directus

agent-with-ip-validation.test.ts
99 строк · 2.7 Кб
Перенос по словам
1
import EventEmitter from 'node:events';
2
import { type Agent } from 'node:http';
3
import { afterEach, beforeEach, expect, test, vi, type Mock } from 'vitest';
4
import { agentWithIpValidation, type _Agent } from './agent-with-ip-validation.js';
5
import { isDeniedIp } from './is-denied-ip.js';
6

7
vi.mock('./is-denied-ip.js');
8

9
let mockSocket: EventEmitter & { destroy?: Mock };
10
let mockAgent: _Agent;
11

12
beforeEach(() => {
13
	mockSocket = new EventEmitter();
14
	mockSocket.destroy = vi.fn();
15

16
	const httpAgent = { createConnection: vi.fn().mockReturnValue(mockSocket) } as unknown as Agent;
17

18
	mockAgent = agentWithIpValidation(httpAgent) as _Agent;
19
});
20

21
afterEach(() => {
22
	vi.clearAllMocks();
23
});
24

25
test('Blocks request if host is missing', () => {
26
	const options = {};
27

28
	expect(() => mockAgent.createConnection(options, () => {})).toThrowError(
29
		`Request cannot be verified due to missing host`,
30
	);
31
});
32

33
test('Does not call IP check on createConnection if host is not an IP', () => {
34
	const options = { host: 'directus.io' };
35

36
	mockAgent.createConnection(options, () => {});
37

38
	expect(isDeniedIp).not.toHaveBeenCalled();
39
});
40

41
test('Calls IP check on createConnection if host is IP', async () => {
42
	const options = { host: '127.0.0.1' };
43

44
	mockAgent.createConnection(options, () => {});
45

46
	expect(isDeniedIp).toHaveBeenCalled();
47
});
48

49
test('Blocks on createConnection if IP is denied', async () => {
50
	vi.mocked(isDeniedIp).mockReturnValue(true);
51

52
	const options = { host: '127.0.0.1' };
53

54
	expect(() => mockAgent.createConnection(options, () => {})).toThrowError(
55
		`Requested domain "${options.host}" resolves to a denied IP address`,
56
	);
57
});
58

59
test('Blocks on resolve if IP is denied', async () => {
60
	vi.mocked(isDeniedIp).mockReturnValue(true);
61

62
	const options = { host: 'baddomain' };
63

64
	mockAgent.createConnection(options, () => {});
65

66
	mockSocket.emit('lookup', null, '127.0.0.1');
67

68
	expect(mockSocket.destroy).toHaveBeenCalledWith(
69
		new Error(`Requested domain "${options.host}" resolves to a denied IP address`),
70
	);
71
});
72

73
test('Does not block on resolve if IP is allowed', async () => {
74
	vi.mocked(isDeniedIp).mockReturnValue(false);
75

76
	const options = { host: 'directus.io' };
77

78
	mockAgent.createConnection(options, () => {});
79

80
	mockSocket.emit('lookup', null, '127.0.0.1');
81

82
	expect(mockSocket.destroy).not.toHaveBeenCalled();
83
});
84

85
test('Checks each resolved IP', async () => {
86
	vi.mocked(isDeniedIp).mockReturnValueOnce(false);
87
	vi.mocked(isDeniedIp).mockReturnValueOnce(true);
88

89
	const options = { host: 'baddomain' };
90

91
	mockAgent.createConnection(options, () => {});
92

93
	mockSocket.emit('lookup', null, '192.158.1.38');
94
	mockSocket.emit('lookup', null, '127.0.0.1');
95

96
	expect(mockSocket.destroy).toHaveBeenCalledWith(
97
		new Error(`Requested domain "${options.host}" resolves to a denied IP address`),
98
	);
99
});
100
directus

Использование cookies
