test connection establishment for non-members in restricted rooms
This commit is contained in:
parent
72e97dd374
commit
346ba14ec9
|
@ -84,3 +84,72 @@ func TestConnEstablishmentDeniedKey(t *testing.T) {
|
|||
|
||||
cancel()
|
||||
}
|
||||
|
||||
func TestConnEstablishmentDenyNonMembersRestrictedRoom(t *testing.T) {
|
||||
// defer leakcheck.Check(t)
|
||||
ctx, cancel := context.WithCancel(context.Background())
|
||||
theBots := createServerAndBots(t, ctx, 2)
|
||||
|
||||
r := require.New(t)
|
||||
a := assert.New(t)
|
||||
|
||||
const (
|
||||
indexSrv = iota
|
||||
indexA
|
||||
indexB
|
||||
)
|
||||
|
||||
serv := theBots[indexSrv].srv
|
||||
botA := theBots[indexA].srv
|
||||
botB := theBots[indexB].srv
|
||||
|
||||
// make sure we are running in restricted mode on the server
|
||||
err := serv.Config.SetPrivacyMode(ctx, roomdb.ModeRestricted)
|
||||
r.NoError(err)
|
||||
|
||||
// allow A, deny B
|
||||
theBots[indexSrv].srv.Members.Add(ctx, botA.Whoami(), roomdb.RoleMember)
|
||||
// since we want to verify denying connections for non members in a restricte room, let us:
|
||||
// a) NOT add B as a member
|
||||
// theBots[indexSrv].srv.Members.Add(ctx, botB.Whoami(), roomdb.RoleMember)
|
||||
|
||||
// hack: allow bots to dial the server
|
||||
theBots[indexA].srv.Members.Add(ctx, serv.Whoami(), roomdb.RoleMember)
|
||||
theBots[indexB].srv.Members.Add(ctx, serv.Whoami(), roomdb.RoleMember)
|
||||
|
||||
// dial up B->A and C->A
|
||||
// should work (we allowed A)
|
||||
err = botA.Network.Connect(ctx, serv.Network.GetListenAddr())
|
||||
r.NoError(err, "connect A to the Server")
|
||||
|
||||
// shouldn't work (we banned B)
|
||||
err = botB.Network.Connect(ctx, serv.Network.GetListenAddr())
|
||||
r.NoError(err, "connect B to the Server") // we dont see an error because it just establishes the tcp connection
|
||||
|
||||
t.Log("letting handshaking settle..")
|
||||
time.Sleep(1 * time.Second)
|
||||
|
||||
var srvWho struct {
|
||||
ID refs.FeedRef
|
||||
}
|
||||
|
||||
endpointB, has := botB.Network.GetEndpointFor(serv.Whoami())
|
||||
r.False(has, "botB has an endpoint for the server!")
|
||||
if endpointB != nil {
|
||||
a.Nil(endpointB, "should not have an endpoint on B (B is not a member, and the server is restricted)")
|
||||
err = endpointB.Async(ctx, &srvWho, muxrpc.TypeJSON, muxrpc.Method{"whoami"})
|
||||
r.Error(err)
|
||||
t.Log(srvWho.ID.Ref())
|
||||
}
|
||||
|
||||
endpointA, has := botA.Network.GetEndpointFor(serv.Whoami())
|
||||
r.True(has, "botA has no endpoint for the server")
|
||||
|
||||
err = endpointA.Async(ctx, &srvWho, muxrpc.TypeJSON, muxrpc.Method{"whoami"})
|
||||
r.NoError(err)
|
||||
|
||||
t.Log("server whoami:", srvWho.ID.Ref())
|
||||
a.True(serv.Whoami().Equal(&srvWho.ID))
|
||||
|
||||
cancel()
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue