summaryrefslogtreecommitdiff
path: root/tests/server-tests/white-box/couchdb.rb
blob: f8223bd2c1d633c6fe388d49afc5d9416d422404 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
raise SkipTest unless service?(:couchdb)

require 'json'

class CouchDB < LeapTest
  depends_on "Network"

  def setup
  end

  def test_00_Are_daemons_running?
    assert_running match: 'bin/beam'
    if multimaster?
      assert_running match: 'bin/epmd'
    end
    pass
  end

  #
  # check to make sure we can get welcome response from local couchdb
  #
  def test_01_Is_CouchDB_running?
    assert_get(couchdb_url) do |body|
      assert_match /"couchdb":"Welcome"/, body, "Could not get welcome message from #{couchdb_url}. Probably couchdb is not running."
    end
    pass
  end

  #
  # all configured nodes are in 'cluster_nodes'
  # all nodes online and communicating are in 'all_nodes'
  #
  # this seems backward to me, so it might be the other way around.
  #
  def test_03_Are_configured_nodes_online?
    return unless multimaster?
    url = couchdb_url("/_membership", :username => 'admin')
    assert_get(url) do |body|
      response = JSON.parse(body)
      nodes_configured_but_not_available = response['cluster_nodes'] - response['all_nodes']
      nodes_available_but_not_configured = response['all_nodes'] - response['cluster_nodes']
      if nodes_configured_but_not_available.any?
        warn "These nodes are configured but not available:", nodes_configured_but_not_available
      end
      if nodes_available_but_not_configured.any?
        warn "These nodes are available but not configured:", nodes_available_but_not_configured
      end
      if response['cluster_nodes'] == response['all_nodes']
        pass
      end
    end
  end

  #
  # TODO: test for the existance of 'soledad' user if soledad service is enabled.
  #
  def test_04_Do_ACL_users_exist?
    acl_users = ['_design/_auth', 'leap_mx', 'nickserver', 'webapp', 'replication']
    url = couchdb_backend_url("/_users/_all_docs", :username => 'admin')
    assert_get(url) do |body|
      response = JSON.parse(body)
      actual_users = response['rows'].map{|row| row['id'].sub(/^org.couchdb.user:/, '') }
      actual_users.delete('soledad') # for now, ignore user 'soledad'
      assert_equal acl_users.sort, actual_users.sort
    end
    pass
  end

  #
  # TODO: test for the existance of 'shared' db if soledad service is enabled.
  #
  def test_05_Do_required_databases_exist?
    dbs_that_should_exist = ["customers","identities","keycache","tickets","users", "tmp_users"]
    dbs_that_should_exist << "tokens_#{rotation_suffix}"
    dbs_that_should_exist << "sessions_#{rotation_suffix}"
    dbs_that_should_exist.each do |db_name|
      url = couchdb_url("/"+db_name, :username => 'admin')
      assert_get(url) do |body|
        assert response = JSON.parse(body)
        assert_equal db_name, response['db_name']
      end
    end
    pass
  end

  # disable ACL enforcement, because it's a known issue with bigcouch
  # and will only confuse the user
  # see https://leap.se/code/issues/6030 for more details
  #
  ## for now, this just prints warnings, since we are failing these tests.
  ##

  #def test_06_Is_ACL_enforced?
  #  ok = assert_auth_fail(
  #    couchdb_url('/users/_all_docs', :username => 'leap_mx'),
  #    {:limit => 1}
  #  )
  #  ok = assert_auth_fail(
  #    couchdb_url('/users/_all_docs', :username => 'leap_mx'),
  #    {:limit => 1}
  #  ) && ok
  #  pass if ok
  #end

  def test_07_Can_records_be_created?
    record = DummyRecord.new
    url = couchdb_url("/tokens_#{rotation_suffix}", :username => 'admin')
    assert_post(url, record, :format => :json) do |body|
      assert response = JSON.parse(body), "POST response should be JSON"
      assert response["ok"], "POST response should be OK"
      assert_delete(File.join(url, response["id"]), :rev => response["rev"]) do |body|
        assert response = JSON.parse(body), "DELETE response should be JSON"
        assert response["ok"], "DELETE response should be OK"
      end
    end
    pass
  end

  #
  # This is not really a "test", just an attempt to make sure that
  # the mx tests that fire off dummy emails don't fill up the
  # storage db.
  #
  # mx tests can't run this because they don't have access to
  # the storage db.
  #
  # This "test" is responsible for both creating the db if it does not
  # exist, and destroying if it does.
  #
  # Yes, this is super hacky. Properly, we should add something to
  # the soledad api to support create/delete of user storage dbs.
  #
  def test_99_Delete_mail_storage_used_in_mx_tests
    user = find_user_by_login(TEST_EMAIL_USER)
    if user
      if user_db_exists?(user["id"])
        # keep the test email db from filling up:
        assert_destroy_user_db(user["id"], :username => 'admin')
      end
      # either way, make sure we leave a db for the mx tests:
      assert_create_user_db(user["id"], :username => 'admin')
    end
    silent_pass
  end

  private

  def multimaster?
    mode == "multimaster"
  end

  def mode
    assert_property('couch.mode')
  end

  # TODO: admin port is hardcoded for now but should be configurable.
  def couchdb_backend_url(path="", options={})
    options = {port: multimaster? && "5986"}.merge options
    couchdb_url(path, options)
  end

  def rotation_suffix
    rotation_suffix = Time.now.utc.to_i / 2592000 # monthly
  end

  require 'securerandom'
  require 'digest/sha2'
  class DummyRecord < Hash
    def initialize
      self['data'] = SecureRandom.urlsafe_base64(32).gsub(/^_*/, '')
      self['_id'] = Digest::SHA512.hexdigest(self['data'])
    end
  end

end