rollout_control 0.0.1 → 0.0.2
Sign up to get free protection for your applications and to get access to all the features.
|
@@ -99,6 +99,29 @@ class RolloutControlTest < ActionDispatch::IntegrationTest
|
|
|
99
99
|
refute rollout.active?(:potato_gun, user(45))
|
|
100
100
|
end
|
|
101
101
|
|
|
102
|
+
test "protect API with basic auth" do
|
|
103
|
+
with_protected_app do
|
|
104
|
+
get '/rollout/features'
|
|
105
|
+
end
|
|
106
|
+
assert_response :unauthorized
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
test "can login with configured username and password" do
|
|
110
|
+
with_protected_app do
|
|
111
|
+
get '/rollout/features', {}, env_with_basic_auth
|
|
112
|
+
end
|
|
113
|
+
assert_response :success
|
|
114
|
+
end
|
|
115
|
+
|
|
116
|
+
test "unset basic auth username and password does not allow login" do
|
|
117
|
+
with_protected_app do
|
|
118
|
+
RolloutControl.basic_auth_username = ''
|
|
119
|
+
RolloutControl.basic_auth_password = ''
|
|
120
|
+
get '/rollout/features', {}, env_with_basic_auth
|
|
121
|
+
end
|
|
122
|
+
assert_response :unauthorized
|
|
123
|
+
end
|
|
124
|
+
|
|
102
125
|
private
|
|
103
126
|
|
|
104
127
|
def user(id)
|
|
@@ -108,4 +131,19 @@ class RolloutControlTest < ActionDispatch::IntegrationTest
|
|
|
108
131
|
def rollout
|
|
109
132
|
RolloutControl.rollout
|
|
110
133
|
end
|
|
134
|
+
|
|
135
|
+
def with_protected_app
|
|
136
|
+
RolloutControl.unprotected = false
|
|
137
|
+
RolloutControl.basic_auth_username = 'aaron'
|
|
138
|
+
RolloutControl.basic_auth_password = 'changeme'
|
|
139
|
+
yield
|
|
140
|
+
RolloutControl.unprotected = true
|
|
141
|
+
end
|
|
142
|
+
|
|
143
|
+
def env_with_basic_auth(username = 'aaron', password = 'changeme')
|
|
144
|
+
{
|
|
145
|
+
'ACCEPT' => 'application/json',
|
|
146
|
+
'HTTP_AUTHORIZATION' => "Basic #{Base64::encode64("#{username}:#{password}")}"
|
|
147
|
+
}
|
|
148
|
+
end
|
|
111
149
|
end
|