closes #5465, blacklist tests

2025-11-18 03:31:03 +01:00 · 2017-02-22 14:53:44 +03:00
parent 5c01c7b1c7
commit 2dac3d2292
4 changed files with 107 additions and 23 deletions
--- a/src/meta/blacklist.js
+++ b/src/meta/blacklist.js
@@ -3,15 +3,18 @@
 var ip = require('ip');
 var winston = require('winston');
 var async = require('async');
 var db = require('../database');
 var pubsub = require('../pubsub');
 var Blacklist = {
-		_rules: []
+	_rules: []
-	};
+};
 Blacklist.load = function (callback) {
 	callback = callback || function () {};
 	async.waterfall([
-		async.apply(db.get, 'ip-blacklist-rules'),
+		async.apply(Blacklist.get),
 		async.apply(Blacklist.validate)
 	], function (err, rules) {
 		if (err) {
@@ -33,13 +36,18 @@ Blacklist.load = function (callback) {
 	});
 };
 pubsub.on('blacklist:reload', Blacklist.load);
 Blacklist.save = function (rules, callback) {
-	db.set('ip-blacklist-rules', rules, function (err) {
+	async.waterfall([
-		if (err) {
+		function (next) {
-			return callback(err);
+			db.set('ip-blacklist-rules', rules, next);
 		},
 		function (next) {
 			pubsub.publish('blacklist:reload');
 			next();
 		}
-		Blacklist.load(callback);
+	], callback);
 	});
 };
 Blacklist.get = function (callback) {
@@ -48,14 +56,14 @@ Blacklist.get = function (callback) {
 Blacklist.test = function (clientIp, callback) {
 	if (
-		Blacklist._rules.ipv4.indexOf(clientIp) === -1	// not explicitly specified in ipv4 list
+		Blacklist._rules.ipv4.indexOf(clientIp) === -1	&&// not explicitly specified in ipv4 list
-		&& Blacklist._rules.ipv6.indexOf(clientIp) === -1	// not explicitly specified in ipv6 list
+		Blacklist._rules.ipv6.indexOf(clientIp) === -1	&&// not explicitly specified in ipv6 list
-		&& !Blacklist._rules.cidr.some(function (subnet) {
+		!Blacklist._rules.cidr.some(function (subnet) {
 			return ip.cidrSubnet(subnet).contains(clientIp);
 		})	// not in a blacklisted cidr range
 	) {
 		if (typeof callback === 'function') {
-			callback();
+			setImmediate(callback);
 		} else {
 			return false;
 		}
@@ -64,7 +72,7 @@ Blacklist.test = function (clientIp, callback) {
 		err.code = 'blacklisted-ip';
 		if (typeof callback === 'function') {
-			callback(err);
+			setImmediate(callback, err);
 		} else {
 			return true;
 		}
@@ -78,9 +86,9 @@ Blacklist.validate = function (rules, callback) {
 	var cidr = [];
 	var invalid = [];
-	var isCidrSubnet = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/,
+	var isCidrSubnet = /^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/;
-		inlineCommentMatch = /#.*$/,
+	var inlineCommentMatch = /#.*$/;
-		whitelist = ['127.0.0.1', '::1', '::ffff:0:127.0.0.1'];
+	var whitelist = ['127.0.0.1', '::1', '::ffff:0:127.0.0.1'];
 	// Filter out blank lines and lines starting with the hash character (comments)
 	// Also trim inputs and remove inline comments
--- a/src/pubsub.js
+++ b/src/pubsub.js
@@ -1,10 +1,10 @@
 'use strict';
-var nconf = require('nconf'),
+var nconf = require('nconf');
-	util = require('util'),
+var util = require('util');
-	winston = require('winston'),
+var winston = require('winston');
-	EventEmitter = require('events').EventEmitter;
+var EventEmitter = require('events').EventEmitter;
 var channelName;
--- a/src/socket.io/blacklist.js
+++ b/src/socket.io/blacklist.js
@@ -1,9 +1,6 @@
 'use strict';
 var async = require('async');
 var winston = require('winston');
 var user = require('../user');
 var meta = require('../meta');
--- a/test/blacklist.js
+++ b/test/blacklist.js
@@ -0,0 +1,79 @@
 'use strict';
 /*global require, after, before*/
 var async = require('async');
 var assert = require('assert');
 var db = require('./mocks/databasemock');
 var groups = require('../src/groups');
 var user = require('../src/user');
 var blacklist = require('../src/meta/blacklist');
 describe('blacklist', function () {
 	var adminUid;
 	before(function (done) {
 		groups.resetCache();
 		user.create({username: 'admin'}, function (err, uid) {
 			assert.ifError(err);
 			adminUid = uid;
 			groups.join('administrators', adminUid, done);
 		});
 	});
 	var socketBlacklist = require('../src/socket.io/blacklist');
 	var rules = '1.1.1.1\n2.2.2.2\n::ffff:0:2.2.2.2\n127.0.0.1\n192.168.100.0/22';
 	it('should validate blacklist', function (done) {
 		socketBlacklist.validate({uid: adminUid}, {
 			rules: rules
 		}, function (err, data) {
 			assert.ifError(err);
 			done();
 		});
 	});
 	it('should error if not admin', function (done) {
 		socketBlacklist.save({uid: 0}, rules, function (err) {
 			assert.equal(err.message, '[[error:no-privileges]]');
 			done();
 		});
 	});
 	it('should save blacklist', function (done) {
 		socketBlacklist.save({uid: adminUid}, rules, function (err) {
 			assert.ifError(err);
 			done();
 		});
 	});
 	it('should pass ip test against blacklist async', function (done) {
 		blacklist.test('3.3.3.3', function (err) {
 			assert.ifError(err);
 			done();
 		});
 	});
 	it('should pass ip test against blacklist sync', function (done) {
 		assert(!blacklist.test('3.3.3.3'));
 		done();
 	});
 	it('should fail ip test against blacklist async', function (done) {
 		blacklist.test('1.1.1.1', function (err) {
 			assert.equal(err.message, '[[error:blacklisted-ip]]');
 			done();
 		});
 	});
 	it('should fail ip test against blacklist sync', function (done) {
 		assert(blacklist.test('1.1.1.1'));
 		done();
 	});
 	after(function (done) {
 		db.emptydb(done);
 	});
 });