Commit 3b76fb19 authored by Sanad Liaquat's avatar Sanad Liaquat

Use public ip address from third party API

for whitelising when running against static environments
Move fetching ip address in its own module
Sign in as admin for setting up IP address and some refactoring
parent 3832a8ad
tmp/ tmp/
.ruby-version .ruby-version
.ruby-gemset
urls.yml urls.yml
...@@ -35,6 +35,7 @@ module QA ...@@ -35,6 +35,7 @@ module QA
autoload :Logger, 'qa/runtime/logger' autoload :Logger, 'qa/runtime/logger'
autoload :GPG, 'qa/runtime/gpg' autoload :GPG, 'qa/runtime/gpg'
autoload :MailHog, 'qa/runtime/mail_hog' autoload :MailHog, 'qa/runtime/mail_hog'
autoload :IPAddress, 'qa/runtime/ip_address'
module API module API
autoload :Client, 'qa/runtime/api/client' autoload :Client, 'qa/runtime/api/client'
......
...@@ -88,7 +88,7 @@ module QA ...@@ -88,7 +88,7 @@ module QA
url = Runtime::API::Request.new(api_client, api_delete_path).url url = Runtime::API::Request.new(api_client, api_delete_path).url
response = delete(url) response = delete(url)
unless response.code == HTTP_STATUS_NO_CONTENT unless [HTTP_STATUS_NO_CONTENT, HTTP_STATUS_ACCEPTED].include? response.code
raise ResourceNotDeletedError, "Resource at #{url} could not be deleted (#{response.code}): `#{response}`." raise ResourceNotDeletedError, "Resource at #{url} could not be deleted (#{response.code}): `#{response}`."
end end
......
...@@ -70,6 +70,10 @@ module QA ...@@ -70,6 +70,10 @@ module QA
} }
end end
def api_delete_path
"/groups/#{id}"
end
def full_path def full_path
sandbox.path + ' / ' + path sandbox.path + ' / ' + path
end end
......
# frozen_string_literal: true
require 'socket'
module QA
module Runtime
module IPAddress
include Support::Api
HostUnreachableError = Class.new(StandardError)
LOOPBACK_ADDRESS = '127.0.0.1'
PUBLIC_IP_ADDRESS_API = "https://api.ipify.org"
def fetch_current_ip_address
# When running on CI against a live environment such as staging.gitlab.com,
# we use the public facing IP address
ip_address = if Env.running_in_ci? && !URI.parse(Scenario.gitlab_address).host.include?('test')
response = get(PUBLIC_IP_ADDRESS_API)
raise HostUnreachableError, "#{PUBLIC_IP_ADDRESS_API} is unreachable" unless response.code == Support::Api::HTTP_STATUS_OK
response.body
elsif page.current_host.include?('localhost')
LOOPBACK_ADDRESS
else
Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
end
QA::Runtime::Logger.info "Current IP address: #{ip_address}"
ip_address
end
end
end
end
# frozen_string_literal: true # frozen_string_literal: true
require 'securerandom' require 'securerandom'
require 'socket'
module QA module QA
# https://gitlab.com/gitlab-org/gitlab/issues/34351 context 'Manage' do
context 'Manage', :quarantine do describe 'Group access', :requires_admin do
describe 'Group access' do include Runtime::IPAddress
LOOPBACK_ADDRESS = '127.0.0.1'
before(:all) do before(:all) do
@sandbox_group = Resource::Sandbox.fabricate! do |sandbox_group| @sandbox_group = Resource::Sandbox.fabricate! do |sandbox_group|
...@@ -21,31 +19,23 @@ module QA ...@@ -21,31 +19,23 @@ module QA
end end
end end
before do after(:all) do
Page::Main::Menu.perform do |menu| @group.remove_via_api!
menu.sign_out if menu.has_personal_area?(wait: 0)
end
Flow::Login.sign_in
end end
context 'when restricted by another ip address' do context 'when restricted by another ip address' do
it 'denies access' do it 'denies access' do
Flow::Login.while_signed_in_as_admin do
@group.sandbox.visit! @group.sandbox.visit!
Page::Group::Menu.perform(&:click_group_general_settings_item) Page::Group::Menu.perform(&:click_group_general_settings_item)
Page::Group::Settings::General.perform do |settings| Page::Group::Settings::General.perform do |settings|
settings.set_ip_address_restriction(get_next_ip_address) settings.set_ip_address_restriction(get_next_ip_address(fetch_current_ip_address))
end end
Page::Main::Menu.perform do |menu|
menu.sign_out if menu.has_personal_area?(wait: 0)
end end
Page::Main::Login.perform do |menu| Flow::Login.sign_in(as: @user)
menu.sign_in_using_credentials(user: @user)
end
@group.sandbox.visit! @group.sandbox.visit!
expect(page).to have_text('Page Not Found') expect(page).to have_text('Page Not Found')
...@@ -59,21 +49,17 @@ module QA ...@@ -59,21 +49,17 @@ module QA
context 'when restricted by user\'s ip address' do context 'when restricted by user\'s ip address' do
it 'allows access' do it 'allows access' do
Flow::Login.while_signed_in_as_admin do
@group.sandbox.visit! @group.sandbox.visit!
Page::Group::Menu.perform(&:click_group_general_settings_item) Page::Group::Menu.perform(&:click_group_general_settings_item)
Page::Group::Settings::General.perform do |settings| Page::Group::Settings::General.perform do |settings|
settings.set_ip_address_restriction(get_current_ip_address) settings.set_ip_address_restriction(fetch_current_ip_address)
end end
Page::Main::Menu.perform do |menu|
menu.sign_out if menu.has_personal_area?(wait: 0)
end end
Page::Main::Login.perform do |menu| Flow::Login.sign_in(as: @user)
menu.sign_in_using_credentials(user: @user)
end
@group.sandbox.visit! @group.sandbox.visit!
expect(page).to have_text(@group.sandbox.path) expect(page).to have_text(@group.sandbox.path)
...@@ -83,22 +69,12 @@ module QA ...@@ -83,22 +69,12 @@ module QA
end end
end end
def get_current_ip_address def get_next_ip_address(current_ip_address)
return LOOPBACK_ADDRESS if page.current_host.include?('localhost') current_last_part = current_ip_address.split(".").pop.to_i
Socket.ip_address_list.detect { |intf| intf.ipv4_private? }.ip_address
end
def get_next_ip_address
current_ip = get_current_ip_address
QA::Runtime::Logger.info "User's ip address: #{current_ip}"
current_last_part = current_ip.split(".").pop.to_i
updated_last_part = current_last_part < 255 ? current_last_part + 1 : 1 updated_last_part = current_last_part < 255 ? current_last_part + 1 : 1
current_ip.split(".")[0...-1].push(updated_last_part).join(".") current_ip_address.split(".")[0...-1].push(updated_last_part).join(".")
end end
end end
end end
......
...@@ -6,6 +6,7 @@ module QA ...@@ -6,6 +6,7 @@ module QA
HTTP_STATUS_OK = 200 HTTP_STATUS_OK = 200
HTTP_STATUS_CREATED = 201 HTTP_STATUS_CREATED = 201
HTTP_STATUS_NO_CONTENT = 204 HTTP_STATUS_NO_CONTENT = 204
HTTP_STATUS_ACCEPTED = 202
def post(url, payload) def post(url, payload)
RestClient::Request.execute( RestClient::Request.execute(
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment