def test_countries_embargo_off(self): # When the middleware is turned off, all requests should go through # Accessing an embargoed page from a blocked IP OK response = self.client.get(self.embargoed_page, HTTP_X_FORWARDED_FOR='1.0.0.0', REMOTE_ADDR='1.0.0.0') self.assertEqual(response.status_code, 200) # Accessing a regular page from a blocked IP should succeed response = self.client.get(self.regular_page, HTTP_X_FORWARDED_FOR='1.0.0.0', REMOTE_ADDR='1.0.0.0') self.assertEqual(response.status_code, 200) # Explicitly whitelist/blacklist some IPs IPFilter( whitelist='1.0.0.0', blacklist='5.0.0.0', changed_by=self.user, enabled=True ).save() # Accessing an embargoed course from non-embargoed IP that's been blacklisted # should be OK response = self.client.get(self.embargoed_page, HTTP_X_FORWARDED_FOR='5.0.0.0', REMOTE_ADDR='5.0.0.0') self.assertEqual(response.status_code, 200) # Accessing a regular course from a non-embargoed IP that's been blacklisted should succeed response = self.client.get(self.regular_page, HTTP_X_FORWARDED_FOR='5.0.0.0', REMOTE_ADDR='5.0.0.0') self.assertEqual(response.status_code, 200)
def test_ip_exceptions(self): # Explicitly whitelist/blacklist some IPs IPFilter( whitelist='1.0.0.0', blacklist='5.0.0.0', changed_by=self.user, enabled=True ).save() # Accessing an embargoed page from a blocked IP that's been whitelisted # should succeed response = self.client.get(self.embargoed_page, HTTP_X_FORWARDED_FOR='1.0.0.0', REMOTE_ADDR='1.0.0.0') self.assertEqual(response.status_code, 200) # Accessing a regular course from a blocked IP that's been whitelisted should succeed response = self.client.get(self.regular_page, HTTP_X_FORWARDED_FOR='1.0.0.0', REMOTE_ADDR='1.0.0.0') self.assertEqual(response.status_code, 200) # Accessing an embargoed course from non-embargoed IP that's been blacklisted # should cause a redirect response = self.client.get(self.embargoed_page, HTTP_X_FORWARDED_FOR='5.0.0.0', REMOTE_ADDR='5.0.0.0') self.assertEqual(response.status_code, 302) # Following the redirect should give us the embargo page response = self.client.get( self.embargoed_page, HTTP_X_FORWARDED_FOR='5.0.0.0', REMOTE_ADDR='1.0.0.0', follow=True ) self.assertIn(self.embargo_text, response.content) # Accessing a regular course from a non-embargoed IP that's been blacklisted should succeed response = self.client.get(self.regular_page, HTTP_X_FORWARDED_FOR='5.0.0.0', REMOTE_ADDR='5.0.0.0') self.assertEqual(response.status_code, 200)
def test_ip_network_blocking(self): whitelist = '1.0.0.0/24' blacklist = '1.1.0.0/16' IPFilter(whitelist=whitelist, blacklist=blacklist).save() cwhitelist = IPFilter.current().whitelist_ips self.assertIn('1.0.0.100', cwhitelist) self.assertIn('1.0.0.10', cwhitelist) self.assertNotIn('1.0.1.0', cwhitelist) cblacklist = IPFilter.current().blacklist_ips self.assertIn('1.1.0.0', cblacklist) self.assertIn('1.1.0.1', cblacklist) self.assertIn('1.1.1.0', cblacklist) self.assertNotIn('1.2.0.0', cblacklist)
def test_ip_blocking(self): whitelist = '127.0.0.1' blacklist = '18.244.51.3' cwhitelist = IPFilter.current().whitelist_ips self.assertNotIn(whitelist, cwhitelist) cblacklist = IPFilter.current().blacklist_ips self.assertNotIn(blacklist, cblacklist) IPFilter(whitelist=whitelist, blacklist=blacklist).save() cwhitelist = IPFilter.current().whitelist_ips self.assertIn(whitelist, cwhitelist) cblacklist = IPFilter.current().blacklist_ips self.assertIn(blacklist, cblacklist)