mirror of
https://github.com/netbirdio/netbird.git
synced 2024-12-12 09:50:47 +01:00
acb73bd64a
* refactor access control middleware and user access by JWT groups Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor jwt groups extractor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor handlers to get account when necessary Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountFromToken Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountWithAuthorizationClaims Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix merge Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * revert handles change Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * remove GetUserByID from account manager Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor getAccountWithAuthorizationClaims to return account id Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor handlers to use GetAccountIDFromToken Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * remove locks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * refactor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add GetGroupByName from store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add GetGroupByID from store and refactor Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor retrieval of policy and posture checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor user permissions and retrieves PAT Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor route, setupkey, nameserver and dns to get record(s) from store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * Refactor store Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix lint Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix add missing policy source posture checks Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add store lock Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * fix tests Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> * add get account Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com> --------- Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
236 lines
5.8 KiB
Go
236 lines
5.8 KiB
Go
package http
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"io"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"path"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"github.com/gorilla/mux"
|
|
"github.com/netbirdio/netbird/management/server"
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/netbirdio/netbird/management/server/geolocation"
|
|
"github.com/netbirdio/netbird/management/server/http/api"
|
|
"github.com/netbirdio/netbird/management/server/jwtclaims"
|
|
"github.com/netbirdio/netbird/management/server/mock_server"
|
|
"github.com/netbirdio/netbird/util"
|
|
)
|
|
|
|
func initGeolocationTestData(t *testing.T) *GeolocationsHandler {
|
|
t.Helper()
|
|
|
|
var (
|
|
mmdbPath = "../testdata/GeoLite2-City_20240305.mmdb"
|
|
geonamesdbPath = "../testdata/geonames_20240305.db"
|
|
)
|
|
|
|
tempDir := t.TempDir()
|
|
|
|
err := util.CopyFileContents(mmdbPath, path.Join(tempDir, filepath.Base(mmdbPath)))
|
|
assert.NoError(t, err)
|
|
|
|
err = util.CopyFileContents(geonamesdbPath, path.Join(tempDir, filepath.Base(geonamesdbPath)))
|
|
assert.NoError(t, err)
|
|
|
|
geo, err := geolocation.NewGeolocation(context.Background(), tempDir, false)
|
|
assert.NoError(t, err)
|
|
t.Cleanup(func() { _ = geo.Stop() })
|
|
|
|
return &GeolocationsHandler{
|
|
accountManager: &mock_server.MockAccountManager{
|
|
GetAccountIDFromTokenFunc: func(_ context.Context, claims jwtclaims.AuthorizationClaims) (string, string, error) {
|
|
return claims.AccountId, claims.UserId, nil
|
|
},
|
|
GetUserByIDFunc: func(ctx context.Context, id string) (*server.User, error) {
|
|
return server.NewAdminUser(id), nil
|
|
},
|
|
},
|
|
geolocationManager: geo,
|
|
claimsExtractor: jwtclaims.NewClaimsExtractor(
|
|
jwtclaims.WithFromRequestContext(func(r *http.Request) jwtclaims.AuthorizationClaims {
|
|
return jwtclaims.AuthorizationClaims{
|
|
UserId: "test_user",
|
|
Domain: "hotmail.com",
|
|
AccountId: "test_id",
|
|
}
|
|
}),
|
|
),
|
|
}
|
|
}
|
|
|
|
func TestGetCitiesByCountry(t *testing.T) {
|
|
tt := []struct {
|
|
name string
|
|
expectedStatus int
|
|
expectedBody bool
|
|
expectedCities []api.City
|
|
requestType string
|
|
requestPath string
|
|
}{
|
|
{
|
|
name: "Get cities with valid country iso code",
|
|
expectedStatus: http.StatusOK,
|
|
expectedBody: true,
|
|
expectedCities: []api.City{
|
|
{
|
|
CityName: "Souni",
|
|
GeonameId: 5819,
|
|
},
|
|
{
|
|
CityName: "Protaras",
|
|
GeonameId: 18918,
|
|
},
|
|
},
|
|
requestType: http.MethodGet,
|
|
requestPath: "/api/locations/countries/CY/cities",
|
|
},
|
|
{
|
|
name: "Get cities with valid country iso code but zero cities",
|
|
expectedStatus: http.StatusOK,
|
|
expectedBody: true,
|
|
expectedCities: make([]api.City, 0),
|
|
requestType: http.MethodGet,
|
|
requestPath: "/api/locations/countries/DE/cities",
|
|
},
|
|
{
|
|
name: "Get cities with invalid country iso code",
|
|
expectedStatus: http.StatusUnprocessableEntity,
|
|
expectedBody: false,
|
|
requestType: http.MethodGet,
|
|
requestPath: "/api/locations/countries/12ds/cities",
|
|
},
|
|
}
|
|
|
|
geolocationHandler := initGeolocationTestData(t)
|
|
|
|
for _, tc := range tt {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
recorder := httptest.NewRecorder()
|
|
req := httptest.NewRequest(tc.requestType, tc.requestPath, nil)
|
|
|
|
router := mux.NewRouter()
|
|
router.HandleFunc("/api/locations/countries/{country}/cities", geolocationHandler.GetCitiesByCountry).Methods("GET")
|
|
router.ServeHTTP(recorder, req)
|
|
|
|
res := recorder.Result()
|
|
defer res.Body.Close()
|
|
|
|
content, err := io.ReadAll(res.Body)
|
|
if err != nil {
|
|
t.Fatalf("I don't know what I expected; %v", err)
|
|
return
|
|
}
|
|
|
|
if status := recorder.Code; status != tc.expectedStatus {
|
|
t.Errorf("handler returned wrong status code: got %v want %v, content: %s",
|
|
status, tc.expectedStatus, string(content))
|
|
return
|
|
}
|
|
|
|
if !tc.expectedBody {
|
|
return
|
|
}
|
|
|
|
cities := make([]api.City, 0)
|
|
if err = json.Unmarshal(content, &cities); err != nil {
|
|
t.Fatalf("unmarshal request cities response : %v", err)
|
|
return
|
|
}
|
|
assert.ElementsMatch(t, tc.expectedCities, cities)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestGetAllCountries(t *testing.T) {
|
|
tt := []struct {
|
|
name string
|
|
expectedStatus int
|
|
expectedBody bool
|
|
expectedCountries []api.Country
|
|
requestType string
|
|
requestPath string
|
|
}{
|
|
{
|
|
name: "Get all countries",
|
|
expectedStatus: http.StatusOK,
|
|
expectedBody: true,
|
|
expectedCountries: []api.Country{
|
|
{
|
|
CountryCode: "IR",
|
|
CountryName: "Iran",
|
|
},
|
|
{
|
|
CountryCode: "CY",
|
|
CountryName: "Cyprus",
|
|
},
|
|
{
|
|
CountryCode: "RW",
|
|
CountryName: "Rwanda",
|
|
},
|
|
{
|
|
CountryCode: "SO",
|
|
CountryName: "Somalia",
|
|
},
|
|
{
|
|
CountryCode: "YE",
|
|
CountryName: "Yemen",
|
|
},
|
|
{
|
|
CountryCode: "LY",
|
|
CountryName: "Libya",
|
|
},
|
|
{
|
|
CountryCode: "IQ",
|
|
CountryName: "Iraq",
|
|
},
|
|
},
|
|
requestType: http.MethodGet,
|
|
requestPath: "/api/locations/countries",
|
|
},
|
|
}
|
|
|
|
geolocationHandler := initGeolocationTestData(t)
|
|
|
|
for _, tc := range tt {
|
|
t.Run(tc.name, func(t *testing.T) {
|
|
recorder := httptest.NewRecorder()
|
|
req := httptest.NewRequest(tc.requestType, tc.requestPath, nil)
|
|
|
|
router := mux.NewRouter()
|
|
router.HandleFunc("/api/locations/countries", geolocationHandler.GetAllCountries).Methods("GET")
|
|
router.ServeHTTP(recorder, req)
|
|
|
|
res := recorder.Result()
|
|
defer res.Body.Close()
|
|
|
|
content, err := io.ReadAll(res.Body)
|
|
if err != nil {
|
|
t.Fatalf("I don't know what I expected; %v", err)
|
|
return
|
|
}
|
|
|
|
if status := recorder.Code; status != tc.expectedStatus {
|
|
t.Errorf("handler returned wrong status code: got %v want %v, content: %s",
|
|
status, tc.expectedStatus, string(content))
|
|
return
|
|
}
|
|
|
|
if !tc.expectedBody {
|
|
return
|
|
}
|
|
|
|
countries := make([]api.Country, 0)
|
|
if err = json.Unmarshal(content, &countries); err != nil {
|
|
t.Fatalf("unmarshal request cities response : %v", err)
|
|
return
|
|
}
|
|
assert.ElementsMatch(t, tc.expectedCountries, countries)
|
|
})
|
|
}
|
|
}
|