Clean up TODOs, comments, rearrange tests, add tests

2023-10-23 11:07:19 -04:00 · 2023-10-23 11:07:19 -04:00 · 2aca16688d
parent a5ea1627f3
commit 2aca16688d
2 changed files with 66 additions and 23 deletions
--- a/ceod/model/VHostManager.py
+++ b/ceod/model/VHostManager.py
@ -107,7 +107,6 @@ class VHostManager:
            checksum = md5(username.encode('utf-8')).hexdigest()
            record = f"csc-verification={checksum}"

-            # not implemented: check domain name exists?
            # look up for TXT record `csc-verification` at root
            rootname = tldextract.extract(domain).registered_domain
            try:
@ -121,7 +120,6 @@ class VHostManager:
                if "The DNS response does not contain an answer to the question: . IN TXT" not in repr(e):
                    raise

-                # TODO: handle errors separately, return errors to user
                print(f"{rootname} does not contain any TXT records.")
                return False

--- a/tests/ceod/api/test_cloud.py
+++ b/tests/ceod/api/test_cloud.py
@ -127,22 +127,6 @@ def test_cloud_vhosts(cfg, client, new_user, ldap_conn):
            principal=uid)
        assert status == 400

-        # invalid custom domain name (with TXT record)
-        custom_domain = "uwaterloo.ca"
-        ip2 = ip1
-        status, _ = client.put(
-            f'/api/cloud/vhosts/{custom_domain}', json={'ip_address': ip2},
-            principal=uid)
-        assert status == 400
-
-        # invalid custom domain name (without TXT record)
-        custom_domain2 = "google.com"
-        ip2 = ip1
-        status, _ = client.put(
-            f'/api/cloud/vhosts/{custom_domain2}', json={'ip_address': ip2},
-            principal=uid)
-        assert status == 400
-
        # invalid IP address
        domain3 = domain1
        ip3 = '129.97.134.10'
@ -180,21 +164,82 @@ def test_cloud_vhosts(cfg, client, new_user, ldap_conn):
            status, _ = client.delete(f'/api/cloud/vhosts/{domain}', principal=uid)
            assert status == 200

-        # TODO: valid custom domain name
+        # invalid custom domain name (with TXT record)
+        custom_domain = "uwaterloo.ca"
+        ip2 = ip1
+        status, _ = client.put(
+            f'/api/cloud/vhosts/{custom_domain}', json={'ip_address': ip2},
+            principal=uid)
+        assert status == 400
+
+        # invalid custom domain name (without TXT record)
+        custom_domain2 = "google.com"
+        ip2 = ip1
+        status, _ = client.put(
+            f'/api/cloud/vhosts/{custom_domain2}', json={'ip_address': ip2},
+            principal=uid)
+        assert status == 400
+        
+        # custom domain setup
+        dns_return_mock = types.SimpleNamespace()
+        dns_return_mock.rrset = [types.SimpleNamespace()]
+        dns_return_mock.rrset[
+            0].to_text = lambda: f"csc-verification={md5(uid.encode('utf-8')).hexdigest()}"
+
+        # valid custom domain name
        now_mock.return_value += datetime.timedelta(seconds=rate_limit_secs)
        custom_domain3 = "example.com"
        ip2 = '172.19.134.32'
        with patch.object(dns.resolver, 'resolve') as dns_mock:
-            dns_mock.return_value = types.SimpleNamespace()
-            dns_mock.return_value.rrset = [types.SimpleNamespace()]
-            dns_mock.return_value.rrset[0].to_text = lambda: f"csc-verification={md5(uid.encode('utf-8')).hexdigest()}"
+            dns_mock.return_value = dns_return_mock
            status, _ = client.put(
                f'/api/cloud/vhosts/{custom_domain3}', json={'ip_address': ip2},
                principal=uid)
            print(status)
            assert status == 200

-        # TODO: invalid custom domain name (valid TXT record, invalid A/AAAA record)
+        # new custom domain name replaces old custom domain name
+        now_mock.return_value += datetime.timedelta(seconds=rate_limit_secs)
+        custom_domain4 = custom_domain3
+        ip2 = '172.19.134.32'
+        ip3 = '172.19.134.33'
+        with patch.object(dns.resolver, 'resolve') as dns_mock:
+            dns_mock.return_value = dns_return_mock
+            status, _ = client.put(
+                f'/api/cloud/vhosts/{custom_domain4}', json={'ip_address': ip3},
+                principal=uid)
+            print(status)
+        status, data = client.get('/api/cloud/vhosts', principal=uid)
+        assert status == 200
+        assert {'domain': custom_domain4, 'ip_address': ip3} in data['vhosts']
+        assert {'domain': custom_domain4, 'ip_address': ip2} not in data['vhosts']
+
+        # ip address can point to both csc subdomain and also custom domain
+        now_mock.return_value += datetime.timedelta(seconds=rate_limit_secs)
+        custom_domain3 = "example.com"
+        ip3 = '172.19.134.33'
+        csc_domain = uid + '.' + members_domain
+        status, _ = client.put(
+            f'/api/cloud/vhosts/{domain1}', json={'ip_address': ip3},
+            principal=uid)
+        assert status == 200
+        status, data = client.get('/api/cloud/vhosts', principal=uid)
+        assert status == 200
+        assert {'domain': custom_domain4, 'ip_address': ip3} in data['vhosts']
+        assert {'domain': csc_domain, 'ip_address': ip3} in data['vhosts']
+
+        # csc-verification record for a different user fails
+        now_mock.return_value += datetime.timedelta(seconds=rate_limit_secs)
+        custom_domain3 = "example.com"
+        ip2 = '172.19.134.34'
+        with patch.object(dns.resolver, 'resolve') as dns_mock:
+            dns_mock.return_value = dns_return_mock
+            dns_mock.return_value.rrset[0].to_text = lambda: f"csc-verification={md5('dummy'.encode('utf-8')).hexdigest()}"
+            status, _ = client.put(
+                f'/api/cloud/vhosts/{custom_domain3}', json={'ip_address': ip2},
+                principal=uid)
+            print(status)
+            assert status == 400

        # expired members may not create vhosts
        expire_member(new_user, ldap_conn)