swift/test/unit/common/middleware/test_name_check.py

# Copyright (c) 2012 OpenStack Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

'''
Unit tests for Name_check filter

Created on February 29, 2012

@author: eamonn-otoole
'''

import numbers
import unittest

from swift.common.swob import Request, Response
from swift.common.middleware import name_check
from swift.common import utils

MAX_LENGTH = 255
FORBIDDEN_CHARS = '\'\"<>`'
FORBIDDEN_REGEXP = r"/\./|/\.\./|/\.$|/\.\.$"


class FakeApp(object):

    def __call__(self, env, start_response):
        return Response(body="OK")(env, start_response)


class TestNameCheckMiddleware(unittest.TestCase):

    def setUp(self):
        self.conf = {'maximum_length': MAX_LENGTH, 'forbidden_chars':
                     FORBIDDEN_CHARS, 'forbidden_regexp': FORBIDDEN_REGEXP}
        self.test_check = name_check.filter_factory(self.conf)(FakeApp())

    def test_valid_length_and_character(self):
        path = '/V1.0/' + 'c' * (MAX_LENGTH - 6)
        resp = Request.blank(path, environ={'REQUEST_METHOD': 'PUT'}
                             ).get_response(self.test_check)
        self.assertEqual(resp.body, b'OK')

    def test_invalid_character(self):
        for c in self.conf['forbidden_chars']:
            path = '/V1.0/1234' + c + '5'
            resp = Request.blank(
                path, environ={'REQUEST_METHOD': 'PUT'}).get_response(
                    self.test_check)
            self.assertEqual(
                resp.body,
                ("Object/Container/Account name contains forbidden chars "
                 "from %s" % self.conf['forbidden_chars']).encode('utf8'))
            self.assertEqual(resp.status_int, 400)

    def test_maximum_length_from_config(self):
        # test invalid length
        app = name_check.filter_factory({'maximum_length': "500"})(FakeApp())
        path = '/V1.0/a/c/' + 'o' * (500 - 9)
        resp = Request.blank(path, environ={'REQUEST_METHOD': 'PUT'}
                             ).get_response(app)
        self.assertEqual(
            resp.body,
            ("Object/Container/Account name longer than the allowed "
             "maximum 500").encode('utf-8'))
        self.assertEqual(resp.status_int, 400)

        # test valid length
        path = '/V1.0/a/c/' + 'o' * (500 - 10)
        resp = Request.blank(path, environ={'REQUEST_METHOD': 'PUT'}
                             ).get_response(app)
        self.assertEqual(resp.status_int, 200)
        self.assertEqual(resp.body, b'OK')

    def test_invalid_length(self):
        path = '/V1.0/' + 'c' * (MAX_LENGTH - 5)
        resp = Request.blank(path, environ={'REQUEST_METHOD': 'PUT'}
                             ).get_response(self.test_check)
        self.assertEqual(
            resp.body,
            ("Object/Container/Account name longer than the allowed maximum %s"
             % self.conf['maximum_length']).encode('utf-8'))
        self.assertEqual(resp.status_int, 400)

    def test_invalid_regexp(self):
        for s in [r'/.', r'/..', r'/./foo', r'/../foo']:
            path = '/V1.0/' + s
            resp = Request.blank(
                path, environ={'REQUEST_METHOD': 'PUT'}).get_response(
                    self.test_check)
            self.assertEqual(
                resp.body,
                ("Object/Container/Account name contains a forbidden "
                 "substring from regular expression %s"
                 % self.conf['forbidden_regexp']).encode('utf-8'))
            self.assertEqual(resp.status_int, 400)

    def test_valid_regexp(self):
        for s in [r'/...', r'/.\.', r'/foo']:
            path = '/V1.0/' + s
            resp = Request.blank(
                path, environ={'REQUEST_METHOD': 'PUT'}).get_response(
                    self.test_check)
            self.assertEqual(resp.body, b'OK')


class TestSwiftInfo(unittest.TestCase):
    def setUp(self):
        utils._swift_info = {}
        utils._swift_admin_info = {}

    def test_registered_defaults(self):
        name_check.filter_factory({})(FakeApp())
        swift_info = utils.get_swift_info()
        self.assertTrue('name_check' in swift_info)
        self.assertTrue(isinstance(
            swift_info['name_check'].get('maximum_length'),
            numbers.Integral))
        self.assertTrue(isinstance(
            swift_info['name_check'].get('forbidden_chars'),
            str))
        self.assertTrue(isinstance(
            swift_info['name_check'].get('forbidden_regexp'),
            str))

    def test_registered_configured_options(self):
        conf = {'maximum_length': 512,
                'forbidden_chars': '\'\"`',
                'forbidden_regexp': r"/\./|/\.\./|/\.$"}
        name_check.filter_factory(conf)(FakeApp())
        swift_info = utils.get_swift_info()
        self.assertTrue('name_check' in swift_info)
        self.assertEqual(swift_info['name_check'].get('maximum_length'), 512)
        self.assertEqual(set(swift_info['name_check'].get('forbidden_chars')),
                         set('\'\"`'))
        self.assertEqual(swift_info['name_check'].get('forbidden_regexp'),
                         r"/\./|/\.\./|/\.$")

if __name__ == '__main__':
    unittest.main()