tests

irrdnet · May 10, 2023 · 1db3a22 · 1db3a22
1 parent dbd6dca
commit 1db3a22
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 8 deletions.
diff --git a/irrd/storage/models.py b/irrd/storage/models.py
@@ -1,5 +1,4 @@
 import enum
-from typing import List, Optional
 
 import sqlalchemy as sa
 from IPy import IP
@@ -420,11 +419,6 @@ class AuthApiToken(Base):  # type: ignore
     def __repr__(self):
         return f"<{self.token}/{self.name}/{self.mntner.rpsl_mntner_pk if self.mntner else None}>"
 
-    def ip_restriction_parsed(self) -> Optional[List[IP]]:
-        if not self.ip_restriction:
-            return None
-        return [IP(ip) for ip in self.ip_restriction.split(",")]
-
     def valid_for(self, origin: AuthoritativeChangeOrigin, remote_ip: IP):
         if not any(
             [

diff --git a/irrd/updates/tests/test_validators.py b/irrd/updates/tests/test_validators.py
@@ -3,6 +3,7 @@
 from unittest.mock import Mock
 
 import pytest
+from IPy import IP
 
 from irrd.conf import AUTH_SET_CREATION_COMMON_KEY, RPSL_MNTNER_AUTH_INTERNAL
 from irrd.rpsl.rpsl_objects import rpsl_object_from_text
@@ -165,14 +166,13 @@ def test_valid_new_person_api_key(self, prepare_mocks, monkeypatch):
             ]
         )
         mock_api_key = AuthApiTokenFactory.build()
-        print(mock_api_key)
-        mock_sa_session.all = lambda: [mock_api_key]
         monkeypatch.setattr("irrd.updates.validators.saorm.Session", lambda bind: mock_sa_session)
 
         mock_dh._connection = None
         mock_dh.execute_query = lambda q: [
             {"object_class": "mntner", "object_text": SAMPLE_MNTNER},
         ]
+        mock_sa_session.all = lambda: [mock_api_key]
 
         validator.api_keys = ["key"]
         result = validator.process_auth(person, None)
@@ -190,6 +190,30 @@ def test_valid_new_person_api_key(self, prepare_mocks, monkeypatch):
             ]
         )
 
+        validator.origin = AuthoritativeChangeOrigin.webui
+        result = validator.process_auth(person, None)
+        assert not result.is_valid(), result.error_messages
+
+        validator.origin = AuthoritativeChangeOrigin.email
+        result = validator.process_auth(person, None)
+        assert result.is_valid(), result.error_messages
+
+        mock_api_key.enabled_email = False
+        validator.origin = AuthoritativeChangeOrigin.email
+        result = validator.process_auth(person, None)
+        assert not result.is_valid(), result.error_messages
+
+        mock_api_key.ip_restriction = "192.0.2.0/26,192.0.2.64/26"
+        validator.remote_ip = IP("192.0.2.1")
+        validator.origin = AuthoritativeChangeOrigin.webapi
+        result = validator.process_auth(person, None)
+        assert result.is_valid(), result.error_messages
+
+        validator.remote_ip = IP("192.0.2.200")
+        validator.origin = AuthoritativeChangeOrigin.webapi
+        result = validator.process_auth(person, None)
+        assert not result.is_valid(), result.error_messages
+
     def test_existing_person_mntner_change(self, prepare_mocks):
         validator, mock_dq, mock_dh = prepare_mocks
         # TEST-MNT is in both maintainers