diff --git a/config/initializers/00_settings.rb b/config/initializers/00_settings.rb index 79bc439..6bfc783 100644 --- a/config/initializers/00_settings.rb +++ b/config/initializers/00_settings.rb @@ -1,41 +1,47 @@ WebDNS.settings[:soa_defaults] = { primary_ns: 'ns1.example.com', contact: 'domainmaster@example.com', serial: 1, refresh: 10_800, retry: 3600, expire: 604_800, nx: 3600 } WebDNS.settings[:default_ns] = [ 'ns1.example.com', 'ns2.example.com' ] WebDNS.settings[:dnssec] = true WebDNS.settings[:dnssec_parent_authorities] = { webdns: { valid: -> (parent) { Domain.find_by_name(parent) } # Check if parent is self-hosted }, papaki: { valid: -> (parent) { parent.split('.').size == 1 } # TLDs } } +# Testing helper +WebDNS.settings[:dnssec_parent_authorities].merge!( + test_authority: { + valid: -> (parent) { true } + } +) if Rails.env.test? WebDNS.settings[:serial_strategy] = Strategies::Date WebDNS.settings[:prohibit_records_types] = [] WebDNS.settings[:prohibit_domain_types] = ['NATIVE'] WebDNS.settings[:contact_mail] = 'webdns@example.com' WebDNS.settings[:mail_from] = 'webdns@example.com' WebDNS.settings[:admin_group] = 'admin' WebDNS.settings[:saml] = false WebDNS.settings[:saml_required_entitlement] = 'webdns' WebDNS.settings[:saml_login_text] = 'Login with SAML' # Allow local overrides local_settings = File.expand_path('../../local_settings.rb', __FILE__) require_relative local_settings if File.exist?(local_settings) diff --git a/test/models/domain_test.rb b/test/models/domain_test.rb index ec82793..7b6433a 100644 --- a/test/models/domain_test.rb +++ b/test/models/domain_test.rb @@ -1,228 +1,238 @@ require 'test_helper' class DomainTest < ActiveSupport::TestCase def setup @domain = build(:domain) end test 'automatic SOA creation' do @domain.save! @domain.reload assert_not_nil @domain.soa end test 'increment serial on new record' do @domain.save! soa = @domain.soa assert_serial_update soa do www = A.new(name: 'www', domain: @domain, content: '1.2.3.4') www.save! end end test 'increment serial on record update' do @domain.save! www = A.new(name: 'www', domain: @domain, content: '1.2.3.4') www.save! soa = @domain.soa.reload assert_serial_update soa do www.content = '1.2.3.5' www.save! end end test 'automatic NS creation' do @domain.save! @domain.reload assert_equal WebDNS.settings[:default_ns].sort, @domain.records.where(type: 'NS').pluck(:content).sort end test 'increment serial on record destroy' do @domain.save! www = A.new(name: 'www', domain: @domain, content: '1.2.3.4') www.save! soa = @domain.soa.reload assert_serial_update soa do www.destroy! end end class SlaveDomainTest < ActiveSupport::TestCase def setup @domain = build(:slave) end test 'saves' do @domain.save assert_empty @domain.errors end test 'automatic SOA creation' do @domain.save! @domain.reload assert_not_nil @domain.soa assert_equal 1, @domain.soa.serial end test 'validates master' do @domain.master = 'not-an-ip' @domain.save assert_not_empty @domain.errors['master'] end test 'no records are allowed for users' do @domain.save! rec = build(:a, domain_id: @domain.id) assert_not rec.valid? assert_not_empty rec.errors[:type] end end class StatesDomainTest < ActiveSupport::TestCase def setup @domain = build(:domain) + @policy = create(:dnssec_policy) end test 'domain lifetime' do assert_equal 'initial', @domain.state # Create assert_jobs do @domain.save! # user triggered assert_equal 'pending_install', @domain.state end @domain.installed # job triggered assert_equal 'operational', @domain.state # Convert to dnssec (sign) assert_jobs do - assert @domain.dnssec_sign # user triggered + @domain.dnssec = true + @domain.dnssec_policy = @policy + @domain.dnssec_parent = @domain.name.split('.', 2).last + @domain.dnssec_parent_authority = 'test_authority' + @domain.save! + + # After commit is not triggered in tests, + # so we have to trigger it manually + @domain.send(:after_commit_event) + assert_equal 'pending_signing', @domain.state end assert_jobs do assert @domain.signed # job triggered assert_equal 'wait_for_ready', @domain.state end # Convert to dnssec (publish ds) assert_jobs do - assert @domain.push_ds([:dss1, :dss2]) # triggered by schedule-ds script + assert @domain.push_ds(['dss1', 'dss2']) # triggered by schedule-ds script assert_equal 'pending_ds', @domain.state end assert @domain.converted # job triggered assert_equal 'operational', @domain.state # KSK rollover assert_jobs do - assert @domain.push_ds([:dss3, :dss4]) # triggered by schedule-ds script + assert @domain.push_ds(['dss3', 'dss4']) # triggered by schedule-ds script assert_equal 'pending_ds_rollover', @domain.state end assert @domain.complete_rollover # job triggered assert_equal 'operational', @domain.state # Convert to plain assert_jobs do assert @domain.plain_convert # user triggered assert_equal 'pending_plain', @domain.state end assert @domain.converted # job triggered assert_equal 'operational', @domain.state # Remove assert_jobs do assert @domain.remove # user triggered assert_equal 'pending_remove', @domain.state end assert @domain.cleaned_up # job triggered assert_equal 'destroy', @domain.state end end class DsDomainTest < ActiveSupport::TestCase def setup @domain = create(:domain) @ds = [ '31406 8 1 189968811e6eba862dd6c209f75623d8d9ed9142', '31406 8 2 f78cf3344f72137235098ecbbd08947c2c9001c7f6a085a17f518b5d8f6b916d', ] @child = "dnssec.#{@domain.name}" @extra = DS.create(domain: @domain, name: @child, content: 'other') end test 'add ds records' do Domain.replace_ds(@domain.name, @child, @ds) @extra.save! # Should be deleted assert_equal @ds.size, DS.where(name: "dnssec.#{@domain.name}").count @ds.each { |ds| assert_equal 1, DS.where(name: "dnssec.#{@domain.name}", content: ds).count } end test 'check if child is a valid subdomain' do assert_raise Domain::NotAChild do Domain.replace_ds(@domain.name, 'dnssec.example.net', @ds) end end end class BulkTest < ActiveSupport::TestCase def setup @domain = create(:domain) @a = create(:a, domain: @domain) @aaaa = create(:aaaa, domain: @domain) @new = build(:mx, domain: @domain) end def valid_changes @valid_changes ||= begin {}.tap { |c| c[:deletes] = [@a.id] c[:changes] = { @aaaa.id => { content: '::42' }} c[:additions] = { 1 => @new.as_bulky_json } } end end def invalid_changes @invalid_changes ||= begin {}.tap { |c| c[:deletes] = [Record.maximum(:id) + 1] c[:changes] = { @aaaa.id => { content: '1.2.3.4' }} c[:additions] = { 1 => @new.as_bulky_json.update(prio: -1) } } end end test 'apply changes not' do err = @domain.bulk invalid_changes assert_not_empty err assert_includes err[:deletes][Record.maximum(:id) + 1], 'record not found' assert_includes err[:changes][@aaaa.id], 'not a valid IPv6' assert_includes err[:additions][1], 'not a valid DNS priority' end test 'apply changes' do err = @domain.bulk valid_changes @domain.reload @aaaa.reload assert_empty err assert_empty @domain.records.where(id: @a.id) assert_equal '::42', @aaaa.content assert_equal 1, @domain.records.where(type: :mx).count end end end