summaryrefslogtreecommitdiff
path: root/test/functional/api/token_auth_test.rb
blob: d6731a115b926e24580848fc3803703708aa4493 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#
# tests for authenticating an admin or monitor user
# via static configured tokens.
#

require 'test_helper'

class Api::TokenAuthTest < ApiControllerTest
  tests Api::ServicesController

  def test_login_via_api_token
    with_config(:allow_anonymous_certs => false) do
      monitor_auth do
        api_get :show
        assert assigns(:token), 'should have authenticated via api token'
        assert assigns(:token).is_a? ApiToken
        assert @controller.send(:current_user).is_a? ApiMonitorUser
      end
    end
  end

  def test_fail_api_auth_when_ip_not_allowed
    with_config(:allow_anonymous_certs => false) do
      allowed = "99.99.99.99"
      new_config = {api_tokens: APP_CONFIG["api_tokens"].merge(allowed_ips: [allowed])}
      with_config(new_config) do
        monitor_auth do
          request.env['REMOTE_ADDR'] = "1.1.1.1"
          api_get :show
          assert_nil assigns(:token), "should not be able to auth with api token when ip restriction doesn't allow it"
          request.env['REMOTE_ADDR'] = allowed
          api_get :show
          assert assigns(:token), "should have authenticated via api token"
        end
      end
    end
  end

end