2022-12-09 02:58:17 +01:00
# -*- coding: utf-8 -*-
#
# Copyright (c) 2022 Virtual Cable S.L.U.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without modification,
# are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
# * Neither the name of Virtual Cable S.L.U. nor the names of its contributors
# may be used to endorse or promote products derived from this software
# without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
"""
2024-05-25 17:28:44 +02:00
Author : Adolfo Gómez , dkmaster at dkmon dot com
2022-12-09 02:58:17 +01:00
"""
import typing
import logging
2023-01-18 23:53:18 +01:00
from unittest import mock
2022-12-09 02:58:17 +01:00
from django . urls import reverse
2024-01-12 05:45:04 +01:00
from uds . core import consts
2022-12-09 02:58:17 +01:00
from uds . core . util import config
2023-02-06 16:08:04 +01:00
from uds . middleware import request
2022-12-09 02:58:17 +01:00
2023-02-06 16:08:04 +01:00
from . . utils . web import test
2022-12-09 02:58:17 +01:00
if typing . TYPE_CHECKING :
2024-01-11 05:00:49 +01:00
from uds . core . types . requests import ExtendedHttpRequestWithUser
2022-12-09 02:58:17 +01:00
logger = logging . getLogger ( __name__ )
class GlobalRequestMiddlewareTest ( test . WEBTestCase ) :
"""
Test actor functionality
"""
def test_global_request_no_login_ipv4 ( self ) - > None :
GlobalRequestMiddlewareTest . add_middleware (
2023-02-06 16:08:04 +01:00
' uds.middleware.request.GlobalRequestMiddleware '
2022-12-09 02:58:17 +01:00
)
self . client . enable_ipv4 ( )
response = self . client . get ( ' / ' , secure = False )
2023-04-15 21:21:23 +02:00
req = typing . cast ( ' ExtendedHttpRequestWithUser ' , response . wsgi_request )
2022-12-09 02:58:17 +01:00
# session[AUTHORIZED_KEY] = False, not logged in
2024-01-12 05:45:04 +01:00
self . assertEqual ( req . session . get ( consts . auth . SESSION_AUTHORIZED_KEY ) , False )
2022-12-09 02:58:17 +01:00
# Ensure ip, and ip_proxy are set and both are the same, 127.0.0.1
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . ip , ' 127.0.0.1 ' )
self . assertEqual ( req . ip_proxy , ' 127.0.0.1 ' )
self . assertEqual ( req . ip_version , 4 )
2022-12-09 02:58:17 +01:00
# Ensure user is not set
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . user , None )
2022-12-09 02:58:17 +01:00
# And redirects to index
self . assertEqual ( response . status_code , 302 )
self . assertEqual ( response . url , reverse ( ' page.index ' ) )
def test_global_request_no_login_ipv6 ( self ) - > None :
GlobalRequestMiddlewareTest . add_middleware (
2023-02-06 16:08:04 +01:00
' uds.middleware.request.GlobalRequestMiddleware '
2022-12-09 02:58:17 +01:00
)
self . client . enable_ipv6 ( )
response = self . client . get ( ' / ' , secure = False )
2023-04-15 21:21:23 +02:00
req = typing . cast ( ' ExtendedHttpRequestWithUser ' , response . wsgi_request )
2022-12-09 02:58:17 +01:00
# session[AUTHORIZED_KEY] = False, not logged in
2024-01-12 05:45:04 +01:00
self . assertEqual ( req . session . get ( consts . auth . SESSION_AUTHORIZED_KEY ) , False )
2023-04-15 21:21:23 +02:00
2022-12-09 02:58:17 +01:00
# Ensure ip, and ip_proxy are set and both are the same,
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . ip , ' ::1 ' )
self . assertEqual ( req . ip_proxy , ' ::1 ' )
self . assertEqual ( req . ip_version , 6 )
2022-12-09 02:58:17 +01:00
# Ensure user is not set
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . user , None )
2022-12-09 02:58:17 +01:00
# And redirects to index
self . assertEqual ( response . status_code , 302 )
self . assertEqual ( response . url , reverse ( ' page.index ' ) )
def test_global_request_login_ipv4 ( self ) - > None :
GlobalRequestMiddlewareTest . add_middleware (
2023-02-06 16:08:04 +01:00
' uds.middleware.request.GlobalRequestMiddleware '
2022-12-09 02:58:17 +01:00
)
self . client . enable_ipv4 ( )
user = self . login ( as_admin = False )
response = self . client . get ( ' / ' , secure = False )
2023-04-15 21:21:23 +02:00
req = typing . cast ( ' ExtendedHttpRequestWithUser ' , response . wsgi_request )
2022-12-09 02:58:17 +01:00
# session[AUTHORIZED_KEY] = True, logged in
2024-01-12 05:45:04 +01:00
self . assertEqual ( req . session . get ( consts . auth . SESSION_AUTHORIZED_KEY ) , True )
2022-12-09 02:58:17 +01:00
# Ensure ip, and ip_proxy are set and both are the same,
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . ip , ' 127.0.0.1 ' )
self . assertEqual ( req . ip_proxy , ' 127.0.0.1 ' )
self . assertEqual ( req . ip_version , 4 )
2022-12-09 02:58:17 +01:00
# Ensure user is correct
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . user . uuid , user . uuid )
2022-12-09 02:58:17 +01:00
# And redirects to index
self . assertEqual ( response . status_code , 302 )
self . assertEqual ( response . url , reverse ( ' page.index ' ) )
def test_global_request_login_ipv6 ( self ) - > None :
GlobalRequestMiddlewareTest . add_middleware (
2023-02-06 16:08:04 +01:00
' uds.middleware.request.GlobalRequestMiddleware '
2022-12-09 02:58:17 +01:00
)
self . client . enable_ipv6 ( )
user = self . login ( as_admin = False )
response = self . client . get ( ' / ' , secure = False )
2023-04-15 21:21:23 +02:00
req = typing . cast ( ' ExtendedHttpRequestWithUser ' , response . wsgi_request )
2022-12-09 02:58:17 +01:00
# session[AUTHORIZED_KEY] = True, logged in
2024-01-12 05:45:04 +01:00
self . assertEqual ( req . session . get ( consts . auth . SESSION_AUTHORIZED_KEY ) , True )
2022-12-09 02:58:17 +01:00
# Ensure ip, and ip_proxy are set and both are the same,
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . ip , ' ::1 ' )
self . assertEqual ( req . ip_proxy , ' ::1 ' )
self . assertEqual ( req . ip_version , 6 )
2022-12-09 02:58:17 +01:00
# Ensure user is correct
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . user . uuid , user . uuid )
2022-12-09 02:58:17 +01:00
# And redirects to index
self . assertEqual ( response . status_code , 302 )
self . assertEqual ( response . url , reverse ( ' page.index ' ) )
def test_no_middleware ( self ) - > None :
# Ensure GlobalRequestMiddleware is not present
2023-04-15 21:21:23 +02:00
GlobalRequestMiddlewareTest . remove_middleware (
' uds.middleware.request.GlobalRequestMiddleware '
)
2022-12-09 02:58:17 +01:00
self . client . enable_ipv4 ( )
response = self . client . get ( ' / ' , secure = False )
2023-04-15 21:21:23 +02:00
req = response . wsgi_request
2022-12-09 02:58:17 +01:00
# session[AUTHORIZED_KEY] is not present
2024-01-12 05:45:04 +01:00
self . assertEqual ( consts . auth . SESSION_AUTHORIZED_KEY in req . session , False )
2022-12-09 02:58:17 +01:00
# ip is not present, nor ip_proxy or ip_version
2023-04-15 21:21:23 +02:00
self . assertEqual ( hasattr ( req , ' ip ' ) , False )
self . assertEqual ( hasattr ( req , ' ip_proxy ' ) , False )
self . assertEqual ( hasattr ( req , ' ip_version ' ) , False )
2022-12-09 02:58:17 +01:00
# Also, user is not present
2023-04-15 21:21:23 +02:00
self . assertEqual ( hasattr ( req , ' user ' ) , False )
2022-12-09 02:58:17 +01:00
# And redirects to index
self . assertEqual ( response . status_code , 302 )
self . assertEqual ( response . url , reverse ( ' page.index ' ) )
2023-01-18 23:53:18 +01:00
def test_detect_ips_no_proxy ( self ) - > None :
req = mock . Mock ( )
# Use an ipv4 and an ipv6 address
for ip in [ ' 192.168.128.128 ' , ' 2001:db8:85a3:8d3:1319:8a2e:370:7348 ' ] :
req . META = {
' REMOTE_ADDR ' : ip ,
}
2024-01-12 06:06:29 +01:00
req . headers = { }
2023-04-15 21:21:23 +02:00
request . _fill_ips ( req ) # pylint: disable=protected-access
2023-01-18 23:53:18 +01:00
self . assertEqual ( req . ip , ip )
self . assertEqual ( req . ip_proxy , ip )
self . assertEqual ( req . ip_version , 4 if ' . ' in ip else 6 )
def test_detect_ips_proxy ( self ) - > None :
config . GlobalConfig . BEHIND_PROXY . set ( True )
req = mock . Mock ( )
# Use an ipv4 and an ipv6 address
2023-01-19 13:59:24 +01:00
for client_ip in [ ' 192.168.128.128 ' , ' 2001:db8:85a3:8d3:1319:8a2e:370:7348 ' ] :
for proxy in [ ' 192.168.200.200 ' , ' 2001:db8:85a3:8d3:1319:8a2e:370:7349 ' ] :
2023-01-18 23:53:18 +01:00
for with_nginx in [ True , False ] :
# Remote address is not included by NGINX, it's on the X-Forwarded-For header
if with_nginx is False :
req . META = {
2023-01-19 13:59:24 +01:00
' REMOTE_ADDR ' : proxy ,
2023-01-18 23:53:18 +01:00
}
2024-01-12 06:06:29 +01:00
req . headers = { consts . auth . X_FORWARDED_FOR_HEADER : client_ip }
else : # Without nginx, remote addres is not included
req . META = { }
req . headers = { consts . auth . X_FORWARDED_FOR_HEADER : f ' { client_ip } , { proxy } ' }
2023-04-15 21:21:23 +02:00
request . _fill_ips ( req ) # pylint: disable=protected-access
self . assertEqual (
req . ip , client_ip , " Failed for {} " . format ( req . META )
)
self . assertEqual (
req . ip_proxy , client_ip , " Failed for {} " . format ( req . META )
)
self . assertEqual (
req . ip_version ,
4 if ' . ' in client_ip else 6 ,
" Failed for {} " . format ( req . META ) ,
)
2023-01-18 23:53:18 +01:00
def test_detect_ips_proxy_chained ( self ) - > None :
config . GlobalConfig . BEHIND_PROXY . set ( True )
req = mock . Mock ( )
# Use an ipv4 and an ipv6 address
2023-01-19 13:59:24 +01:00
for client_ip in [ ' 192.168.128.128 ' , ' 2001:db8:85a3:8d3:1319:8a2e:370:7348 ' ] :
2023-04-15 21:21:23 +02:00
for first_proxy in [
' 192.168.200.200 ' ,
' 2001:db8:85a3:8d3:1319:8a2e:370:7349 ' ,
] :
for second_proxy in [
' 192.168.201.201 ' ,
' 2001:db8:85a3:8d3:1319:8a2e:370:7350 ' ,
] :
2023-01-18 23:53:18 +01:00
for with_nginx in [ True , False ] :
2023-01-19 13:59:24 +01:00
x_forwarded_for = ' {} , {} ' . format ( client_ip , first_proxy )
2023-01-18 23:53:18 +01:00
if with_nginx is False :
req . META = {
2023-01-19 13:59:24 +01:00
' REMOTE_ADDR ' : client_ip ,
2023-01-18 23:53:18 +01:00
}
2024-01-12 06:06:29 +01:00
req . headers = { consts . auth . X_FORWARDED_FOR_HEADER : x_forwarded_for }
else : # Without nginx, remote addres is not included
req . META = { }
req . headers = {
2024-01-12 06:12:41 +01:00
consts . auth . X_FORWARDED_FOR_HEADER : " {} , {} " . format (
2023-04-15 21:21:23 +02:00
x_forwarded_for , second_proxy
) ,
2023-01-18 23:53:18 +01:00
}
request . _fill_ips ( req )
2023-01-19 13:59:24 +01:00
self . assertEqual ( req . ip , first_proxy )
self . assertEqual ( req . ip_proxy , client_ip )
2023-04-15 21:21:23 +02:00
self . assertEqual ( req . ip_version , 4 if ' . ' in first_proxy else 6 )
