You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

194 lines
6.3 KiB

  1. from django.test.utils import override_settings
  2. from hc.api.models import Channel
  3. from hc.test import BaseTestCase
  4. class AddWebhookTestCase(BaseTestCase):
  5. def setUp(self):
  6. super().setUp()
  7. self.url = "/projects/%s/add_webhook/" % self.project.code
  8. def test_instructions_work(self):
  9. self.client.login(username="[email protected]", password="password")
  10. r = self.client.get(self.url)
  11. self.assertContains(r, "Executes an HTTP request")
  12. def test_it_saves_name(self):
  13. form = {
  14. "name": "Call foo.com",
  15. "method_down": "GET",
  16. "url_down": "http://foo.com",
  17. "method_up": "GET",
  18. "url_up": "",
  19. }
  20. self.client.login(username="[email protected]", password="password")
  21. r = self.client.post(self.url, form)
  22. self.assertRedirects(r, self.channels_url)
  23. c = Channel.objects.get()
  24. self.assertEqual(c.name, "Call foo.com")
  25. def test_it_adds_two_webhook_urls_and_redirects(self):
  26. form = {
  27. "method_down": "GET",
  28. "url_down": "http://foo.com",
  29. "method_up": "GET",
  30. "url_up": "https://bar.com",
  31. }
  32. self.client.login(username="[email protected]", password="password")
  33. r = self.client.post(self.url, form)
  34. self.assertRedirects(r, self.channels_url)
  35. c = Channel.objects.get()
  36. self.assertEqual(c.project, self.project)
  37. self.assertEqual(c.down_webhook_spec["url"], "http://foo.com")
  38. self.assertEqual(c.up_webhook_spec["url"], "https://bar.com")
  39. def test_it_adds_webhook_using_team_access(self):
  40. form = {
  41. "method_down": "GET",
  42. "url_down": "http://foo.com",
  43. "method_up": "GET",
  44. "url_up": "https://bar.com",
  45. }
  46. # Logging in as bob, not alice. Bob has team access so this
  47. # should work.
  48. self.client.login(username="[email protected]", password="password")
  49. self.client.post(self.url, form)
  50. c = Channel.objects.get()
  51. self.assertEqual(c.project, self.project)
  52. self.assertEqual(c.down_webhook_spec["url"], "http://foo.com")
  53. self.assertEqual(c.up_webhook_spec["url"], "https://bar.com")
  54. def test_it_rejects_bad_urls(self):
  55. urls = [
  56. # clearly not an URL
  57. "foo",
  58. # FTP addresses not allowed
  59. "ftp://example.org",
  60. # no loopback
  61. "http://localhost:1234/endpoint",
  62. "http://127.0.0.1/endpoint",
  63. ]
  64. self.client.login(username="[email protected]", password="password")
  65. for url in urls:
  66. form = {
  67. "method_down": "GET",
  68. "url_down": url,
  69. "method_up": "GET",
  70. "url_up": "",
  71. }
  72. r = self.client.post(self.url, form)
  73. self.assertContains(r, "Enter a valid URL.", msg_prefix=url)
  74. self.assertEqual(Channel.objects.count(), 0)
  75. def test_it_handles_empty_down_url(self):
  76. form = {
  77. "method_down": "GET",
  78. "url_down": "",
  79. "method_up": "GET",
  80. "url_up": "http://foo.com",
  81. }
  82. self.client.login(username="[email protected]", password="password")
  83. self.client.post(self.url, form)
  84. c = Channel.objects.get()
  85. self.assertEqual(c.down_webhook_spec["url"], "")
  86. self.assertEqual(c.up_webhook_spec["url"], "http://foo.com")
  87. def test_it_adds_request_body(self):
  88. form = {
  89. "method_down": "POST",
  90. "url_down": "http://foo.com",
  91. "body_down": "hello",
  92. "method_up": "GET",
  93. }
  94. self.client.login(username="[email protected]", password="password")
  95. r = self.client.post(self.url, form)
  96. self.assertRedirects(r, self.channels_url)
  97. c = Channel.objects.get()
  98. self.assertEqual(c.down_webhook_spec["body"], "hello")
  99. def test_it_adds_headers(self):
  100. form = {
  101. "method_down": "GET",
  102. "url_down": "http://foo.com",
  103. "headers_down": "test:123\ntest2:abc",
  104. "method_up": "GET",
  105. }
  106. self.client.login(username="[email protected]", password="password")
  107. r = self.client.post(self.url, form)
  108. self.assertRedirects(r, self.channels_url)
  109. c = Channel.objects.get()
  110. self.assertEqual(
  111. c.down_webhook_spec["headers"], {"test": "123", "test2": "abc"}
  112. )
  113. def test_it_rejects_bad_headers(self):
  114. self.client.login(username="[email protected]", password="password")
  115. form = {
  116. "method_down": "GET",
  117. "url_down": "http://example.org",
  118. "headers_down": "invalid-header\nfoo:bar",
  119. "method_up": "GET",
  120. }
  121. r = self.client.post(self.url, form)
  122. self.assertContains(r, """invalid-header""")
  123. self.assertEqual(Channel.objects.count(), 0)
  124. def test_it_strips_headers(self):
  125. form = {
  126. "method_down": "GET",
  127. "url_down": "http://foo.com",
  128. "headers_down": " test : 123 ",
  129. "method_up": "GET",
  130. }
  131. self.client.login(username="[email protected]", password="password")
  132. r = self.client.post(self.url, form)
  133. self.assertRedirects(r, self.channels_url)
  134. c = Channel.objects.get()
  135. self.assertEqual(c.down_webhook_spec["headers"], {"test": "123"})
  136. def test_it_rejects_both_empty(self):
  137. self.client.login(username="[email protected]", password="password")
  138. form = {
  139. "method_down": "GET",
  140. "url_down": "",
  141. "method_up": "GET",
  142. "url_up": "",
  143. }
  144. r = self.client.post(self.url, form)
  145. self.assertContains(r, "Enter a valid URL.")
  146. self.assertEqual(Channel.objects.count(), 0)
  147. def test_it_requires_rw_access(self):
  148. self.bobs_membership.role = "r"
  149. self.bobs_membership.save()
  150. self.client.login(username="[email protected]", password="password")
  151. r = self.client.get(self.url)
  152. self.assertEqual(r.status_code, 403)
  153. @override_settings(WEBHOOKS_ENABLED=False)
  154. def test_it_handles_disabled_integration(self):
  155. self.client.login(username="[email protected]", password="password")
  156. r = self.client.get(self.url)
  157. self.assertEqual(r.status_code, 404)