Replace URLs that have slugs with basic auth in tests

This commit is contained in:
Micah Lee 2019-05-24 13:38:41 -07:00
parent 18961fea2d
commit 9785be0375
No known key found for this signature in database
GPG Key ID: 403C2657CD994F73
5 changed files with 41 additions and 34 deletions

View File

@ -4,6 +4,7 @@ import requests
import shutil
import socket
import socks
import base64
from PyQt5 import QtCore, QtTest
@ -126,20 +127,20 @@ class GuiBaseTest(object):
if type(mode) == ReceiveMode:
# Upload a file
files = {'file[]': open('/tmp/test.txt', 'rb')}
if not public_mode:
path = 'http://127.0.0.1:{}/{}/upload'.format(self.gui.app.port, mode.web.password)
url = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
if public_mode:
response = requests.post(url, files=files)
else:
path = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
response = requests.post(path, files=files)
response = requests.post(url, files=files, auth=requests.auth.HTTPBasicAuth('onionshare', mode.web.password))
QtTest.QTest.qWait(2000)
if type(mode) == ShareMode:
# Download files
if public_mode:
url = "http://127.0.0.1:{}/download".format(self.gui.app.port)
else:
url = "http://127.0.0.1:{}/{}/download".format(self.gui.app.port, mode.web.password)
if public_mode:
r = requests.get(url)
else:
r = requests.get(url, auth=requests.auth.HTTPBasicAuth('onionshare', mode.web.password))
QtTest.QTest.qWait(2000)
# Indicator should be visible, have a value of "1"
@ -212,7 +213,7 @@ class GuiBaseTest(object):
if public_mode:
self.assertEqual(clipboard.text(), 'http://127.0.0.1:{}'.format(self.gui.app.port))
else:
self.assertEqual(clipboard.text(), 'http://127.0.0.1:{}/{}'.format(self.gui.app.port, mode.server_status.web.password))
self.assertEqual(clipboard.text(), 'http://onionshare:{}@127.0.0.1:{}'.format(mode.server_status.web.password, self.gui.app.port))
def server_status_indicator_says_started(self, mode):
@ -234,8 +235,11 @@ class GuiBaseTest(object):
else:
path = '/'
http_request = 'GET {} HTTP/1.0\r\n'.format(path)
http_request = 'GET / HTTP/1.0\r\n'
http_request += 'Host: 127.0.0.1\r\n'
if not public_mode:
auth = base64.b64encode(b'onionshare:'+password.encode()).decode()
http_request += 'Authorization: Basic {}'.format(auth)
http_request += '\r\n'
s.sendall(http_request.encode('utf-8'))

View File

@ -8,14 +8,14 @@ class GuiReceiveTest(GuiBaseTest):
def upload_file(self, public_mode, file_to_upload, expected_basename, identical_files_at_once=False):
'''Test that we can upload the file'''
files = {'file[]': open(file_to_upload, 'rb')}
url = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
if not public_mode:
path = 'http://127.0.0.1:{}/{}/upload'.format(self.gui.app.port, self.gui.receive_mode.web.password)
r = requests.post(url, files=files)
else:
path = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
response = requests.post(path, files=files)
r = requests.post(url, files=files, auth=requests.auth.HTTPBasicAuth('onionshare', mode.web.password))
if identical_files_at_once:
# Send a duplicate upload to test for collisions
response = requests.post(path, files=files)
r = requests.post(path, files=files)
QtTest.QTest.qWait(2000)
# Make sure the file is within the last 10 seconds worth of filenames
@ -39,11 +39,11 @@ class GuiReceiveTest(GuiBaseTest):
def upload_file_should_fail(self, public_mode):
'''Test that we can't upload the file when permissions are wrong, and expected content is shown'''
files = {'file[]': open('/tmp/test.txt', 'rb')}
url = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
if not public_mode:
path = 'http://127.0.0.1:{}/{}/upload'.format(self.gui.app.port, self.gui.receive_mode.web.password)
r = requests.post(url, files=files)
else:
path = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
response = requests.post(path, files=files)
r = requests.post(url, files=files, auth=requests.auth.HTTPBasicAuth('onionshare', mode.web.password))
QtCore.QTimer.singleShot(1000, self.accept_dialog)
self.assertTrue('Error uploading, please inform the OnionShare user' in response.text)
@ -53,17 +53,14 @@ class GuiReceiveTest(GuiBaseTest):
os.chmod('/tmp/OnionShare', mode)
def try_public_paths_in_non_public_mode(self):
response = requests.post('http://127.0.0.1:{}/upload'.format(self.gui.app.port))
r = requests.post('http://127.0.0.1:{}/upload'.format(self.gui.app.port))
self.assertEqual(response.status_code, 404)
response = requests.get('http://127.0.0.1:{}/close'.format(self.gui.app.port))
r = requests.get('http://127.0.0.1:{}/close'.format(self.gui.app.port))
self.assertEqual(response.status_code, 404)
def uploading_zero_files_shouldnt_change_ui(self, mode, public_mode):
'''If you submit the receive mode form without selecting any files, the UI shouldn't get updated'''
if not public_mode:
path = 'http://127.0.0.1:{}/{}/upload'.format(self.gui.app.port, self.gui.receive_mode.web.password)
else:
path = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
url = 'http://127.0.0.1:{}/upload'.format(self.gui.app.port)
# What were the counts before submitting the form?
before_in_progress_count = mode.history.in_progress_count
@ -71,9 +68,15 @@ class GuiReceiveTest(GuiBaseTest):
before_number_of_history_items = len(mode.history.item_list.items)
# Click submit without including any files a few times
response = requests.post(path, files={})
response = requests.post(path, files={})
response = requests.post(path, files={})
if not public_mode:
r = requests.post(url, files={})
r = requests.post(url, files={})
r = requests.post(url, files={})
else:
auth = requests.auth.HTTPBasicAuth('onionshare', mode.web.password)
r = requests.post(url, files={}, auth=auth)
r = requests.post(url, files={}, auth=auth)
r = requests.post(url, files={}, auth=auth)
# The counts shouldn't change
self.assertEqual(mode.history.in_progress_count, before_in_progress_count)

View File

@ -92,13 +92,13 @@ class GuiShareTest(GuiBaseTest):
QtTest.QTest.qWait(2000)
self.assertEqual('onionshare', zip.read('test.txt').decode('utf-8'))
def hit_404(self, public_mode):
'''Test that the server stops after too many 404s, or doesn't when in public_mode'''
bogus_path = '/gimme'
url = "http://127.0.0.1:{}/{}".format(self.gui.app.port, bogus_path)
def hit_401(self, public_mode):
'''Test that the server stops after too many 401s, or doesn't when in public_mode'''
url = "http://127.0.0.1:{}/".format(self.gui.app.port)
for _ in range(20):
r = requests.get(url)
password_guess = self.gui.common.build_password()
r = requests.get(url, auth=requests.auth.HTTPBasicAuth('onionshare', password))
# A nasty hack to avoid the Alert dialog that blocks the rest of the test
if not public_mode:

View File

@ -4,7 +4,7 @@ import unittest
from .GuiShareTest import GuiShareTest
class Local404PublicModeRateLimitTest(unittest.TestCase, GuiShareTest):
class Local401PublicModeRateLimitTest(unittest.TestCase, GuiShareTest):
@classmethod
def setUpClass(cls):
test_settings = {
@ -22,7 +22,7 @@ class Local404PublicModeRateLimitTest(unittest.TestCase, GuiShareTest):
def test_gui(self):
self.run_all_common_setup_tests()
self.run_all_share_mode_tests(True, True)
self.hit_404(True)
self.hit_401(True)
if __name__ == "__main__":
unittest.main()

View File

@ -4,7 +4,7 @@ import unittest
from .GuiShareTest import GuiShareTest
class Local404RateLimitTest(unittest.TestCase, GuiShareTest):
class Local401RateLimitTest(unittest.TestCase, GuiShareTest):
@classmethod
def setUpClass(cls):
test_settings = {
@ -21,7 +21,7 @@ class Local404RateLimitTest(unittest.TestCase, GuiShareTest):
def test_gui(self):
self.run_all_common_setup_tests()
self.run_all_share_mode_tests(False, True)
self.hit_404(False)
self.hit_401(False)
if __name__ == "__main__":
unittest.main()