firewall: test that unprotected endpoints work.

This commit is contained in:
Arseny Balobanov 2020-04-05 00:16:14 +03:00
parent 288c7691af
commit 5ec01ed9b4

View file

@ -98,6 +98,7 @@ func TestFirewall(t *testing.T) {
conf string conf string
service http.HandlerFunc service http.HandlerFunc
makeRequest func() *resty.Request makeRequest func() *resty.Request
endpoint string
expected result expected result
}{ }{
{ {
@ -139,6 +140,23 @@ rules:
}, },
expected: result{code: http.StatusOK, body: `{"user_id": 123, "path": "../../user"}`}, expected: result{code: http.StatusOK, body: `{"user_id": 123, "path": "../../user"}`},
}, },
{
name: "unprotected-endpoint",
conf: `
rules:
- endpoint: "/list"
forbidden_user_agents:
- 'python-requests.*'
`,
service: echoService,
makeRequest: func() *resty.Request {
return c.R().
SetHeader("User-Agent", "python-requests/2.22.0").
SetBody(`{"user_id": 123}`)
},
endpoint: "/login",
expected: result{code: http.StatusOK, body: `{"user_id": 123}`},
},
{ {
name: "bad-user-agent", name: "bad-user-agent",
conf: ` conf: `
@ -258,7 +276,7 @@ rules:
port, cleanup := startServer(t, service.URL, tc.conf) port, cleanup := startServer(t, service.URL, tc.conf)
defer cleanup() defer cleanup()
u := fmt.Sprintf("http://localhost:%s", port) u := fmt.Sprintf("http://localhost:%s%s", port, tc.endpoint)
resp, err := tc.makeRequest().Post(u) resp, err := tc.makeRequest().Post(u)
require.NoError(t, err) require.NoError(t, err)