t/modules/access.t - httpd-tests - Git at Google

 use strict;
 use warnings FATAL => 'all';

 use Apache::Test;
 use Apache::TestRequest;
 use Apache::TestUtil;

 ##
 ## mod_access test
 ##

 my $vars = Apache::Test::vars();
 my $localhost_name = $vars->{servername};
 my $remote_addr = $vars->{remote_addr};
 my(@addr) = split /\./, $remote_addr;
 my $addr1 = $addr[0];
 my $addr2 = join '.', $addr[0], $addr[1];

 my @localhost = (
     'from all',
     "from $localhost_name",
     "from $remote_addr",
     "from $addr2",
     "from $remote_addr/255.255.0.0",
     "from $remote_addr/16",
     'from somewhere.else.com',
     'from 66.6.6.6'
 );
 my @order = ('deny,allow', 'allow,deny', 'mutual-failure');
 my @allow = @localhost;
 my @deny = @localhost;

 plan tests => (@order * @allow * @deny * 2) + (@order * @allow), \&need_access;

 my $dir = $vars->{t_dir};
 $dir .=  "/htdocs/modules/access/htaccess";

 sub write_htaccess {
     my $conf_str = shift;
     open (HT, ">$dir/.htaccess") or die "cant open htaccess: $!";
     print HT $conf_str;
     close (HT);
 }

 my ($config_string, $ok);
 foreach my $order (@order) {
     foreach my $allow (@allow) {
         $config_string = "Order $order\nAllow $allow\n";
         write_htaccess($config_string);

         t_debug "---", $config_string;

         if ($order eq 'deny,allow') {

             ## if allowing by default,
             ## there is no 'Deny' directive, so everything
             ## is allowed.
             t_debug "expecting access.";
             ok GET_OK "/modules/access/htaccess/index.html";


         } else {

             ## denying by default

             if ($allow =~ /^from $addr1/
                 || $allow eq "from $localhost_name"
                 || $allow eq 'from all') {

                 ## if we are explicitly allowed, its ok
                 t_debug "expecting access.";
                 ok GET_OK "/modules/access/htaccess/index.html";

             } else {

                 ## otherwise, not ok
                 t_debug "expecting access denial.";
                 ok !GET_OK "/modules/access/htaccess/index.html";
             }
         }


         foreach my $deny (@deny) {
             $config_string = "Order $order\nDeny $deny\n";
             write_htaccess($config_string);

             t_debug "---", $config_string;

             if ($order eq 'deny,allow') {

                 ## allowing by default

                 if ($deny =~ /^from $addr1/
                     || $deny eq "from $localhost_name"
                     || $deny eq 'from all') {

                     ## if we are denied explicitly
                     ## its not ok
                     t_debug "expecting access denial.";
                     ok !GET_OK "/modules/access/htaccess/index.html";

                 } else {

                     ## otherwise, ok
                     t_debug "expecting access.";
                     ok GET_OK "/modules/access/htaccess/index.html";

                 }
             } else {

                 ## if denying by default
                 ## there is no 'Allow' directive, so
                 ## everything is denied.
                 t_debug "expecting access denial.";
                 ok !GET_OK "/modules/access/htaccess/index.html";

             }

             $config_string = "Order $order\nAllow $allow\nDeny $deny\n";
             write_htaccess($config_string);

             t_debug "---", $config_string;

             if ($order eq 'deny,allow') {

                 ## allowing by default

                 if ($allow =~ /^from $addr1/
                     || $allow eq "from $localhost_name"
                     || $allow eq 'from all') {

                     ## we are explicitly allowed
                     ## so it is ok.
                     t_debug "expecting access.";
                     ok GET_OK "/modules/access/htaccess/index.html";

                 } elsif ($deny =~ /^from $addr1/
                     || $deny eq "from $localhost_name"
                     || $deny eq 'from all') {

                     ## if we are not explicitly allowed
                     ## and are explicitly denied,
                     ## we are denied access.
                     t_debug "expecting access denial.";
                     ok !GET_OK "/modules/access/htaccess/index.html";

                 } else {

                     ## if we are not explicity allowed
                     ## or explicitly denied,
                     ## we get access.
                     t_debug "expecting access.";
                     ok GET_OK "/modules/access/htaccess/index.html";

                 }
             } else {

                 ## denying by default

                 if ($deny =~ /^from $addr1/
                     || $deny eq "from $localhost_name"
                     || $deny eq 'from all') {

                     ## if we are explicitly denied,
                     ## we get no access.
                     t_debug "expecting access denial.";
                     ok !GET_OK "/modules/access/htaccess/index.html";

                 } elsif ($allow =~ /^from $addr1/
                     || $allow eq "from $localhost_name"
                     || $allow eq 'from all') {

                     ## if we are not explicitly denied
                     ## and are explicitly allowed,
                     ## we get access.
                     t_debug "expecting access.";
                     ok GET_OK "/modules/access/htaccess/index.html";

                 } else {

                     ## if we are not explicitly denied
                     ## and not explicitly allowed,
                     ## we get no access.
                     t_debug "expecting access denial.";
                     ok !GET_OK "/modules/access/htaccess/index.html";

                 }
             }
         }
     }
 }
	use strict;
	use warnings FATAL => 'all';

	use Apache::Test;
	use Apache::TestRequest;
	use Apache::TestUtil;

	##
	## mod_access test
	##

	my $vars = Apache::Test::vars();
	my $localhost_name = $vars->{servername};
	my $remote_addr = $vars->{remote_addr};
	my(@addr) = split /\./, $remote_addr;
	my $addr1 = $addr[0];
	my $addr2 = join '.', $addr[0], $addr[1];

	my @localhost = (
	'from all',
	"from $localhost_name",
	"from $remote_addr",
	"from $addr2",
	"from $remote_addr/255.255.0.0",
	"from $remote_addr/16",
	'from somewhere.else.com',
	'from 66.6.6.6'
	);
	my @order = ('deny,allow', 'allow,deny', 'mutual-failure');
	my @allow = @localhost;
	my @deny = @localhost;

	plan tests => (@order * @allow * @deny * 2) + (@order * @allow), \&need_access;

	my $dir = $vars->{t_dir};
	$dir .= "/htdocs/modules/access/htaccess";

	sub write_htaccess {
	my $conf_str = shift;
	open (HT, ">$dir/.htaccess") or die "cant open htaccess: $!";
	print HT $conf_str;
	close (HT);
	}

	my ($config_string, $ok);
	foreach my $order (@order) {
	foreach my $allow (@allow) {
	$config_string = "Order $order\nAllow $allow\n";
	write_htaccess($config_string);

	t_debug "---", $config_string;

	if ($order eq 'deny,allow') {

	## if allowing by default,
	## there is no 'Deny' directive, so everything
	## is allowed.
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";


	} else {

	## denying by default

	if ($allow =~ /^from $addr1/
	\|\| $allow eq "from $localhost_name"
	\|\| $allow eq 'from all') {

	## if we are explicitly allowed, its ok
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";

	} else {

	## otherwise, not ok
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";
	}
	}


	foreach my $deny (@deny) {
	$config_string = "Order $order\nDeny $deny\n";
	write_htaccess($config_string);

	t_debug "---", $config_string;

	if ($order eq 'deny,allow') {

	## allowing by default

	if ($deny =~ /^from $addr1/
	\|\| $deny eq "from $localhost_name"
	\|\| $deny eq 'from all') {

	## if we are denied explicitly
	## its not ok
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";

	} else {

	## otherwise, ok
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";

	}
	} else {

	## if denying by default
	## there is no 'Allow' directive, so
	## everything is denied.
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";

	}

	$config_string = "Order $order\nAllow $allow\nDeny $deny\n";
	write_htaccess($config_string);

	t_debug "---", $config_string;

	if ($order eq 'deny,allow') {

	## allowing by default

	if ($allow =~ /^from $addr1/
	\|\| $allow eq "from $localhost_name"
	\|\| $allow eq 'from all') {

	## we are explicitly allowed
	## so it is ok.
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";

	} elsif ($deny =~ /^from $addr1/
	\|\| $deny eq "from $localhost_name"
	\|\| $deny eq 'from all') {

	## if we are not explicitly allowed
	## and are explicitly denied,
	## we are denied access.
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";

	} else {

	## if we are not explicity allowed
	## or explicitly denied,
	## we get access.
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";

	}
	} else {

	## denying by default

	if ($deny =~ /^from $addr1/
	\|\| $deny eq "from $localhost_name"
	\|\| $deny eq 'from all') {

	## if we are explicitly denied,
	## we get no access.
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";

	} elsif ($allow =~ /^from $addr1/
	\|\| $allow eq "from $localhost_name"
	\|\| $allow eq 'from all') {

	## if we are not explicitly denied
	## and are explicitly allowed,
	## we get access.
	t_debug "expecting access.";
	ok GET_OK "/modules/access/htaccess/index.html";

	} else {

	## if we are not explicitly denied
	## and not explicitly allowed,
	## we get no access.
	t_debug "expecting access denial.";
	ok !GET_OK "/modules/access/htaccess/index.html";

	}
	}
	}
	}
	}