From 07c0e60e6bdc5b8bfe1f42f76dae9f0a79e7abb0 Mon Sep 17 00:00:00 2001 From: elijah Date: Mon, 29 Aug 2016 16:35:14 -0700 Subject: moved infrastructure tests run by `leap run` to tests/server-tests --- tests/white-box/mx.rb | 271 -------------------------------------------------- 1 file changed, 271 deletions(-) delete mode 100644 tests/white-box/mx.rb (limited to 'tests/white-box/mx.rb') diff --git a/tests/white-box/mx.rb b/tests/white-box/mx.rb deleted file mode 100644 index 0eeaacd0..00000000 --- a/tests/white-box/mx.rb +++ /dev/null @@ -1,271 +0,0 @@ -raise SkipTest unless service?(:mx) - -require 'date' -require 'json' -require 'net/smtp' - -class Mx < LeapTest - depends_on "Network" - depends_on "Webapp" if service?(:webapp) - - def setup - end - - def test_01_Can_contact_couchdb? - dbs = ["identities"] - dbs.each do |db_name| - couchdb_urls("/"+db_name, couch_url_options).each do |url| - assert_get(url) do |body| - assert response = JSON.parse(body) - assert_equal db_name, response['db_name'] - end - end - end - pass - end - - def test_02_Can_contact_couchdb_via_haproxy? - if property('haproxy.couch') - url = couchdb_url_via_haproxy("", couch_url_options) - assert_get(url) do |body| - assert_match /"couchdb":"Welcome"/, body, "Request to #{url} should return couchdb welcome message." - end - pass - end - end - - # - # this test picks a random identity document, then queries - # using the by_address view for that same document again. - # - def test_03_Can_query_identities_db? - ident = pick_random_identity - address = ident['address'] - url_base = %(/identities/_design/Identity/_view/by_address) - params = %(?include_docs=true&reduce=false&startkey="#{address}"&endkey="#{address}") - assert_get(couchdb_url(url_base+params, couch_url_options)) do |body| - assert response = JSON.parse(body) - assert record = response['rows'].first - assert_equal address, record['doc']['address'] - pass - end - end - - def test_04_Are_MX_daemons_running? - assert_running '.*/usr/bin/twistd.*mx.tac' - assert_running '^/usr/lib/postfix/master$' - assert_running '^/usr/sbin/postfwd' - assert_running 'postfwd2::cache$' - assert_running 'postfwd2::policy$' - assert_running '^/usr/sbin/unbound$' - assert_running '^/usr/bin/freshclam' - assert_running '^/usr/sbin/opendkim' - if Dir.glob("/var/lib/clamav/main.{c[vl]d,inc}").size > 0 and Dir.glob("/var/lib/clamav/daily.{c[vl]d,inc}").size > 0 - assert_running '^/usr/sbin/clamd' - assert_running '^/usr/sbin/clamav-milter' - pass - else - skip "Downloading the clamav signature files (/var/lib/clamav/{daily,main}.{c[vl]d,inc}) is still in progress, so clamd is not running." - end - end - - # - # TODO: test to make sure postmap returned the right result - # - def test_05_Can_postfix_query_leapmx? - ident = pick_random_identity(10, :with_public_key => true) - address = ident["address"] - - # - # virtual alias map: - # - # user@domain => 41c29a80a44f4775513c64ac9cab91b9@deliver.local - # - assert_run("postmap -v -q \"#{address}\" tcp:localhost:4242") - - # - # recipient access map: - # - # user@domain => [OK|REJECT|TEMP_FAIL] - # - # This map is queried by the mail server before delivery to the mail spool - # directory, and should check if the address is able to receive messages. - # Examples of reasons for denying delivery would be that the user is out of - # quota, is user, or have no pgp public key in the server. - # - # NOTE: in the future, when we support quota, we need to make sure that - # we don't randomly pick a user for this test that happens to be over quota. - # - assert_run("postmap -v -q \"#{address}\" tcp:localhost:2244") - - # - # certificate validity map: - # - # fa:2a:70:1f:d8:16:4e:1a:3b:15:c1:67:00:f0 => [200|500] - # - # Determines whether a particular SMTP client cert is authorized - # to relay mail, based on the fingerprint. - # - if ident["cert_fingerprints"] - not_expired = ident["cert_fingerprints"].select {|key, value| - Time.now.utc < DateTime.strptime("2016-01-03", "%F").to_time.utc - } - if not_expired.any? - fingerprint = not_expired.first - assert_run("postmap -v -q #{fingerprint} tcp:localhost:2424") - end - end - - pass - end - - # - # The email sent by this test might get bounced back. - # In this case, the test will pass, but the bounce message will - # get sent to root, so the sysadmin will still figure out pretty - # quickly that something is wrong. - # - def test_05_Can_deliver_email? - if pgrep('^/usr/sbin/clamd').empty? || pgrep('^/usr/sbin/clamav-milter').empty? - skip "Mail delivery is being deferred because clamav daemon is not running" - else - addr = [TEST_EMAIL_USER, property('domain.full_suffix')].join('@') - bad_addr = [TEST_BAD_USER, property('domain.full_suffix')].join('@') - - assert !identity_exists?(bad_addr), "the address #{bad_addr} must not exist." - if !identity_exists?(addr) - user = assert_create_user(TEST_EMAIL_USER, :monitor) - upload_public_key(user.id, TEST_EMAIL_PUBLIC_KEY) - end - assert identity_exists?(addr), "The identity #{addr} should have been created, but it doesn't exist yet." - assert_send_email(addr) - assert_raises(Net::SMTPError) do - send_email(bad_addr) - end - pass - end - end - - private - - def couch_url_options - { - :username => property('couchdb_leap_mx_user.username'), - :password => property('couchdb_leap_mx_user.password') - } - end - - # - # returns a random identity record that also has valid address - # and destination fields. - # - # options: - # - # * :with_public_key -- searches only for identities with public keys - # - # note to self: for debugging, here is the curl you want: - # curl --netrc "127.0.0.1:5984/identities/_design/Identity/_view/by_address?startkey=\"xxxx@leap.se\"&endkey=\"xxxx@leap.se\"&reduce=false&include_docs=true" - # - def pick_random_identity(tries=5, options={}) - assert_get(couchdb_url("/identities", couch_url_options)) do |body| - assert response = JSON.parse(body) - doc_count = response['doc_count'].to_i - if doc_count <= 1 - # the design document counts as one document. - skip "There are no identity documents yet." - else - # try repeatedly to get a valid doc - for i in 1..tries - offset = rand(doc_count) # pick a random document - url = couchdb_url("/identities/_all_docs?include_docs=true&limit=1&skip=#{offset}", couch_url_options) - assert_get(url) do |body| - assert response = JSON.parse(body) - record = response['rows'].first - if record['id'] =~ /_design/ - next - elsif record['doc'] && record['doc']['address'] - next if record['doc']['destination'].nil? || record['doc']['destination'].empty? - next if options[:with_public_key] && !record_has_key?(record) - return record['doc'] - else - fail "Identity document #{record['id']} is missing an address field. #{record['doc'].inspect}" - end - end - end - if options[:with_public_key] - skip "Could not find an Identity document with a public key for testing." - else - fail "Failed to find a valid Identity document (with address and destination)." - end - end - end - end - - def record_has_key?(record) - !record['doc']['keys'].nil? && - !record['doc']['keys'].empty? && - !record['doc']['keys']['pgp'].nil? && - !record['doc']['keys']['pgp'].empty? - end - - TEST_EMAIL_PUBLIC_KEY=<