Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Paul Graydon
erp5
Commits
c432df4b
Commit
c432df4b
authored
4 years ago
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
test: move test_request_with_x_forwarded_for into a dedicated test file.
parent
2f14fa18
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
105 additions
and
75 deletions
+105
-75
product/ERP5Type/tests/testERP5Type.py
product/ERP5Type/tests/testERP5Type.py
+0
-75
product/ERP5Type/tests/testXForwardedFor.py
product/ERP5Type/tests/testXForwardedFor.py
+105
-0
No files found.
product/ERP5Type/tests/testERP5Type.py
View file @
c432df4b
...
...
@@ -3320,81 +3320,6 @@ return [
'<Organisation at /%s/organisation_module/organisation_id>'
%
self
.
portal
.
getId
(),
repr
(
document
))
@
expectedFailure
def
test_request_with_x_forwarded_for
(
self
):
script_container
=
self
.
portal
.
portal_skins
.
custom
script_id
=
'ERP5Site_getClientAddr'
createZODBPythonScript
(
script_container
,
script_id
,
''
,
'return context.REQUEST.getClientAddr()'
)
self
.
commit
()
z2_log_path
=
os
.
path
.
join
(
log_directory
,
'Z2.log'
)
import
ZPublisher.HTTPRequest
# test without configuration
ZPublisher
.
HTTPRequest
.
trusted_proxies
=
[]
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
# Assumes last line is not longer than 256 chars (it should be about 130)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4, 5.6.7.8'
},
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
self
.
assertNotEqual
(
response
.
text
,
'5.6.7.8'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
self
.
assertFalse
(
last_line
.
startswith
(
'5.6.7.8 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
# test with configuration
ZPublisher
.
HTTPRequest
.
trusted_proxies
=
(
'0.0.0.0'
,)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
)
self
.
assertEqual
(
response
.
text
,
'1.2.3.4'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertTrue
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4, 5.6.7.8'
},
)
self
.
assertEqual
(
response
.
text
,
'1.2.3.4'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertTrue
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
f
=
open
(
z2_log_path
,
'rb'
)
f
.
seek
(
-
256
,
os
.
SEEK_END
)
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
class
TestAccessControl
(
ERP5TypeTestCase
):
# Isolate test in a dedicaced class in order not to break other tests
# when this one fails.
...
...
This diff is collapsed.
Click to expand it.
product/ERP5Type/tests/testXForwardedFor.py
0 → 100644
View file @
c432df4b
# -*- coding: utf-8 -*-
##############################################################################
# Copyright (c) 2020 Nexedi SA and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
from
Products.ERP5Type.tests.ERP5TypeTestCase
import
ERP5TypeTestCase
from
Products.ERP5Type.tests.runUnitTest
import
log_directory
from
Products.ERP5Type.tests.utils
import
createZODBPythonScript
import
os
import
requests
import
unittest
def
get_Z2_log_last_line
():
z2_log_path
=
os
.
path
.
join
(
log_directory
,
'Z2.log'
)
f
=
open
(
z2_log_path
,
'rb'
)
try
:
f
.
seek
(
-
256
,
os
.
SEEK_END
)
# Assumes last line is not longer than 256 chars (it should be about 130)
except
IOError
:
# too short
pass
last_line
=
f
.
readlines
()[
-
1
]
f
.
close
()
return
last_line
class
TestXForwardedFor
(
ERP5TypeTestCase
):
def
test_request_with_x_forwarded_for
(
self
):
script_container
=
self
.
portal
.
portal_skins
.
custom
script_id
=
'ERP5Site_getClientAddr'
createZODBPythonScript
(
script_container
,
script_id
,
''
,
'return context.REQUEST.getClientAddr()'
)
self
.
commit
()
import
ZPublisher.HTTPRequest
# test without configuration
ZPublisher
.
HTTPRequest
.
trusted_proxies
=
[]
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4, 5.6.7.8'
},
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
self
.
assertNotEqual
(
response
.
text
,
'5.6.7.8'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
self
.
assertFalse
(
last_line
.
startswith
(
'5.6.7.8 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
# test with configuration
ZPublisher
.
HTTPRequest
.
trusted_proxies
=
(
'0.0.0.0'
,)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4'
},
)
self
.
assertEqual
(
response
.
text
,
'1.2.3.4'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertTrue
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
headers
=
{
'X-Forwarded-For'
:
'1.2.3.4, 5.6.7.8'
},
)
self
.
assertEqual
(
response
.
text
,
'1.2.3.4'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertTrue
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
response
=
requests
.
get
(
'%s/%s'
%
(
self
.
portal
.
absolute_url
(),
script_id
),
)
self
.
assertNotEqual
(
response
.
text
,
'1.2.3.4'
)
last_line
=
get_Z2_log_last_line
()
self
.
assertFalse
(
last_line
.
startswith
(
'1.2.3.4 - '
),
last_line
)
def
test_suite
():
suite
=
unittest
.
TestSuite
()
suite
.
addTest
(
unittest
.
makeSuite
(
TestXForwardedFor
))
return
suite
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment