access_test.go 2.6 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
  1. package cmd
  2. import (
  3. "fmt"
  4. "github.com/stretchr/testify/require"
  5. "github.com/urfave/cli/v2"
  6. "heckel.io/ntfy/server"
  7. "heckel.io/ntfy/test"
  8. "testing"
  9. )
  10. func TestCLI_Access_Show(t *testing.T) {
  11. s, conf, port := newTestServerWithAuth(t)
  12. defer test.StopServer(t, s, port)
  13. app, _, _, stderr := newTestApp()
  14. require.Nil(t, runAccessCommand(app, conf))
  15. require.Contains(t, stderr.String(), "user * (role: anonymous, tier: none)\n- no topic-specific permissions\n- no access to any (other) topics (server config)")
  16. }
  17. func TestCLI_Access_Grant_And_Publish(t *testing.T) {
  18. s, conf, port := newTestServerWithAuth(t)
  19. defer test.StopServer(t, s, port)
  20. app, stdin, _, _ := newTestApp()
  21. stdin.WriteString("philpass\nphilpass\nbenpass\nbenpass")
  22. require.Nil(t, runUserCommand(app, conf, "add", "--role=admin", "phil"))
  23. require.Nil(t, runUserCommand(app, conf, "add", "ben"))
  24. require.Nil(t, runAccessCommand(app, conf, "ben", "announcements", "rw"))
  25. require.Nil(t, runAccessCommand(app, conf, "ben", "sometopic", "read"))
  26. require.Nil(t, runAccessCommand(app, conf, "everyone", "announcements", "read"))
  27. app, _, _, stderr := newTestApp()
  28. require.Nil(t, runAccessCommand(app, conf))
  29. expected := `user phil (role: admin, tier: none)
  30. - read-write access to all topics (admin role)
  31. user ben (role: user, tier: none)
  32. - read-write access to topic announcements
  33. - read-only access to topic sometopic
  34. user * (role: anonymous, tier: none)
  35. - read-only access to topic announcements
  36. - no access to any (other) topics (server config)
  37. `
  38. require.Equal(t, expected, stderr.String())
  39. // See if access permissions match
  40. app, _, _, _ = newTestApp()
  41. require.Error(t, app.Run([]string{
  42. "ntfy",
  43. "publish",
  44. fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
  45. }))
  46. require.Nil(t, app.Run([]string{
  47. "ntfy",
  48. "publish",
  49. "-u", "ben:benpass",
  50. fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
  51. }))
  52. require.Nil(t, app.Run([]string{
  53. "ntfy",
  54. "publish",
  55. "-u", "phil:philpass",
  56. fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
  57. }))
  58. require.Nil(t, app.Run([]string{
  59. "ntfy",
  60. "subscribe",
  61. "--poll",
  62. fmt.Sprintf("http://127.0.0.1:%d/announcements", port),
  63. }))
  64. require.Error(t, app.Run([]string{
  65. "ntfy",
  66. "subscribe",
  67. "--poll",
  68. fmt.Sprintf("http://127.0.0.1:%d/something-else", port),
  69. }))
  70. }
  71. func runAccessCommand(app *cli.App, conf *server.Config, args ...string) error {
  72. userArgs := []string{
  73. "ntfy",
  74. "--log-level=ERROR",
  75. "access",
  76. "--config=" + conf.File, // Dummy config file to avoid lookups of real file
  77. "--auth-file=" + conf.AuthFile,
  78. "--auth-default-access=" + conf.AuthDefault.String(),
  79. }
  80. return app.Run(append(userArgs, args...))
  81. }