dufs/tests/auth.rs

mod fixtures;
mod utils;

use diqwest::blocking::WithDigestAuth;
use fixtures::{server, Error, TestServer};
use rstest::rstest;

#[rstest]
fn no_auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(server.url())?;
    assert_eq!(resp.status(), 401);
    assert!(resp.headers().contains_key("www-authenticate"));
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    Ok(())
}

#[rstest]
fn auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    Ok(())
}

#[rstest]
fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result<(), Error> {
    let resp = reqwest::blocking::get(server.url())?;
    assert_eq!(resp.status(), 200);
    Ok(())
}

#[rstest]
fn auth_skip_on_options_method(
    #[with(&["--auth", "/@user:pass"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"OPTIONS", &url).send()?;
    assert_eq!(resp.status(), 200);
    Ok(())
}

#[rstest]
fn auth_check(
    #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}index.html?auth", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
}

#[rstest]
fn auth_readonly(
    #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 200);
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user2", "pass2")?;
    assert_eq!(resp.status(), 401);
    Ok(())
}

#[rstest]
fn auth_nest(
    #[with(&["--auth", "/@user:pass@user2:pass2", "--auth", "/dir1@user3:pass3", "-A"])]
    server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}dir1/file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user3", "pass3")?;
    assert_eq!(resp.status(), 201);
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 201);
    Ok(())
}

#[rstest]
fn auth_nest_share(
    #[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 200);
    Ok(())
}

#[rstest]
fn auth_basic(
    #[with(&["--auth", "/@user:pass", "--auth-method", "basic", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}file1", server.url());
    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"PUT", &url)
        .body(b"abc".to_vec())
        .basic_auth("user", Some("pass"))
        .send()?;
    assert_eq!(resp.status(), 201);
    Ok(())
}

#[rstest]
fn auth_webdav_move(
    #[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let origin_url = format!("{}dir1/test.html", server.url());
    let new_url = format!("{}test2.html", server.url());
    let resp = fetch!(b"MOVE", &origin_url)
        .header("Destination", &new_url)
        .send_with_digest_auth("user3", "pass3")?;
    assert_eq!(resp.status(), 403);
    Ok(())
}

#[rstest]
fn auth_webdav_copy(
    #[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let origin_url = format!("{}dir1/test.html", server.url());
    let new_url = format!("{}test2.html", server.url());
    let resp = fetch!(b"COPY", &origin_url)
        .header("Destination", &new_url)
        .send_with_digest_auth("user3", "pass3")?;
    assert_eq!(resp.status(), 403);
    Ok(())
}

#[rstest]
fn auth_path_prefix(
    #[with(&["--auth", "/@user:pass", "--path-prefix", "xyz", "-A"])] server: TestServer,
) -> Result<(), Error> {
    let url = format!("{}xyz/index.html", server.url());
    let resp = fetch!(b"GET", &url).send()?;
    assert_eq!(resp.status(), 401);
    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
    assert_eq!(resp.status(), 200);
    Ok(())
}
test: add integration tests (#36) 2022-06-12 03:43:50 +03:00			`mod fixtures;`
			`mod utils;`

			`use diqwest::blocking::WithDigestAuth;`
			`use fixtures::{server, Error, TestServer};`
			`use rstest::rstest;`

			`#[rstest]`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`fn no_auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {`
test: add integration tests (#36) 2022-06-12 03:43:50 +03:00			`let resp = reqwest::blocking::get(server.url())?;`
			`assert_eq!(resp.status(), 401);`
			`assert!(resp.headers().contains_key("www-authenticate"));`
			`let url = format!("{}file1", server.url());`
			`let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;`
			`assert_eq!(resp.status(), 401);`
			`Ok(())`
			`}`

			`#[rstest]`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`fn auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {`
test: add integration tests (#36) 2022-06-12 03:43:50 +03:00			`let url = format!("{}file1", server.url());`
			`let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"PUT", &url)`
			`.body(b"abc".to_vec())`
			`.send_with_digest_auth("user", "pass")?;`
			`assert_eq!(resp.status(), 201);`
			`Ok(())`
			`}`

			`#[rstest]`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result<(), Error> {`
test: add integration tests (#36) 2022-06-12 03:43:50 +03:00			`let resp = reqwest::blocking::get(server.url())?;`
			`assert_eq!(resp.status(), 200);`
			`Ok(())`
			`}`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00
fix: remove Method::Options auth check (#168) * fix: remove Method::Options auth check * add tests --------- Co-authored-by: sigoden <sigoden@gmail.com> 2023-02-19 07:30:14 +03:00			`#[rstest]`
			`fn auth_skip_on_options_method(`
			`#[with(&["--auth", "/@user:pass"])] server: TestServer,`
			`) -> Result<(), Error> {`
			`let url = format!("{}index.html", server.url());`
			`let resp = fetch!(b"OPTIONS", &url).send()?;`
			`assert_eq!(resp.status(), 200);`
			`Ok(())`
			`}`

feat: ui improves the login experience (#182) close #157 #158 2023-02-21 07:42:40 +03:00			`#[rstest]`
			`fn auth_check(`
			`#[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,`
			`) -> Result<(), Error> {`
			`let url = format!("{}index.html?auth", server.url());`
			`let resp = fetch!(b"GET", &url).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;`
			`assert_eq!(resp.status(), 200);`
			`Ok(())`
			`}`

feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`#[rstest]`
			`fn auth_readonly(`
			`#[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,`
			`) -> Result<(), Error> {`
			`let url = format!("{}index.html", server.url());`
			`let resp = fetch!(b"GET", &url).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;`
			`assert_eq!(resp.status(), 200);`
			`let url = format!("{}file1", server.url());`
			`let resp = fetch!(b"PUT", &url)`
			`.body(b"abc".to_vec())`
			`.send_with_digest_auth("user2", "pass2")?;`
			`assert_eq!(resp.status(), 401);`
			`Ok(())`
			`}`

			`#[rstest]`
			`fn auth_nest(`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`#[with(&["--auth", "/@user:pass@user2:pass2", "--auth", "/dir1@user3:pass3", "-A"])]`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`server: TestServer,`
			`) -> Result<(), Error> {`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`let url = format!("{}dir1/file1", server.url());`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"PUT", &url)`
			`.body(b"abc".to_vec())`
			`.send_with_digest_auth("user3", "pass3")?;`
			`assert_eq!(resp.status(), 201);`
			`let resp = fetch!(b"PUT", &url)`
			`.body(b"abc".to_vec())`
			`.send_with_digest_auth("user", "pass")?;`
			`assert_eq!(resp.status(), 201);`
			`Ok(())`
			`}`

			`#[rstest]`
			`fn auth_nest_share(`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`#[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,`
feat: path level access control (#52) BREAKING CHANGE: `--auth` is changed, `--no-auth-access` is removed 2022-06-19 06:26:03 +03:00			`) -> Result<(), Error> {`
			`let url = format!("{}index.html", server.url());`
			`let resp = fetch!(b"GET", &url).send()?;`
			`assert_eq!(resp.status(), 200);`
			`Ok(())`
			`}`
feat: added basic auth (#60) * some small css fixes and changes * added basic auth https://stackoverflow.com/a/9534652/3642588 * most tests are passing * fixed all the tests * maybe now CI will pass * implemented sigoden's suggestions * test basic auth * fixed some little things 2022-06-20 06:25:09 +03:00
			`#[rstest]`
			`fn auth_basic(`
			`#[with(&["--auth", "/@user:pass", "--auth-method", "basic", "-A"])] server: TestServer,`
			`) -> Result<(), Error> {`
			`let url = format!("{}file1", server.url());`
			`let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"PUT", &url)`
			`.body(b"abc".to_vec())`
			`.basic_auth("user", Some("pass"))`
			`.send()?;`
			`assert_eq!(resp.status(), 201);`
			`Ok(())`
			`}`
feat: check permission on move/copy destination (#93) 2022-07-04 18:25:05 +03:00
			`#[rstest]`
			`fn auth_webdav_move(`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`#[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,`
feat: check permission on move/copy destination (#93) 2022-07-04 18:25:05 +03:00			`) -> Result<(), Error> {`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`let origin_url = format!("{}dir1/test.html", server.url());`
feat: check permission on move/copy destination (#93) 2022-07-04 18:25:05 +03:00			`let new_url = format!("{}test2.html", server.url());`
			`let resp = fetch!(b"MOVE", &origin_url)`
			`.header("Destination", &new_url)`
			`.send_with_digest_auth("user3", "pass3")?;`
			`assert_eq!(resp.status(), 403);`
			`Ok(())`
			`}`

			`#[rstest]`
			`fn auth_webdav_copy(`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`#[with(&["--auth", "/@user:pass@*", "--auth", "/dir1@user3:pass3", "-A"])] server: TestServer,`
feat: check permission on move/copy destination (#93) 2022-07-04 18:25:05 +03:00			`) -> Result<(), Error> {`
chore: improve code quanity 2022-12-11 10:18:44 +03:00			`let origin_url = format!("{}dir1/test.html", server.url());`
feat: check permission on move/copy destination (#93) 2022-07-04 18:25:05 +03:00			`let new_url = format!("{}test2.html", server.url());`
			`let resp = fetch!(b"COPY", &origin_url)`
			`.header("Destination", &new_url)`
			`.send_with_digest_auth("user3", "pass3")?;`
			`assert_eq!(resp.status(), 403);`
			`Ok(())`
			`}`
fix: auth not works with --path-prefix (#138) close #137 2022-10-08 04:14:42 +03:00
			`#[rstest]`
			`fn auth_path_prefix(`
			`#[with(&["--auth", "/@user:pass", "--path-prefix", "xyz", "-A"])] server: TestServer,`
			`) -> Result<(), Error> {`
			`let url = format!("{}xyz/index.html", server.url());`
			`let resp = fetch!(b"GET", &url).send()?;`
			`assert_eq!(resp.status(), 401);`
			`let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;`
			`assert_eq!(resp.status(), 200);`
			`Ok(())`
			`}`