From 774fdbd031f96dada757470c6e935f0667c775f1 Mon Sep 17 00:00:00 2001 From: crobibero Date: Tue, 16 Jun 2020 14:12:40 -0600 Subject: Fix tests. --- .../Auth/CustomAuthenticationHandlerTests.cs | 71 ++++++-------------- .../FirstTimeSetupOrElevatedHandlerTests.cs | 66 ++++++++++++++++-- .../RequiresElevationHandlerTests.cs | 78 ++++++++++++++++++++-- tests/Jellyfin.Api.Tests/Jellyfin.Api.Tests.csproj | 1 + 4 files changed, 153 insertions(+), 63 deletions(-) (limited to 'tests') diff --git a/tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs index 362d41b01..4ea5094b6 100644 --- a/tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/CustomAuthenticationHandlerTests.cs @@ -1,7 +1,6 @@ using System; using System.Linq; using System.Security.Claims; -using System.Text.Encodings.Web; using System.Threading.Tasks; using AutoFixture; using AutoFixture.AutoMoq; @@ -9,7 +8,6 @@ using Jellyfin.Api.Auth; using Jellyfin.Api.Constants; using Jellyfin.Data.Entities; using Jellyfin.Data.Enums; -using MediaBrowser.Controller.Entities; using MediaBrowser.Controller.Net; using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Http; @@ -26,12 +24,6 @@ namespace Jellyfin.Api.Tests.Auth private readonly IFixture _fixture; private readonly Mock _jellyfinAuthServiceMock; - private readonly Mock> _optionsMonitorMock; - private readonly Mock _clockMock; - private readonly Mock _serviceProviderMock; - private readonly Mock _authenticationServiceMock; - private readonly UrlEncoder _urlEncoder; - private readonly HttpContext _context; private readonly CustomAuthenticationHandler _sut; private readonly AuthenticationScheme _scheme; @@ -47,26 +39,23 @@ namespace Jellyfin.Api.Tests.Auth AllowFixtureCircularDependencies(); _jellyfinAuthServiceMock = _fixture.Freeze>(); - _optionsMonitorMock = _fixture.Freeze>>(); - _clockMock = _fixture.Freeze>(); - _serviceProviderMock = _fixture.Freeze>(); - _authenticationServiceMock = _fixture.Freeze>(); + var optionsMonitorMock = _fixture.Freeze>>(); + var serviceProviderMock = _fixture.Freeze>(); + var authenticationServiceMock = _fixture.Freeze>(); _fixture.Register(() => new NullLoggerFactory()); - _urlEncoder = UrlEncoder.Default; + serviceProviderMock.Setup(s => s.GetService(typeof(IAuthenticationService))) + .Returns(authenticationServiceMock.Object); - _serviceProviderMock.Setup(s => s.GetService(typeof(IAuthenticationService))) - .Returns(_authenticationServiceMock.Object); - - _optionsMonitorMock.Setup(o => o.Get(It.IsAny())) + optionsMonitorMock.Setup(o => o.Get(It.IsAny())) .Returns(new AuthenticationSchemeOptions { ForwardAuthenticate = null }); - _context = new DefaultHttpContext + HttpContext context = new DefaultHttpContext { - RequestServices = _serviceProviderMock.Object + RequestServices = serviceProviderMock.Object }; _scheme = new AuthenticationScheme( @@ -75,24 +64,7 @@ namespace Jellyfin.Api.Tests.Auth typeof(CustomAuthenticationHandler)); _sut = _fixture.Create(); - _sut.InitializeAsync(_scheme, _context).Wait(); - } - - [Fact] - public async Task HandleAuthenticateAsyncShouldFailWithNullUser() - { - _jellyfinAuthServiceMock.Setup( - a => a.Authenticate( - It.IsAny(), - It.IsAny())) - .Returns((User?)null); - - var authenticateResult = await _sut.AuthenticateAsync(); - - Assert.False(authenticateResult.Succeeded); - Assert.True(authenticateResult.None); - // TODO return when legacy API is removed. - // Assert.Equal("Invalid user", authenticateResult.Failure.Message); + _sut.InitializeAsync(_scheme, context).Wait(); } [Fact] @@ -102,8 +74,7 @@ namespace Jellyfin.Api.Tests.Auth _jellyfinAuthServiceMock.Setup( a => a.Authenticate( - It.IsAny(), - It.IsAny())) + It.IsAny())) .Throws(new SecurityException(errorMessage)); var authenticateResult = await _sut.AuthenticateAsync(); @@ -125,10 +96,10 @@ namespace Jellyfin.Api.Tests.Auth [Fact] public async Task HandleAuthenticateAsyncShouldAssignNameClaim() { - var user = SetupUser(); + var authorizationInfo = SetupUser(); var authenticateResult = await _sut.AuthenticateAsync(); - Assert.True(authenticateResult.Principal.HasClaim(ClaimTypes.Name, user.Username)); + Assert.True(authenticateResult.Principal.HasClaim(ClaimTypes.Name, authorizationInfo.User.Username)); } [Theory] @@ -136,10 +107,10 @@ namespace Jellyfin.Api.Tests.Auth [InlineData(false)] public async Task HandleAuthenticateAsyncShouldAssignRoleClaim(bool isAdmin) { - var user = SetupUser(isAdmin); + var authorizationInfo = SetupUser(isAdmin); var authenticateResult = await _sut.AuthenticateAsync(); - var expectedRole = user.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User; + var expectedRole = authorizationInfo.User.HasPermission(PermissionKind.IsAdministrator) ? UserRoles.Administrator : UserRoles.User; Assert.True(authenticateResult.Principal.HasClaim(ClaimTypes.Role, expectedRole)); } @@ -152,18 +123,18 @@ namespace Jellyfin.Api.Tests.Auth Assert.Equal(_scheme.Name, authenticatedResult.Ticket.AuthenticationScheme); } - private User SetupUser(bool isAdmin = false) + private AuthorizationInfo SetupUser(bool isAdmin = false) { - var user = _fixture.Create(); - user.SetPermission(PermissionKind.IsAdministrator, isAdmin); + var authorizationInfo = _fixture.Create(); + authorizationInfo.User = _fixture.Create(); + authorizationInfo.User.SetPermission(PermissionKind.IsAdministrator, isAdmin); _jellyfinAuthServiceMock.Setup( a => a.Authenticate( - It.IsAny(), - It.IsAny())) - .Returns(user); + It.IsAny())) + .Returns(authorizationInfo); - return user; + return authorizationInfo; } private void AllowFixtureCircularDependencies() diff --git a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs index e40af703f..e455df643 100644 --- a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs @@ -1,13 +1,21 @@ +using System; using System.Collections.Generic; +using System.Globalization; +using System.Net; using System.Security.Claims; using System.Threading.Tasks; using AutoFixture; using AutoFixture.AutoMoq; using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Constants; +using Jellyfin.Data.Entities; +using Jellyfin.Data.Enums; +using Jellyfin.Server.Implementations.Users; using MediaBrowser.Common.Configuration; +using MediaBrowser.Controller.Library; using MediaBrowser.Model.Configuration; using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; using Moq; using Xunit; @@ -15,15 +23,28 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy { public class FirstTimeSetupOrElevatedHandlerTests { + /// + /// 127.0.0.1. + /// + private const long InternalIp = 16777343; + + /// + /// 1.1.1.1. + /// + /// private const long ExternalIp = 16843009; private readonly Mock _configurationManagerMock; private readonly List _requirements; private readonly FirstTimeSetupOrElevatedHandler _sut; + private readonly Mock _userManagerMock; + private readonly Mock _httpContextAccessor; public FirstTimeSetupOrElevatedHandlerTests() { var fixture = new Fixture().Customize(new AutoMoqCustomization()); _configurationManagerMock = fixture.Freeze>(); _requirements = new List { new FirstTimeSetupOrElevatedRequirement() }; + _userManagerMock = fixture.Freeze>(); + _httpContextAccessor = fixture.Freeze>(); _sut = fixture.Create(); } @@ -35,8 +56,15 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy public async Task ShouldSucceedIfStartupWizardIncomplete(string userRole) { SetupConfigurationManager(false); - var user = SetupUser(userRole); - var context = new AuthorizationHandlerContext(_requirements, user, null); + var (user, claims) = SetupUser(userRole); + + _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) + .Returns(user); + + _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) + .Returns(new IPAddress(InternalIp)); + + var context = new AuthorizationHandlerContext(_requirements, claims, null); await _sut.HandleAsync(context); Assert.True(context.HasSucceeded); @@ -49,18 +77,42 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldSucceed) { SetupConfigurationManager(true); - var user = SetupUser(userRole); - var context = new AuthorizationHandlerContext(_requirements, user, null); + var (user, claims) = SetupUser(userRole); + + _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) + .Returns(user); + + _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) + .Returns(new IPAddress(InternalIp)); + + var context = new AuthorizationHandlerContext(_requirements, claims, null); await _sut.HandleAsync(context); Assert.Equal(shouldSucceed, context.HasSucceeded); } - private static ClaimsPrincipal SetupUser(string role) + private static (User, ClaimsPrincipal) SetupUser(string role) { - var claims = new[] { new Claim(ClaimTypes.Role, role) }; + var user = new User( + "jellyfin", + typeof(DefaultAuthenticationProvider).FullName, + typeof(DefaultPasswordResetProvider).FullName); + + user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase)); + var claims = new[] + { + new Claim(ClaimTypes.Role, role), + new Claim(ClaimTypes.Name, "jellyfin"), + new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.Device, "test"), + new Claim(InternalClaimTypes.Client, "test"), + new Claim(InternalClaimTypes.Version, "test"), + new Claim(InternalClaimTypes.Token, "test"), + }; + var identity = new ClaimsIdentity(claims); - return new ClaimsPrincipal(identity); + return (user, new ClaimsPrincipal(identity)); } private void SetupConfigurationManager(bool startupWizardCompleted) diff --git a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs index cd05a8328..58eae8478 100644 --- a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs @@ -1,20 +1,48 @@ +using System; using System.Collections.Generic; +using System.Globalization; +using System.Net; using System.Security.Claims; using System.Threading.Tasks; +using AutoFixture; +using AutoFixture.AutoMoq; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Constants; +using Jellyfin.Data.Entities; +using Jellyfin.Data.Enums; +using Jellyfin.Server.Implementations.Users; +using MediaBrowser.Common.Configuration; +using MediaBrowser.Controller.Library; +using MediaBrowser.Model.Configuration; using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Moq; using Xunit; namespace Jellyfin.Api.Tests.Auth.RequiresElevationPolicy { public class RequiresElevationHandlerTests { + /// + /// 127.0.0.1. + /// + private const long InternalIp = 16777343; + + private readonly Mock _configurationManagerMock; + private readonly List _requirements; private readonly RequiresElevationHandler _sut; + private readonly Mock _userManagerMock; + private readonly Mock _httpContextAccessor; public RequiresElevationHandlerTests() { - _sut = new RequiresElevationHandler(); + var fixture = new Fixture().Customize(new AutoMoqCustomization()); + _configurationManagerMock = fixture.Freeze>(); + _requirements = new List { new RequiresElevationRequirement() }; + _userManagerMock = fixture.Freeze>(); + _httpContextAccessor = fixture.Freeze>(); + + _sut = fixture.Create(); } [Theory] @@ -23,16 +51,54 @@ namespace Jellyfin.Api.Tests.Auth.RequiresElevationPolicy [InlineData(UserRoles.Guest, false)] public async Task ShouldHandleRolesCorrectly(string role, bool shouldSucceed) { - var requirements = new List { new RequiresElevationRequirement() }; + SetupConfigurationManager(true); + var (user, claims) = SetupUser(role); - var claims = new[] { new Claim(ClaimTypes.Role, role) }; - var identity = new ClaimsIdentity(claims); - var user = new ClaimsPrincipal(identity); + _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) + .Returns(user); + + _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) + .Returns(new IPAddress(InternalIp)); - var context = new AuthorizationHandlerContext(requirements, user, null); + var context = new AuthorizationHandlerContext(_requirements, claims, null); await _sut.HandleAsync(context); Assert.Equal(shouldSucceed, context.HasSucceeded); } + + private static (User, ClaimsPrincipal) SetupUser(string role) + { + var user = new User( + "jellyfin", + typeof(DefaultAuthenticationProvider).FullName, + typeof(DefaultPasswordResetProvider).FullName); + + user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase)); + var claims = new[] + { + new Claim(ClaimTypes.Role, role), + new Claim(ClaimTypes.Name, "jellyfin"), + new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.Device, "test"), + new Claim(InternalClaimTypes.Client, "test"), + new Claim(InternalClaimTypes.Version, "test"), + new Claim(InternalClaimTypes.Token, "test"), + }; + + var identity = new ClaimsIdentity(claims); + return (user, new ClaimsPrincipal(identity)); + } + + private void SetupConfigurationManager(bool startupWizardCompleted) + { + var commonConfiguration = new BaseApplicationConfiguration + { + IsStartupWizardCompleted = startupWizardCompleted + }; + + _configurationManagerMock.Setup(c => c.CommonConfiguration) + .Returns(commonConfiguration); + } } } diff --git a/tests/Jellyfin.Api.Tests/Jellyfin.Api.Tests.csproj b/tests/Jellyfin.Api.Tests/Jellyfin.Api.Tests.csproj index aedcc7c42..010fad520 100644 --- a/tests/Jellyfin.Api.Tests/Jellyfin.Api.Tests.csproj +++ b/tests/Jellyfin.Api.Tests/Jellyfin.Api.Tests.csproj @@ -35,6 +35,7 @@ + -- cgit v1.2.3 From b22fdbf59ee6536ca255ca3c57a13e5b9293fd78 Mon Sep 17 00:00:00 2001 From: crobibero Date: Tue, 16 Jun 2020 16:42:10 -0600 Subject: Add tests and cleanup --- .../DefaultAuthorizationHandlerTests.cs | 54 +++++++++++++ .../FirstTimeSetupOrElevatedHandlerTests.cs | 80 +++---------------- .../IgnoreScheduleHandlerTests.cs | 60 ++++++++++++++ .../RequiresElevationHandlerTests.cs | 62 ++------------- tests/Jellyfin.Api.Tests/TestHelpers.cs | 92 ++++++++++++++++++++++ 5 files changed, 224 insertions(+), 124 deletions(-) create mode 100644 tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs create mode 100644 tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs create mode 100644 tests/Jellyfin.Api.Tests/TestHelpers.cs (limited to 'tests') diff --git a/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs new file mode 100644 index 000000000..991ea3262 --- /dev/null +++ b/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs @@ -0,0 +1,54 @@ +using System.Collections.Generic; +using System.Threading.Tasks; +using AutoFixture; +using AutoFixture.AutoMoq; +using Jellyfin.Api.Auth.DefaultAuthorizationPolicy; +using Jellyfin.Api.Constants; +using MediaBrowser.Common.Configuration; +using MediaBrowser.Controller.Library; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Moq; +using Xunit; + +namespace Jellyfin.Api.Tests.Auth.DefaultAuthorizationPolicy +{ + public class DefaultAuthorizationHandlerTests + { + private readonly Mock _configurationManagerMock; + private readonly List _requirements; + private readonly DefaultAuthorizationHandler _sut; + private readonly Mock _userManagerMock; + private readonly Mock _httpContextAccessor; + + public DefaultAuthorizationHandlerTests() + { + var fixture = new Fixture().Customize(new AutoMoqCustomization()); + _configurationManagerMock = fixture.Freeze>(); + _requirements = new List { new DefaultAuthorizationRequirement() }; + _userManagerMock = fixture.Freeze>(); + _httpContextAccessor = fixture.Freeze>(); + + _sut = fixture.Create(); + } + + [Theory] + [InlineData(UserRoles.Administrator)] + [InlineData(UserRoles.Guest)] + [InlineData(UserRoles.User)] + public async Task ShouldSucceedOnUser(string userRole) + { + TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); + var (_, claims) = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + userRole, + TestHelpers.InternalIp); + + var context = new AuthorizationHandlerContext(_requirements, claims, null); + + await _sut.HandleAsync(context); + Assert.True(context.HasSucceeded); + } + } +} diff --git a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs index e455df643..2b4941908 100644 --- a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs @@ -1,19 +1,11 @@ -using System; using System.Collections.Generic; -using System.Globalization; -using System.Net; -using System.Security.Claims; using System.Threading.Tasks; using AutoFixture; using AutoFixture.AutoMoq; using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy; using Jellyfin.Api.Constants; -using Jellyfin.Data.Entities; -using Jellyfin.Data.Enums; -using Jellyfin.Server.Implementations.Users; using MediaBrowser.Common.Configuration; using MediaBrowser.Controller.Library; -using MediaBrowser.Model.Configuration; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Moq; @@ -23,15 +15,6 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy { public class FirstTimeSetupOrElevatedHandlerTests { - /// - /// 127.0.0.1. - /// - private const long InternalIp = 16777343; - - /// - /// 1.1.1.1. - /// - /// private const long ExternalIp = 16843009; private readonly Mock _configurationManagerMock; private readonly List _requirements; private readonly FirstTimeSetupOrElevatedHandler _sut; @@ -55,14 +38,12 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy [InlineData(UserRoles.User)] public async Task ShouldSucceedIfStartupWizardIncomplete(string userRole) { - SetupConfigurationManager(false); - var (user, claims) = SetupUser(userRole); - - _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) - .Returns(user); - - _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) - .Returns(new IPAddress(InternalIp)); + TestHelpers.SetupConfigurationManager(_configurationManagerMock, false); + var (_, claims) = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + userRole, + TestHelpers.InternalIp); var context = new AuthorizationHandlerContext(_requirements, claims, null); @@ -76,54 +57,17 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy [InlineData(UserRoles.User, false)] public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldSucceed) { - SetupConfigurationManager(true); - var (user, claims) = SetupUser(userRole); - - _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) - .Returns(user); - - _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) - .Returns(new IPAddress(InternalIp)); + TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); + var (_, claims) = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + userRole, + TestHelpers.InternalIp); var context = new AuthorizationHandlerContext(_requirements, claims, null); await _sut.HandleAsync(context); Assert.Equal(shouldSucceed, context.HasSucceeded); } - - private static (User, ClaimsPrincipal) SetupUser(string role) - { - var user = new User( - "jellyfin", - typeof(DefaultAuthenticationProvider).FullName, - typeof(DefaultPasswordResetProvider).FullName); - - user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase)); - var claims = new[] - { - new Claim(ClaimTypes.Role, role), - new Claim(ClaimTypes.Name, "jellyfin"), - new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), - new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), - new Claim(InternalClaimTypes.Device, "test"), - new Claim(InternalClaimTypes.Client, "test"), - new Claim(InternalClaimTypes.Version, "test"), - new Claim(InternalClaimTypes.Token, "test"), - }; - - var identity = new ClaimsIdentity(claims); - return (user, new ClaimsPrincipal(identity)); - } - - private void SetupConfigurationManager(bool startupWizardCompleted) - { - var commonConfiguration = new BaseApplicationConfiguration - { - IsStartupWizardCompleted = startupWizardCompleted - }; - - _configurationManagerMock.Setup(c => c.CommonConfiguration) - .Returns(commonConfiguration); - } } } diff --git a/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs new file mode 100644 index 000000000..25acfb581 --- /dev/null +++ b/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs @@ -0,0 +1,60 @@ +using System; +using System.Collections.Generic; +using System.Threading.Tasks; +using AutoFixture; +using AutoFixture.AutoMoq; +using Jellyfin.Api.Auth.IgnoreSchedulePolicy; +using Jellyfin.Api.Constants; +using Jellyfin.Data.Entities; +using Jellyfin.Data.Enums; +using MediaBrowser.Common.Configuration; +using MediaBrowser.Controller.Library; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Moq; +using Xunit; + +namespace Jellyfin.Api.Tests.Auth.IgnoreSchedulePolicy +{ + public class IgnoreScheduleHandlerTests + { + private readonly Mock _configurationManagerMock; + private readonly List _requirements; + private readonly IgnoreScheduleHandler _sut; + private readonly Mock _userManagerMock; + private readonly Mock _httpContextAccessor; + + private readonly AccessSchedule[] _accessSchedules = { new AccessSchedule(DynamicDayOfWeek.Everyday, 0, 0, Guid.Empty) }; + + public IgnoreScheduleHandlerTests() + { + var fixture = new Fixture().Customize(new AutoMoqCustomization()); + _configurationManagerMock = fixture.Freeze>(); + _requirements = new List { new IgnoreScheduleRequirement() }; + _userManagerMock = fixture.Freeze>(); + _httpContextAccessor = fixture.Freeze>(); + + _sut = fixture.Create(); + } + + [Theory] + [InlineData(UserRoles.Administrator, true)] + [InlineData(UserRoles.User, true)] + [InlineData(UserRoles.Guest, true)] + public async Task ShouldAllowScheduleCorrectly(string role, bool shouldSucceed) + { + TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); + var (_, claims) = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + role, + TestHelpers.InternalIp, + _accessSchedules); + + var context = new AuthorizationHandlerContext(_requirements, claims, null); + + await _sut.HandleAsync(context); + Assert.Equal(shouldSucceed, context.HasSucceeded); + } + } +} diff --git a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs index 58eae8478..f4617d0a4 100644 --- a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs @@ -1,19 +1,11 @@ -using System; using System.Collections.Generic; -using System.Globalization; -using System.Net; -using System.Security.Claims; using System.Threading.Tasks; using AutoFixture; using AutoFixture.AutoMoq; using Jellyfin.Api.Auth.RequiresElevationPolicy; using Jellyfin.Api.Constants; -using Jellyfin.Data.Entities; -using Jellyfin.Data.Enums; -using Jellyfin.Server.Implementations.Users; using MediaBrowser.Common.Configuration; using MediaBrowser.Controller.Library; -using MediaBrowser.Model.Configuration; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Moq; @@ -23,11 +15,6 @@ namespace Jellyfin.Api.Tests.Auth.RequiresElevationPolicy { public class RequiresElevationHandlerTests { - /// - /// 127.0.0.1. - /// - private const long InternalIp = 16777343; - private readonly Mock _configurationManagerMock; private readonly List _requirements; private readonly RequiresElevationHandler _sut; @@ -51,54 +38,17 @@ namespace Jellyfin.Api.Tests.Auth.RequiresElevationPolicy [InlineData(UserRoles.Guest, false)] public async Task ShouldHandleRolesCorrectly(string role, bool shouldSucceed) { - SetupConfigurationManager(true); - var (user, claims) = SetupUser(role); - - _userManagerMock.Setup(u => u.GetUserById(It.IsAny())) - .Returns(user); - - _httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress) - .Returns(new IPAddress(InternalIp)); + TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); + var (_, claims) = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + role, + TestHelpers.InternalIp); var context = new AuthorizationHandlerContext(_requirements, claims, null); await _sut.HandleAsync(context); Assert.Equal(shouldSucceed, context.HasSucceeded); } - - private static (User, ClaimsPrincipal) SetupUser(string role) - { - var user = new User( - "jellyfin", - typeof(DefaultAuthenticationProvider).FullName, - typeof(DefaultPasswordResetProvider).FullName); - - user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase)); - var claims = new[] - { - new Claim(ClaimTypes.Role, role), - new Claim(ClaimTypes.Name, "jellyfin"), - new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), - new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), - new Claim(InternalClaimTypes.Device, "test"), - new Claim(InternalClaimTypes.Client, "test"), - new Claim(InternalClaimTypes.Version, "test"), - new Claim(InternalClaimTypes.Token, "test"), - }; - - var identity = new ClaimsIdentity(claims); - return (user, new ClaimsPrincipal(identity)); - } - - private void SetupConfigurationManager(bool startupWizardCompleted) - { - var commonConfiguration = new BaseApplicationConfiguration - { - IsStartupWizardCompleted = startupWizardCompleted - }; - - _configurationManagerMock.Setup(c => c.CommonConfiguration) - .Returns(commonConfiguration); - } } } diff --git a/tests/Jellyfin.Api.Tests/TestHelpers.cs b/tests/Jellyfin.Api.Tests/TestHelpers.cs new file mode 100644 index 000000000..4617486fd --- /dev/null +++ b/tests/Jellyfin.Api.Tests/TestHelpers.cs @@ -0,0 +1,92 @@ +using System; +using System.Collections.Generic; +using System.Globalization; +using System.Net; +using System.Security.Claims; +using Jellyfin.Api.Constants; +using Jellyfin.Data.Entities; +using Jellyfin.Data.Enums; +using Jellyfin.Server.Implementations.Users; +using MediaBrowser.Common.Configuration; +using MediaBrowser.Controller.Library; +using MediaBrowser.Model.Configuration; +using Microsoft.AspNetCore.Http; +using Moq; +using AccessSchedule = Jellyfin.Data.Entities.AccessSchedule; + +namespace Jellyfin.Api.Tests +{ + public static class TestHelpers + { + /// + /// 127.0.0.1. + /// + public const long InternalIp = 16777343; + + /// + /// 1.1.1.1. + /// + public const long ExternalIp = 16843009; + + public static (User, ClaimsPrincipal) SetupUser( + Mock userManagerMock, + Mock httpContextAccessorMock, + string role, + long ip, + IEnumerable? accessSchedules = null) + { + var user = new User( + "jellyfin", + typeof(DefaultAuthenticationProvider).FullName, + typeof(DefaultPasswordResetProvider).FullName); + + // Set administrator flag. + user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase)); + + // Add access schedules if set. + if (accessSchedules != null) + { + foreach (var accessSchedule in accessSchedules) + { + user.AccessSchedules.Add(accessSchedule); + } + } + + var claims = new[] + { + new Claim(ClaimTypes.Role, role), + new Claim(ClaimTypes.Name, "jellyfin"), + new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)), + new Claim(InternalClaimTypes.Device, "test"), + new Claim(InternalClaimTypes.Client, "test"), + new Claim(InternalClaimTypes.Version, "test"), + new Claim(InternalClaimTypes.Token, "test"), + }; + + var identity = new ClaimsIdentity(claims); + + userManagerMock + .Setup(u => u.GetUserById(It.IsAny())) + .Returns(user); + + httpContextAccessorMock + .Setup(h => h.HttpContext.Connection.RemoteIpAddress) + .Returns(new IPAddress(ip)); + + return (user, new ClaimsPrincipal(identity)); + } + + public static void SetupConfigurationManager(in Mock configurationManagerMock, bool startupWizardCompleted) + { + var commonConfiguration = new BaseApplicationConfiguration + { + IsStartupWizardCompleted = startupWizardCompleted + }; + + configurationManagerMock + .Setup(c => c.CommonConfiguration) + .Returns(commonConfiguration); + } + } +} -- cgit v1.2.3 From 29917699f0854f504452e62ee7be4bff0a4a206d Mon Sep 17 00:00:00 2001 From: crobibero Date: Tue, 16 Jun 2020 16:55:02 -0600 Subject: Further cleanup and add final tests --- .../DefaultAuthorizationHandlerTests.cs | 5 +- .../FirstTimeSetupOrElevatedHandlerTests.cs | 10 ++-- .../IgnoreScheduleHandlerTests.cs | 6 ++- .../LocalAccessPolicy/LocalAccessHandlerTests.cs | 58 ++++++++++++++++++++++ .../RequiresElevationHandlerTests.cs | 5 +- tests/Jellyfin.Api.Tests/TestHelpers.cs | 17 ++----- 6 files changed, 73 insertions(+), 28 deletions(-) create mode 100644 tests/Jellyfin.Api.Tests/Auth/LocalAccessPolicy/LocalAccessHandlerTests.cs (limited to 'tests') diff --git a/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs index 991ea3262..a62fd8d5a 100644 --- a/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/DefaultAuthorizationPolicy/DefaultAuthorizationHandlerTests.cs @@ -39,11 +39,10 @@ namespace Jellyfin.Api.Tests.Auth.DefaultAuthorizationPolicy public async Task ShouldSucceedOnUser(string userRole) { TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); - var (_, claims) = TestHelpers.SetupUser( + var claims = TestHelpers.SetupUser( _userManagerMock, _httpContextAccessor, - userRole, - TestHelpers.InternalIp); + userRole); var context = new AuthorizationHandlerContext(_requirements, claims, null); diff --git a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs index 2b4941908..ee42216e4 100644 --- a/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/FirstTimeSetupOrElevatedPolicy/FirstTimeSetupOrElevatedHandlerTests.cs @@ -39,11 +39,10 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy public async Task ShouldSucceedIfStartupWizardIncomplete(string userRole) { TestHelpers.SetupConfigurationManager(_configurationManagerMock, false); - var (_, claims) = TestHelpers.SetupUser( + var claims = TestHelpers.SetupUser( _userManagerMock, _httpContextAccessor, - userRole, - TestHelpers.InternalIp); + userRole); var context = new AuthorizationHandlerContext(_requirements, claims, null); @@ -58,11 +57,10 @@ namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldSucceed) { TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); - var (_, claims) = TestHelpers.SetupUser( + var claims = TestHelpers.SetupUser( _userManagerMock, _httpContextAccessor, - userRole, - TestHelpers.InternalIp); + userRole); var context = new AuthorizationHandlerContext(_requirements, claims, null); diff --git a/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs index 25acfb581..b65d45aa0 100644 --- a/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/IgnoreSchedulePolicy/IgnoreScheduleHandlerTests.cs @@ -24,6 +24,9 @@ namespace Jellyfin.Api.Tests.Auth.IgnoreSchedulePolicy private readonly Mock _userManagerMock; private readonly Mock _httpContextAccessor; + /// + /// Globally disallow access. + /// private readonly AccessSchedule[] _accessSchedules = { new AccessSchedule(DynamicDayOfWeek.Everyday, 0, 0, Guid.Empty) }; public IgnoreScheduleHandlerTests() @@ -44,11 +47,10 @@ namespace Jellyfin.Api.Tests.Auth.IgnoreSchedulePolicy public async Task ShouldAllowScheduleCorrectly(string role, bool shouldSucceed) { TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); - var (_, claims) = TestHelpers.SetupUser( + var claims = TestHelpers.SetupUser( _userManagerMock, _httpContextAccessor, role, - TestHelpers.InternalIp, _accessSchedules); var context = new AuthorizationHandlerContext(_requirements, claims, null); diff --git a/tests/Jellyfin.Api.Tests/Auth/LocalAccessPolicy/LocalAccessHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/LocalAccessPolicy/LocalAccessHandlerTests.cs new file mode 100644 index 000000000..09ffa8468 --- /dev/null +++ b/tests/Jellyfin.Api.Tests/Auth/LocalAccessPolicy/LocalAccessHandlerTests.cs @@ -0,0 +1,58 @@ +using System.Collections.Generic; +using System.Threading.Tasks; +using AutoFixture; +using AutoFixture.AutoMoq; +using Jellyfin.Api.Auth.LocalAccessPolicy; +using Jellyfin.Api.Constants; +using MediaBrowser.Common.Configuration; +using MediaBrowser.Common.Net; +using MediaBrowser.Controller.Library; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Http; +using Moq; +using Xunit; + +namespace Jellyfin.Api.Tests.Auth.LocalAccessPolicy +{ + public class LocalAccessHandlerTests + { + private readonly Mock _configurationManagerMock; + private readonly List _requirements; + private readonly LocalAccessHandler _sut; + private readonly Mock _userManagerMock; + private readonly Mock _httpContextAccessor; + private readonly Mock _networkManagerMock; + + public LocalAccessHandlerTests() + { + var fixture = new Fixture().Customize(new AutoMoqCustomization()); + _configurationManagerMock = fixture.Freeze>(); + _requirements = new List { new LocalAccessRequirement() }; + _userManagerMock = fixture.Freeze>(); + _httpContextAccessor = fixture.Freeze>(); + _networkManagerMock = fixture.Freeze>(); + + _sut = fixture.Create(); + } + + [Theory] + [InlineData(true, true)] + [InlineData(false, false)] + public async Task LocalAccessOnly(bool isInLocalNetwork, bool shouldSucceed) + { + _networkManagerMock + .Setup(n => n.IsInLocalNetwork(It.IsAny())) + .Returns(isInLocalNetwork); + + TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); + var claims = TestHelpers.SetupUser( + _userManagerMock, + _httpContextAccessor, + UserRoles.User); + + var context = new AuthorizationHandlerContext(_requirements, claims, null); + await _sut.HandleAsync(context); + Assert.Equal(shouldSucceed, context.HasSucceeded); + } + } +} diff --git a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs index f4617d0a4..ffe88fcde 100644 --- a/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs +++ b/tests/Jellyfin.Api.Tests/Auth/RequiresElevationPolicy/RequiresElevationHandlerTests.cs @@ -39,11 +39,10 @@ namespace Jellyfin.Api.Tests.Auth.RequiresElevationPolicy public async Task ShouldHandleRolesCorrectly(string role, bool shouldSucceed) { TestHelpers.SetupConfigurationManager(_configurationManagerMock, true); - var (_, claims) = TestHelpers.SetupUser( + var claims = TestHelpers.SetupUser( _userManagerMock, _httpContextAccessor, - role, - TestHelpers.InternalIp); + role); var context = new AuthorizationHandlerContext(_requirements, claims, null); diff --git a/tests/Jellyfin.Api.Tests/TestHelpers.cs b/tests/Jellyfin.Api.Tests/TestHelpers.cs index 4617486fd..a4dd4e409 100644 --- a/tests/Jellyfin.Api.Tests/TestHelpers.cs +++ b/tests/Jellyfin.Api.Tests/TestHelpers.cs @@ -18,21 +18,10 @@ namespace Jellyfin.Api.Tests { public static class TestHelpers { - /// - /// 127.0.0.1. - /// - public const long InternalIp = 16777343; - - /// - /// 1.1.1.1. - /// - public const long ExternalIp = 16843009; - - public static (User, ClaimsPrincipal) SetupUser( + public static ClaimsPrincipal SetupUser( Mock userManagerMock, Mock httpContextAccessorMock, string role, - long ip, IEnumerable? accessSchedules = null) { var user = new User( @@ -72,9 +61,9 @@ namespace Jellyfin.Api.Tests httpContextAccessorMock .Setup(h => h.HttpContext.Connection.RemoteIpAddress) - .Returns(new IPAddress(ip)); + .Returns(new IPAddress(0)); - return (user, new ClaimsPrincipal(identity)); + return new ClaimsPrincipal(identity); } public static void SetupConfigurationManager(in Mock configurationManagerMock, bool startupWizardCompleted) -- cgit v1.2.3