
Platform : "Platform" ,
OS : "OS" ,
WtVersion : "WtVersion" ,
} ,
Name : key . PublicKey ( ) . String ( ) ,
} )
if err != nil {
t . Errorf ( "expecting peer to be added, got failure %v" , err )
return
}
newMeta := PeerSystemMeta {
Hostname : "new-Hostname" ,
GoOS : "new-GoOS" ,
Kernel : "new-Kernel" ,
Core : "new-Core" ,
Platform : "new-Platform" ,
OS : "new-OS" ,
WtVersion : "new-WtVersion" ,
}
err = manager . UpdatePeerMeta ( peer . Key , newMeta )
if err != nil {
t . Error ( err )
return
}
p , err := manager . GetPeer ( peer . Key )
if err != nil {
return
}
if err != nil {
t . Fatal ( err )
return
}
assert . Equal ( t , newMeta , p . Meta )
}
2022-11-07 12:10:56 +01:00
func TestAccount_GetPeerRules ( t * testing . T ) {
groups := map [ string ] * Group {
"group_1" : {
ID : "group_1" ,
Name : "group_1" ,
Peers : [ ] string { "peer-1" , "peer-2" } ,
} ,
"group_2" : {
ID : "group_2" ,
Name : "group_2" ,
Peers : [ ] string { "peer-2" , "peer-3" } ,
} ,
"group_3" : {
ID : "group_3" ,
Name : "group_3" ,
Peers : [ ] string { "peer-4" } ,
} ,
"group_4" : {
ID : "group_4" ,
Name : "group_4" ,
Peers : [ ] string { "peer-1" } ,
} ,
"group_5" : {
ID : "group_5" ,
Name : "group_5" ,
Peers : [ ] string { "peer-1" } ,
} ,
}
rules := map [ string ] * Rule {
"rule-1" : {
ID : "rule-1" ,
Name : "rule-1" ,
Description : "rule-1" ,
Disabled : false ,
Source : [ ] string { "group_1" , "group_5" } ,
Destination : [ ] string { "group_2" } ,
Flow : 0 ,
} ,
"rule-2" : {
ID : "rule-2" ,
Name : "rule-2" ,
Description : "rule-2" ,
Disabled : false ,
Source : [ ] string { "group_1" } ,
Destination : [ ] string { "group_1" } ,
Flow : 0 ,
} ,
"rule-3" : {
ID : "rule-3" ,
Name : "rule-3" ,
Description : "rule-3" ,
Disabled : false ,
Source : [ ] string { "group_3" } ,
Destination : [ ] string { "group_3" } ,
Flow : 0 ,
} ,
}
account := & Account {
Groups : groups ,
Rules : rules ,
}
srcRules , dstRules := account . GetPeerRules ( "peer-1" )
assert . Equal ( t , 2 , len ( srcRules ) )
assert . Equal ( t , 1 , len ( dstRules ) )
}
func TestFileStore_GetRoutesByPrefix ( t * testing . T ) {
_ , prefix , err := route . ParseNetwork ( "192.168.64.0/24" )
if err != nil {
t . Fatal ( err )
}
account := & Account {
Routes : map [ string ] * route . Route {
"route-1" : {
ID : "route-1" ,
Network : prefix ,
NetID : "network-1" ,
Description : "network-1" ,
Peer : "peer-1" ,
NetworkType : 0 ,
Masquerade : false ,
Metric : 999 ,
Enabled : true ,
} ,
"route-2" : {
ID : "route-2" ,
Network : prefix ,
NetID : "network-1" ,
Description : "network-1" ,
Peer : "peer-2" ,
NetworkType : 0 ,
Masquerade : false ,
Metric : 999 ,
Enabled : true ,
} ,
} ,
}
routes := account . GetRoutesByPrefix ( prefix )
assert . Len ( t , routes , 2 )
routeIDs := make ( map [ string ] struct { } , 2 )
for _ , r := range routes {
routeIDs [ r . ID ] = struct { } { }
}
assert . Contains ( t , routeIDs , "route-1" )
assert . Contains ( t , routeIDs , "route-2" )
}
func TestAccount_GetPeersRoutes ( t * testing . T ) {
_ , prefix , err := route . ParseNetwork ( "192.168.64.0/24" )
if err != nil {
t . Fatal ( err )
}
account := & Account {
Peers : map [ string ] * Peer {
"peer-1" : { Key : "peer-1" } , "peer-2" : { Key : "peer-2" } , "peer-3" : { Key : "peer-1" } ,
} ,
Routes : map [ string ] * route . Route {
"route-1" : {
ID : "route-1" ,
Network : prefix ,
NetID : "network-1" ,
Description : "network-1" ,
Peer : "peer-1" ,
NetworkType : 0 ,
Masquerade : false ,
Metric : 999 ,
Enabled : true ,
} ,
"route-2" : {
ID : "route-2" ,
Network : prefix ,
NetID : "network-1" ,
Description : "network-1" ,
Peer : "peer-2" ,
NetworkType : 0 ,
Masquerade : false ,
Metric : 999 ,
Enabled : true ,
} ,
} ,
}
routes := account . GetPeersRoutes ( [ ] * Peer { { Key : "peer-1" } , { Key : "peer-2" } , { Key : "non-existing-peer" } } )
assert . Len ( t , routes , 2 )
routeIDs := make ( map [ string ] struct { } , 2 )
for _ , r := range routes {
routeIDs [ r . ID ] = struct { } { }
}
assert . Contains ( t , routeIDs , "route-1" )
assert . Contains ( t , routeIDs , "route-2" )
}
2022-11-07 17:37:28 +01:00
func TestAccount_Copy ( t * testing . T ) {
account := & Account {
Id : "account1" ,
CreatedBy : "tester" ,
Domain : "test.com" ,
DomainCategory : "public" ,
IsDomainPrimaryAccount : true ,
SetupKeys : map [ string ] * SetupKey {
"setup1" : {
Id : "setup1" ,
AutoGroups : [ ] string { "group1" } ,
} ,
} ,
Network : & Network {
Id : "net1" ,
} ,
Peers : map [ string ] * Peer {
"peer1" : {
Key : "key1" ,
} ,
} ,
Users : map [ string ] * User {
"user1" : {
Id : "user1" ,
Role : UserRoleAdmin ,
AutoGroups : [ ] string { "group1" } ,
} ,
} ,
Groups : map [ string ] * Group {
"group1" : {
ID : "group1" ,
} ,
} ,
Rules : map [ string ] * Rule {
"rule1" : {
ID : "rule1" ,
} ,
} ,
Routes : map [ string ] * route . Route {
"route1" : {
ID : "route1" ,
} ,
} ,
NameServerGroups : map [ string ] * nbdns . NameServerGroup {
"nsGroup1" : {
ID : "nsGroup1" ,
} ,
} ,
}
err := hasNilField ( account )
if err != nil {
t . Fatal ( err )
}
accountCopy := account . Copy ( )
assert . Equal ( t , account , accountCopy , "account copy returned a different value than expected" )
}
// hasNilField validates pointers, maps and slices if they are nil
func hasNilField ( x interface { } ) error {
rv := reflect . ValueOf ( x )
rv = rv . Elem ( )
for i := 0 ; i < rv . NumField ( ) ; i ++ {
if f := rv . Field ( i ) ; f . IsValid ( ) {
k := f . Kind ( )
switch k {
case reflect . Ptr :
if f . IsNil ( ) {
return fmt . Errorf ( "field %s is nil" , f . String ( ) )
}
case reflect . Map , reflect . Slice :
if f . Len ( ) == 0 || f . IsNil ( ) {
return fmt . Errorf ( "field %s is nil" , f . String ( ) )
}
}
}
}
return nil
}
2022-02-22 11:28:19 +01:00
func createManager ( t * testing . T ) ( * DefaultAccountManager , error ) {
2021-08-20 15:44:18 +02:00
store , err := createStore ( t )
if err != nil {
return nil , err
}
2022-11-07 15:38:21 +01:00
return BuildManager ( store , NewPeersUpdateManager ( ) , nil , "" , "" )
2021-08-20 15:18:29 +02:00
}
func createStore ( t * testing . T ) ( Store , error ) {
dataDir := t . TempDir ( )
2022-11-08 10:46:12 +01:00
store , err := NewFileStore ( dataDir )
2021-08-20 15:18:29 +02:00
if err != nil {
return nil , err
}
return store , nil
}