blob: c7f91c7f33a8a4d88863cc287e5e24e1dc6b83f0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
#
# tests for authenticating an admin or monitor user
# via static configured tokens.
#
require 'test_helper'
class Api::TokenAuthTest < ApiControllerTest
tests Api::ConfigsController
def test_login_via_api_token
with_config(:allow_anonymous_certs => false) do
monitor_auth do
api_get :index
assert assigns(:token), 'should have authenticated via api token'
assert assigns(:token).is_a? ApiToken
assert @controller.send(:current_user).is_a? ApiMonitorUser
end
end
end
def test_fail_api_auth_when_ip_not_allowed
with_config(:allow_anonymous_certs => false) do
allowed = "99.99.99.99"
new_config = {api_tokens: APP_CONFIG["api_tokens"].merge(allowed_ips: [allowed])}
with_config(new_config) do
monitor_auth do
request.env['REMOTE_ADDR'] = "1.1.1.1"
api_get :index
assert_nil assigns(:token), "should not be able to auth with api token when ip restriction doesn't allow it"
request.env['REMOTE_ADDR'] = allowed
api_get :index
assert assigns(:token), "should have authenticated via api token"
end
end
end
end
end
|
