2020-06-16 16:12:40 -04:00
|
|
|
using System;
|
2019-12-22 18:18:42 -05:00
|
|
|
using System.Collections.Generic;
|
2020-06-16 16:12:40 -04:00
|
|
|
using System.Globalization;
|
|
|
|
|
using System.Net;
|
2019-12-22 18:18:42 -05:00
|
|
|
using System.Security.Claims;
|
|
|
|
|
using System.Threading.Tasks;
|
|
|
|
|
using AutoFixture;
|
|
|
|
|
using AutoFixture.AutoMoq;
|
|
|
|
|
using Jellyfin.Api.Auth.FirstTimeSetupOrElevatedPolicy;
|
|
|
|
|
using Jellyfin.Api.Constants;
|
2020-06-16 16:12:40 -04:00
|
|
|
using Jellyfin.Data.Entities;
|
|
|
|
|
using Jellyfin.Data.Enums;
|
|
|
|
|
using Jellyfin.Server.Implementations.Users;
|
2019-12-22 18:18:42 -05:00
|
|
|
using MediaBrowser.Common.Configuration;
|
2020-06-16 16:12:40 -04:00
|
|
|
using MediaBrowser.Controller.Library;
|
2019-12-22 18:18:42 -05:00
|
|
|
using MediaBrowser.Model.Configuration;
|
|
|
|
|
using Microsoft.AspNetCore.Authorization;
|
2020-06-16 16:12:40 -04:00
|
|
|
using Microsoft.AspNetCore.Http;
|
2019-12-22 18:18:42 -05:00
|
|
|
using Moq;
|
|
|
|
|
using Xunit;
|
|
|
|
|
|
|
|
|
|
namespace Jellyfin.Api.Tests.Auth.FirstTimeSetupOrElevatedPolicy
|
|
|
|
|
{
|
|
|
|
|
public class FirstTimeSetupOrElevatedHandlerTests
|
|
|
|
|
{
|
2020-06-16 16:12:40 -04:00
|
|
|
/// <summary>
|
|
|
|
|
/// 127.0.0.1.
|
|
|
|
|
/// </summary>
|
|
|
|
|
private const long InternalIp = 16777343;
|
|
|
|
|
|
|
|
|
|
/// <summary>
|
|
|
|
|
/// 1.1.1.1.
|
|
|
|
|
/// </summary>
|
|
|
|
|
/// private const long ExternalIp = 16843009;
|
2019-12-22 18:18:42 -05:00
|
|
|
private readonly Mock<IConfigurationManager> _configurationManagerMock;
|
|
|
|
|
private readonly List<IAuthorizationRequirement> _requirements;
|
|
|
|
|
private readonly FirstTimeSetupOrElevatedHandler _sut;
|
2020-06-16 16:12:40 -04:00
|
|
|
private readonly Mock<IUserManager> _userManagerMock;
|
|
|
|
|
private readonly Mock<IHttpContextAccessor> _httpContextAccessor;
|
2019-12-22 18:18:42 -05:00
|
|
|
|
|
|
|
|
public FirstTimeSetupOrElevatedHandlerTests()
|
|
|
|
|
{
|
|
|
|
|
var fixture = new Fixture().Customize(new AutoMoqCustomization());
|
|
|
|
|
_configurationManagerMock = fixture.Freeze<Mock<IConfigurationManager>>();
|
2020-03-24 11:12:06 -04:00
|
|
|
_requirements = new List<IAuthorizationRequirement> { new FirstTimeSetupOrElevatedRequirement() };
|
2020-06-16 16:12:40 -04:00
|
|
|
_userManagerMock = fixture.Freeze<Mock<IUserManager>>();
|
|
|
|
|
_httpContextAccessor = fixture.Freeze<Mock<IHttpContextAccessor>>();
|
2019-12-22 18:18:42 -05:00
|
|
|
|
|
|
|
|
_sut = fixture.Create<FirstTimeSetupOrElevatedHandler>();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[InlineData(UserRoles.Administrator)]
|
|
|
|
|
[InlineData(UserRoles.Guest)]
|
|
|
|
|
[InlineData(UserRoles.User)]
|
|
|
|
|
public async Task ShouldSucceedIfStartupWizardIncomplete(string userRole)
|
|
|
|
|
{
|
|
|
|
|
SetupConfigurationManager(false);
|
2020-06-16 16:12:40 -04:00
|
|
|
var (user, claims) = SetupUser(userRole);
|
|
|
|
|
|
|
|
|
|
_userManagerMock.Setup(u => u.GetUserById(It.IsAny<Guid>()))
|
|
|
|
|
.Returns(user);
|
|
|
|
|
|
|
|
|
|
_httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress)
|
|
|
|
|
.Returns(new IPAddress(InternalIp));
|
|
|
|
|
|
|
|
|
|
var context = new AuthorizationHandlerContext(_requirements, claims, null);
|
2019-12-22 18:18:42 -05:00
|
|
|
|
|
|
|
|
await _sut.HandleAsync(context);
|
|
|
|
|
Assert.True(context.HasSucceeded);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
[Theory]
|
|
|
|
|
[InlineData(UserRoles.Administrator, true)]
|
|
|
|
|
[InlineData(UserRoles.Guest, false)]
|
|
|
|
|
[InlineData(UserRoles.User, false)]
|
|
|
|
|
public async Task ShouldRequireAdministratorIfStartupWizardComplete(string userRole, bool shouldSucceed)
|
|
|
|
|
{
|
|
|
|
|
SetupConfigurationManager(true);
|
2020-06-16 16:12:40 -04:00
|
|
|
var (user, claims) = SetupUser(userRole);
|
|
|
|
|
|
|
|
|
|
_userManagerMock.Setup(u => u.GetUserById(It.IsAny<Guid>()))
|
|
|
|
|
.Returns(user);
|
|
|
|
|
|
|
|
|
|
_httpContextAccessor.Setup(h => h.HttpContext.Connection.RemoteIpAddress)
|
|
|
|
|
.Returns(new IPAddress(InternalIp));
|
|
|
|
|
|
|
|
|
|
var context = new AuthorizationHandlerContext(_requirements, claims, null);
|
2019-12-22 18:18:42 -05:00
|
|
|
|
|
|
|
|
await _sut.HandleAsync(context);
|
|
|
|
|
Assert.Equal(shouldSucceed, context.HasSucceeded);
|
|
|
|
|
}
|
|
|
|
|
|
2020-06-16 16:12:40 -04:00
|
|
|
private static (User, ClaimsPrincipal) SetupUser(string role)
|
2019-12-22 18:18:42 -05:00
|
|
|
{
|
2020-06-16 16:12:40 -04:00
|
|
|
var user = new User(
|
|
|
|
|
"jellyfin",
|
|
|
|
|
typeof(DefaultAuthenticationProvider).FullName,
|
|
|
|
|
typeof(DefaultPasswordResetProvider).FullName);
|
|
|
|
|
|
|
|
|
|
user.SetPermission(PermissionKind.IsAdministrator, role.Equals(UserRoles.Administrator, StringComparison.OrdinalIgnoreCase));
|
|
|
|
|
var claims = new[]
|
|
|
|
|
{
|
|
|
|
|
new Claim(ClaimTypes.Role, role),
|
|
|
|
|
new Claim(ClaimTypes.Name, "jellyfin"),
|
|
|
|
|
new Claim(InternalClaimTypes.UserId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)),
|
|
|
|
|
new Claim(InternalClaimTypes.DeviceId, Guid.Empty.ToString("N", CultureInfo.InvariantCulture)),
|
|
|
|
|
new Claim(InternalClaimTypes.Device, "test"),
|
|
|
|
|
new Claim(InternalClaimTypes.Client, "test"),
|
|
|
|
|
new Claim(InternalClaimTypes.Version, "test"),
|
|
|
|
|
new Claim(InternalClaimTypes.Token, "test"),
|
|
|
|
|
};
|
|
|
|
|
|
2019-12-22 18:18:42 -05:00
|
|
|
var identity = new ClaimsIdentity(claims);
|
2020-06-16 16:12:40 -04:00
|
|
|
return (user, new ClaimsPrincipal(identity));
|
2019-12-22 18:18:42 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private void SetupConfigurationManager(bool startupWizardCompleted)
|
|
|
|
|
{
|
|
|
|
|
var commonConfiguration = new BaseApplicationConfiguration
|
|
|
|
|
{
|
|
|
|
|
IsStartupWizardCompleted = startupWizardCompleted
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
_configurationManagerMock.Setup(c => c.CommonConfiguration)
|
|
|
|
|
.Returns(commonConfiguration);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
