diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/functional/v1/smtp_certs_controller_test.rb | 35 | ||||
-rw-r--r-- | test/integration/api/smtp_cert_test.rb | 51 | ||||
-rw-r--r-- | test/support/api_integration_test.rb | 2 |
3 files changed, 88 insertions, 0 deletions
diff --git a/test/functional/v1/smtp_certs_controller_test.rb b/test/functional/v1/smtp_certs_controller_test.rb new file mode 100644 index 0000000..f9ba26f --- /dev/null +++ b/test/functional/v1/smtp_certs_controller_test.rb @@ -0,0 +1,35 @@ +require 'test_helper' + +class V1::SmtpCertsControllerTest < ActionController::TestCase + + test "no smtp cert without login" do + with_config allow_anonymous_certs: true do + get :show, format: 'json' + assert_access_denied + end + end + + test "require service level with email" do + login + get :show + assert_access_denied + end + + test "send cert with username" do + login effective_service_level: ServiceLevel.new(id: 2) + cert = expect_cert(@current_user.email_address) + get :show + assert_response :success + assert_equal cert.to_s, @response.body + end + + protected + + def expect_cert(prefix) + cert = stub :to_s => "#{prefix.downcase} cert" + ClientCertificate.expects(:new). + with(:prefix => prefix). + returns(cert) + return cert + end +end diff --git a/test/integration/api/smtp_cert_test.rb b/test/integration/api/smtp_cert_test.rb new file mode 100644 index 0000000..a579d93 --- /dev/null +++ b/test/integration/api/smtp_cert_test.rb @@ -0,0 +1,51 @@ +require 'test_helper' +require 'openssl' + +class SmtpCertTest < ApiIntegrationTest + + test "retrieve smtp cert" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + get '/1/smtp_cert', {}, RACK_ENV + assert_text_response + assert_response_includes "BEGIN RSA PRIVATE KEY" + assert_response_includes "END RSA PRIVATE KEY" + assert_response_includes "BEGIN CERTIFICATE" + assert_response_includes "END CERTIFICATE" + end + + test "key matches the cert" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + get '/1/smtp_cert', {}, RACK_ENV + assert_text_response + cert = OpenSSL::X509::Certificate.new(get_response.body) + key = OpenSSL::PKey::RSA.new(get_response.body) + assert cert.check_private_key(key) + end + + # we'll store the fingerprint later. + test "fingerprint matches" do + @user = FactoryGirl.create :user, effective_service_level_code: 2 + login + get '/1/smtp_cert', {}, RACK_ENV + assert_text_response + cert = OpenSSL::X509::Certificate.new(get_response.body) + fingerprint = OpenSSL::Digest::SHA1.hexdigest(cert.to_der).scan(/../).join(':') + skip "we're not storing the fingerprints yet" + assert_equal fingerprint, @user.identity.cert_fingerprints.last + end + + test "fetching smtp certs requires email account" do + login + get '/1/smtp_cert', {}, RACK_ENV + assert_json_response error: I18n.t(:not_authorized) + end + + test "no anonymous smtp certs" do + with_config allow_anonymous_certs: true do + get '/1/smtp_cert', {}, RACK_ENV + assert_json_response error: I18n.t(:not_authorized) + end + end +end diff --git a/test/support/api_integration_test.rb b/test/support/api_integration_test.rb index 50c528b..aa9c00d 100644 --- a/test/support/api_integration_test.rb +++ b/test/support/api_integration_test.rb @@ -6,6 +6,8 @@ class ApiIntegrationTest < ActionDispatch::IntegrationTest def login(user = nil) @user ||= user ||= FactoryGirl.create(:user) @token ||= DUMMY_TOKEN + # make sure @token is up to date if it already exists + @token.reload if @token.persisted @token.user_id = @user.id @token.last_seen_at = Time.now @token.save |