zulip/zerver/tests/test_external.py

# -*- coding: utf-8 -*-
from __future__ import absolute_import
from django.conf import settings
from django.core.exceptions import ValidationError
from django.http import HttpResponse
from django.test import TestCase

from zerver.forms import email_is_not_mit_mailing_list

from zerver.lib.rate_limiter import (
    add_ratelimit_rule,
    clear_user_history,
    remove_ratelimit_rule,
)

from zerver.lib.actions import compute_mit_user_fullname
from zerver.lib.test_classes import (
    ZulipTestCase,
)
from zerver.models import get_user_profile_by_email
from zerver.lib.test_runner import slow

import DNS
import mock
import time
import ujson

from six.moves import urllib
from six.moves import range
from typing import Text

class MITNameTest(TestCase):
    def test_valid_hesiod(self):
        # type: () -> None
        with mock.patch('DNS.dnslookup', return_value=[['starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash']]):
            self.assertEquals(compute_mit_user_fullname("starnine@mit.edu"), "Athena Consulting Exchange User")
        with mock.patch('DNS.dnslookup', return_value=[['sipbexch:*:87824:101:Exch Sipb,,,:/mit/sipbexch:/bin/athena/bash']]):
            self.assertEquals(compute_mit_user_fullname("sipbexch@mit.edu"), "Exch Sipb")

    def test_invalid_hesiod(self):
        # type: () -> None
        with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):
            self.assertEquals(compute_mit_user_fullname("1234567890@mit.edu"), "1234567890@mit.edu")
        with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):
            self.assertEquals(compute_mit_user_fullname("ec-discuss@mit.edu"), "ec-discuss@mit.edu")

    def test_mailinglist(self):
        # type: () -> None
        with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):
            self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "1234567890@mit.edu")
        with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):
            self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "ec-discuss@mit.edu")

    def test_notmailinglist(self):
        # type: () -> None
        with mock.patch('DNS.dnslookup', return_value=[['POP IMAP.EXCHANGE.MIT.EDU starnine']]):
            email_is_not_mit_mailing_list("sipbexch@mit.edu")

class RateLimitTests(ZulipTestCase):

    def setUp(self):
        # type: () -> None
        settings.RATE_LIMITING = True
        add_ratelimit_rule(1, 5)

    def tearDown(self):
        # type: () -> None
        settings.RATE_LIMITING = False
        remove_ratelimit_rule(1, 5)

    def send_api_message(self, email, content):
        # type: (Text, Text) -> HttpResponse
        return self.client_post("/api/v1/messages", {"type": "stream",
                                                     "to": "Verona",
                                                     "client": "test suite",
                                                     "content": content,
                                                     "subject": "Test subject"},
                                **self.api_auth(email))

    def test_headers(self):
        # type: () -> None
        email = "hamlet@zulip.com"
        user = get_user_profile_by_email(email)
        clear_user_history(user)

        result = self.send_api_message(email, "some stuff")
        self.assertTrue('X-RateLimit-Remaining' in result)
        self.assertTrue('X-RateLimit-Limit' in result)
        self.assertTrue('X-RateLimit-Reset' in result)

    def test_ratelimit_decrease(self):
        # type: () -> None
        email = "hamlet@zulip.com"
        user = get_user_profile_by_email(email)
        clear_user_history(user)
        result = self.send_api_message(email, "some stuff")
        limit = int(result['X-RateLimit-Remaining'])

        result = self.send_api_message(email, "some stuff 2")
        newlimit = int(result['X-RateLimit-Remaining'])
        self.assertEqual(limit, newlimit + 1)

    @slow('has to sleep to work')
    def test_hit_ratelimits(self):
        # type: () -> None
        email = "cordelia@zulip.com"
        user = get_user_profile_by_email(email)
        clear_user_history(user)

        for i in range(6):
            result = self.send_api_message(email, "some stuff %s" % (i,))

        self.assertEqual(result.status_code, 429)
        json = ujson.loads(result.content)
        self.assertEqual(json.get("result"), "error")
        self.assertIn("API usage exceeded rate limit, try again in", json.get("msg"))
        self.assertTrue('Retry-After' in result)
        self.assertIn(result['Retry-After'], json.get("msg"))

        # We actually wait a second here, rather than force-clearing our history,
        # to make sure the rate-limiting code automatically forgives a user
        # after some time has passed.
        time.sleep(1)

        result = self.send_api_message(email, "Good message")

        self.assert_json_success(result)
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`# -- coding: utf-8 --`
			`from __future__ import absolute_import`
			`from django.conf import settings`
			`from django.core.exceptions import ValidationError`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`from django.http import HttpResponse`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`from django.test import TestCase`

forms.py: Refactor MIT mailing list check into a modern style. No change to behavior. non_mit_mailing_list never returned False, so it was never possible to reach the line "Otherwise, the user is an MIT mailing list, and .." 2016-11-06 00:29:55 +01:00			`from zerver.forms import email_is_not_mit_mailing_list`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`from zerver.lib.rate_limiter import (`
			`add_ratelimit_rule,`
			`clear_user_history,`
			`remove_ratelimit_rule,`
			`)`

			`from zerver.lib.actions import compute_mit_user_fullname`
tests: Split out ZulipTestCase and WebhookTestCase to a separate file. Fixes #1671. 2016-11-10 19:30:09 +01:00			`from zerver.lib.test_classes import (`
			`ZulipTestCase,`
			`)`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`from zerver.models import get_user_profile_by_email`
			`from zerver.lib.test_runner import slow`

MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`import DNS`
			`import mock`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`import time`
			`import ujson`

zerver/tests/test_helpers.py: Use text_type for api_keys. Also encode/decode strings appropriately when using api_keys to generate basic auth header. Also fix clashing annotations in zerver/tests/test_external.py. 2016-06-28 22:20:38 +02:00			`from six.moves import urllib`
Apply Python 3 futurize transform libmodernize.fixes.fix_xrange_six. 2015-11-01 17:15:05 +01:00			`from six.moves import range`
mypy: Convert zerver/tests/ to use typing.Text. 2016-12-04 18:38:56 +01:00			`from typing import Text`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`class MITNameTest(TestCase):`
			`def test_valid_hesiod(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`with mock.patch('DNS.dnslookup', return_value=[['starnine:*:84233:101:Athena Consulting Exchange User,,,:/mit/starnine:/bin/bash']]):`
			`self.assertEquals(compute_mit_user_fullname("starnine@mit.edu"), "Athena Consulting Exchange User")`
			`with mock.patch('DNS.dnslookup', return_value=[['sipbexch:*:87824:101:Exch Sipb,,,:/mit/sipbexch:/bin/athena/bash']]):`
			`self.assertEquals(compute_mit_user_fullname("sipbexch@mit.edu"), "Exch Sipb")`

Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`def test_invalid_hesiod(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):`
			`self.assertEquals(compute_mit_user_fullname("1234567890@mit.edu"), "1234567890@mit.edu")`
			`with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):`
			`self.assertEquals(compute_mit_user_fullname("ec-discuss@mit.edu"), "ec-discuss@mit.edu")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`def test_mailinglist(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):`
forms.py: Refactor MIT mailing list check into a modern style. No change to behavior. non_mit_mailing_list never returned False, so it was never possible to reach the line "Otherwise, the user is an MIT mailing list, and .." 2016-11-06 00:29:55 +01:00			`self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "1234567890@mit.edu")`
MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`with mock.patch('DNS.dnslookup', side_effect=DNS.Base.ServerError('DNS query status: NXDOMAIN', 3)):`
forms.py: Refactor MIT mailing list check into a modern style. No change to behavior. non_mit_mailing_list never returned False, so it was never possible to reach the line "Otherwise, the user is an MIT mailing list, and .." 2016-11-06 00:29:55 +01:00			`self.assertRaises(ValidationError, email_is_not_mit_mailing_list, "ec-discuss@mit.edu")`
pep8: Fix E301 pep8 violations. Fix "E301: expected (1 or 2) blank line" pep8 violations. 2016-11-29 07:22:02 +01:00
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`def test_notmailinglist(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
MITNameTest: Mock network access from Hesiod lookups. The purpose of these tests is to check the logic, not that DNS is working on the relevant machine. 2016-04-28 07:17:10 +02:00			`with mock.patch('DNS.dnslookup', return_value=[['POP IMAP.EXCHANGE.MIT.EDU starnine']]):`
forms.py: Refactor MIT mailing list check into a modern style. No change to behavior. non_mit_mailing_list never returned False, so it was never possible to reach the line "Otherwise, the user is an MIT mailing list, and .." 2016-11-06 00:29:55 +01:00			`email_is_not_mit_mailing_list("sipbexch@mit.edu")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
tests: Renamed AuthedTestCase to ZulipTestCase. 2016-08-23 02:08:42 +02:00			`class RateLimitTests(ZulipTestCase):`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`def setUp(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`settings.RATE_LIMITING = True`
			`add_ratelimit_rule(1, 5)`

			`def tearDown(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`settings.RATE_LIMITING = False`
			`remove_ratelimit_rule(1, 5)`

RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`def send_api_message(self, email, content):`
mypy: Convert zerver/tests/ to use typing.Text. 2016-12-04 18:38:56 +01:00			`# type: (Text, Text) -> HttpResponse`
Remove legacy /api/v1/send_message endpoint. This was the original way to send messages via the Zulip API in the very early days of Zulip, but was replaced by the REST API back in 2013. Fixes: #730. 2016-09-27 21:41:42 +02:00			`return self.client_post("/api/v1/messages", {"type": "stream",`
			`"to": "Verona",`
			`"client": "test suite",`
			`"content": content,`
			`"subject": "Test subject"},`
			`**self.api_auth(email))`

Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`def test_headers(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`email = "hamlet@zulip.com"`
			`user = get_user_profile_by_email(email)`
			`clear_user_history(user)`

RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`result = self.send_api_message(email, "some stuff")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`self.assertTrue('X-RateLimit-Remaining' in result)`
			`self.assertTrue('X-RateLimit-Limit' in result)`
			`self.assertTrue('X-RateLimit-Reset' in result)`

			`def test_ratelimit_decrease(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`email = "hamlet@zulip.com"`
			`user = get_user_profile_by_email(email)`
			`clear_user_history(user)`
RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`result = self.send_api_message(email, "some stuff")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`limit = int(result['X-RateLimit-Remaining'])`

RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`result = self.send_api_message(email, "some stuff 2")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`newlimit = int(result['X-RateLimit-Remaining'])`
			`self.assertEqual(limit, newlimit + 1)`

Remove expected_run_time from @slow test decorator. 2016-07-29 21:06:22 +02:00			`@slow('has to sleep to work')`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`def test_hit_ratelimits(self):`
Annotate test_external and test_signup. 2016-06-04 20:14:05 +02:00			`# type: () -> None`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`email = "cordelia@zulip.com"`
			`user = get_user_profile_by_email(email)`
			`clear_user_history(user)`

			`for i in range(6):`
RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`result = self.send_api_message(email, "some stuff %s" % (i,))`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
Use a different status code and include seconds remaining header in ratelimits This will make it slightly easier to consume the data from our clients. Ref: RFC 6585 §4 (imported from commit 6d323dc25db78a6d84a163add950f039e03e73d3) 2014-03-07 16:47:30 +01:00			`self.assertEqual(result.status_code, 429)`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00			`json = ujson.loads(result.content)`
			`self.assertEqual(json.get("result"), "error")`
			`self.assertIn("API usage exceeded rate limit, try again in", json.get("msg"))`
Use a different status code and include seconds remaining header in ratelimits This will make it slightly easier to consume the data from our clients. Ref: RFC 6585 §4 (imported from commit 6d323dc25db78a6d84a163add950f039e03e73d3) 2014-03-07 16:47:30 +01:00			`self.assertTrue('Retry-After' in result)`
			`self.assertIn(result['Retry-After'], json.get("msg"))`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`# We actually wait a second here, rather than force-clearing our history,`
			`# to make sure the rate-limiting code automatically forgives a user`
			`# after some time has passed.`
			`time.sleep(1)`

RateLimitTests: Remove now-unnecessary API key logic. 2016-09-27 23:27:36 +02:00			`result = self.send_api_message(email, "Good message")`
Extract test_external.py (imported from commit 838dd34f101025ba161291992a56972cd374104b) 2014-01-31 18:53:33 +01:00
			`self.assert_json_success(result)`