aboutsummaryrefslogtreecommitdiffstats
path: root/apps/settings/tests
diff options
context:
space:
mode:
authorCôme Chilliet <come.chilliet@nextcloud.com>2023-11-13 17:25:21 +0100
committerCôme Chilliet <91878298+come-nc@users.noreply.github.com>2023-11-20 11:36:42 +0100
commit0ebd44abb666e50f551b030dca3fbd6af03c5d1f (patch)
tree4373920ed4e17c2f64389accf6014694ffe00806 /apps/settings/tests
parent0107c7ea24a28779dad09117d8dc5a4a49b95dc5 (diff)
downloadnextcloud-server-0ebd44abb666e50f551b030dca3fbd6af03c5d1f.tar.gz
nextcloud-server-0ebd44abb666e50f551b030dca3fbd6af03c5d1f.zip
Migrate tests of forwarded for headers check
Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
Diffstat (limited to 'apps/settings/tests')
-rw-r--r--apps/settings/tests/Controller/CheckSetupControllerTest.php90
-rw-r--r--apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php140
2 files changed, 142 insertions, 88 deletions
diff --git a/apps/settings/tests/Controller/CheckSetupControllerTest.php b/apps/settings/tests/Controller/CheckSetupControllerTest.php
index 2df86a7b49c..fb2aa1a975d 100644
--- a/apps/settings/tests/Controller/CheckSetupControllerTest.php
+++ b/apps/settings/tests/Controller/CheckSetupControllerTest.php
@@ -204,87 +204,6 @@ class CheckSetupControllerTest extends TestCase {
$this->dirsToRemove = [];
}
- /**
- * @dataProvider dataForwardedForHeadersWorking
- *
- * @param array $trustedProxies
- * @param string $remoteAddrNotForwarded
- * @param string $remoteAddr
- * @param bool $result
- */
- public function testForwardedForHeadersWorking(array $trustedProxies, string $remoteAddrNotForwarded, string $remoteAddr, bool $result): void {
- $this->config->expects($this->once())
- ->method('getSystemValue')
- ->with('trusted_proxies', [])
- ->willReturn($trustedProxies);
- $this->request->expects($this->atLeastOnce())
- ->method('getHeader')
- ->willReturnMap([
- ['REMOTE_ADDR', $remoteAddrNotForwarded],
- ['X-Forwarded-Host', '']
- ]);
- $this->request->expects($this->any())
- ->method('getRemoteAddress')
- ->willReturn($remoteAddr);
-
- $this->assertEquals(
- $result,
- self::invokePrivate($this->checkSetupController, 'forwardedForHeadersWorking')
- );
- }
-
- public function dataForwardedForHeadersWorking(): array {
- return [
- // description => trusted proxies, getHeader('REMOTE_ADDR'), getRemoteAddr, expected result
- 'no trusted proxies' => [[], '2.2.2.2', '2.2.2.2', true],
- 'trusted proxy, remote addr not trusted proxy' => [['1.1.1.1'], '2.2.2.2', '2.2.2.2', true],
- 'trusted proxy, remote addr is trusted proxy, x-forwarded-for working' => [['1.1.1.1'], '1.1.1.1', '2.2.2.2', true],
- 'trusted proxy, remote addr is trusted proxy, x-forwarded-for not set' => [['1.1.1.1'], '1.1.1.1', '1.1.1.1', false],
- ];
- }
-
- public function testForwardedHostPresentButTrustedProxiesNotAnArray(): void {
- $this->config->expects($this->once())
- ->method('getSystemValue')
- ->with('trusted_proxies', [])
- ->willReturn('1.1.1.1');
- $this->request->expects($this->atLeastOnce())
- ->method('getHeader')
- ->willReturnMap([
- ['REMOTE_ADDR', '1.1.1.1'],
- ['X-Forwarded-Host', 'nextcloud.test']
- ]);
- $this->request->expects($this->any())
- ->method('getRemoteAddress')
- ->willReturn('1.1.1.1');
-
- $this->assertEquals(
- false,
- self::invokePrivate($this->checkSetupController, 'forwardedForHeadersWorking')
- );
- }
-
- public function testForwardedHostPresentButTrustedProxiesEmpty(): void {
- $this->config->expects($this->once())
- ->method('getSystemValue')
- ->with('trusted_proxies', [])
- ->willReturn([]);
- $this->request->expects($this->atLeastOnce())
- ->method('getHeader')
- ->willReturnMap([
- ['REMOTE_ADDR', '1.1.1.1'],
- ['X-Forwarded-Host', 'nextcloud.test']
- ]);
- $this->request->expects($this->any())
- ->method('getRemoteAddress')
- ->willReturn('1.1.1.1');
-
- $this->assertEquals(
- false,
- self::invokePrivate($this->checkSetupController, 'forwardedForHeadersWorking')
- );
- }
-
public function testCheck() {
$this->config->expects($this->any())
->method('getAppValue')
@@ -302,13 +221,8 @@ class CheckSetupControllerTest extends TestCase {
['appstoreenabled', true, false],
]);
- $this->request->expects($this->atLeastOnce())
- ->method('getHeader')
- ->willReturnMap([
- ['REMOTE_ADDR', '4.3.2.1'],
- ['X-Forwarded-Host', '']
- ]);
-
+ $this->request->expects($this->never())
+ ->method('getHeader');
$this->clientService->expects($this->never())
->method('newClient');
$this->checkSetupController
diff --git a/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php b/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php
new file mode 100644
index 00000000000..9da2bccda79
--- /dev/null
+++ b/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php
@@ -0,0 +1,140 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2021 Morris Jobke <hey@morrisjobke.de>
+ *
+ * @author Morris Jobke <hey@morrisjobke.de>
+ * @author Côme Chilliet <come.chilliet@nextcloud.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OCA\Settings\Tests;
+
+use OCA\Settings\SetupChecks\ForwardedForHeaders;
+use OCP\IConfig;
+use OCP\IL10N;
+use OCP\IRequest;
+use OCP\IURLGenerator;
+use OCP\SetupCheck\SetupResult;
+use Test\TestCase;
+
+class ForwardedForHeadersTest extends TestCase {
+ private IL10N $l10n;
+ private IConfig $config;
+ private IURLGenerator $urlGenerator;
+ private IRequest $request;
+ private ForwardedForHeaders $check;
+
+ protected function setUp(): void {
+ parent::setUp();
+
+ $this->l10n = $this->getMockBuilder(IL10N::class)
+ ->disableOriginalConstructor()->getMock();
+ $this->l10n->expects($this->any())
+ ->method('t')
+ ->willReturnCallback(function ($message, array $replace) {
+ return vsprintf($message, $replace);
+ });
+ $this->config = $this->getMockBuilder(IConfig::class)->getMock();
+ $this->urlGenerator = $this->getMockBuilder(IURLGenerator::class)->getMock();
+ $this->request = $this->getMockBuilder(IRequest::class)->getMock();
+ $this->check = new ForwardedForHeaders(
+ $this->l10n,
+ $this->config,
+ $this->urlGenerator,
+ $this->request,
+ );
+ }
+
+ /**
+ * @dataProvider dataForwardedForHeadersWorking
+ */
+ public function testForwardedForHeadersWorking(array $trustedProxies, string $remoteAddrNotForwarded, string $remoteAddr, string $result): void {
+ $this->config->expects($this->once())
+ ->method('getSystemValue')
+ ->with('trusted_proxies', [])
+ ->willReturn($trustedProxies);
+ $this->request->expects($this->atLeastOnce())
+ ->method('getHeader')
+ ->willReturnMap([
+ ['REMOTE_ADDR', $remoteAddrNotForwarded],
+ ['X-Forwarded-Host', '']
+ ]);
+ $this->request->expects($this->any())
+ ->method('getRemoteAddress')
+ ->willReturn($remoteAddr);
+
+ $this->assertEquals(
+ $result,
+ $this->check->run()->getSeverity()
+ );
+ }
+
+ public function dataForwardedForHeadersWorking(): array {
+ return [
+ // description => trusted proxies, getHeader('REMOTE_ADDR'), getRemoteAddr, expected result
+ 'no trusted proxies' => [[], '2.2.2.2', '2.2.2.2', SetupResult::SUCCESS],
+ 'trusted proxy, remote addr not trusted proxy' => [['1.1.1.1'], '2.2.2.2', '2.2.2.2', SetupResult::SUCCESS],
+ 'trusted proxy, remote addr is trusted proxy, x-forwarded-for working' => [['1.1.1.1'], '1.1.1.1', '2.2.2.2', SetupResult::SUCCESS],
+ 'trusted proxy, remote addr is trusted proxy, x-forwarded-for not set' => [['1.1.1.1'], '1.1.1.1', '1.1.1.1', SetupResult::WARNING],
+ ];
+ }
+
+ public function testForwardedHostPresentButTrustedProxiesNotAnArray(): void {
+ $this->config->expects($this->once())
+ ->method('getSystemValue')
+ ->with('trusted_proxies', [])
+ ->willReturn('1.1.1.1');
+ $this->request->expects($this->atLeastOnce())
+ ->method('getHeader')
+ ->willReturnMap([
+ ['REMOTE_ADDR', '1.1.1.1'],
+ ['X-Forwarded-Host', 'nextcloud.test']
+ ]);
+ $this->request->expects($this->any())
+ ->method('getRemoteAddress')
+ ->willReturn('1.1.1.1');
+
+ $this->assertEquals(
+ SetupResult::ERROR,
+ $this->check->run()->getSeverity()
+ );
+ }
+
+ public function testForwardedHostPresentButTrustedProxiesEmpty(): void {
+ $this->config->expects($this->once())
+ ->method('getSystemValue')
+ ->with('trusted_proxies', [])
+ ->willReturn([]);
+ $this->request->expects($this->atLeastOnce())
+ ->method('getHeader')
+ ->willReturnMap([
+ ['REMOTE_ADDR', '1.1.1.1'],
+ ['X-Forwarded-Host', 'nextcloud.test']
+ ]);
+ $this->request->expects($this->any())
+ ->method('getRemoteAddress')
+ ->willReturn('1.1.1.1');
+
+ $this->assertEquals(
+ SetupResult::WARNING,
+ $this->check->run()->getSeverity()
+ );
+ }
+}