ソースを参照

fix(dbapi): make sure different things don't compare equal, fixes #166

Co-Authored-By: Peter Thomassen <peter@desec.io>
Nils Wisiol 6 年 前
コミット
da8bf7d9f5

+ 1 - 0
api/api/settings.py

@@ -66,6 +66,7 @@ DATABASES = {
         },
         'TEST': {
             'CHARSET': 'utf8mb4',
+            'COLLATION': 'utf8mb4_bin',
         },
     },
 

+ 17 - 0
api/desecapi/tests/testdynupdateauthentication.py → api/desecapi/tests/testauthentication.py

@@ -39,3 +39,20 @@ class DynUpdateAuthenticationTestCase(DynDomainOwnerTestCase):
             '💩💩:💩💩',
         ]:
             self.assertDynDNS12Status(authorization=authorization, status=HTTP_401_UNAUTHORIZED)
+
+
+class TokenAuthenticationTestCase(DynDomainOwnerTestCase):
+
+    def _get_domains(self):
+        with self.assertPdnsNoRequestsBut(self.request_pdns_zone_retrieve_crypto_keys()):
+            return self.client.get(self.reverse('v1:domain-list'))
+
+    def assertAuthenticationStatus(self, status=HTTP_200_OK, token=''):
+        self._set_credentials_token_auth(self.client, token)
+        response = self._get_domains()
+        self.assertEqual(response.status_code, status, response)
+
+    def test_token_case_sensitive(self):
+        self.assertAuthenticationStatus(HTTP_200_OK, self.token.key)
+        self.assertAuthenticationStatus(HTTP_401_UNAUTHORIZED, self.token.key.upper())
+        self.assertAuthenticationStatus(HTTP_401_UNAUTHORIZED, self.token.key.lower())

+ 9 - 0
api/desecapi/tests/testrrsets.py

@@ -2,9 +2,11 @@ import operator
 from functools import reduce
 
 from django.conf import settings
+from django.core.exceptions import ValidationError
 from django.core.management import call_command
 from rest_framework import status
 
+from desecapi.models import RRset
 from desecapi.tests.base import DesecTestCase, DomainOwnerTestCase
 
 
@@ -126,6 +128,13 @@ class AuthenticatedRRSetTestCase(DomainOwnerTestCase):
                 kwargs, rr_sets
             ))
 
+    def test_uniqueness(self):
+        RRset(domain=self.my_domain, subname='aeroport', ttl=60, type='A').save()
+        with self.assertRaises(ValidationError):
+            RRset(domain=self.my_domain, subname='aeroport', ttl=60, type='A').save()
+        RRset(domain=self.my_domain, subname='AEROPORT', ttl=60, type='A').save()
+        RRset(domain=self.my_domain, subname='aéroport', ttl=100, type='A').save()
+
     def test_retrieve_my_rr_sets(self):
         for response in [
             self.client.get_rr_sets(self.my_domain.name),

+ 1 - 1
dbapi/initdb.d/00-init.sql.var

@@ -1,5 +1,5 @@
 -- deSEC user and domain database
-CREATE DATABASE desec CHARACTER SET utf8mb4;
+CREATE DATABASE desec CHARACTER SET utf8mb4 COLLATE utf8mb4_bin;
 CREATE USER 'desec'@'${DESECSTACK_IPV4_REAR_PREFIX16}.5.%' IDENTIFIED BY '${DESECSTACK_DBAPI_PASSWORD_desec}';
 GRANT SELECT, INSERT, UPDATE, DELETE, REFERENCES, INDEX, CREATE, ALTER, DROP ON desec.* TO 'desec'@'${DESECSTACK_IPV4_REAR_PREFIX16}.5.%';