From: Nick Porter Date: Mon, 8 Jan 2024 12:34:11 +0000 (+0000) Subject: Remove Tmp- attributes from rest module tests X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c9392d2fd92cafefa33e6b70f1268ca8b0add03c;p=thirdparty%2Ffreeradius-server.git Remove Tmp- attributes from rest module tests --- diff --git a/scripts/ci/openresty/json-api.lua b/scripts/ci/openresty/json-api.lua index 96a2429ecad..5b6c471b75b 100644 --- a/scripts/ci/openresty/json-api.lua +++ b/scripts/ci/openresty/json-api.lua @@ -93,8 +93,8 @@ end Api.endpoint('POST', '/user//mac/', function(body, keyData) local returnData = {} - returnData["control.Tmp-String-0"] = uriArgs.section - returnData["control.Tmp-String-1"] = { + returnData["control.Filter-Id"] = uriArgs.section + returnData["control.Callback-Id"] = { reqMethod, reqPath } @@ -106,7 +106,7 @@ Api.endpoint('POST', '/user//mac/', op = "+=", value = body.NAS or body['NAS-IP-Address'].value } - returnData["control.Tmp-String-2"] = { + returnData["control.Login-LAT-Node"] = { op = "^=", value = keyData.username } @@ -118,8 +118,8 @@ Api.endpoint('POST', '/user//mac/', Api.endpoint('GET', '/user//mac/', function(body, keyData) local returnData = {} - returnData["control.Tmp-String-0"] = uriArgs.section - returnData["control.Tmp-String-1"] = { + returnData["control.Filter-Id"] = uriArgs.section + returnData["control.Callback-Id"] = { reqMethod, reqPath } @@ -127,7 +127,7 @@ Api.endpoint('GET', '/user//mac/', op = ":=", value = keyData.username } - returnData["control.Tmp-String-2"] = { + returnData["control.Login-LAT-Node"] = { op = "^=", value = keyData.username } diff --git a/src/tests/modules/rest/rest_module.unlang b/src/tests/modules/rest/rest_module.unlang index 91ec41f1bd8..91e328b8883 100644 --- a/src/tests/modules/rest/rest_module.unlang +++ b/src/tests/modules/rest/rest_module.unlang @@ -1,5 +1,5 @@ -# Pre-set Tmp-String-2 to check correct operator behaviour -&control.Tmp-String-2 := "foo" +# Pre-set Login-LAT-Node to check correct operator behaviour +&control.Login-LAT-Node := "foo" # Test "authorize" rest call. Uses http to a GET end point rest @@ -10,15 +10,15 @@ if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -if (!(&control.Tmp-String-0 == "authorize")) { +if (!(&control.Filter-Id == "authorize")) { test_fail } -if (!(&control.Tmp-String-1 == "GET")) { +if (!(&control.Callback-Id == "GET")) { test_fail } -if (!(&control.Tmp-String-1[*] == "/user//mac/")) { +if (!(&control.Callback-Id[*] == "/user//mac/")) { test_fail } @@ -26,19 +26,20 @@ if (!(&control.User-Name == "Bob")) { test_fail } -# The "op" for setting Tmp-String-2 is ^= -if (!(&control.Tmp-String-2[0] == "Bob") || !(&control.Tmp-String-2[1] == "foo")) { +# The "op" for setting Login-LAT-Node is ^= +if (!(&control.Login-LAT-Node[0] == "Bob") || !(&control.Login-LAT-Node[1] == "foo")) { test_fail } # Reset control attributes -&control -= &Tmp-String-0[*] -&control -= &Tmp-String-1[*] +&control -= &Filter-Id[*] +&control -= &Callback-Id[*] &control -= &User-Name[*] # Pre-fill NAS-IP-Address to check operator behaviour &control.NAS-IP-Address := "10.0.0.10" - +test_pass +handled # Test "accounting" rest call. Uses https to a POST end point rest.accounting @@ -46,15 +47,15 @@ if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -if (!(&control.Tmp-String-0 == "accounting")) { +if (!(&control.Filter-Id == "accounting")) { test_fail } -if (!(&control.Tmp-String-1 == "POST")) { +if (!(&control.Callback-Id == "POST")) { test_fail } -if (!(&control.Tmp-String-1[*] == "/user//mac/")) { +if (!(&control.Callback-Id[*] == "/user//mac/")) { test_fail } @@ -62,7 +63,7 @@ if (!(&control.User-Name == "Bob")) { test_fail } -if (!(&control.Tmp-String-2[0] == "Bob") || !(&control.Tmp-String-2[1] == "Bob") || !(&control.Tmp-String-2[2] == "foo")) { +if (!(&control.Login-LAT-Node[0] == "Bob") || !(&control.Login-LAT-Node[1] == "Bob") || !(&control.Login-LAT-Node[2] == "foo")) { test_fail } diff --git a/src/tests/modules/rest/rest_xlat.attrs b/src/tests/modules/rest/rest_xlat.attrs index ac7da710bdb..7d5d35458e6 100644 --- a/src/tests/modules/rest/rest_xlat.attrs +++ b/src/tests/modules/rest/rest_xlat.attrs @@ -9,7 +9,7 @@ NAS-IP-Address = '192.168.1.1' Login-IP-Host = 127.0.0.1 NAS-Port = 8080 Calling-Station-Id = 'dummy&unsafe=escaped' -Tmp-String-9 = '' +NAS-Identifier = '' # # Expected answer diff --git a/src/tests/modules/rest/rest_xlat.unlang b/src/tests/modules/rest/rest_xlat.unlang index f7da05d24f4..ba75842fd62 100644 --- a/src/tests/modules/rest/rest_xlat.unlang +++ b/src/tests/modules/rest/rest_xlat.unlang @@ -1,57 +1,62 @@ # # PRE rest_module eval # +string server_host +uint32 server_port +uint32 server_ssl_port +string test_string +string result_string -&Tmp-String-0 := "$ENV{REST_TEST_SERVER}" -&Tmp-Integer-0 := "$ENV{REST_TEST_SERVER_PORT}" -&Tmp-Integer-1 := "$ENV{REST_TEST_SERVER_SSL_PORT}" -&Tmp-String-1 := "notfound" +&server_host := "$ENV{REST_TEST_SERVER}" +&server_port := "$ENV{REST_TEST_SERVER_PORT}" +&server_ssl_port := "$ENV{REST_TEST_SERVER_SSL_PORT}" +&test_string := 'notfound' # Retrieve a plain text file -&control.Tmp-String-1 := "%(rest:GET http://%{Tmp-String-0}:%{Tmp-Integer-0}/test.txt)" +&result_string := %rest('GET', "http://%{server_host}:%{server_port}/test.txt") if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -if (!(&control.Tmp-String-1 == "Sample text response\n")) { +if (!(&result_string == "Sample text response\n")) { test_fail } # Take host from incoming packet -&control.Tmp-String-1 := "%(rest:http://%{Login-IP-Host}:%{Tmp-Integer-0}/test.txt)" +&result_string := %rest("http://%{Login-IP-Host}:%{server_port}/test.txt") -if (!(&REST-HTTP-Status-Code == 200) || !(&control.Tmp-String-1 == "Sample text response\n")) { +if (!(&REST-HTTP-Status-Code == 200) || !(&result_string == "Sample text response\n")) { test_fail } # Port is not allowed from incoming packet -&control.Tmp-String-1 := "%(rest:http://%{Tmp-String-0}:%{NAS-Port}/test.txt)" +&result_string := %rest("http://%{server_host}:%{NAS-Port}/test.txt") -if (!(&Module-Failure-Message == "Failed escaping URI: Tainted value not allowed for port") || !(&control.Tmp-String-1 == "")) { +if (!(&Module-Failure-Message == "Failed escaping URI: Tainted value not allowed for port") || &result_string) { test_fail } # Check a "not found" gives a 404 status code -&control.Tmp-String-1 := "%(rest:GET http://%{Tmp-String-0}:%{Tmp-Integer-0}/%{Tmp-String-1})" +&result_string := %rest('GET', "http://%{server_host}:%{server_port}/%{test_string}") if (!(&REST-HTTP-Status-Code == 404)) { test_fail } # GET with URL parameters -&Tmp-String-2 := "%(rest:GET http://%{Tmp-String-0}:%{Tmp-Integer-0}/user/%{User-Name}/mac/%{Called-Station-Id})" +&test_string := %rest('GET', "http://%{server_host}:%{server_port}/user/%{User-Name}/mac/%{Called-Station-Id}") if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -map json &Tmp-String-2 { - &control.Tmp-String-1 := '$.control\.Tmp-String-1' +map json &test_string { + &control.Callback-Id := '$.control\.Callback-Id' &control.User-Name := '$.control\.User-Name.value' } -if (!(&control.Tmp-String-1 == "[ \"GET\", \"\\/user\\/\\/mac\\/\" ]")) { +if !(&control.Callback-Id == '[ "GET", "\/user\\/\/mac\/" ]') { test_fail } @@ -59,33 +64,33 @@ if (!(&control.User-Name == "Bob")) { test_fail } -&control.Tmp-String-3 := 'dummy' +&control.User-Name := 'dummy' # Directly use json map and prepend the returned value -map json "%(rest:GET http://%{Tmp-String-0}:%{Tmp-Integer-0}/user/%{User-Name}/mac/%{Called-Station-Id})" { - &control.Tmp-String-3 ^= '$.control\.User-Name.value' +map json %rest('GET', "http://%{server_host}:%{server_port}/user/%{User-Name}/mac/%{Called-Station-Id}") { + &control.User-Name ^= '$.control\.User-Name.value' } -if (!(&control.Tmp-String-3[0] == 'Bob') || !(&control.Tmp-String-3[1] == 'dummy')) { +if (!(&control.User-Name[0] == 'Bob') || !(&control.User-Name[1] == 'dummy')) { test_fail } -&control.Tmp-String-2 = %json.encode('&request.NAS-IP-Address') +&test_string := %json.encode('&request.NAS-IP-Address') # POST to https with JSON body data -&Tmp-String-2 := "%(rest:POST https://%{Tmp-String-0}:%{Tmp-Integer-1}/user/%{User-Name}/mac/%{Called-Station-Id}?section=accounting %{control.Tmp-String-2})" +&result_string := %rest('POST', "https://%{server_host}:%{server_ssl_port}/user/%{User-Name}/mac/%{Called-Station-Id}?section=accounting", %{test_string}) if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -map json &Tmp-String-2 { - &control.Tmp-String-1 := '$.control\.Tmp-String-1' +map json &result_string { + &control.Callback-Id := '$.control\.Callback-Id' &control.User-Name := '$.control\.User-Name.value' &control.NAS-IP-Address := '$.control\.NAS-IP-Address.value' } -if (!(&control.Tmp-String-1 == "[ \"POST\", \"\\/user\\/\\/mac\\/\" ]")) { +if (!(&control.Callback-Id == '[ "POST", "\/user\/\/mac\/" ]')) { test_fail } @@ -97,44 +102,44 @@ if (!(&control.NAS-IP-Address == "192.168.1.1")) { test_fail } -&control.Tmp-String-2 := "NAS=%{NAS-IP-Address}&user=%{User-Name}" +&result_string := "NAS=%{NAS-IP-Address}&user=%{User-Name}" # POST to https with POST body data -&Tmp-String-2 := "%(rest:POST https://%{Tmp-String-0}:%{Tmp-Integer-1}/post/test?section=dummy %{control.Tmp-String-2})" +&result_string := %rest('POST', "https://%{server_host}:%{server_ssl_port}/post/test?section=dummy", %{result_string}) if (!(&REST-HTTP-Status-Code == 200)) { test_fail } -if (!(&Tmp-String-2 == "Section: dummy, User: Bob\n")) { +if (!(&result_string == "Section: dummy, User: Bob\n")) { test_fail } # URI with tainted values in the arguments - input argument includes URI argument # separator - make sure this doesn't end up generating extra arguments, but gets escaped. -&Tmp-String-2 := "%(rest:GET http://%{Tmp-String-0}:%{Tmp-Integer-0}/user/%{User-Name}/reflect/?station=%{Calling-Station-Id})" +&result_string := %rest('GET', "http://%{server_host}:%{server_port}/user/%{User-Name}/reflect/?station=%{Calling-Station-Id}") -if (!(&Tmp-String-2 == "{\"station\":\"dummy&unsafe=escaped\"}\n" )) { +if (!(&result_string == "{\"station\":\"dummy&unsafe=escaped\"}\n" )) { test_fail } # Zero length untainted value - check parsing doesn't break on zero length string -&Tmp-String-8 := "" -&Tmp-String-2 := "%(rest:http://%{Tmp-String-0}:%{Tmp-Integer-0}/user/%{User-Name}/reflect/%{Tmp-String-8}?station=%{User-Name})" +&test_string := "" +&result_string := "%(rest:http://%{server_host}:%{server_port}/user/%{User-Name}/reflect/%{test_string}?station=%{User-Name})" -if (!(&Tmp-String-2 == "{\"station\":\"Bob\"}\n" )) { +if (!(&result_string == "{\"station\":\"Bob\"}\n" )) { test_fail } # Zero length tainted value - check escaping doesn't break on zero length string -&Tmp-String-2 := "%(rest:http://%{Tmp-String-0}:%{Tmp-Integer-0}/user/%{User-Name}/reflect/%{Tmp-String-9}?station=%{Called-Station-Id})" +&result_string := "%(rest:http://%{server_host}:%{server_port}/user/%{User-Name}/reflect/%{NAS-Identifier}?station=%{Called-Station-Id})" -if (!(&Tmp-String-2 == "{\"station\":\"aa:bb:cc:dd:ee:ff\"}\n" )) { +if (!(&result_string == "{\"station\":\"aa:bb:cc:dd:ee:ff\"}\n" )) { test_fail } # Test against endpoint which will time out -&Tmp-String-2 := "%(restshorttimeout:http://%{Tmp-String-0}:%{Tmp-Integer-0}/delay)" +&result_string := "%(restshorttimeout:http://%{server_host}:%{server_port}/delay)" if (&REST-HTTP-Status-Code) { test_fail