aboutsummaryrefslogtreecommitdiff
path: root/test/tc_mauve_web_interface.rb
blob: 54c9697354672008902ce1ffe0c84d6287a4e6e8 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
$:.unshift "../lib"

require 'th_mauve'
require 'th_mauve_resolv'

require 'mauve/alert'
require 'mauve/proto'
require 'mauve/server'
require 'mauve/configuration'
require 'mauve/configuration_builder'
require 'mauve/configuration_builders'

require 'rack/test'

ENV['RACK_ENV'] = 'test'

class WebInterfaceTest < Mauve::UnitTest
  include Rack::Test::Methods
  include Mauve

  SESSION_KEY="mauvealert"

  class SessionData
    def initialize(cookies)
      @cookies = cookies
      @data = cookies[WebInterfaceTest::SESSION_KEY]
      if @data
        @data = @data.unpack("m*").first
        @data = Marshal.load(@data)
      else
        @data = {}
      end
    end
    
    def [](key)
      @data[key]
    end
    
    def []=(key, value)
      @data[key] = value
      session_data = Marshal.dump(@data)
      session_data = [session_data].pack("m*")
      @cookies.merge("#{WebInterfaceTest::SESSION_KEY}=#{Rack::Utils.escape(session_data)}", URI.parse("//example.org//"))
      raise "session variable not set" unless @cookies[WebInterfaceTest::SESSION_KEY] == session_data
    end
  end
  
  def session
    SessionData.new(rack_test_session.instance_variable_get(:@rack_mock_session).cookie_jar)
  end

  def setup
    super
    setup_database

    config =<<EOF
server {
  hostname "localhost"
  database "sqlite::memory:"
  initial_sleep 0

  web_interface {
    document_root "#{File.expand_path(File.join(File.dirname(__FILE__),".."))}"
  }
}

person ("test1") {
  password "#{Digest::SHA1.new.hexdigest("goodpassword")}"
  all { true }
}

source_list "example_hosts", %w(test-1.example.com test-2.example.com www.example.com www2.example.com)

alert_group("test") {
  includes{ in_source_list?("example_hosts") }

  level LOW

  notify("test1") {
    every 10.minutes
  }

}

alert_group("default") {
  level URGENT

  notify("test1") {
    every 10.minutes
  }
}
EOF

    Configuration.current = ConfigurationBuilder.parse(config)
    Server.instance.setup
  end

  def teardown
    teardown_database
    super
  end

  def app
    Rack::Session::Cookie.new(WebInterface.new, :key => WebInterfaceTest::SESSION_KEY, :secret => "testing-1234")
  end

  def test_log_in
    # Check we get the login page when going to "/" before logging in.
    get '/'
    follow_redirect!  while last_response.redirect?
    assert last_response.ok?
    assert last_response.body.include?("Mauve: Login")
    assert session['__FLASH__'].empty?
    
    # Check we can access this page before logging in.
    get '/alerts'
    assert(session['__FLASH__'].has_key?(:error),"The flash error wasn't set following forbidden access")
    follow_redirect!  while last_response.redirect?
    assert_equal(403, last_response.status, "The HTTP status wasn't 403")
    assert last_response.body.include?("Mauve: Login")
    assert session['__FLASH__'].empty?

    #
    # Try to falsify our login.
    #
    session['username'] = "test1"
    get '/alerts'
    assert(session['__FLASH__'].has_key?(:error),"The flash error wasn't set following forbidden access")
    follow_redirect!  while last_response.redirect?
    assert_equal(403, last_response.status, "The HTTP status wasn't 403")
    assert last_response.body.include?("Mauve: Login")
    assert session['__FLASH__'].empty?

    #
    # OK login with a bad password
    #
    post '/login', :username => 'test1', :password => 'badpassword'
    assert_equal(401, last_response.status, "A bad login did not produce a 401 response")
    assert(last_response.body.include?("Mauve: Login"))
    assert(session['__FLASH__'].has_key?(:error),"The flash error wasn't set")

    #
    # This last login attempt produces two warning messages (one for each auth
    # type), so pop them both off the logger.
    #
    logger_pop ; logger_pop

    post '/login', :username => 'test1', :password => 'goodpassword'
    follow_redirect!  while last_response.redirect?
    assert last_response.body.include?('Mauve: ')
    assert last_response.ok?

    get '/logout'
    follow_redirect!  while last_response.redirect?
    assert last_response.ok?
  end

  def test_alerts_show_subject
    post '/login', :username => 'test1', :password => 'goodpassword'
    follow_redirect!  while last_response.redirect?
    assert last_response.body.include?('Mauve: ')

    a = Alert.new(:source => "www.example.com", :alert_id => "test_raise!")
    a.raise!

    get '/alerts/raised/subject'
  end

end