aboutsummaryrefslogtreecommitdiffstats
path: root/tests/lib/Security/Ip/RemoteAddressTest.php
blob: d780c3bc19861469096c5f165f38bfe06018332b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77

<?php

declare(strict_types=1);

/**
 * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors
 * SPDX-License-Identifier: AGPL-3.0-or-later
 */

namespace Test\Security\Ip;

use OC\Security\Ip\RemoteAddress;
use OCP\IConfig;
use OCP\IRequest;

class RemoteAddressTest extends \Test\TestCase {
	private IConfig $config;
	private IRequest $request;

	protected function setUp(): void {
		parent::setUp();
		$this->config = $this->createMock(IConfig::class);
		$this->request = $this->createMock(IRequest::class);
	}

	/**
	 * @param mixed $allowedRanges
	 * @dataProvider dataProvider
	 */
	public function testAllowedIps(string $remoteIp, $allowedRanges, bool $expected): void {
		$this->request
			->method('getRemoteAddress')
			->willReturn($remoteIp);
		$this->config
			->method('getSystemValue')
			->with('allowed_admin_ranges', false)
			->willReturn($allowedRanges);

		$remoteAddress = new RemoteAddress($this->config, $this->request);

		$this->assertEquals($expected, $remoteAddress->allowsAdminActions());
	}

	/**
	 * @return array<string, mixed, bool>
	 */
	public function dataProvider(): array {
		return [
			// No IP (ie. CLI)
			['', ['192.168.1.2/24'], true],
			['', ['fe80/8'], true],
			// No configuration
			['1.2.3.4', false, true],
			['1234:4567:8910::', false, true],
			// Empty configuration
			['1.2.3.4', [], true],
			['1234:4567:8910::', [], true],
			// Invalid configuration
			['1.2.3.4', 'hello', true],
			['1234:4567:8910::', 'world', true],
			// Mixed configuration
			['192.168.1.5', ['1.2.3.*', '1234::/8'], false],
			['::1', ['127.0.0.1', '1234::/8'], false],
			['192.168.1.5', ['192.168.1.0/24', '1234::/8'], true],
			// Allowed IP
			['1.2.3.4', ['1.2.3.*'], true],
			['fc00:1:2:3::1', ['fc00::/7'], true],
			['1.2.3.4', ['192.168.1.2/24', '1.2.3.0/24'], true],
			['1234:4567:8910::1', ['fe80::/8','1234:4567::/16'], true],
			// Blocked IP
			['192.168.1.5', ['1.2.3.*'], false],
			['9234:4567:8910::', ['1234:4567::1'], false],
			['192.168.2.1', ['192.168.1.2/24', '1.2.3.0/24'], false],
			['9234:4567:8910::', ['fe80::/8','1234:4567::/16'], false],
		];
	}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-03 14:06:47 +0000