ntfy/cmd/access_test.go

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

90 lines
2.6 KiB
Go
Raw Normal View History

2022-02-04 03:26:22 +00:00
package cmd
import (
"fmt"
"github.com/stretchr/testify/require"
"github.com/urfave/cli/v2"
"heckel.io/ntfy/server"
"heckel.io/ntfy/test"
"testing"
)
func TestCLI_Access_Show(t *testing.T) {
s, conf, port := newTestServerWithAuth(t)
defer test.StopServer(t, s, port)
app, _, _, stderr := newTestApp()
require.Nil(t, runAccessCommand(app, conf))
2023-02-07 03:38:22 +00:00
require.Contains(t, stderr.String(), "user * (role: anonymous, tier: none)\n- no topic-specific permissions\n- no access to any (other) topics (server config)")
2022-02-04 03:26:22 +00:00
}
func TestCLI_Access_Grant_And_Publish(t *testing.T) {
s, conf, port := newTestServerWithAuth(t)
defer test.StopServer(t, s, port)
app, stdin, _, _ := newTestApp()
stdin.WriteString("philpass\nphilpass\nbenpass\nbenpass")
require.Nil(t, runUserCommand(app, conf, "add", "--role=admin", "phil"))
require.Nil(t, runUserCommand(app, conf, "add", "ben"))
require.Nil(t, runAccessCommand(app, conf, "ben", "announcements", "rw"))
require.Nil(t, runAccessCommand(app, conf, "ben", "sometopic", "read"))
require.Nil(t, runAccessCommand(app, conf, "everyone", "announcements", "read"))
app, _, _, stderr := newTestApp()
require.Nil(t, runAccessCommand(app, conf))
2023-02-07 03:38:22 +00:00
expected := `user phil (role: admin, tier: none)
2022-02-04 03:26:22 +00:00
- read-write access to all topics (admin role)
2023-02-07 03:38:22 +00:00
user ben (role: user, tier: none)
2022-02-04 03:26:22 +00:00
- read-write access to topic announcements
- read-only access to topic sometopic
2023-02-07 03:38:22 +00:00
user * (role: anonymous, tier: none)
2022-02-04 03:26:22 +00:00
- read-only access to topic announcements
- no access to any (other) topics (server config)
`
require.Equal(t, expected, stderr.String())
// See if access permissions match
app, _, _, _ = newTestApp()
require.Error(t, app.Run([]string{
"ntfy",
"publish",
fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
}))
require.Nil(t, app.Run([]string{
"ntfy",
"publish",
"-u", "ben:benpass",
fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
}))
require.Nil(t, app.Run([]string{
"ntfy",
"publish",
"-u", "phil:philpass",
fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
}))
require.Nil(t, app.Run([]string{
"ntfy",
"subscribe",
"--poll",
fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
}))
require.Error(t, app.Run([]string{
"ntfy",
"subscribe",
"--poll",
fmt.Sprintf("http://127.0.0.1:%d/something-else", port),
}))
}
func runAccessCommand(app *cli.App, conf *server.Config, args ...string) error {
userArgs := []string{
"ntfy",
2023-02-08 20:20:44 +00:00
"--log-level=ERROR",
2022-02-04 03:26:22 +00:00
"access",
2023-02-08 20:20:44 +00:00
"--config=" + conf.File, // Dummy config file to avoid lookups of real file
2022-02-04 03:26:22 +00:00
"--auth-file=" + conf.AuthFile,
"--auth-default-access=" + conf.AuthDefault.String(),
2022-02-04 03:26:22 +00:00
}
return app.Run(append(userArgs, args...))
}