From eac3056c237d523f4786593922fe8f88eb65dff7 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Tue, 29 Mar 2016 13:27:01 -0700
Subject: testing: adds mx delivery tests

---
 tests/helpers/bonafide_helper.rb | 190 ++++++++++++++++++++++++++++++++-------
 tests/helpers/couchdb_helper.rb  |  36 ++++++++
 tests/helpers/http_helper.rb     |  27 ++++--
 tests/helpers/smtp_helper.rb     |  45 ++++++++++
 tests/helpers/srp_helper.rb      |   4 +-
 5 files changed, 260 insertions(+), 42 deletions(-)
 create mode 100644 tests/helpers/smtp_helper.rb

(limited to 'tests/helpers')

diff --git a/tests/helpers/bonafide_helper.rb b/tests/helpers/bonafide_helper.rb
index 20c3ca8d..95e3e3b7 100644
--- a/tests/helpers/bonafide_helper.rb
+++ b/tests/helpers/bonafide_helper.rb
@@ -17,58 +17,53 @@ class LeapTest
     raise exc
   end
 
-  def api_url(path)
-    api = property('api')
-    "https://%{domain}:%{port}#{path}" % {
-      :domain   => api['domain'],
-      :port     => api['port']
-    }
-  end
-
   #
   # attempts to create a user account via the API,
   # returning the user object if successful.
   #
-  def assert_create_user
-    user = SRP::User.new
-    url = api_url("/1/users.json")
-
+  def assert_create_user(username=nil, auth=nil)
+    user = SRP::User.new(username)
+    url = api_url("/users.json")
     params = user.to_params
-
-    if property('webapp.invite_required')
-      @invite_code = generate_invite_code
-      params['user[invite_code]'] = @invite_code
+    if auth
+      options = api_options(:auth => auth)
+    else
+      options = api_options
+      if property('webapp.invite_required')
+        @invite_code = generate_invite_code
+        params['user[invite_code]'] = @invite_code
+      end
     end
 
-    assert_post(url, params) do |body|
+    assert_post(url, params, options) do |body|
       assert response = JSON.parse(body), 'response should be JSON'
       assert response['ok'], "Creating a user should be successful, got #{response.inspect} instead."
+      user.ok = true
+      user.id = response['id']
     end
-    user.ok = true
     return user
   end
 
+  # TODO: use the api for this instead.
   def generate_invite_code
     `cd /srv/leap/webapp/ && sudo -u leap-webapp RAILS_ENV=production bundle exec rake generate_invites[1]`.gsub(/\n/, "")
   end
 
-
   #
   # attempts to authenticate user. if successful,
   # user object is updated with id and session token.
   #
   def assert_authenticate_user(user)
-    url = api_url("/1/sessions.json")
+    url = api_url("/sessions.json")
     session = SRP::Session.new(user)
     params = {'login' => user.username, 'A' => session.aa}
-    assert_post(url, params) do |response, body|
+    assert_post(url, params, api_options) do |body, response|
       cookie = response['Set-Cookie'].split(';').first
       assert(response = JSON.parse(body), 'response should be JSON')
       assert(session.bb = response["B"], 'response should include "B"')
-      url = api_url("/1/sessions/login.json")
+      url = api_url("/sessions/login.json")
       params = {'client_auth' => session.m, 'A' => session.aa}
-      options = {:headers => {'Cookie' => cookie}}
-      assert_put(url, params, options) do |body|
+      assert_put(url, params, api_options('Cookie' => cookie)) do |body|
         assert(response = JSON.parse(body), 'response should be JSON')
         assert(response['M2'], 'response should include M2')
         user.session_token = response['token']
@@ -83,16 +78,146 @@ class LeapTest
   # attempts to destroy a user account via the API.
   #
   def assert_delete_user(user)
-    if user && user.ok && user.id && user.session_token && !user.deleted
-      url = api_url("/1/users/#{user.id}.json")
-      options = {:headers => {
-        "Authorization" => "Token token=\"#{user.session_token}\""
-      }}
-      params = {
-        :identities => 'destroy'
+    if user.is_a? String
+      assert_delete_user_by_login(user)
+    elsif user.is_a? SRP::User
+      assert_delete_srp_user(user)
+    end
+  end
+
+  #
+  # returns true if the identity exists, uses monitor token auth
+  #
+  def identity_exists?(address)
+    url = api_url("/identities/#{URI.encode(address)}.json")
+    get(url, nil, api_options(:auth => :monitor)) do |body, response|
+      return response.code == "200"
+    end
+  end
+
+  def upload_public_key(user_id, public_key)
+    url = api_url("/users/#{user_id}.json")
+    params = {"user[public_key]" => public_key}
+    assert_put(url, params, api_options(:auth => :monitor))
+  end
+
+  #
+  # return user document as a Hash. uses monitor token auth
+  #
+  def find_user_by_id(user_id)
+    url = api_url("/users/#{user_id}.json")
+    assert_get(url, nil, api_options(:auth => :monitor)) do |body|
+      return JSON.parse(body)
+    end
+  end
+
+  #
+  # return user document as a Hash. uses monitor token auth
+  # NOTE: this relies on deprecated behavior of the API
+  # and will not work when multi-domain support is added.
+  #
+  def find_user_by_login(login)
+    url = api_url("/users/0.json?login=#{login}")
+    options = {:ok_codes => [200, 404]}.merge(api_options(:auth => :monitor))
+    assert_get(url, nil, options) do |body, response|
+      if response.code == "200"
+        return JSON.parse(body)
+      else
+        return nil
+      end
+    end
+  end
+
+  private
+
+  def api_url(path)
+    unless path =~ /^\//
+      path = '/' + path
+    end
+    if property('testing.api_uri')
+      return property('testing.api_uri') + path
+    elsif property('api')
+      api = property('api')
+      return "https://%{domain}:%{port}/%{version}#{path}" % {
+        :domain   => api['domain'],
+        :port     => api['port'],
+        :version  => api['version'] || 1
       }
+    else
+      fail 'This node needs to have either testing.api_url or api.{domain,port} configured.'
+    end
+  end
+
+  #
+  # produces an options hash used for api http requests.
+  #
+  # argument options hash gets added to "headers"
+  # of the http request.
+  #
+  # special :auth key in argument will expand to
+  # add api_token_auth header.
+  #
+  # if you want to try manually:
+  #
+  #   export API_URI=`grep api_uri /etc/leap/hiera.yaml | cut -d\" -f2`
+  #   export TOKEN=`grep monitor_auth_token /etc/leap/hiera.yaml | awk '{print $2}'`
+  #   curl -H "Accept: application/json" -H "Token: $TOKEN" $API_URI
+  #
+  def api_options(options={})
+    # note: must be :headers, not "headers"
+    hsh = {
+      :headers => {
+        "Accept" => "application/json"
+      }
+    }
+    if options[:auth]
+      hsh[:headers].merge!(api_token_auth(options.delete(:auth)))
+    end
+    hsh[:headers].merge!(options)
+    return hsh
+  end
+
+  #
+  # add token authentication to a http request.
+  #
+  # returns a hash suitable for adding to the 'headers' option
+  # of an http function.
+  #
+  def api_token_auth(token)
+    if token.is_a?(Symbol) && property('testing')
+      if token == :monitor
+        token_str = property('testing.monitor_auth_token')
+      else
+        raise ArgumentError.new 'no such token'
+      end
+    else
+      token_str = token
+    end
+    {"Authorization" => "Token token=\"#{token_str}\""}
+  end
+
+  #
+  # not actually used in any test, but useful when
+  # writing new tests.
+  #
+  def assert_delete_user_by_login(login_name)
+    user = find_user_by_login(login_name)
+    url = api_url("/users/#{user['id']}.json")
+    params =  {:identities => 'destroy'}
+    delete(url, params, api_options(:auth => :monitor)) do |body, response, error|
+      assert error.nil?, "Error deleting user: #{error}"
+      assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}"
+      assert(response = JSON.parse(body), 'Delete response should be JSON')
+      assert(response["success"], 'Deleting user should be a success')
+    end
+  end
+
+  def assert_delete_srp_user(user)
+    if user && user.ok && user.id && user.session_token && !user.deleted
+      url = api_url("users/#{user.id}.json")
+      params = {:identities => 'destroy'}
       user.deleted = true
-      delete(url, params, options) do |body, response, error|
+      delete(url, params, api_options(:auth => user.session_token)) do |body, response, error|
         assert error.nil?, "Error deleting user: #{error}"
         assert response.code.to_i == 200, "Unable to delete user: HTTP response from API should have code 200, was #{response.code} #{error} #{body}"
         assert(response = JSON.parse(body), 'Delete response should be JSON')
@@ -101,4 +226,5 @@ class LeapTest
     end
   end
 
+
 end
diff --git a/tests/helpers/couchdb_helper.rb b/tests/helpers/couchdb_helper.rb
index 27dabfcb..b9085c1e 100644
--- a/tests/helpers/couchdb_helper.rb
+++ b/tests/helpers/couchdb_helper.rb
@@ -103,4 +103,40 @@ class LeapTest
     end
   end
 
+  def assert_destroy_user_db(user_id, options=nil)
+    db_name = "user-#{user_id}"
+    url = couchdb_url("/#{db_name}", options)
+    http_options = {:ok_codes => [200, 404]} # ignore missing dbs
+    assert_delete(url, nil, http_options)
+  end
+
+  def assert_create_user_db(user_id, options=nil)
+    db_name = "user-#{user_id}"
+    url = couchdb_url("/#{db_name}", options)
+    http_options = {:ok_codes => [200, 404]} # ignore missing dbs
+    assert_put(url, nil, :format => :json) do |body|
+      assert response = JSON.parse(body), "PUT response should be JSON"
+      assert response["ok"], "PUT response should be OK"
+    end
+  end
+
+  #
+  # returns true if the per-user db created by soledad-server exists.
+  #
+  def user_db_exists?(user_id, options=nil)
+    db_name = "user-#{user_id}"
+    url = couchdb_url("/#{db_name}", options)
+    get(url) do |body, response, error|
+      if response.nil?
+        fail "could not query couchdb #{url}: #{error}\n#{body}"
+      elsif response.code.to_i == 200
+        return true
+      elsif response.code.to_i == 404
+        return false
+      else
+        fail ["could not query couchdb #{url}: expected response code 200 or 404, but got #{response.code}.", error, body].compact.join("\n")
+      end
+    end
+  end
+
 end
\ No newline at end of file
diff --git a/tests/helpers/http_helper.rb b/tests/helpers/http_helper.rb
index 2fcdc910..0d0bb7d5 100644
--- a/tests/helpers/http_helper.rb
+++ b/tests/helpers/http_helper.rb
@@ -81,20 +81,31 @@ class LeapTest
 
   #
   # calls http_send, yielding results if successful or failing with
-  # descriptive infor otherwise.
+  # descriptive info otherwise.
+  #
+  # options:
+  # - error_msg: custom error message to display.
+  # - ok_codes: in addition to 2xx, codes in this array will not produce an error.
   #
   def assert_http_send(method, url, params=nil, options=nil, &block)
     options ||= {}
     error_msg = options[:error_msg] || (url.respond_to?(:memo) ? url.memo : nil)
     http_send(method, url, params, options) do |body, response, error|
-      ok = response && response.code.to_i >= 200 && response.code.to_i < 300
-      if body && ok
-        if block
-          yield(body) if block.arity == 1
-          yield(response, body) if block.arity == 2
+      if response
+        code = response.code.to_i
+        ok = code >= 200 && code < 300
+        if options[:ok_codes]
+          ok ||= options[:ok_codes].include?(code)
+        end
+        if ok
+          if block
+            yield(body) if block.arity == 1
+            yield(body, response) if block.arity == 2
+            yield(body, response, error) if block.arity == 3
+          end
+        else
+          fail ["Expected success code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n")
         end
-      elsif response && !ok
-        fail ["Expected a 200 status code from #{method} #{url}, but got #{response.code} instead.", error_msg, body].compact.join("\n")
       else
         fail ["Expected a response from #{method} #{url}, but got \"#{error}\" instead.", error_msg, body].compact.join("\n"), error
       end
diff --git a/tests/helpers/smtp_helper.rb b/tests/helpers/smtp_helper.rb
new file mode 100644
index 00000000..ea7fb9fa
--- /dev/null
+++ b/tests/helpers/smtp_helper.rb
@@ -0,0 +1,45 @@
+require 'net/smtp'
+
+class LeapTest
+
+  TEST_EMAIL_USER = "test_user_email"
+  TEST_BAD_USER = "test_user_bad"
+
+  MSG_BODY = %(Since it seems that any heart which beats for freedom has the right only to a
+lump of lead, I too claim my share. If you let me live, I shall never stop
+crying for revenge and I shall avenge my brothers. I have finished. If you are
+not cowards, kill me!
+
+--Louise Michel)
+
+  def send_email(recipient, options={})
+    sender = options[:sender] || recipient
+    helo_domain = property('domain.full_suffix')
+    headers = {
+      "Date" => Time.now.utc,
+      "From" => sender,
+      "To" => recipient,
+      "Subject" => "Test Message",
+      "X-LEAP-TEST" => "true"
+    }.merge(options[:headers]||{})
+    message = []
+    headers.each do |key, value|
+      message << "#{key}: #{value}"
+    end
+    message << ""
+    message << MSG_BODY
+    Net::SMTP.start('localhost', 25, helo_domain) do |smtp|
+      smtp.send_message message.join("\n"), recipient, sender
+    end
+  end
+
+  def assert_send_email(recipient, options={})
+    begin
+      send_email(recipient, options)
+    rescue IOError, Net::OpenTimeout,
+           Net::ReadTimeout, Net::SMTPError => e
+      fail "Could not send mail to #{recipient} (#{e})"
+    end
+  end
+
+end
\ No newline at end of file
diff --git a/tests/helpers/srp_helper.rb b/tests/helpers/srp_helper.rb
index 5d30b459..b30fa768 100644
--- a/tests/helpers/srp_helper.rb
+++ b/tests/helpers/srp_helper.rb
@@ -138,8 +138,8 @@ d15dc7d7b46154d6b6ce8ef4ad69b15d4982559b297bcf1885c529f566660e5
 
     attr_accessor :username, :password, :salt, :verifier, :id, :session_token, :ok, :deleted
 
-    def initialize
-      @username = "test_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '')
+    def initialize(username=nil)
+      @username = username || "tmp_user_" + SecureRandom.urlsafe_base64(10).downcase.gsub(/[_-]/, '')
       @password = "password_" + SecureRandom.urlsafe_base64(10)
       @salt     = bigrand(4).hex
       @verifier = modpow(GENERATOR, private_key)
-- 
cgit v1.2.3