154 lines
3.1 KiB
Go
154 lines
3.1 KiB
Go
// Copyright (C) 2019 Storj Labs, Inc.
|
|
// See LICENSE for copying information.
|
|
|
|
package trust_test
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"storj.io/storj/storagenode/trust"
|
|
)
|
|
|
|
func TestNewExcluderFailure(t *testing.T) {
|
|
for _, tt := range []struct {
|
|
name string
|
|
config string
|
|
err string
|
|
}{
|
|
{
|
|
name: "not a valid URL",
|
|
config: "://",
|
|
err: "exclusion: node URL error: parse ://: missing protocol scheme",
|
|
},
|
|
{
|
|
name: "host exclusion must not include a port",
|
|
config: "bar.test:7777",
|
|
err: "exclusion: host exclusion must not include a port",
|
|
},
|
|
{
|
|
name: "satellite URL exclusion must specify a port",
|
|
config: "121RTSDpyNZVcEU84Ticf2L1ntiuUimbWgfATz21tuvgk3vzoA6@bar.test",
|
|
err: "exclusion: satellite URL exclusion must specify a port",
|
|
},
|
|
} {
|
|
tt := tt // quiet linting
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
_, err := trust.NewExcluder(tt.config)
|
|
require.EqualError(t, err, tt.err)
|
|
})
|
|
}
|
|
|
|
}
|
|
|
|
func TestNewExcluder(t *testing.T) {
|
|
goodURL := makeSatelliteURL("foo.test")
|
|
badURL := makeSatelliteURL("b.bar.test")
|
|
|
|
for _, tt := range []struct {
|
|
name string
|
|
config string
|
|
}{
|
|
{
|
|
name: "filtered by id",
|
|
config: badURL.ID.String() + "@",
|
|
},
|
|
{
|
|
name: "filtered by root domain",
|
|
config: "bar.test",
|
|
},
|
|
{
|
|
name: "filtered by exact domain",
|
|
config: "b.bar.test",
|
|
},
|
|
{
|
|
name: "filtered by full url",
|
|
config: badURL.String(),
|
|
},
|
|
} {
|
|
tt := tt // quiet linting
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
excluder, err := trust.NewExcluder(tt.config)
|
|
require.NoError(t, err)
|
|
|
|
assert.True(t, excluder.IsTrusted(goodURL), "good URL should not be excluded")
|
|
assert.False(t, excluder.IsTrusted(badURL), "bad URL should be excluded")
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestHostExcluder(t *testing.T) {
|
|
for _, tt := range []struct {
|
|
exclusion string
|
|
host string
|
|
isTrusted bool
|
|
}{
|
|
{
|
|
exclusion: "foo.test",
|
|
host: "foo.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "foo.test",
|
|
host: "x.foo.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "foo.test",
|
|
host: ".foo.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "foo.test",
|
|
host: "foo.test.",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "x.bar.test",
|
|
host: "bar.test",
|
|
isTrusted: true,
|
|
},
|
|
{
|
|
exclusion: "x.bar.test",
|
|
host: "x.bar.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "x.bar.test",
|
|
host: "y.x.bar.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: ".baz.test",
|
|
host: "baz.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "baz.test.",
|
|
host: "baz.test",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "satellite",
|
|
host: "satellite",
|
|
isTrusted: false,
|
|
},
|
|
{
|
|
exclusion: "satellite",
|
|
host: "x.satellite",
|
|
isTrusted: true,
|
|
},
|
|
} {
|
|
tt := tt // quiet linting
|
|
name := fmt.Sprintf("%s-%s-%t", tt.exclusion, tt.host, tt.isTrusted)
|
|
t.Run(name, func(t *testing.T) {
|
|
excluder := trust.NewHostExcluder(tt.exclusion)
|
|
isTrusted := excluder.IsTrusted(trust.SatelliteURL{Host: tt.host})
|
|
assert.Equal(t, tt.isTrusted, isTrusted)
|
|
})
|
|
}
|
|
}
|