[asterisk-commits] qwell: branch qwell/CORS r3897 - in /asterisk/team/qwell/CORS/tests/rest_api:...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Thu Jul 11 15:03:33 CDT 2013


Author: qwell
Date: Thu Jul 11 15:03:31 2013
New Revision: 3897

URL: http://svnview.digium.com/svn/testsuite?view=rev&rev=3897
Log:
Take 1.  This doesn't work, because of a filesystem issue (I think).  Save progress.

Added:
    asterisk/team/qwell/CORS/tests/rest_api/CORS/
      - copied from r3892, asterisk/trunk/tests/rest_api/authentication/
    asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_multiple.conf
      - copied, changed from r3892, asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf
    asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_star.conf
      - copied, changed from r3892, asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf
Modified:
    asterisk/team/qwell/CORS/tests/rest_api/CORS/configs/ast1/ari.conf
    asterisk/team/qwell/CORS/tests/rest_api/CORS/run-test
    asterisk/team/qwell/CORS/tests/rest_api/CORS/test-config.yaml
    asterisk/team/qwell/CORS/tests/rest_api/tests.yaml

Copied: asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_multiple.conf (from r3892, asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf)
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_multiple.conf?view=diff&rev=3897&p1=asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf&r1=3892&p2=asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_multiple.conf&r2=3897
==============================================================================
--- asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_multiple.conf Thu Jul 11 15:03:31 2013
@@ -1,15 +1,6 @@
 [general]
 enabled = yes
+allowed_origins = a
 
-[user-ro]
-read_only = yes
-password = ro-pass
-
-[user-rw]
-password = rw-pass
-
-[user-crypt]
-; password = q
-password_format = crypt
-password = $6$Wwpq0WjHUpbzGlWH$Yl0iVJDUzMsG25g5b3gTftVvhMerlO7clXAJidxgmx26cLOOyjcdiSk8PkDJKFGA2Oj0ZN9J.5u3/wkbEwYCd/
-
+[user-cors]
+password = cors-pass

Copied: asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_star.conf (from r3892, asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf)
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_star.conf?view=diff&rev=3897&p1=asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf&r1=3892&p2=asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_star.conf&r2=3897
==============================================================================
--- asterisk/trunk/tests/rest_api/authentication/configs/ast1/ari.conf (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/CORS/ari_star.conf Thu Jul 11 15:03:31 2013
@@ -1,15 +1,6 @@
 [general]
 enabled = yes
+allowed_origins = *
 
-[user-ro]
-read_only = yes
-password = ro-pass
-
-[user-rw]
-password = rw-pass
-
-[user-crypt]
-; password = q
-password_format = crypt
-password = $6$Wwpq0WjHUpbzGlWH$Yl0iVJDUzMsG25g5b3gTftVvhMerlO7clXAJidxgmx26cLOOyjcdiSk8PkDJKFGA2Oj0ZN9J.5u3/wkbEwYCd/
-
+[user-cors]
+password = cors-pass

Modified: asterisk/team/qwell/CORS/tests/rest_api/CORS/configs/ast1/ari.conf
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/CORS/configs/ast1/ari.conf?view=diff&rev=3897&r1=3892&r2=3897
==============================================================================
--- asterisk/team/qwell/CORS/tests/rest_api/CORS/configs/ast1/ari.conf (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/CORS/configs/ast1/ari.conf Thu Jul 11 15:03:31 2013
@@ -1,15 +1,6 @@
 [general]
 enabled = yes
+allowed_origins = 
 
-[user-ro]
-read_only = yes
-password = ro-pass
-
-[user-rw]
-password = rw-pass
-
-[user-crypt]
-; password = q
-password_format = crypt
-password = $6$Wwpq0WjHUpbzGlWH$Yl0iVJDUzMsG25g5b3gTftVvhMerlO7clXAJidxgmx26cLOOyjcdiSk8PkDJKFGA2Oj0ZN9J.5u3/wkbEwYCd/
-
+[user-cors]
+password = cors-pass

Modified: asterisk/team/qwell/CORS/tests/rest_api/CORS/run-test
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/CORS/run-test?view=diff&rev=3897&r1=3892&r2=3897
==============================================================================
--- asterisk/team/qwell/CORS/tests/rest_api/CORS/run-test (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/CORS/run-test Thu Jul 11 15:03:31 2013
@@ -8,6 +8,7 @@
 '''
 
 import logging
+import os
 import requests
 import sys
 
@@ -37,78 +38,84 @@
         return '{ userpass=%s, method=%s, expected=%d }' % (
             self.userpass, self.method.__name__, self.expected_response)
 
-    def eval(self, str, test, resp):
+    def run(self, test, expect_headers):
+        LOGGER.debug("Running %s" % self)
+        # api_key auth
+        resp = self.method(build_url('ari', 'channels'),
+                           params={'api_key': "%s:%s" % self.userpass},
+                           headers={'Origin': 'http://localhost'})
+
         if self.expected_response != resp.status_code:
-            LOGGER.error("Expected %d, got %d (%s). %s - %s" % (
-                self.expected_response, resp.status_code, resp.text, self, str))
+            LOGGER.error("Expected %d, got %d (%s). %s" % (
+                self.expected_response, resp.status_code, resp.text, self))
             test.passed = False
+            test.stop_reactor()
 
-    def run(self, test):
-        LOGGER.debug("Running %s" % self)
-        if self.userpass is None:
-            # Test no authentication
-            resp = self.method(build_url('stasis', 'channels'))
-            self.eval('Unauthenticated', test, resp)
-            return
-
-        # Test basic auth
-        resp = self.method(build_url('stasis', 'channels'),
-                           auth=self.userpass)
-        self.eval('Basic', test, resp)
-
-        # Test api_key auth
-        resp = self.method(build_url('stasis', 'channels'),
-                           params={'api_key': "%s:%s" % self.userpass})
-        self.eval('api_key', test, resp)
+        if resp.headers['Access-Control-Allow-Origin'] is None:
+            if expect_headers == True:
+                LOGGER.error("Expected Access-Control-Allow-Origin header.")
+                test.passed = False
+                test.stop_reactor()
+        else:
+            if expect_headers == False:
+                LOGGER.error("Did not expect Access-Control-Allow-Origin header.")
+                test.passed = False
+                test.stop_reactor()
 
 
 SCENARIOS=[
-    # Unauthenticated requests
-    Scenario(None, requests.get,  codes.unauthorized),
-    Scenario(None, requests.post, codes.unauthorized),
-    Scenario(('ro', 'not-a-password'), requests.get, codes.unauthorized),
-    Scenario(('notauser', 'password'), requests.get, codes.unauthorized),
-
-    # Read only requests
-    Scenario(('ro', 'ro-pass'), requests.options, codes.no_content),
-    Scenario(('ro', 'ro-pass'), requests.get,     codes.okay),
-    Scenario(('ro', 'ro-pass'), requests.post,    codes.forbidden),
-    Scenario(('ro', 'ro-pass'), requests.put,     codes.forbidden),
-    Scenario(('ro', 'ro-pass'), requests.patch,   codes.forbidden),
-    Scenario(('ro', 'ro-pass'), requests.delete,  codes.forbidden),
-
-    # Read-write requests
-    Scenario(('rw', 'rw-pass'), requests.options, codes.no_content),
-    Scenario(('rw', 'rw-pass'), requests.get,     codes.okay),
-    Scenario(('rw', 'rw-pass'), requests.post,    codes.bad_request),
-    Scenario(('rw', 'rw-pass'), requests.put,     codes.method_not_allowed),
-    Scenario(('rw', 'rw-pass'), requests.patch,   codes.method_not_allowed),
-    Scenario(('rw', 'rw-pass'), requests.delete,  codes.method_not_allowed),
-
-    # crypted password
-    Scenario(('crypt', 'q'), requests.get, codes.okay),
-    Scenario(('crypt', 'Q'), requests.get, codes.unauthorized),
+    Scenario(('cors', 'cors-pass'), requests.options, codes.no_content),
+    Scenario(('cors', 'cors-pass'), requests.get,     codes.okay),
 ]
 
-class ARIAuthenticationTest(TestCase):
+class ARICORSTest(TestCase):
     def __init__(self):
         TestCase.__init__(self)
         self.passed = True
         self.create_asterisk()
 
     def run(self):
-        try:
-            for scenario in SCENARIOS:
-                scenario.run(self)
-        except:
-            logging.exception("Exception caught during test")
-            self.passed = False
-        finally:
-            self.stop_reactor()
+        self.create_ami_factory()
+
+    def ami_connect(self, ami):
+        self.run_scenarios(False)
+
+        self.replace_config(ami, "ari_star.conf", self.star_reload_finished)
+
+    def run_scenarios(self, expect_headers):
+        for scenario in SCENARIOS:
+            if self.passed == False:
+                return
+
+            scenario.run(self, expect_headers)
+
+    def replace_config(self, ami, config, callback):
+        if self.passed == False:
+            return
+
+        src = "%s/tests/%s/%s" % (os.getcwd(), self.realbase, config)
+
+        LOGGER.debug( "Installing replacement configuration %s" % src)
+        self.ast[0].install_config(src, target_filename = "ari.conf")
+
+        message = {'action': 'reload', 'module': 'res_stasis_http.so'}
+
+        ami.sendMessage(message, responseCallback = callback)
+
+    def star_reload_finished(self, received):
+        self.run_scenarios(True)
+
+        self.replace_config(self.ami[0], "ari_multiple.conf", self.multiple_reload_finished)
+
+    def multiple_reload_finished(self, received):
+        self.run_scenarios(True)
+
+        self.stop_reactor()
 
 def main():
-    test = ARIAuthenticationTest()
+    test = ARICORSTest()
     reactor.run()
+
     if test.passed:
         return 0
     return 1

Modified: asterisk/team/qwell/CORS/tests/rest_api/CORS/test-config.yaml
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/CORS/test-config.yaml?view=diff&rev=3897&r1=3892&r2=3897
==============================================================================
--- asterisk/team/qwell/CORS/tests/rest_api/CORS/test-config.yaml (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/CORS/test-config.yaml Thu Jul 11 15:03:31 2013
@@ -1,9 +1,8 @@
 testinfo:
-    summary: Test authentication for the RESTful API
+    summary: Test CORS (Cross-Origin Resource Sharing) with the RESTful API
     description: |
-        This test attempts several accesses to the RESTful API via all of its
-        authentication mechanisms, making sure we don't accidentally leave the
-        door open for everyone.
+        This test attempts several accesses to the RESTful API using various
+        allowable origins.
 
 properties:
     minversion: '12.0.0'

Modified: asterisk/team/qwell/CORS/tests/rest_api/tests.yaml
URL: http://svnview.digium.com/svn/testsuite/asterisk/team/qwell/CORS/tests/rest_api/tests.yaml?view=diff&rev=3897&r1=3896&r2=3897
==============================================================================
--- asterisk/team/qwell/CORS/tests/rest_api/tests.yaml (original)
+++ asterisk/team/qwell/CORS/tests/rest_api/tests.yaml Thu Jul 11 15:03:31 2013
@@ -2,3 +2,4 @@
 tests:
     - test: 'continue'
     - test: 'authentication'
+    - test: 'CORS'




More information about the asterisk-commits mailing list