9a61e8fd48
todo: GCS added GCS, no GLOBALS, two methods for saving pastes and comments use GLOBALS for verbosity again added getAllPastes() to all storage providers moved to bin, added --delete options, make use of $store->getAllPastes() added --delete-* options to help longopts without -- *sigh* fixed arguments drop singleton behaviour to allow multiple backends of the same type simultaneously remove singleton from Model, collapse loop in migrate.php comments is not indexed tests without data singleton fix exit if scandir() fails extended meta doc
111 lines
5.1 KiB
PHP
111 lines
5.1 KiB
PHP
<?php
|
|
|
|
use PrivateBin\Data\Filesystem;
|
|
use PrivateBin\Persistence\ServerSalt;
|
|
use PrivateBin\Persistence\TrafficLimiter;
|
|
|
|
class TrafficLimiterTest extends PHPUnit_Framework_TestCase
|
|
{
|
|
private $_path;
|
|
|
|
public function setUp()
|
|
{
|
|
/* Setup Routine */
|
|
$this->_path = sys_get_temp_dir() . DIRECTORY_SEPARATOR . 'trafficlimit';
|
|
$store = new Filesystem(array('dir' => $this->_path));
|
|
ServerSalt::setStore($store);
|
|
TrafficLimiter::setStore($store);
|
|
}
|
|
|
|
public function tearDown()
|
|
{
|
|
/* Tear Down Routine */
|
|
Helper::rmDir($this->_path . DIRECTORY_SEPARATOR);
|
|
}
|
|
|
|
public function testHtaccess()
|
|
{
|
|
$htaccess = $this->_path . DIRECTORY_SEPARATOR . '.htaccess';
|
|
@unlink($htaccess);
|
|
$_SERVER['REMOTE_ADDR'] = 'foobar';
|
|
TrafficLimiter::canPass();
|
|
$this->assertFileExists($htaccess, 'htaccess recreated');
|
|
}
|
|
|
|
public function testTrafficGetsLimited()
|
|
{
|
|
TrafficLimiter::setLimit(4);
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
|
|
sleep(1);
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'second request is to fast, may not pass');
|
|
}
|
|
sleep(4);
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'third request waited long enough and may pass');
|
|
$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'fourth request has different ip and may pass');
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'fifth request is to fast, may not pass');
|
|
}
|
|
}
|
|
|
|
public function testTrafficLimitExempted()
|
|
{
|
|
TrafficLimiter::setExempted('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'first request may pass');
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'not exempted');
|
|
}
|
|
$_SERVER['REMOTE_ADDR'] = '10.10.10.10';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in exempted range');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv4 in exempted range');
|
|
$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in exempted range');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but IPv6 in exempted range');
|
|
TrafficLimiter::setExempted('127.*,foobar');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'first cached request may pass');
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Please wait 4 seconds between each post.', 'request is too fast, invalid range');
|
|
}
|
|
$_SERVER['REMOTE_ADDR'] = 'foobar';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but non-IP address matches exempted range');
|
|
}
|
|
|
|
public function testTrafficLimitCreators()
|
|
{
|
|
TrafficLimiter::setCreators('1.2.3.4,10.10.10/24,2001:1620:2057::/48');
|
|
$_SERVER['REMOTE_ADDR'] = '127.0.0.1';
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'not a creator');
|
|
}
|
|
$_SERVER['REMOTE_ADDR'] = '10.10.10.10';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'IPv4 in creator range');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv4 in creator range');
|
|
$_SERVER['REMOTE_ADDR'] = '2001:1620:2057:dead:beef::cafe:babe';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'IPv6 in creator range');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is too fast, but IPv6 in creator range');
|
|
TrafficLimiter::setCreators('127.*,foobar');
|
|
try {
|
|
$this->assertFalse(TrafficLimiter::canPass(), 'expected an exception');
|
|
} catch (Exception $e) {
|
|
$this->assertEquals($e->getMessage(), 'Your IP is not authorized to create pastes.', 'request is to fast, not a creator');
|
|
}
|
|
$_SERVER['REMOTE_ADDR'] = 'foobar';
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'non-IP address');
|
|
$this->assertTrue(TrafficLimiter::canPass(), 'request is to fast, but non-IP address matches creator');
|
|
}
|
|
}
|