package com.github.vonnagy.service.container.http.directives
import java.net.InetAddress
import akka.http.scaladsl.model.headers._
import akka.http.scaladsl.model.{RemoteAddress, StatusCodes}
import com.github.vonnagy.service.container.Specs2RouteTest
import com.github.vonnagy.service.container.http.routing.Rejection.NotFoundRejection
import org.specs2.mutable.Specification
/**
* Created by Ivan von Nagy on 1/20/15.
*/
class CIDRDirectivesSpec extends Specification with CIDRDirectives with Specs2RouteTest {
val yeah = complete("Yeah!")
def remoteAddress(ip: String) = RemoteAddress(InetAddress.getByName(ip))
"CIDRDirectives" should {
"allow call when no allows or denies" in {
Get() ~> addHeaders(`Remote-Address`(remoteAddress("192.168.1.1"))) ~> {
cidrFilter(Seq(), Seq()) {
yeah
}
} ~> check {
handled === true
status === StatusCodes.OK
}
}
"allow call when no denies, but matches allow" in {
Get() ~> addHeaders(`Remote-Address`(remoteAddress("192.168.1.1"))) ~> {
cidrFilter(Seq("192.168.1.1/1"), Seq()) {
yeah
}
} ~> check {
handled === true
status === StatusCodes.OK
}
}
"allow call when does not match deny, but matches allow" in {
Get() ~> addHeaders(`Remote-Address`(remoteAddress("192.168.1.1"))) ~> {
cidrFilter(Seq("192.168.1.1/1"), Seq("10.0.0.1/1")) {
yeah
}
} ~> check {
handled === true
status === StatusCodes.OK
}
}
"disallow call when no denies and does not match allow" in {
Get() ~> addHeaders(`Remote-Address`(remoteAddress("192.168.1.1"))) ~> {
cidrFilter(Seq("127.0.0.1/1"), Seq()) {
yeah
}
} ~> check {
handled must beFalse
rejections.size must beEqualTo(1)
rejections.head must be equalTo(NotFoundRejection("The requested resource could not be found"))
}
}
"disallow call when matches a deny" in {
Get() ~> addHeaders(`Remote-Address`(remoteAddress("10.0.0.1"))) ~> {
cidrFilter(Seq("192.168.1.1/1"), Seq("10.0.0.1/1")) {
yeah
}
} ~> check {
handled must beFalse
rejections.size must beEqualTo(1)
rejections.head must be equalTo(NotFoundRejection("The requested resource could not be found"))
}
}
"disallow because there is no remote address header that has been injected" in {
Get() ~> {
cidrFilter(Seq(), Seq()) {
yeah
}
} ~> check {
handled must beFalse
rejections.size must beEqualTo(1)
rejections.head must be equalTo(NotFoundRejection("The requested resource could not be found"))
}
}
}
}
