github.com/xhghs/rclone@v1.51.1-0.20200430155106-e186a28cced8/cmd/serve/restic/restic_privaterepos_test.go

github.com/xhghs/rclone@v1.51.1-0.20200430155106-e186a28cced8/cmd/serve/restic/restic_privaterepos_test.go (about)

     1  package restic
     2  
     3  import (
     4  	"context"
     5  	"crypto/rand"
     6  	"io"
     7  	"io/ioutil"
     8  	"net/http"
     9  	"os"
    10  	"strings"
    11  	"testing"
    12  
    13  	"github.com/rclone/rclone/cmd/serve/httplib"
    14  
    15  	"github.com/rclone/rclone/cmd"
    16  	"github.com/rclone/rclone/cmd/serve/httplib/httpflags"
    17  	"github.com/stretchr/testify/require"
    18  )
    19  
    20  // newAuthenticatedRequest returns a new HTTP request with the given params.
    21  func newAuthenticatedRequest(t testing.TB, method, path string, body io.Reader) *http.Request {
    22  	req := newRequest(t, method, path, body)
    23  	req = req.WithContext(context.WithValue(req.Context(), httplib.ContextUserKey, "test"))
    24  	req.Header.Add("Accept", resticAPIV2)
    25  	return req
    26  }
    27  
    28  // TestResticPrivateRepositories runs tests on the restic handler code for private repositories
    29  func TestResticPrivateRepositories(t *testing.T) {
    30  	buf := make([]byte, 32)
    31  	_, err := io.ReadFull(rand.Reader, buf)
    32  	require.NoError(t, err)
    33  
    34  	// setup rclone with a local backend in a temporary directory
    35  	tempdir, err := ioutil.TempDir("", "rclone-restic-test-")
    36  	require.NoError(t, err)
    37  
    38  	// make sure the tempdir is properly removed
    39  	defer func() {
    40  		err := os.RemoveAll(tempdir)
    41  		require.NoError(t, err)
    42  	}()
    43  
    44  	// globally set private-repos mode & test user
    45  	prev := privateRepos
    46  	prevUser := httpflags.Opt.BasicUser
    47  	prevPassword := httpflags.Opt.BasicPass
    48  	privateRepos = true
    49  	httpflags.Opt.BasicUser = "test"
    50  	httpflags.Opt.BasicPass = "password"
    51  	// reset when done
    52  	defer func() {
    53  		privateRepos = prev
    54  		httpflags.Opt.BasicUser = prevUser
    55  		httpflags.Opt.BasicPass = prevPassword
    56  	}()
    57  
    58  	// make a new file system in the temp dir
    59  	f := cmd.NewFsSrc([]string{tempdir})
    60  	srv := newServer(f, &httpflags.Opt)
    61  
    62  	// Requesting /test/ should allow access
    63  	reqs := []*http.Request{
    64  		newAuthenticatedRequest(t, "POST", "/test/?create=true", nil),
    65  		newAuthenticatedRequest(t, "POST", "/test/config", strings.NewReader("foobar test config")),
    66  		newAuthenticatedRequest(t, "GET", "/test/config", nil),
    67  	}
    68  	for _, req := range reqs {
    69  		checkRequest(t, srv.handler, req, []wantFunc{wantCode(http.StatusOK)})
    70  	}
    71  
    72  	// Requesting everything else should raise forbidden errors
    73  	reqs = []*http.Request{
    74  		newAuthenticatedRequest(t, "GET", "/", nil),
    75  		newAuthenticatedRequest(t, "POST", "/other_user", nil),
    76  		newAuthenticatedRequest(t, "GET", "/other_user/config", nil),
    77  	}
    78  	for _, req := range reqs {
    79  		checkRequest(t, srv.handler, req, []wantFunc{wantCode(http.StatusForbidden)})
    80  	}
    81  
    82  }