탐색 도움말
로그인
mirrors
/
ntfy
의 미러 https://github.com/binwiederhier/ntfy
1
0
포크 0
파일 이슈 0 위키
트리: cd3429842b
브랜치 태그
ntfy
/
server
/
server_test.go

server_test.go 83 KB
히스토리 Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313 
  1. package server
    2. 

  2. 

  3. import (
    4. 

  4. 	"bufio"
    5. 

  5. 	"context"
    6. 

  6. 	"encoding/base64"
    7. 

  7. 	"encoding/json"
    8. 

  8. 	"fmt"
    9. 

  9. 	"golang.org/x/crypto/bcrypt"
    10. 

  10. 	"heckel.io/ntfy/user"
    11. 

  11. 	"io"
    12. 

  12. 	"math/rand"
    13. 

  13. 	"net/http"
    14. 

  14. 	"net/http/httptest"
    15. 

  15. 	"net/netip"
    16. 

  16. 	"os"
    17. 

  17. 	"path/filepath"
    18. 

  18. 	"strings"
    19. 

  19. 	"sync"
    20. 

  20. 	"testing"
    21. 

  21. 	"time"
    22. 

  22. 

  23. 	"github.com/stretchr/testify/assert"
    24. 

  24. 

  25. 	"github.com/stretchr/testify/require"
    26. 

  26. 	"heckel.io/ntfy/log"
    27. 

  27. 	"heckel.io/ntfy/util"
    28. 

  28. )
    29. 

  29. 

  30. func TestMain(m *testing.M) {
    31. 

  31. 	log.SetLevel(log.ErrorLevel)
    32. 

  32. 	os.Exit(m.Run())
    33. 

  33. }
    34. 

  34. 

  35. func TestServer_PublishAndPoll(t *testing.T) {
    36. 

  36. 	s := newTestServer(t, newTestConfig(t))
    37. 

  37. 

  38. 	response1 := request(t, s, "PUT", "/mytopic", "my first message", nil)
    39. 

  39. 	msg1 := toMessage(t, response1.Body.String())
    40. 

  40. 	require.NotEmpty(t, msg1.ID)
    41. 

  41. 	require.Equal(t, "my first message", msg1.Message)
    42. 

  42. 

  43. 	response2 := request(t, s, "PUT", "/mytopic", "my second\n\nmessage", nil)
    44. 

  44. 	msg2 := toMessage(t, response2.Body.String())
    45. 

  45. 	require.NotEqual(t, msg1.ID, msg2.ID)
    46. 

  46. 	require.NotEmpty(t, msg2.ID)
    47. 

  47. 	require.Equal(t, "my second\n\nmessage", msg2.Message)
    48. 

  48. 

  49. 	response := request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    50. 

  50. 	messages := toMessages(t, response.Body.String())
    51. 

  51. 	require.Equal(t, 2, len(messages))
    52. 

  52. 	require.Equal(t, "my first message", messages[0].Message)
    53. 

  53. 	require.Equal(t, "my second\n\nmessage", messages[1].Message)
    54. 

  54. 

  55. 	response = request(t, s, "GET", "/mytopic/sse?poll=1&since=all", "", nil)
    56. 

  56. 	lines := strings.Split(strings.TrimSpace(response.Body.String()), "\n")
    57. 

  57. 	require.Equal(t, 3, len(lines))
    58. 

  58. 	require.Equal(t, "my first message", toMessage(t, strings.TrimPrefix(lines[0], "data: ")).Message)
    59. 

  59. 	require.Equal(t, "", lines[1])
    60. 

  60. 	require.Equal(t, "my second\n\nmessage", toMessage(t, strings.TrimPrefix(lines[2], "data: ")).Message)
    61. 

  61. 

  62. 	response = request(t, s, "GET", "/mytopic/raw?poll=1", "", nil)
    63. 

  63. 	lines = strings.Split(strings.TrimSpace(response.Body.String()), "\n")
    64. 

  64. 	require.Equal(t, 2, len(lines))
    65. 

  65. 	require.Equal(t, "my first message", lines[0])
    66. 

  66. 	require.Equal(t, "my second  message", lines[1]) // \n -> " "
    67. 

  67. }
    68. 

  68. 

  69. func TestServer_PublishWithFirebase(t *testing.T) {
    70. 

  70. 	sender := newTestFirebaseSender(10)
    71. 

  71. 	s := newTestServer(t, newTestConfig(t))
    72. 

  72. 	s.firebaseClient = newFirebaseClient(sender, &testAuther{Allow: true})
    73. 

  73. 

  74. 	response := request(t, s, "PUT", "/mytopic", "my first message", nil)
    75. 

  75. 	msg1 := toMessage(t, response.Body.String())
    76. 

  76. 	require.NotEmpty(t, msg1.ID)
    77. 

  77. 	require.Equal(t, "my first message", msg1.Message)
    78. 

  78. 

  79. 	time.Sleep(100 * time.Millisecond) // Firebase publishing happens
    80. 

  80. 	require.Equal(t, 1, len(sender.Messages()))
    81. 

  81. 	require.Equal(t, "my first message", sender.Messages()[0].Data["message"])
    82. 

  82. 	require.Equal(t, "my first message", sender.Messages()[0].APNS.Payload.Aps.Alert.Body)
    83. 

  83. 	require.Equal(t, "my first message", sender.Messages()[0].APNS.Payload.CustomData["message"])
    84. 

  84. }
    85. 

  85. 

  86. func TestServer_PublishWithFirebase_WithoutUsers_AndWithoutPanic(t *testing.T) {
    87. 

  87. 	// This tests issue #641, which used to panic before the fix
    88. 

  88. 

  89. 	firebaseKeyFile := filepath.Join(t.TempDir(), "firebase.json")
    90. 

  90. 	contents := `{
    91. 

  91.   "type": "service_account",
    92. 

  92.   "project_id": "ntfy-test",
    93. 

  93.   "private_key_id": "fsfhskjdfhskdhfskdjfhsdf",
    94. 

  94.   "private_key": "lalala",
    95. 

  95.   "client_email": "firebase-adminsdk-muv04@ntfy-test.iam.gserviceaccount.com",
    96. 

  96.   "client_id": "123123213",
    97. 

  97.   "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    98. 

  98.   "token_uri": "https://oauth2.googleapis.com/token",
    99. 

  99.   "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    100. 

  100.   "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/firebase-adminsdk-muv04%40ntfy-test.iam.gserviceaccount.com"
    101. 

  101. }
    102. 

  102. `
    103. 

  103. 	require.Nil(t, os.WriteFile(firebaseKeyFile, []byte(contents), 0600))
    104. 

  104. 	c := newTestConfig(t)
    105. 

  105. 	c.FirebaseKeyFile = firebaseKeyFile
    106. 

  106. 	s := newTestServer(t, c)
    107. 

  107. 

  108. 	response := request(t, s, "PUT", "/mytopic", "my first message", nil)
    109. 

  109. 	require.Equal(t, "my first message", toMessage(t, response.Body.String()).Message)
    110. 

  110. }
    111. 

  111. 

  112. func TestServer_SubscribeOpenAndKeepalive(t *testing.T) {
    113. 

  113. 	t.Parallel()
    114. 

  114. 	c := newTestConfig(t)
    115. 

  115. 	c.KeepaliveInterval = time.Second
    116. 

  116. 	s := newTestServer(t, c)
    117. 

  117. 

  118. 	rr := httptest.NewRecorder()
    119. 

  119. 	ctx, cancel := context.WithCancel(context.Background())
    120. 

  120. 	req, err := http.NewRequestWithContext(ctx, "GET", "/mytopic/json", nil)
    121. 

  121. 	if err != nil {
    122. 

  122. 		t.Fatal(err)
    123. 

  123. 	}
    124. 

  124. 	doneChan := make(chan bool)
    125. 

  125. 	go func() {
    126. 

  126. 		s.handle(rr, req)
    127. 

  127. 		doneChan <- true
    128. 

  128. 	}()
    129. 

  129. 	time.Sleep(1300 * time.Millisecond)
    130. 

  130. 	cancel()
    131. 

  131. 	<-doneChan
    132. 

  132. 

  133. 	messages := toMessages(t, rr.Body.String())
    134. 

  134. 	require.Equal(t, 2, len(messages))
    135. 

  135. 

  136. 	require.Equal(t, openEvent, messages[0].Event)
    137. 

  137. 	require.Equal(t, "mytopic", messages[0].Topic)
    138. 

  138. 	require.Equal(t, "", messages[0].Message)
    139. 

  139. 	require.Equal(t, "", messages[0].Title)
    140. 

  140. 	require.Equal(t, 0, messages[0].Priority)
    141. 

  141. 	require.Nil(t, messages[0].Tags)
    142. 

  142. 

  143. 	require.Equal(t, keepaliveEvent, messages[1].Event)
    144. 

  144. 	require.Equal(t, "mytopic", messages[1].Topic)
    145. 

  145. 	require.Equal(t, "", messages[1].Message)
    146. 

  146. 	require.Equal(t, "", messages[1].Title)
    147. 

  147. 	require.Equal(t, 0, messages[1].Priority)
    148. 

  148. 	require.Nil(t, messages[1].Tags)
    149. 

  149. }
    150. 

  150. 

  151. func TestServer_PublishAndSubscribe(t *testing.T) {
    152. 

  152. 	t.Parallel()
    153. 

  153. 	s := newTestServer(t, newTestConfig(t))
    154. 

  154. 

  155. 	subscribeRR := httptest.NewRecorder()
    156. 

  156. 	subscribeCancel := subscribe(t, s, "/mytopic/json", subscribeRR)
    157. 

  157. 

  158. 	publishFirstRR := request(t, s, "PUT", "/mytopic", "my first message", nil)
    159. 

  159. 	require.Equal(t, 200, publishFirstRR.Code)
    160. 

  160. 	time.Sleep(500 * time.Millisecond) // Publishing is done asynchronously, this avoids races
    161. 

  161. 

  162. 	publishSecondRR := request(t, s, "PUT", "/mytopic", "my other message", map[string]string{
    163. 

  163. 		"Title":  " This is a title ",
    164. 

  164. 		"X-Tags": "tag1,tag 2, tag3",
    165. 

  165. 		"p":      "1",
    166. 

  166. 	})
    167. 

  167. 	require.Equal(t, 200, publishSecondRR.Code)
    168. 

  168. 

  169. 	subscribeCancel()
    170. 

  170. 	messages := toMessages(t, subscribeRR.Body.String())
    171. 

  171. 	require.Equal(t, 3, len(messages))
    172. 

  172. 	require.Equal(t, openEvent, messages[0].Event)
    173. 

  173. 

  174. 	require.Equal(t, messageEvent, messages[1].Event)
    175. 

  175. 	require.Equal(t, "mytopic", messages[1].Topic)
    176. 

  176. 	require.Equal(t, "my first message", messages[1].Message)
    177. 

  177. 	require.Equal(t, "", messages[1].Title)
    178. 

  178. 	require.Equal(t, 0, messages[1].Priority)
    179. 

  179. 	require.Nil(t, messages[1].Tags)
    180. 

  180. 	require.True(t, time.Now().Add(12*time.Hour-5*time.Second).Unix() < messages[1].Expires)
    181. 

  181. 	require.True(t, time.Now().Add(12*time.Hour+5*time.Second).Unix() > messages[1].Expires)
    182. 

  182. 

  183. 	require.Equal(t, messageEvent, messages[2].Event)
    184. 

  184. 	require.Equal(t, "mytopic", messages[2].Topic)
    185. 

  185. 	require.Equal(t, "my other message", messages[2].Message)
    186. 

  186. 	require.Equal(t, "This is a title", messages[2].Title)
    187. 

  187. 	require.Equal(t, 1, messages[2].Priority)
    188. 

  188. 	require.Equal(t, []string{"tag1", "tag 2", "tag3"}, messages[2].Tags)
    189. 

  189. }
    190. 

  190. 

  191. func TestServer_Publish_Disallowed_Topic(t *testing.T) {
    192. 

  192. 	c := newTestConfig(t)
    193. 

  193. 	c.DisallowedTopics = []string{"about", "time", "this", "got", "added"}
    194. 

  194. 	s := newTestServer(t, c)
    195. 

  195. 

  196. 	rr := request(t, s, "PUT", "/mytopic", "my first message", nil)
    197. 

  197. 	require.Equal(t, 200, rr.Code)
    198. 

  198. 

  199. 	rr = request(t, s, "PUT", "/about", "another message", nil)
    200. 

  200. 	require.Equal(t, 400, rr.Code)
    201. 

  201. 	require.Equal(t, 40010, toHTTPError(t, rr.Body.String()).Code)
    202. 

  202. }
    203. 

  203. 

  204. func TestServer_StaticSites(t *testing.T) {
    205. 

  205. 	s := newTestServer(t, newTestConfig(t))
    206. 

  206. 

  207. 	rr := request(t, s, "GET", "/", "", nil)
    208. 

  208. 	require.Equal(t, 200, rr.Code)
    209. 

  209. 	require.Contains(t, rr.Body.String(), "</html>")
    210. 

  210. 

  211. 	rr = request(t, s, "HEAD", "/", "", nil)
    212. 

  212. 	require.Equal(t, 200, rr.Code)
    213. 

  213. 

  214. 	rr = request(t, s, "OPTIONS", "/", "", nil)
    215. 

  215. 	require.Equal(t, 200, rr.Code)
    216. 

  216. 

  217. 	rr = request(t, s, "GET", "/does-not-exist.txt", "", nil)
    218. 

  218. 	require.Equal(t, 404, rr.Code)
    219. 

  219. 

  220. 	rr = request(t, s, "GET", "/mytopic", "", nil)
    221. 

  221. 	require.Equal(t, 200, rr.Code)
    222. 

  222. 	require.Contains(t, rr.Body.String(), `<meta name="robots" content="noindex, nofollow"/>`)
    223. 

  223. 

  224. 	rr = request(t, s, "GET", "/static/css/home.css", "", nil)
    225. 

  225. 	require.Equal(t, 200, rr.Code)
    226. 

  226. 	require.Contains(t, rr.Body.String(), `/* general styling */`)
    227. 

  227. 

  228. 	rr = request(t, s, "GET", "/docs", "", nil)
    229. 

  229. 	require.Equal(t, 301, rr.Code)
    230. 

  230. 

  231. 	// Docs test removed, it was failing annoyingly.
    232. 

  232. }
    233. 

  233. 

  234. func TestServer_WebEnabled(t *testing.T) {
    235. 

  235. 	conf := newTestConfig(t)
    236. 

  236. 	conf.EnableWeb = false
    237. 

  237. 	s := newTestServer(t, conf)
    238. 

  238. 

  239. 	rr := request(t, s, "GET", "/", "", nil)
    240. 

  240. 	require.Equal(t, 404, rr.Code)
    241. 

  241. 

  242. 	rr = request(t, s, "GET", "/config.js", "", nil)
    243. 

  243. 	require.Equal(t, 404, rr.Code)
    244. 

  244. 

  245. 	rr = request(t, s, "GET", "/static/css/home.css", "", nil)
    246. 

  246. 	require.Equal(t, 404, rr.Code)
    247. 

  247. 

  248. 	conf2 := newTestConfig(t)
    249. 

  249. 	conf2.EnableWeb = true
    250. 

  250. 	s2 := newTestServer(t, conf2)
    251. 

  251. 

  252. 	rr = request(t, s2, "GET", "/", "", nil)
    253. 

  253. 	require.Equal(t, 200, rr.Code)
    254. 

  254. 

  255. 	rr = request(t, s2, "GET", "/config.js", "", nil)
    256. 

  256. 	require.Equal(t, 200, rr.Code)
    257. 

  257. 

  258. 	rr = request(t, s2, "GET", "/static/css/home.css", "", nil)
    259. 

  259. 	require.Equal(t, 200, rr.Code)
    260. 

  260. }
    261. 

  261. 

  262. func TestServer_PublishLargeMessage(t *testing.T) {
    263. 

  263. 	c := newTestConfig(t)
    264. 

  264. 	c.AttachmentCacheDir = "" // Disable attachments
    265. 

  265. 	s := newTestServer(t, c)
    266. 

  266. 

  267. 	body := strings.Repeat("this is a large message", 5000)
    268. 

  268. 	response := request(t, s, "PUT", "/mytopic", body, nil)
    269. 

  269. 	require.Equal(t, 400, response.Code)
    270. 

  270. }
    271. 

  271. 

  272. func TestServer_PublishPriority(t *testing.T) {
    273. 

  273. 	s := newTestServer(t, newTestConfig(t))
    274. 

  274. 

  275. 	for prio := 1; prio <= 5; prio++ {
    276. 

  276. 		response := request(t, s, "GET", fmt.Sprintf("/mytopic/publish?priority=%d", prio), fmt.Sprintf("priority %d", prio), nil)
    277. 

  277. 		msg := toMessage(t, response.Body.String())
    278. 

  278. 		require.Equal(t, prio, msg.Priority)
    279. 

  279. 	}
    280. 

  280. 

  281. 	response := request(t, s, "GET", "/mytopic/publish?priority=min", "test", nil)
    282. 

  282. 	require.Equal(t, 1, toMessage(t, response.Body.String()).Priority)
    283. 

  283. 

  284. 	response = request(t, s, "GET", "/mytopic/send?priority=low", "test", nil)
    285. 

  285. 	require.Equal(t, 2, toMessage(t, response.Body.String()).Priority)
    286. 

  286. 

  287. 	response = request(t, s, "GET", "/mytopic/send?priority=default", "test", nil)
    288. 

  288. 	require.Equal(t, 3, toMessage(t, response.Body.String()).Priority)
    289. 

  289. 

  290. 	response = request(t, s, "GET", "/mytopic/send?priority=high", "test", nil)
    291. 

  291. 	require.Equal(t, 4, toMessage(t, response.Body.String()).Priority)
    292. 

  292. 

  293. 	response = request(t, s, "GET", "/mytopic/send?priority=max", "test", nil)
    294. 

  294. 	require.Equal(t, 5, toMessage(t, response.Body.String()).Priority)
    295. 

  295. 

  296. 	response = request(t, s, "GET", "/mytopic/trigger?priority=urgent", "test", nil)
    297. 

  297. 	require.Equal(t, 5, toMessage(t, response.Body.String()).Priority)
    298. 

  298. 

  299. 	response = request(t, s, "GET", "/mytopic/trigger?priority=INVALID", "test", nil)
    300. 

  300. 	require.Equal(t, 40007, toHTTPError(t, response.Body.String()).Code)
    301. 

  301. }
    302. 

  302. 

  303. func TestServer_PublishGETOnlyOneTopic(t *testing.T) {
    304. 

  304. 	// This tests a bug that allowed publishing topics with a comma in the name (no ticket)
    305. 

  305. 

  306. 	s := newTestServer(t, newTestConfig(t))
    307. 

  307. 	response := request(t, s, "GET", "/mytopic,mytopic2/publish?m=hi", "", nil)
    308. 

  308. 	require.Equal(t, 404, response.Code)
    309. 

  309. }
    310. 

  310. 

  311. func TestServer_PublishNoCache(t *testing.T) {
    312. 

  312. 	s := newTestServer(t, newTestConfig(t))
    313. 

  313. 

  314. 	response := request(t, s, "PUT", "/mytopic", "this message is not cached", map[string]string{
    315. 

  315. 		"Cache": "no",
    316. 

  316. 	})
    317. 

  317. 	msg := toMessage(t, response.Body.String())
    318. 

  318. 	require.NotEmpty(t, msg.ID)
    319. 

  319. 	require.Equal(t, "this message is not cached", msg.Message)
    320. 

  320. 	require.Equal(t, int64(0), msg.Expires)
    321. 

  321. 

  322. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    323. 

  323. 	messages := toMessages(t, response.Body.String())
    324. 

  324. 	require.Empty(t, messages)
    325. 

  325. }
    326. 

  326. 

  327. func TestServer_PublishAt(t *testing.T) {
    328. 

  328. 	t.Parallel()
    329. 

  329. 	c := newTestConfig(t)
    330. 

  330. 	c.MinDelay = time.Second
    331. 

  331. 	c.DelayedSenderInterval = 100 * time.Millisecond
    332. 

  332. 	s := newTestServer(t, c)
    333. 

  333. 

  334. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    335. 

  335. 		"In": "1s",
    336. 

  336. 	})
    337. 

  337. 	require.Equal(t, 200, response.Code)
    338. 

  338. 

  339. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    340. 

  340. 	messages := toMessages(t, response.Body.String())
    341. 

  341. 	require.Equal(t, 0, len(messages))
    342. 

  342. 

  343. 	time.Sleep(time.Second)
    344. 

  344. 	require.Nil(t, s.sendDelayedMessages())
    345. 

  345. 

  346. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    347. 

  347. 	messages = toMessages(t, response.Body.String())
    348. 

  348. 	require.Equal(t, 1, len(messages))
    349. 

  349. 	require.Equal(t, "a message", messages[0].Message)
    350. 

  350. 	require.Equal(t, netip.Addr{}, messages[0].Sender) // Never return the sender!
    351. 

  351. 

  352. 	messages, err := s.messageCache.Messages("mytopic", sinceAllMessages, true)
    353. 

  353. 	require.Nil(t, err)
    354. 

  354. 	require.Equal(t, 1, len(messages))
    355. 

  355. 	require.Equal(t, "a message", messages[0].Message)
    356. 

  356. 	require.Equal(t, "9.9.9.9", messages[0].Sender.String()) // It's stored in the DB though!
    357. 

  357. }
    358. 

  358. 

  359. func TestServer_PublishAt_Expires(t *testing.T) {
    360. 

  360. 	s := newTestServer(t, newTestConfig(t))
    361. 

  361. 

  362. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    363. 

  363. 		"In": "2 days",
    364. 

  364. 	})
    365. 

  365. 	require.Equal(t, 200, response.Code)
    366. 

  366. 	m := toMessage(t, response.Body.String())
    367. 

  367. 	require.True(t, m.Expires > time.Now().Add(12*time.Hour+48*time.Hour-time.Minute).Unix())
    368. 

  368. 	require.True(t, m.Expires < time.Now().Add(12*time.Hour+48*time.Hour+time.Minute).Unix())
    369. 

  369. }
    370. 

  370. 

  371. func TestServer_PublishAtWithCacheError(t *testing.T) {
    372. 

  372. 	s := newTestServer(t, newTestConfig(t))
    373. 

  373. 

  374. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    375. 

  375. 		"Cache": "no",
    376. 

  376. 		"In":    "30 min",
    377. 

  377. 	})
    378. 

  378. 	require.Equal(t, 400, response.Code)
    379. 

  379. 	require.Equal(t, errHTTPBadRequestDelayNoCache, toHTTPError(t, response.Body.String()))
    380. 

  380. }
    381. 

  381. 

  382. func TestServer_PublishAtTooShortDelay(t *testing.T) {
    383. 

  383. 	s := newTestServer(t, newTestConfig(t))
    384. 

  384. 

  385. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    386. 

  386. 		"In": "1s",
    387. 

  387. 	})
    388. 

  388. 	require.Equal(t, 400, response.Code)
    389. 

  389. }
    390. 

  390. 

  391. func TestServer_PublishAtTooLongDelay(t *testing.T) {
    392. 

  392. 	s := newTestServer(t, newTestConfig(t))
    393. 

  393. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    394. 

  394. 		"In": "99999999h",
    395. 

  395. 	})
    396. 

  396. 	require.Equal(t, 400, response.Code)
    397. 

  397. }
    398. 

  398. 

  399. func TestServer_PublishAtInvalidDelay(t *testing.T) {
    400. 

  400. 	s := newTestServer(t, newTestConfig(t))
    401. 

  401. 	response := request(t, s, "PUT", "/mytopic?delay=INVALID", "a message", nil)
    402. 

  402. 	err := toHTTPError(t, response.Body.String())
    403. 

  403. 	require.Equal(t, 400, response.Code)
    404. 

  404. 	require.Equal(t, 40004, err.Code)
    405. 

  405. }
    406. 

  406. 

  407. func TestServer_PublishAtTooLarge(t *testing.T) {
    408. 

  408. 	s := newTestServer(t, newTestConfig(t))
    409. 

  409. 	response := request(t, s, "PUT", "/mytopic?x-in=99999h", "a message", nil)
    410. 

  410. 	err := toHTTPError(t, response.Body.String())
    411. 

  411. 	require.Equal(t, 400, response.Code)
    412. 

  412. 	require.Equal(t, 40006, err.Code)
    413. 

  413. }
    414. 

  414. 

  415. func TestServer_PublishAtAndPrune(t *testing.T) {
    416. 

  416. 	s := newTestServer(t, newTestConfig(t))
    417. 

  417. 

  418. 	response := request(t, s, "PUT", "/mytopic", "a message", map[string]string{
    419. 

  419. 		"In": "1h",
    420. 

  420. 	})
    421. 

  421. 	require.Equal(t, 200, response.Code)
    422. 

  422. 	s.execManager() // Fire pruning
    423. 

  423. 

  424. 	response = request(t, s, "GET", "/mytopic/json?poll=1&scheduled=1", "", nil)
    425. 

  425. 	messages := toMessages(t, response.Body.String())
    426. 

  426. 	require.Equal(t, 1, len(messages)) // Not affected by pruning
    427. 

  427. 	require.Equal(t, "a message", messages[0].Message)
    428. 

  428. }
    429. 

  429. 

  430. func TestServer_PublishAndMultiPoll(t *testing.T) {
    431. 

  431. 	s := newTestServer(t, newTestConfig(t))
    432. 

  432. 

  433. 	response := request(t, s, "PUT", "/mytopic1", "message 1", nil)
    434. 

  434. 	msg := toMessage(t, response.Body.String())
    435. 

  435. 	require.NotEmpty(t, msg.ID)
    436. 

  436. 	require.Equal(t, "mytopic1", msg.Topic)
    437. 

  437. 	require.Equal(t, "message 1", msg.Message)
    438. 

  438. 

  439. 	response = request(t, s, "PUT", "/mytopic2", "message 2", nil)
    440. 

  440. 	msg = toMessage(t, response.Body.String())
    441. 

  441. 	require.NotEmpty(t, msg.ID)
    442. 

  442. 	require.Equal(t, "mytopic2", msg.Topic)
    443. 

  443. 	require.Equal(t, "message 2", msg.Message)
    444. 

  444. 

  445. 	response = request(t, s, "GET", "/mytopic1/json?poll=1", "", nil)
    446. 

  446. 	messages := toMessages(t, response.Body.String())
    447. 

  447. 	require.Equal(t, 1, len(messages))
    448. 

  448. 	require.Equal(t, "mytopic1", messages[0].Topic)
    449. 

  449. 	require.Equal(t, "message 1", messages[0].Message)
    450. 

  450. 

  451. 	response = request(t, s, "GET", "/mytopic1,mytopic2/json?poll=1", "", nil)
    452. 

  452. 	messages = toMessages(t, response.Body.String())
    453. 

  453. 	require.Equal(t, 2, len(messages))
    454. 

  454. 	require.Equal(t, "mytopic1", messages[0].Topic)
    455. 

  455. 	require.Equal(t, "message 1", messages[0].Message)
    456. 

  456. 	require.Equal(t, "mytopic2", messages[1].Topic)
    457. 

  457. 	require.Equal(t, "message 2", messages[1].Message)
    458. 

  458. }
    459. 

  459. 

  460. func TestServer_PublishWithNopCache(t *testing.T) {
    461. 

  461. 	c := newTestConfig(t)
    462. 

  462. 	c.CacheDuration = 0
    463. 

  463. 	s := newTestServer(t, c)
    464. 

  464. 

  465. 	subscribeRR := httptest.NewRecorder()
    466. 

  466. 	subscribeCancel := subscribe(t, s, "/mytopic/json", subscribeRR)
    467. 

  467. 

  468. 	publishRR := request(t, s, "PUT", "/mytopic", "my first message", nil)
    469. 

  469. 	require.Equal(t, 200, publishRR.Code)
    470. 

  470. 

  471. 	subscribeCancel()
    472. 

  472. 	messages := toMessages(t, subscribeRR.Body.String())
    473. 

  473. 	require.Equal(t, 2, len(messages))
    474. 

  474. 	require.Equal(t, openEvent, messages[0].Event)
    475. 

  475. 	require.Equal(t, messageEvent, messages[1].Event)
    476. 

  476. 	require.Equal(t, "my first message", messages[1].Message)
    477. 

  477. 

  478. 	response := request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    479. 

  479. 	messages = toMessages(t, response.Body.String())
    480. 

  480. 	require.Empty(t, messages)
    481. 

  481. }
    482. 

  482. 

  483. func TestServer_PublishAndPollSince(t *testing.T) {
    484. 

  484. 	t.Parallel()
    485. 

  485. 	s := newTestServer(t, newTestConfig(t))
    486. 

  486. 

  487. 	request(t, s, "PUT", "/mytopic", "test 1", nil)
    488. 

  488. 	time.Sleep(1100 * time.Millisecond)
    489. 

  489. 

  490. 	since := time.Now().Unix()
    491. 

  491. 	request(t, s, "PUT", "/mytopic", "test 2", nil)
    492. 

  492. 

  493. 	response := request(t, s, "GET", fmt.Sprintf("/mytopic/json?poll=1&since=%d", since), "", nil)
    494. 

  494. 	messages := toMessages(t, response.Body.String())
    495. 

  495. 	require.Equal(t, 1, len(messages))
    496. 

  496. 	require.Equal(t, "test 2", messages[0].Message)
    497. 

  497. 

  498. 	response = request(t, s, "GET", "/mytopic/json?poll=1&since=10s", "", nil)
    499. 

  499. 	messages = toMessages(t, response.Body.String())
    500. 

  500. 	require.Equal(t, 2, len(messages))
    501. 

  501. 	require.Equal(t, "test 1", messages[0].Message)
    502. 

  502. 

  503. 	response = request(t, s, "GET", "/mytopic/json?poll=1&since=100ms", "", nil)
    504. 

  504. 	messages = toMessages(t, response.Body.String())
    505. 

  505. 	require.Equal(t, 1, len(messages))
    506. 

  506. 	require.Equal(t, "test 2", messages[0].Message)
    507. 

  507. 

  508. 	response = request(t, s, "GET", "/mytopic/json?poll=1&since=INVALID", "", nil)
    509. 

  509. 	require.Equal(t, 40008, toHTTPError(t, response.Body.String()).Code)
    510. 

  510. }
    511. 

  511. 

  512. func newMessageWithTimestamp(topic, message string, timestamp int64) *message {
    513. 

  513. 	m := newDefaultMessage(topic, message)
    514. 

  514. 	m.Time = timestamp
    515. 

  515. 	return m
    516. 

  516. }
    517. 

  517. 

  518. func TestServer_PollSinceID_MultipleTopics(t *testing.T) {
    519. 

  519. 	s := newTestServer(t, newTestConfig(t))
    520. 

  520. 

  521. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic1", "test 1", 1655740277)))
    522. 

  522. 	markerMessage := newMessageWithTimestamp("mytopic2", "test 2", 1655740283)
    523. 

  523. 	require.Nil(t, s.messageCache.AddMessage(markerMessage))
    524. 

  524. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic1", "test 3", 1655740289)))
    525. 

  525. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic2", "test 4", 1655740293)))
    526. 

  526. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic1", "test 5", 1655740297)))
    527. 

  527. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic2", "test 6", 1655740303)))
    528. 

  528. 

  529. 	response := request(t, s, "GET", fmt.Sprintf("/mytopic1,mytopic2/json?poll=1&since=%s", markerMessage.ID), "", nil)
    530. 

  530. 	messages := toMessages(t, response.Body.String())
    531. 

  531. 	require.Equal(t, 4, len(messages))
    532. 

  532. 	require.Equal(t, "test 3", messages[0].Message)
    533. 

  533. 	require.Equal(t, "mytopic1", messages[0].Topic)
    534. 

  534. 	require.Equal(t, "test 4", messages[1].Message)
    535. 

  535. 	require.Equal(t, "mytopic2", messages[1].Topic)
    536. 

  536. 	require.Equal(t, "test 5", messages[2].Message)
    537. 

  537. 	require.Equal(t, "mytopic1", messages[2].Topic)
    538. 

  538. 	require.Equal(t, "test 6", messages[3].Message)
    539. 

  539. 	require.Equal(t, "mytopic2", messages[3].Topic)
    540. 

  540. }
    541. 

  541. 

  542. func TestServer_PollSinceID_MultipleTopics_IDDoesNotMatch(t *testing.T) {
    543. 

  543. 	s := newTestServer(t, newTestConfig(t))
    544. 

  544. 

  545. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic1", "test 3", 1655740289)))
    546. 

  546. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic2", "test 4", 1655740293)))
    547. 

  547. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic1", "test 5", 1655740297)))
    548. 

  548. 	require.Nil(t, s.messageCache.AddMessage(newMessageWithTimestamp("mytopic2", "test 6", 1655740303)))
    549. 

  549. 

  550. 	response := request(t, s, "GET", "/mytopic1,mytopic2/json?poll=1&since=NoMatchForID", "", nil)
    551. 

  551. 	messages := toMessages(t, response.Body.String())
    552. 

  552. 	require.Equal(t, 4, len(messages))
    553. 

  553. 	require.Equal(t, "test 3", messages[0].Message)
    554. 

  554. 	require.Equal(t, "test 4", messages[1].Message)
    555. 

  555. 	require.Equal(t, "test 5", messages[2].Message)
    556. 

  556. 	require.Equal(t, "test 6", messages[3].Message)
    557. 

  557. }
    558. 

  558. 

  559. func TestServer_PublishViaGET(t *testing.T) {
    560. 

  560. 	s := newTestServer(t, newTestConfig(t))
    561. 

  561. 

  562. 	response := request(t, s, "GET", "/mytopic/trigger", "", nil)
    563. 

  563. 	msg := toMessage(t, response.Body.String())
    564. 

  564. 	require.NotEmpty(t, msg.ID)
    565. 

  565. 	require.Equal(t, "triggered", msg.Message)
    566. 

  566. 

  567. 	response = request(t, s, "GET", "/mytopic/send?message=This+is+a+test&t=This+is+a+title&tags=skull&x-priority=5&delay=24h", "", nil)
    568. 

  568. 	msg = toMessage(t, response.Body.String())
    569. 

  569. 	require.NotEmpty(t, msg.ID)
    570. 

  570. 	require.Equal(t, "This is a test", msg.Message)
    571. 

  571. 	require.Equal(t, "This is a title", msg.Title)
    572. 

  572. 	require.Equal(t, []string{"skull"}, msg.Tags)
    573. 

  573. 	require.Equal(t, 5, msg.Priority)
    574. 

  574. 	require.Greater(t, msg.Time, time.Now().Add(23*time.Hour).Unix())
    575. 

  575. }
    576. 

  576. 

  577. func TestServer_PublishMessageInHeaderWithNewlines(t *testing.T) {
    578. 

  578. 	s := newTestServer(t, newTestConfig(t))
    579. 

  579. 

  580. 	response := request(t, s, "PUT", "/mytopic", "", map[string]string{
    581. 

  581. 		"Message": "Line 1\\nLine 2",
    582. 

  582. 	})
    583. 

  583. 	msg := toMessage(t, response.Body.String())
    584. 

  584. 	require.NotEmpty(t, msg.ID)
    585. 

  585. 	require.Equal(t, "Line 1\nLine 2", msg.Message) // \\n -> \n !
    586. 

  586. }
    587. 

  587. 

  588. func TestServer_PublishInvalidTopic(t *testing.T) {
    589. 

  589. 	s := newTestServer(t, newTestConfig(t))
    590. 

  590. 	s.smtpSender = &testMailer{}
    591. 

  591. 	response := request(t, s, "PUT", "/docs", "fail", nil)
    592. 

  592. 	require.Equal(t, 40010, toHTTPError(t, response.Body.String()).Code)
    593. 

  593. }
    594. 

  594. 

  595. func TestServer_PollWithQueryFilters(t *testing.T) {
    596. 

  596. 	s := newTestServer(t, newTestConfig(t))
    597. 

  597. 

  598. 	response := request(t, s, "PUT", "/mytopic?priority=1&tags=tag1,tag2", "my first message", nil)
    599. 

  599. 	msg := toMessage(t, response.Body.String())
    600. 

  600. 	require.NotEmpty(t, msg.ID)
    601. 

  601. 

  602. 	response = request(t, s, "PUT", "/mytopic?title=a+title", "my second message", map[string]string{
    603. 

  603. 		"Tags": "tag2,tag3",
    604. 

  604. 	})
    605. 

  605. 	msg = toMessage(t, response.Body.String())
    606. 

  606. 	require.NotEmpty(t, msg.ID)
    607. 

  607. 

  608. 	queriesThatShouldReturnMessageOne := []string{
    609. 

  609. 		"/mytopic/json?poll=1&priority=1",
    610. 

  610. 		"/mytopic/json?poll=1&priority=min",
    611. 

  611. 		"/mytopic/json?poll=1&priority=min,low",
    612. 

  612. 		"/mytopic/json?poll=1&priority=1,2",
    613. 

  613. 		"/mytopic/json?poll=1&p=2,min",
    614. 

  614. 		"/mytopic/json?poll=1&tags=tag1",
    615. 

  615. 		"/mytopic/json?poll=1&tags=tag1,tag2",
    616. 

  616. 		"/mytopic/json?poll=1&message=my+first+message",
    617. 

  617. 	}
    618. 

  618. 	for _, query := range queriesThatShouldReturnMessageOne {
    619. 

  619. 		response = request(t, s, "GET", query, "", nil)
    620. 

  620. 		messages := toMessages(t, response.Body.String())
    621. 

  621. 		require.Equal(t, 1, len(messages), "Query failed: "+query)
    622. 

  622. 		require.Equal(t, "my first message", messages[0].Message, "Query failed: "+query)
    623. 

  623. 	}
    624. 

  624. 

  625. 	queriesThatShouldReturnMessageTwo := []string{
    626. 

  626. 		"/mytopic/json?poll=1&x-priority=3", // !
    627. 

  627. 		"/mytopic/json?poll=1&priority=3",
    628. 

  628. 		"/mytopic/json?poll=1&priority=default",
    629. 

  629. 		"/mytopic/json?poll=1&p=3",
    630. 

  630. 		"/mytopic/json?poll=1&x-tags=tag2,tag3",
    631. 

  631. 		"/mytopic/json?poll=1&tags=tag2,tag3",
    632. 

  632. 		"/mytopic/json?poll=1&tag=tag2,tag3",
    633. 

  633. 		"/mytopic/json?poll=1&ta=tag2,tag3",
    634. 

  634. 		"/mytopic/json?poll=1&x-title=a+title",
    635. 

  635. 		"/mytopic/json?poll=1&title=a+title",
    636. 

  636. 		"/mytopic/json?poll=1&t=a+title",
    637. 

  637. 		"/mytopic/json?poll=1&x-message=my+second+message",
    638. 

  638. 		"/mytopic/json?poll=1&message=my+second+message",
    639. 

  639. 		"/mytopic/json?poll=1&m=my+second+message",
    640. 

  640. 		"/mytopic/json?x-poll=1&m=my+second+message",
    641. 

  641. 		"/mytopic/json?po=1&m=my+second+message",
    642. 

  642. 	}
    643. 

  643. 	for _, query := range queriesThatShouldReturnMessageTwo {
    644. 

  644. 		response = request(t, s, "GET", query, "", nil)
    645. 

  645. 		messages := toMessages(t, response.Body.String())
    646. 

  646. 		require.Equal(t, 1, len(messages), "Query failed: "+query)
    647. 

  647. 		require.Equal(t, "my second message", messages[0].Message, "Query failed: "+query)
    648. 

  648. 	}
    649. 

  649. 

  650. 	queriesThatShouldReturnNoMessages := []string{
    651. 

  651. 		"/mytopic/json?poll=1&priority=4",
    652. 

  652. 		"/mytopic/json?poll=1&tags=tag1,tag2,tag3",
    653. 

  653. 		"/mytopic/json?poll=1&title=another+title",
    654. 

  654. 		"/mytopic/json?poll=1&message=my+third+message",
    655. 

  655. 		"/mytopic/json?poll=1&message=my+third+message",
    656. 

  656. 	}
    657. 

  657. 	for _, query := range queriesThatShouldReturnNoMessages {
    658. 

  658. 		response = request(t, s, "GET", query, "", nil)
    659. 

  659. 		messages := toMessages(t, response.Body.String())
    660. 

  660. 		require.Equal(t, 0, len(messages), "Query failed: "+query)
    661. 

  661. 	}
    662. 

  662. }
    663. 

  663. 

  664. func TestServer_SubscribeWithQueryFilters(t *testing.T) {
    665. 

  665. 	t.Parallel()
    666. 

  666. 	c := newTestConfig(t)
    667. 

  667. 	c.KeepaliveInterval = 800 * time.Millisecond
    668. 

  668. 	s := newTestServer(t, c)
    669. 

  669. 

  670. 	subscribeResponse := httptest.NewRecorder()
    671. 

  671. 	subscribeCancel := subscribe(t, s, "/mytopic/json?tags=zfs-issue", subscribeResponse)
    672. 

  672. 

  673. 	response := request(t, s, "PUT", "/mytopic", "my first message", nil)
    674. 

  674. 	require.Equal(t, 200, response.Code)
    675. 

  675. 	response = request(t, s, "PUT", "/mytopic", "ZFS scrub failed", map[string]string{
    676. 

  676. 		"Tags": "zfs-issue,zfs-scrub",
    677. 

  677. 	})
    678. 

  678. 	require.Equal(t, 200, response.Code)
    679. 

  679. 

  680. 	time.Sleep(850 * time.Millisecond)
    681. 

  681. 	subscribeCancel()
    682. 

  682. 

  683. 	messages := toMessages(t, subscribeResponse.Body.String())
    684. 

  684. 	require.Equal(t, 3, len(messages))
    685. 

  685. 	require.Equal(t, openEvent, messages[0].Event)
    686. 

  686. 	require.Equal(t, messageEvent, messages[1].Event)
    687. 

  687. 	require.Equal(t, "ZFS scrub failed", messages[1].Message)
    688. 

  688. 	require.Equal(t, keepaliveEvent, messages[2].Event)
    689. 

  689. }
    690. 

  690. 

  691. func TestServer_Auth_Success_Admin(t *testing.T) {
    692. 

  692. 	c := newTestConfigWithAuthFile(t)
    693. 

  693. 	s := newTestServer(t, c)
    694. 

  694. 

  695. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleAdmin))
    696. 

  696. 

  697. 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
    698. 

  698. 		"Authorization": util.BasicAuth("phil", "phil"),
    699. 

  699. 	})
    700. 

  700. 	require.Equal(t, 200, response.Code)
    701. 

  701. 	require.Equal(t, `{"success":true}`+"\n", response.Body.String())
    702. 

  702. }
    703. 

  703. 

  704. func TestServer_Auth_Success_User(t *testing.T) {
    705. 

  705. 	c := newTestConfigWithAuthFile(t)
    706. 

  706. 	c.AuthDefault = user.PermissionDenyAll
    707. 

  707. 	s := newTestServer(t, c)
    708. 

  708. 

  709. 	require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser))
    710. 

  710. 	require.Nil(t, s.userManager.AllowAccess("ben", "mytopic", user.PermissionReadWrite))
    711. 

  711. 

  712. 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
    713. 

  713. 		"Authorization": util.BasicAuth("ben", "ben"),
    714. 

  714. 	})
    715. 

  715. 	require.Equal(t, 200, response.Code)
    716. 

  716. }
    717. 

  717. 

  718. func TestServer_Auth_Success_User_MultipleTopics(t *testing.T) {
    719. 

  719. 	c := newTestConfigWithAuthFile(t)
    720. 

  720. 	c.AuthDefault = user.PermissionDenyAll
    721. 

  721. 	s := newTestServer(t, c)
    722. 

  722. 

  723. 	require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser))
    724. 

  724. 	require.Nil(t, s.userManager.AllowAccess("ben", "mytopic", user.PermissionReadWrite))
    725. 

  725. 	require.Nil(t, s.userManager.AllowAccess("ben", "anothertopic", user.PermissionReadWrite))
    726. 

  726. 

  727. 	response := request(t, s, "GET", "/mytopic,anothertopic/auth", "", map[string]string{
    728. 

  728. 		"Authorization": util.BasicAuth("ben", "ben"),
    729. 

  729. 	})
    730. 

  730. 	require.Equal(t, 200, response.Code)
    731. 

  731. 

  732. 	response = request(t, s, "GET", "/mytopic,anothertopic,NOT-THIS-ONE/auth", "", map[string]string{
    733. 

  733. 		"Authorization": util.BasicAuth("ben", "ben"),
    734. 

  734. 	})
    735. 

  735. 	require.Equal(t, 403, response.Code)
    736. 

  736. }
    737. 

  737. 

  738. func TestServer_Auth_Fail_InvalidPass(t *testing.T) {
    739. 

  739. 	c := newTestConfig(t)
    740. 

  740. 	c.AuthFile = filepath.Join(t.TempDir(), "user.db")
    741. 

  741. 	c.AuthDefault = user.PermissionDenyAll
    742. 

  742. 	s := newTestServer(t, c)
    743. 

  743. 

  744. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleAdmin))
    745. 

  745. 

  746. 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
    747. 

  747. 		"Authorization": util.BasicAuth("phil", "INVALID"),
    748. 

  748. 	})
    749. 

  749. 	require.Equal(t, 401, response.Code)
    750. 

  750. }
    751. 

  751. 

  752. func TestServer_Auth_Fail_Unauthorized(t *testing.T) {
    753. 

  753. 	c := newTestConfigWithAuthFile(t)
    754. 

  754. 	c.AuthDefault = user.PermissionDenyAll
    755. 

  755. 	s := newTestServer(t, c)
    756. 

  756. 

  757. 	require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser))
    758. 

  758. 	require.Nil(t, s.userManager.AllowAccess("ben", "sometopic", user.PermissionReadWrite)) // Not mytopic!
    759. 

  759. 

  760. 	response := request(t, s, "GET", "/mytopic/auth", "", map[string]string{
    761. 

  761. 		"Authorization": util.BasicAuth("ben", "ben"),
    762. 

  762. 	})
    763. 

  763. 	require.Equal(t, 403, response.Code)
    764. 

  764. }
    765. 

  765. 

  766. func TestServer_Auth_Fail_CannotPublish(t *testing.T) {
    767. 

  767. 	c := newTestConfigWithAuthFile(t)
    768. 

  768. 	c.AuthDefault = user.PermissionReadWrite // Open by default
    769. 

  769. 	s := newTestServer(t, c)
    770. 

  770. 

  771. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleAdmin))
    772. 

  772. 	require.Nil(t, s.userManager.AllowAccess(user.Everyone, "private", user.PermissionDenyAll))
    773. 

  773. 	require.Nil(t, s.userManager.AllowAccess(user.Everyone, "announcements", user.PermissionRead))
    774. 

  774. 

  775. 	response := request(t, s, "PUT", "/mytopic", "test", nil)
    776. 

  776. 	require.Equal(t, 200, response.Code)
    777. 

  777. 

  778. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    779. 

  779. 	require.Equal(t, 200, response.Code)
    780. 

  780. 

  781. 	response = request(t, s, "PUT", "/announcements", "test", nil)
    782. 

  782. 	require.Equal(t, 403, response.Code) // Cannot write as anonymous
    783. 

  783. 

  784. 	response = request(t, s, "PUT", "/announcements", "test", map[string]string{
    785. 

  785. 		"Authorization": util.BasicAuth("phil", "phil"),
    786. 

  786. 	})
    787. 

  787. 	require.Equal(t, 200, response.Code)
    788. 

  788. 

  789. 	response = request(t, s, "GET", "/announcements/json?poll=1", "", nil)
    790. 

  790. 	require.Equal(t, 200, response.Code) // Anonymous read allowed
    791. 

  791. 

  792. 	response = request(t, s, "GET", "/private/json?poll=1", "", nil)
    793. 

  793. 	require.Equal(t, 403, response.Code) // Anonymous read not allowed
    794. 

  794. }
    795. 

  795. 

  796. func TestServer_Auth_Fail_Rate_Limiting(t *testing.T) {
    797. 

  797. 	c := newTestConfigWithAuthFile(t)
    798. 

  798. 	s := newTestServer(t, c)
    799. 

  799. 

  800. 	for i := 0; i < 10; i++ {
    801. 

  801. 		response := request(t, s, "PUT", "/announcements", "test", map[string]string{
    802. 

  802. 			"Authorization": util.BasicAuth("phil", "phil"),
    803. 

  803. 		})
    804. 

  804. 		require.Equal(t, 401, response.Code)
    805. 

  805. 	}
    806. 

  806. 

  807. 	response := request(t, s, "PUT", "/announcements", "test", map[string]string{
    808. 

  808. 		"Authorization": util.BasicAuth("phil", "phil"),
    809. 

  809. 	})
    810. 

  810. 	require.Equal(t, 429, response.Code)
    811. 

  811. 	require.Equal(t, 42909, toHTTPError(t, response.Body.String()).Code)
    812. 

  812. }
    813. 

  813. 

  814. func TestServer_Auth_ViaQuery(t *testing.T) {
    815. 

  815. 	c := newTestConfigWithAuthFile(t)
    816. 

  816. 	c.AuthDefault = user.PermissionDenyAll
    817. 

  817. 	s := newTestServer(t, c)
    818. 

  818. 

  819. 	require.Nil(t, s.userManager.AddUser("ben", "some pass", user.RoleAdmin))
    820. 

  820. 

  821. 	u := fmt.Sprintf("/mytopic/json?poll=1&auth=%s", base64.RawURLEncoding.EncodeToString([]byte(util.BasicAuth("ben", "some pass"))))
    822. 

  822. 	response := request(t, s, "GET", u, "", nil)
    823. 

  823. 	require.Equal(t, 200, response.Code)
    824. 

  824. 

  825. 	u = fmt.Sprintf("/mytopic/json?poll=1&auth=%s", base64.RawURLEncoding.EncodeToString([]byte(util.BasicAuth("ben", "WRONNNGGGG"))))
    826. 

  826. 	response = request(t, s, "GET", u, "", nil)
    827. 

  827. 	require.Equal(t, 401, response.Code)
    828. 

  828. }
    829. 

  829. 

  830. func TestServer_Auth_NonBasicHeader(t *testing.T) {
    831. 

  831. 	s := newTestServer(t, newTestConfigWithAuthFile(t))
    832. 

  832. 

  833. 	response := request(t, s, "PUT", "/mytopic", "test", map[string]string{
    834. 

  834. 		"Authorization": "WebPush not-supported",
    835. 

  835. 	})
    836. 

  836. 	require.Equal(t, 200, response.Code)
    837. 

  837. 

  838. 	response = request(t, s, "PUT", "/mytopic", "test", map[string]string{
    839. 

  839. 		"Authorization": "Bearer supported",
    840. 

  840. 	})
    841. 

  841. 	require.Equal(t, 401, response.Code)
    842. 

  842. 

  843. 	response = request(t, s, "PUT", "/mytopic", "test", map[string]string{
    844. 

  844. 		"Authorization": "basic supported",
    845. 

  845. 	})
    846. 

  846. 	require.Equal(t, 401, response.Code)
    847. 

  847. }
    848. 

  848. 

  849. func TestServer_StatsResetter(t *testing.T) {
    850. 

  850. 	t.Parallel()
    851. 

  851. 	// This tests the stats resetter for
    852. 

  852. 	// - an anonymous user
    853. 

  853. 	// - a user without a tier (treated like the same as the anonymous user)
    854. 

  854. 	// - a user with a tier
    855. 

  855. 

  856. 	c := newTestConfigWithAuthFile(t)
    857. 

  857. 	c.VisitorStatsResetTime = time.Now().Add(2 * time.Second)
    858. 

  858. 	s := newTestServer(t, c)
    859. 

  859. 	go s.runStatsResetter()
    860. 

  860. 

  861. 	// Create user with tier (tieruser) and user without tier (phil)
    862. 

  862. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    863. 

  863. 		Code:                  "test",
    864. 

  864. 		MessageLimit:          5,
    865. 

  865. 		MessageExpiryDuration: -5 * time.Second, // Second, what a hack!
    866. 

  866. 	}))
    867. 

  867. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    868. 

  868. 	require.Nil(t, s.userManager.AddUser("tieruser", "tieruser", user.RoleUser))
    869. 

  869. 	require.Nil(t, s.userManager.ChangeTier("tieruser", "test"))
    870. 

  870. 

  871. 	// Send an anonymous message
    872. 

  872. 	response := request(t, s, "PUT", "/mytopic", "test", nil)
    873. 

  873. 	require.Equal(t, 200, response.Code)
    874. 

  874. 

  875. 	// Send messages from user without tier (phil)
    876. 

  876. 	for i := 0; i < 5; i++ {
    877. 

  877. 		response := request(t, s, "PUT", "/mytopic", "test", map[string]string{
    878. 

  878. 			"Authorization": util.BasicAuth("phil", "phil"),
    879. 

  879. 		})
    880. 

  880. 		require.Equal(t, 200, response.Code)
    881. 

  881. 	}
    882. 

  882. 

  883. 	// Send messages from user with tier
    884. 

  884. 	for i := 0; i < 2; i++ {
    885. 

  885. 		response := request(t, s, "PUT", "/mytopic", "test", map[string]string{
    886. 

  886. 			"Authorization": util.BasicAuth("tieruser", "tieruser"),
    887. 

  887. 		})
    888. 

  888. 		require.Equal(t, 200, response.Code)
    889. 

  889. 	}
    890. 

  890. 

  891. 	// User stats show 6 messages (for user without tier)
    892. 

  892. 	response = request(t, s, "GET", "/v1/account", "", map[string]string{
    893. 

  893. 		"Authorization": util.BasicAuth("phil", "phil"),
    894. 

  894. 	})
    895. 

  895. 	require.Equal(t, 200, response.Code)
    896. 

  896. 	account, err := util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    897. 

  897. 	require.Nil(t, err)
    898. 

  898. 	require.Equal(t, int64(6), account.Stats.Messages)
    899. 

  899. 

  900. 	// User stats show 6 messages (for anonymous visitor)
    901. 

  901. 	response = request(t, s, "GET", "/v1/account", "", nil)
    902. 

  902. 	require.Equal(t, 200, response.Code)
    903. 

  903. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    904. 

  904. 	require.Nil(t, err)
    905. 

  905. 	require.Equal(t, int64(6), account.Stats.Messages)
    906. 

  906. 

  907. 	// User stats show 2 messages (for user with tier)
    908. 

  908. 	response = request(t, s, "GET", "/v1/account", "", map[string]string{
    909. 

  909. 		"Authorization": util.BasicAuth("tieruser", "tieruser"),
    910. 

  910. 	})
    911. 

  911. 	require.Equal(t, 200, response.Code)
    912. 

  912. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    913. 

  913. 	require.Nil(t, err)
    914. 

  914. 	require.Equal(t, int64(2), account.Stats.Messages)
    915. 

  915. 

  916. 	// Wait for stats resetter to run
    917. 

  917. 	time.Sleep(2200 * time.Millisecond)
    918. 

  918. 

  919. 	// User stats show 0 messages now!
    920. 

  920. 	response = request(t, s, "GET", "/v1/account", "", map[string]string{
    921. 

  921. 		"Authorization": util.BasicAuth("phil", "phil"),
    922. 

  922. 	})
    923. 

  923. 	require.Equal(t, 200, response.Code)
    924. 

  924. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    925. 

  925. 	require.Nil(t, err)
    926. 

  926. 	require.Equal(t, int64(0), account.Stats.Messages)
    927. 

  927. 

  928. 	// Since this is a user without a tier, the anonymous user should have the same stats
    929. 

  929. 	response = request(t, s, "GET", "/v1/account", "", nil)
    930. 

  930. 	require.Equal(t, 200, response.Code)
    931. 

  931. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    932. 

  932. 	require.Nil(t, err)
    933. 

  933. 	require.Equal(t, int64(0), account.Stats.Messages)
    934. 

  934. 

  935. 	// User stats show 0 messages (for user with tier)
    936. 

  936. 	response = request(t, s, "GET", "/v1/account", "", map[string]string{
    937. 

  937. 		"Authorization": util.BasicAuth("tieruser", "tieruser"),
    938. 

  938. 	})
    939. 

  939. 	require.Equal(t, 200, response.Code)
    940. 

  940. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    941. 

  941. 	require.Nil(t, err)
    942. 

  942. 	require.Equal(t, int64(0), account.Stats.Messages)
    943. 

  943. }
    944. 

  944. 

  945. func TestServer_StatsResetter_MessageLimiter_EmailsLimiter(t *testing.T) {
    946. 

  946. 	// This tests that the messageLimiter (the only fixed limiter) and the emailsLimiter (token bucket)
    947. 

  947. 	// is reset by the stats resetter
    948. 

  948. 

  949. 	c := newTestConfigWithAuthFile(t)
    950. 

  950. 	s := newTestServer(t, c)
    951. 

  951. 	s.smtpSender = &testMailer{}
    952. 

  952. 

  953. 	// Publish some messages, and check stats
    954. 

  954. 	for i := 0; i < 3; i++ {
    955. 

  955. 		response := request(t, s, "PUT", "/mytopic", "test", nil)
    956. 

  956. 		require.Equal(t, 200, response.Code)
    957. 

  957. 	}
    958. 

  958. 	response := request(t, s, "PUT", "/mytopic", "test", map[string]string{
    959. 

  959. 		"Email": "test@email.com",
    960. 

  960. 	})
    961. 

  961. 	require.Equal(t, 200, response.Code)
    962. 

  962. 

  963. 	rr := request(t, s, "GET", "/v1/account", "", nil)
    964. 

  964. 	require.Equal(t, 200, rr.Code)
    965. 

  965. 	account, err := util.UnmarshalJSON[apiAccountResponse](io.NopCloser(rr.Body))
    966. 

  966. 	require.Nil(t, err)
    967. 

  967. 	require.Equal(t, int64(4), account.Stats.Messages)
    968. 

  968. 	require.Equal(t, int64(1), account.Stats.Emails)
    969. 

  969. 	v := s.visitor(netip.MustParseAddr("9.9.9.9"), nil)
    970. 

  970. 	require.Equal(t, int64(4), v.Stats().Messages)
    971. 

  971. 	require.Equal(t, int64(4), v.messagesLimiter.Value())
    972. 

  972. 	require.Equal(t, int64(1), v.Stats().Emails)
    973. 

  973. 	require.Equal(t, int64(1), v.emailsLimiter.Value())
    974. 

  974. 

  975. 	// Reset stats and check again
    976. 

  976. 	s.resetStats()
    977. 

  977. 	rr = request(t, s, "GET", "/v1/account", "", nil)
    978. 

  978. 	require.Equal(t, 200, rr.Code)
    979. 

  979. 	account, err = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(rr.Body))
    980. 

  980. 	require.Nil(t, err)
    981. 

  981. 	require.Equal(t, int64(0), account.Stats.Messages)
    982. 

  982. 	require.Equal(t, int64(0), account.Stats.Emails)
    983. 

  983. 	v = s.visitor(netip.MustParseAddr("9.9.9.9"), nil)
    984. 

  984. 	require.Equal(t, int64(0), v.Stats().Messages)
    985. 

  985. 	require.Equal(t, int64(0), v.messagesLimiter.Value())
    986. 

  986. 	require.Equal(t, int64(0), v.Stats().Emails)
    987. 

  987. 	require.Equal(t, int64(0), v.emailsLimiter.Value())
    988. 

  988. }
    989. 

  989. 

  990. func TestServer_DailyMessageQuotaFromDatabase(t *testing.T) {
    991. 

  991. 	t.Parallel()
    992. 

  992. 

  993. 	// This tests that the daily message quota is prefilled originally from the database,
    994. 

  994. 	// if the visitor is unknown
    995. 

  995. 

  996. 	c := newTestConfigWithAuthFile(t)
    997. 

  997. 	c.AuthStatsQueueWriterInterval = 100 * time.Millisecond
    998. 

  998. 	s := newTestServer(t, c)
    999. 

  999. 

  1000. 	// Create user, and update it with some message and email stats
    1001. 

  1001. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    1002. 

  1002. 		Code: "test",
    1003. 

  1003. 	}))
    1004. 

  1004. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1005. 

  1005. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    1006. 

  1006. 

  1007. 	u, err := s.userManager.User("phil")
    1008. 

  1008. 	require.Nil(t, err)
    1009. 

  1009. 	s.userManager.EnqueueUserStats(u.ID, &user.Stats{
    1010. 

  1010. 		Messages: 123456,
    1011. 

  1011. 		Emails:   999,
    1012. 

  1012. 	})
    1013. 

  1013. 	time.Sleep(400 * time.Millisecond)
    1014. 

  1014. 

  1015. 	// Get account and verify stats are read from the DB, and that the visitor also has these stats
    1016. 

  1016. 	rr := request(t, s, "GET", "/v1/account", "", map[string]string{
    1017. 

  1017. 		"Authorization": util.BasicAuth("phil", "phil"),
    1018. 

  1018. 	})
    1019. 

  1019. 	require.Equal(t, 200, rr.Code)
    1020. 

  1020. 	account, err := util.UnmarshalJSON[apiAccountResponse](io.NopCloser(rr.Body))
    1021. 

  1021. 	require.Nil(t, err)
    1022. 

  1022. 	require.Equal(t, int64(123456), account.Stats.Messages)
    1023. 

  1023. 	require.Equal(t, int64(999), account.Stats.Emails)
    1024. 

  1024. 	v := s.visitor(netip.MustParseAddr("9.9.9.9"), u)
    1025. 

  1025. 	require.Equal(t, int64(123456), v.Stats().Messages)
    1026. 

  1026. 	require.Equal(t, int64(123456), v.messagesLimiter.Value())
    1027. 

  1027. 	require.Equal(t, int64(999), v.Stats().Emails)
    1028. 

  1028. 	require.Equal(t, int64(999), v.emailsLimiter.Value())
    1029. 

  1029. }
    1030. 

  1030. 

  1031. type testMailer struct {
    1032. 

  1032. 	count int
    1033. 

  1033. 	mu    sync.Mutex
    1034. 

  1034. }
    1035. 

  1035. 

  1036. func (t *testMailer) Send(v *visitor, m *message, to string) error {
    1037. 

  1037. 	t.mu.Lock()
    1038. 

  1038. 	defer t.mu.Unlock()
    1039. 

  1039. 	t.count++
    1040. 

  1040. 	return nil
    1041. 

  1041. }
    1042. 

  1042. 

  1043. func (t *testMailer) Counts() (total int64, success int64, failure int64) {
    1044. 

  1044. 	return 0, 0, 0
    1045. 

  1045. }
    1046. 

  1046. 

  1047. func (t *testMailer) Count() int {
    1048. 

  1048. 	t.mu.Lock()
    1049. 

  1049. 	defer t.mu.Unlock()
    1050. 

  1050. 	return t.count
    1051. 

  1051. }
    1052. 

  1052. 

  1053. func TestServer_PublishTooRequests_Defaults(t *testing.T) {
    1054. 

  1054. 	s := newTestServer(t, newTestConfig(t))
    1055. 

  1055. 	for i := 0; i < 60; i++ {
    1056. 

  1056. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("message %d", i), nil)
    1057. 

  1057. 		require.Equal(t, 200, response.Code)
    1058. 

  1058. 	}
    1059. 

  1059. 	response := request(t, s, "PUT", "/mytopic", "message", nil)
    1060. 

  1060. 	require.Equal(t, 429, response.Code)
    1061. 

  1061. }
    1062. 

  1062. 

  1063. func TestServer_PublishTooRequests_Defaults_ExemptHosts(t *testing.T) {
    1064. 

  1064. 	c := newTestConfig(t)
    1065. 

  1065. 	c.VisitorRequestLimitBurst = 3
    1066. 

  1066. 	c.VisitorRequestExemptIPAddrs = []netip.Prefix{netip.MustParsePrefix("9.9.9.9/32")} // see request()
    1067. 

  1067. 	s := newTestServer(t, c)
    1068. 

  1068. 	for i := 0; i < 5; i++ { // > 3
    1069. 

  1069. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("message %d", i), nil)
    1070. 

  1070. 		require.Equal(t, 200, response.Code)
    1071. 

  1071. 	}
    1072. 

  1072. }
    1073. 

  1073. 

  1074. func TestServer_PublishTooRequests_Defaults_ExemptHosts_MessageDailyLimit(t *testing.T) {
    1075. 

  1075. 	c := newTestConfig(t)
    1076. 

  1076. 	c.VisitorRequestLimitBurst = 10
    1077. 

  1077. 	c.VisitorMessageDailyLimit = 4
    1078. 

  1078. 	c.VisitorRequestExemptIPAddrs = []netip.Prefix{netip.MustParsePrefix("9.9.9.9/32")} // see request()
    1079. 

  1079. 	s := newTestServer(t, c)
    1080. 

  1080. 	for i := 0; i < 8; i++ { // 4
    1081. 

  1081. 		response := request(t, s, "PUT", "/mytopic", "message", nil)
    1082. 

  1082. 		require.Equal(t, 200, response.Code)
    1083. 

  1083. 	}
    1084. 

  1084. }
    1085. 

  1085. 

  1086. func TestServer_PublishTooRequests_ShortReplenish(t *testing.T) {
    1087. 

  1087. 	t.Parallel()
    1088. 

  1088. 	c := newTestConfig(t)
    1089. 

  1089. 	c.VisitorRequestLimitBurst = 60
    1090. 

  1090. 	c.VisitorRequestLimitReplenish = time.Second
    1091. 

  1091. 	s := newTestServer(t, c)
    1092. 

  1092. 	for i := 0; i < 60; i++ {
    1093. 

  1093. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("message %d", i), nil)
    1094. 

  1094. 		require.Equal(t, 200, response.Code)
    1095. 

  1095. 	}
    1096. 

  1096. 	response := request(t, s, "PUT", "/mytopic", "message", nil)
    1097. 

  1097. 	require.Equal(t, 429, response.Code)
    1098. 

  1098. 

  1099. 	time.Sleep(1020 * time.Millisecond)
    1100. 

  1100. 	response = request(t, s, "PUT", "/mytopic", "message", nil)
    1101. 

  1101. 	require.Equal(t, 200, response.Code)
    1102. 

  1102. }
    1103. 

  1103. 

  1104. func TestServer_PublishTooManyEmails_Defaults(t *testing.T) {
    1105. 

  1105. 	s := newTestServer(t, newTestConfig(t))
    1106. 

  1106. 	s.smtpSender = &testMailer{}
    1107. 

  1107. 	for i := 0; i < 16; i++ {
    1108. 

  1108. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("message %d", i), map[string]string{
    1109. 

  1109. 			"E-Mail": "test@example.com",
    1110. 

  1110. 		})
    1111. 

  1111. 		require.Equal(t, 200, response.Code)
    1112. 

  1112. 	}
    1113. 

  1113. 	response := request(t, s, "PUT", "/mytopic", "one too many", map[string]string{
    1114. 

  1114. 		"E-Mail": "test@example.com",
    1115. 

  1115. 	})
    1116. 

  1116. 	require.Equal(t, 429, response.Code)
    1117. 

  1117. }
    1118. 

  1118. 

  1119. func TestServer_PublishTooManyEmails_Replenish(t *testing.T) {
    1120. 

  1120. 	t.Parallel()
    1121. 

  1121. 	c := newTestConfig(t)
    1122. 

  1122. 	c.VisitorEmailLimitReplenish = 500 * time.Millisecond
    1123. 

  1123. 	s := newTestServer(t, c)
    1124. 

  1124. 	s.smtpSender = &testMailer{}
    1125. 

  1125. 	for i := 0; i < 16; i++ {
    1126. 

  1126. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("message %d", i), map[string]string{
    1127. 

  1127. 			"E-Mail": "test@example.com",
    1128. 

  1128. 		})
    1129. 

  1129. 		require.Equal(t, 200, response.Code)
    1130. 

  1130. 	}
    1131. 

  1131. 	response := request(t, s, "PUT", "/mytopic", "one too many", map[string]string{
    1132. 

  1132. 		"E-Mail": "test@example.com",
    1133. 

  1133. 	})
    1134. 

  1134. 	require.Equal(t, 429, response.Code)
    1135. 

  1135. 

  1136. 	time.Sleep(510 * time.Millisecond)
    1137. 

  1137. 	response = request(t, s, "PUT", "/mytopic", "this should be okay again too many", map[string]string{
    1138. 

  1138. 		"E-Mail": "test@example.com",
    1139. 

  1139. 	})
    1140. 

  1140. 	require.Equal(t, 200, response.Code)
    1141. 

  1141. 

  1142. 	response = request(t, s, "PUT", "/mytopic", "and bad again", map[string]string{
    1143. 

  1143. 		"E-Mail": "test@example.com",
    1144. 

  1144. 	})
    1145. 

  1145. 	require.Equal(t, 429, response.Code)
    1146. 

  1146. }
    1147. 

  1147. 

  1148. func TestServer_PublishDelayedEmail_Fail(t *testing.T) {
    1149. 

  1149. 	s := newTestServer(t, newTestConfig(t))
    1150. 

  1150. 	s.smtpSender = &testMailer{}
    1151. 

  1151. 	response := request(t, s, "PUT", "/mytopic", "fail", map[string]string{
    1152. 

  1152. 		"E-Mail": "test@example.com",
    1153. 

  1153. 		"Delay":  "20 min",
    1154. 

  1154. 	})
    1155. 

  1155. 	require.Equal(t, 400, response.Code)
    1156. 

  1156. }
    1157. 

  1157. 

  1158. func TestServer_PublishEmailNoMailer_Fail(t *testing.T) {
    1159. 

  1159. 	s := newTestServer(t, newTestConfig(t))
    1160. 

  1160. 	response := request(t, s, "PUT", "/mytopic", "fail", map[string]string{
    1161. 

  1161. 		"E-Mail": "test@example.com",
    1162. 

  1162. 	})
    1163. 

  1163. 	require.Equal(t, 400, response.Code)
    1164. 

  1164. }
    1165. 

  1165. 

  1166. func TestServer_UnifiedPushDiscovery(t *testing.T) {
    1167. 

  1167. 	s := newTestServer(t, newTestConfig(t))
    1168. 

  1168. 	response := request(t, s, "GET", "/mytopic?up=1", "", nil)
    1169. 

  1169. 	require.Equal(t, 200, response.Code)
    1170. 

  1170. 	require.Equal(t, `{"unifiedpush":{"version":1}}`+"\n", response.Body.String())
    1171. 

  1171. }
    1172. 

  1172. 

  1173. func TestServer_PublishUnifiedPushBinary_AndPoll(t *testing.T) {
    1174. 

  1174. 	b := make([]byte, 12) // Max length
    1175. 

  1175. 	_, err := rand.Read(b)
    1176. 

  1176. 	require.Nil(t, err)
    1177. 

  1177. 

  1178. 	s := newTestServer(t, newTestConfig(t))
    1179. 

  1179. 

  1180. 	// Register a UnifiedPush subscriber
    1181. 

  1181. 	response := request(t, s, "GET", "/up123456789012/json?poll=1", "", map[string]string{
    1182. 

  1182. 		"Rate-Topics": "up123456789012",
    1183. 

  1183. 	})
    1184. 

  1184. 	require.Equal(t, 200, response.Code)
    1185. 

  1185. 

  1186. 	// Publish message to topic
    1187. 

  1187. 	response = request(t, s, "PUT", "/up123456789012?up=1", string(b), nil)
    1188. 

  1188. 	require.Equal(t, 200, response.Code)
    1189. 

  1189. 

  1190. 	m := toMessage(t, response.Body.String())
    1191. 

  1191. 	require.Equal(t, "base64", m.Encoding)
    1192. 

  1192. 	b2, err := base64.StdEncoding.DecodeString(m.Message)
    1193. 

  1193. 	require.Nil(t, err)
    1194. 

  1194. 	require.Equal(t, b, b2)
    1195. 

  1195. 

  1196. 	// Retrieve and check published message
    1197. 

  1197. 	response = request(t, s, "GET", "/up123456789012/json?poll=1", string(b), nil)
    1198. 

  1198. 	require.Equal(t, 200, response.Code)
    1199. 

  1199. 	m = toMessage(t, response.Body.String())
    1200. 

  1200. 	require.Equal(t, "base64", m.Encoding)
    1201. 

  1201. 	b2, err = base64.StdEncoding.DecodeString(m.Message)
    1202. 

  1202. 	require.Nil(t, err)
    1203. 

  1203. 	require.Equal(t, b, b2)
    1204. 

  1204. }
    1205. 

  1205. 

  1206. func TestServer_PublishUnifiedPushBinary_Truncated(t *testing.T) {
    1207. 

  1207. 	b := make([]byte, 5000) // Longer than max length
    1208. 

  1208. 	_, err := rand.Read(b)
    1209. 

  1209. 	require.Nil(t, err)
    1210. 

  1210. 

  1211. 	s := newTestServer(t, newTestConfig(t))
    1212. 

  1212. 

  1213. 	// Register a UnifiedPush subscriber
    1214. 

  1214. 	response := request(t, s, "GET", "/mytopic/json?poll=1", "", map[string]string{
    1215. 

  1215. 		"Rate-Topics": "mytopic",
    1216. 

  1216. 	})
    1217. 

  1217. 	require.Equal(t, 200, response.Code)
    1218. 

  1218. 

  1219. 	// Publish message to topic
    1220. 

  1220. 	response = request(t, s, "PUT", "/mytopic?up=1", string(b), nil)
    1221. 

  1221. 	require.Equal(t, 200, response.Code)
    1222. 

  1222. 

  1223. 	m := toMessage(t, response.Body.String())
    1224. 

  1224. 	require.Equal(t, "base64", m.Encoding)
    1225. 

  1225. 	b2, err := base64.StdEncoding.DecodeString(m.Message)
    1226. 

  1226. 	require.Nil(t, err)
    1227. 

  1227. 	require.Equal(t, 4096, len(b2))
    1228. 

  1228. 	require.Equal(t, b[:4096], b2)
    1229. 

  1229. }
    1230. 

  1230. 

  1231. func TestServer_PublishUnifiedPushText(t *testing.T) {
    1232. 

  1232. 	s := newTestServer(t, newTestConfig(t))
    1233. 

  1233. 

  1234. 	// Register a UnifiedPush subscriber
    1235. 

  1235. 	response := request(t, s, "GET", "/mytopic/json?poll=1", "", map[string]string{
    1236. 

  1236. 		"Rate-Topics": "mytopic",
    1237. 

  1237. 	})
    1238. 

  1238. 	require.Equal(t, 200, response.Code)
    1239. 

  1239. 

  1240. 	// Publish UnifiedPush text message
    1241. 

  1241. 	response = request(t, s, "PUT", "/mytopic?up=1", "this is a unifiedpush text message", nil)
    1242. 

  1242. 	require.Equal(t, 200, response.Code)
    1243. 

  1243. 

  1244. 	m := toMessage(t, response.Body.String())
    1245. 

  1245. 	require.Equal(t, "", m.Encoding)
    1246. 

  1246. 	require.Equal(t, "this is a unifiedpush text message", m.Message)
    1247. 

  1247. }
    1248. 

  1248. 

  1249. func TestServer_MatrixGateway_Discovery_Success(t *testing.T) {
    1250. 

  1250. 	s := newTestServer(t, newTestConfig(t))
    1251. 

  1251. 	response := request(t, s, "GET", "/_matrix/push/v1/notify", "", nil)
    1252. 

  1252. 	require.Equal(t, 200, response.Code)
    1253. 

  1253. 	require.Equal(t, `{"unifiedpush":{"gateway":"matrix"}}`+"\n", response.Body.String())
    1254. 

  1254. }
    1255. 

  1255. 

  1256. func TestServer_MatrixGateway_Discovery_Failure_Unconfigured(t *testing.T) {
    1257. 

  1257. 	c := newTestConfig(t)
    1258. 

  1258. 	c.BaseURL = ""
    1259. 

  1259. 	s := newTestServer(t, c)
    1260. 

  1260. 	response := request(t, s, "GET", "/_matrix/push/v1/notify", "", nil)
    1261. 

  1261. 	require.Equal(t, 500, response.Code)
    1262. 

  1262. 	err := toHTTPError(t, response.Body.String())
    1263. 

  1263. 	require.Equal(t, 50003, err.Code)
    1264. 

  1264. }
    1265. 

  1265. 

  1266. func TestServer_MatrixGateway_Push_Success(t *testing.T) {
    1267. 

  1267. 	s := newTestServer(t, newTestConfig(t))
    1268. 

  1268. 

  1269. 	response := request(t, s, "GET", "/mytopic/json?poll=1", "", map[string]string{
    1270. 

  1270. 		"Rate-Topics": "mytopic", // Register first!
    1271. 

  1271. 	})
    1272. 

  1272. 	require.Equal(t, 200, response.Code)
    1273. 

  1273. 

  1274. 	notification := `{"notification":{"devices":[{"pushkey":"http://127.0.0.1:12345/mytopic?up=1"}]}}`
    1275. 

  1275. 	response = request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1276. 

  1276. 	require.Equal(t, 200, response.Code)
    1277. 

  1277. 	require.Equal(t, `{"rejected":[]}`+"\n", response.Body.String())
    1278. 

  1278. 

  1279. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    1280. 

  1280. 	require.Equal(t, 200, response.Code)
    1281. 

  1281. 	m := toMessage(t, response.Body.String())
    1282. 

  1282. 	require.Equal(t, notification, m.Message)
    1283. 

  1283. }
    1284. 

  1284. 

  1285. func TestServer_MatrixGateway_Push_Failure_NoSubscriber(t *testing.T) {
    1286. 

  1286. 	s := newTestServer(t, newTestConfig(t))
    1287. 

  1287. 	notification := `{"notification":{"devices":[{"pushkey":"http://127.0.0.1:12345/mytopic?up=1"}]}}`
    1288. 

  1288. 	response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1289. 

  1289. 	require.Equal(t, 507, response.Code)
    1290. 

  1290. 	require.Equal(t, 50701, toHTTPError(t, response.Body.String()).Code)
    1291. 

  1291. }
    1292. 

  1292. 

  1293. func TestServer_MatrixGateway_Push_Failure_InvalidPushkey(t *testing.T) {
    1294. 

  1294. 	s := newTestServer(t, newTestConfig(t))
    1295. 

  1295. 	notification := `{"notification":{"devices":[{"pushkey":"http://wrong-base-url.com/mytopic?up=1"}]}}`
    1296. 

  1296. 	response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1297. 

  1297. 	require.Equal(t, 200, response.Code)
    1298. 

  1298. 	require.Equal(t, `{"rejected":["http://wrong-base-url.com/mytopic?up=1"]}`+"\n", response.Body.String())
    1299. 

  1299. 

  1300. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    1301. 

  1301. 	require.Equal(t, 200, response.Code)
    1302. 

  1302. 	require.Equal(t, "", response.Body.String()) // Empty!
    1303. 

  1303. }
    1304. 

  1304. 

  1305. func TestServer_MatrixGateway_Push_Failure_EverythingIsWrong(t *testing.T) {
    1306. 

  1306. 	s := newTestServer(t, newTestConfig(t))
    1307. 

  1307. 	notification := `{"message":"this is not really a Matrix message"}`
    1308. 

  1308. 	response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1309. 

  1309. 	require.Equal(t, 400, response.Code)
    1310. 

  1310. 	require.Equal(t, 40019, toHTTPError(t, response.Body.String()).Code)
    1311. 

  1311. 

  1312. 	notification = `this isn't even JSON'`
    1313. 

  1313. 	response = request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1314. 

  1314. 	require.Equal(t, 400, response.Code)
    1315. 

  1315. 	require.Equal(t, 40019, toHTTPError(t, response.Body.String()).Code)
    1316. 

  1316. }
    1317. 

  1317. 

  1318. func TestServer_MatrixGateway_Push_Failure_Unconfigured(t *testing.T) {
    1319. 

  1319. 	c := newTestConfig(t)
    1320. 

  1320. 	c.BaseURL = ""
    1321. 

  1321. 	s := newTestServer(t, c)
    1322. 

  1322. 	notification := `{"notification":{"devices":[{"pushkey":"http://127.0.0.1:12345/mytopic?up=1"}]}}`
    1323. 

  1323. 	response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    1324. 

  1324. 	require.Equal(t, 500, response.Code)
    1325. 

  1325. 	require.Equal(t, 50003, toHTTPError(t, response.Body.String()).Code)
    1326. 

  1326. }
    1327. 

  1327. 

  1328. func TestServer_PublishActions_AndPoll(t *testing.T) {
    1329. 

  1329. 	s := newTestServer(t, newTestConfig(t))
    1330. 

  1330. 	response := request(t, s, "PUT", "/mytopic", "my message", map[string]string{
    1331. 

  1331. 		"Actions": "view, Open portal, https://home.nest.com/; http, Turn down, https://api.nest.com/device/XZ1D2, body=target_temp_f=65",
    1332. 

  1332. 	})
    1333. 

  1333. 	require.Equal(t, 200, response.Code)
    1334. 

  1334. 

  1335. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", nil)
    1336. 

  1336. 	require.Equal(t, 200, response.Code)
    1337. 

  1337. 	m := toMessage(t, response.Body.String())
    1338. 

  1338. 	require.Equal(t, 2, len(m.Actions))
    1339. 

  1339. 	require.Equal(t, "view", m.Actions[0].Action)
    1340. 

  1340. 	require.Equal(t, "Open portal", m.Actions[0].Label)
    1341. 

  1341. 	require.Equal(t, "https://home.nest.com/", m.Actions[0].URL)
    1342. 

  1342. 	require.Equal(t, "http", m.Actions[1].Action)
    1343. 

  1343. 	require.Equal(t, "Turn down", m.Actions[1].Label)
    1344. 

  1344. 	require.Equal(t, "https://api.nest.com/device/XZ1D2", m.Actions[1].URL)
    1345. 

  1345. 	require.Equal(t, "target_temp_f=65", m.Actions[1].Body)
    1346. 

  1346. }
    1347. 

  1347. 

  1348. func TestServer_PublishAsJSON(t *testing.T) {
    1349. 

  1349. 	s := newTestServer(t, newTestConfig(t))
    1350. 

  1350. 	body := `{"topic":"mytopic","message":"A message","title":"a title\nwith lines","tags":["tag1","tag 2"],` +
    1351. 

  1351. 		`"not-a-thing":"ok", "attach":"http://google.com","filename":"google.pdf", "click":"http://ntfy.sh","priority":4,` +
    1352. 

  1352. 		`"icon":"https://ntfy.sh/static/img/ntfy.png", "delay":"30min"}`
    1353. 

  1353. 	response := request(t, s, "PUT", "/", body, nil)
    1354. 

  1354. 	require.Equal(t, 200, response.Code)
    1355. 

  1355. 

  1356. 	m := toMessage(t, response.Body.String())
    1357. 

  1357. 	require.Equal(t, "mytopic", m.Topic)
    1358. 

  1358. 	require.Equal(t, "A message", m.Message)
    1359. 

  1359. 	require.Equal(t, "a title\nwith lines", m.Title)
    1360. 

  1360. 	require.Equal(t, []string{"tag1", "tag 2"}, m.Tags)
    1361. 

  1361. 	require.Equal(t, "http://google.com", m.Attachment.URL)
    1362. 

  1362. 	require.Equal(t, "google.pdf", m.Attachment.Name)
    1363. 

  1363. 	require.Equal(t, "http://ntfy.sh", m.Click)
    1364. 

  1364. 	require.Equal(t, "https://ntfy.sh/static/img/ntfy.png", m.Icon)
    1365. 

  1365. 

  1366. 	require.Equal(t, 4, m.Priority)
    1367. 

  1367. 	require.True(t, m.Time > time.Now().Unix()+29*60)
    1368. 

  1368. 	require.True(t, m.Time < time.Now().Unix()+31*60)
    1369. 

  1369. }
    1370. 

  1370. 

  1371. func TestServer_PublishAsJSON_RateLimit_MessageDailyLimit(t *testing.T) {
    1372. 

  1372. 	// Publishing as JSON follows a different path. This ensures that rate
    1373. 

  1373. 	// limiting works for this endpoint as well
    1374. 

  1374. 	c := newTestConfig(t)
    1375. 

  1375. 	c.VisitorMessageDailyLimit = 3
    1376. 

  1376. 	s := newTestServer(t, c)
    1377. 

  1377. 

  1378. 	for i := 0; i < 3; i++ {
    1379. 

  1379. 		response := request(t, s, "PUT", "/", `{"topic":"mytopic","message":"A message"}`, nil)
    1380. 

  1380. 		require.Equal(t, 200, response.Code)
    1381. 

  1381. 	}
    1382. 

  1382. 	response := request(t, s, "PUT", "/", `{"topic":"mytopic","message":"A message"}`, nil)
    1383. 

  1383. 	require.Equal(t, 429, response.Code)
    1384. 

  1384. 	require.Equal(t, 42908, toHTTPError(t, response.Body.String()).Code)
    1385. 

  1385. }
    1386. 

  1386. 

  1387. func TestServer_PublishAsJSON_WithEmail(t *testing.T) {
    1388. 

  1388. 	t.Parallel()
    1389. 

  1389. 	mailer := &testMailer{}
    1390. 

  1390. 	s := newTestServer(t, newTestConfig(t))
    1391. 

  1391. 	s.smtpSender = mailer
    1392. 

  1392. 	body := `{"topic":"mytopic","message":"A message","email":"phil@example.com"}`
    1393. 

  1393. 	response := request(t, s, "PUT", "/", body, nil)
    1394. 

  1394. 	require.Equal(t, 200, response.Code)
    1395. 

  1395. 	time.Sleep(100 * time.Millisecond) // E-Mail publishing happens in a Go routine
    1396. 

  1396. 

  1397. 	m := toMessage(t, response.Body.String())
    1398. 

  1398. 	require.Equal(t, "mytopic", m.Topic)
    1399. 

  1399. 	require.Equal(t, "A message", m.Message)
    1400. 

  1400. 	require.Equal(t, 1, mailer.Count())
    1401. 

  1401. }
    1402. 

  1402. 

  1403. func TestServer_PublishAsJSON_WithActions(t *testing.T) {
    1404. 

  1404. 	s := newTestServer(t, newTestConfig(t))
    1405. 

  1405. 	body := `{
    1406. 

  1406. 		"topic":"mytopic",
    1407. 

  1407. 		"message":"A message",
    1408. 

  1408. 		"actions": [
    1409. 

  1409. 			  {
    1410. 

  1410. 				"action": "view",
    1411. 

  1411. 				"label": "Open portal",
    1412. 

  1412. 				"url": "https://home.nest.com/"
    1413. 

  1413. 			  },
    1414. 

  1414. 			  {
    1415. 

  1415. 				"action": "http",
    1416. 

  1416. 				"label": "Turn down",
    1417. 

  1417. 				"url": "https://api.nest.com/device/XZ1D2",
    1418. 

  1418. 				"body": "target_temp_f=65"
    1419. 

  1419. 			  }
    1420. 

  1420. 		]
    1421. 

  1421. 	}`
    1422. 

  1422. 	response := request(t, s, "POST", "/", body, nil)
    1423. 

  1423. 	require.Equal(t, 200, response.Code)
    1424. 

  1424. 

  1425. 	m := toMessage(t, response.Body.String())
    1426. 

  1426. 	require.Equal(t, "mytopic", m.Topic)
    1427. 

  1427. 	require.Equal(t, "A message", m.Message)
    1428. 

  1428. 	require.Equal(t, 2, len(m.Actions))
    1429. 

  1429. 	require.Equal(t, "view", m.Actions[0].Action)
    1430. 

  1430. 	require.Equal(t, "Open portal", m.Actions[0].Label)
    1431. 

  1431. 	require.Equal(t, "https://home.nest.com/", m.Actions[0].URL)
    1432. 

  1432. 	require.Equal(t, "http", m.Actions[1].Action)
    1433. 

  1433. 	require.Equal(t, "Turn down", m.Actions[1].Label)
    1434. 

  1434. 	require.Equal(t, "https://api.nest.com/device/XZ1D2", m.Actions[1].URL)
    1435. 

  1435. 	require.Equal(t, "target_temp_f=65", m.Actions[1].Body)
    1436. 

  1436. }
    1437. 

  1437. 

  1438. func TestServer_PublishAsJSON_Invalid(t *testing.T) {
    1439. 

  1439. 	s := newTestServer(t, newTestConfig(t))
    1440. 

  1440. 	body := `{"topic":"mytopic",INVALID`
    1441. 

  1441. 	response := request(t, s, "PUT", "/", body, nil)
    1442. 

  1442. 	require.Equal(t, 400, response.Code)
    1443. 

  1443. }
    1444. 

  1444. 

  1445. func TestServer_PublishWithTierBasedMessageLimitAndExpiry(t *testing.T) {
    1446. 

  1446. 	c := newTestConfigWithAuthFile(t)
    1447. 

  1447. 	s := newTestServer(t, c)
    1448. 

  1448. 

  1449. 	// Create tier with certain limits
    1450. 

  1450. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    1451. 

  1451. 		Code:                  "test",
    1452. 

  1452. 		MessageLimit:          5,
    1453. 

  1453. 		MessageExpiryDuration: -5 * time.Second, // Second, what a hack!
    1454. 

  1454. 	}))
    1455. 

  1455. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1456. 

  1456. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    1457. 

  1457. 

  1458. 	// Publish to reach message limit
    1459. 

  1459. 	for i := 0; i < 5; i++ {
    1460. 

  1460. 		response := request(t, s, "PUT", "/mytopic", fmt.Sprintf("this is message %d", i+1), map[string]string{
    1461. 

  1461. 			"Authorization": util.BasicAuth("phil", "phil"),
    1462. 

  1462. 		})
    1463. 

  1463. 		require.Equal(t, 200, response.Code)
    1464. 

  1464. 		msg := toMessage(t, response.Body.String())
    1465. 

  1465. 		require.True(t, msg.Expires < time.Now().Unix()+5)
    1466. 

  1466. 	}
    1467. 

  1467. 	response := request(t, s, "PUT", "/mytopic", "this is too much", map[string]string{
    1468. 

  1468. 		"Authorization": util.BasicAuth("phil", "phil"),
    1469. 

  1469. 	})
    1470. 

  1470. 	require.Equal(t, 429, response.Code)
    1471. 

  1471. 

  1472. 	// Run pruning and see if they are gone
    1473. 

  1473. 	s.execManager()
    1474. 

  1474. 	response = request(t, s, "GET", "/mytopic/json?poll=1", "", map[string]string{
    1475. 

  1475. 		"Authorization": util.BasicAuth("phil", "phil"),
    1476. 

  1476. 	})
    1477. 

  1477. 	require.Equal(t, 200, response.Code)
    1478. 

  1478. 	require.Empty(t, response.Body)
    1479. 

  1479. }
    1480. 

  1480. 

  1481. func TestServer_PublishAttachment(t *testing.T) {
    1482. 

  1482. 	content := "text file!" + util.RandomString(4990) // > 4096
    1483. 

  1483. 	s := newTestServer(t, newTestConfig(t))
    1484. 

  1484. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1485. 

  1485. 	msg := toMessage(t, response.Body.String())
    1486. 

  1486. 	require.Equal(t, "attachment.txt", msg.Attachment.Name)
    1487. 

  1487. 	require.Equal(t, "text/plain; charset=utf-8", msg.Attachment.Type)
    1488. 

  1488. 	require.Equal(t, int64(5000), msg.Attachment.Size)
    1489. 

  1489. 	require.GreaterOrEqual(t, msg.Attachment.Expires, time.Now().Add(179*time.Minute).Unix()) // Almost 3 hours
    1490. 

  1490. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1491. 

  1491. 	require.Equal(t, netip.Addr{}, msg.Sender) // Should never be returned
    1492. 

  1492. 	require.FileExists(t, filepath.Join(s.config.AttachmentCacheDir, msg.ID))
    1493. 

  1493. 

  1494. 	// GET
    1495. 

  1495. 	path := strings.TrimPrefix(msg.Attachment.URL, "http://127.0.0.1:12345")
    1496. 

  1496. 	response = request(t, s, "GET", path, "", nil)
    1497. 

  1497. 	require.Equal(t, 200, response.Code)
    1498. 

  1498. 	require.Equal(t, "5000", response.Header().Get("Content-Length"))
    1499. 

  1499. 	require.Equal(t, content, response.Body.String())
    1500. 

  1500. 

  1501. 	// HEAD
    1502. 

  1502. 	response = request(t, s, "HEAD", path, "", nil)
    1503. 

  1503. 	require.Equal(t, 200, response.Code)
    1504. 

  1504. 	require.Equal(t, "5000", response.Header().Get("Content-Length"))
    1505. 

  1505. 	require.Equal(t, "", response.Body.String())
    1506. 

  1506. 

  1507. 	// Slightly unrelated cross-test: make sure we add an owner for internal attachments
    1508. 

  1508. 	size, err := s.messageCache.AttachmentBytesUsedBySender("9.9.9.9") // See request()
    1509. 

  1509. 	require.Nil(t, err)
    1510. 

  1510. 	require.Equal(t, int64(5000), size)
    1511. 

  1511. }
    1512. 

  1512. 

  1513. func TestServer_PublishAttachmentShortWithFilename(t *testing.T) {
    1514. 

  1514. 	c := newTestConfig(t)
    1515. 

  1515. 	c.BehindProxy = true
    1516. 

  1516. 	s := newTestServer(t, c)
    1517. 

  1517. 	content := "this is an ATTACHMENT"
    1518. 

  1518. 	response := request(t, s, "PUT", "/mytopic?f=myfile.txt", content, map[string]string{
    1519. 

  1519. 		"X-Forwarded-For": "1.2.3.4",
    1520. 

  1520. 	})
    1521. 

  1521. 	msg := toMessage(t, response.Body.String())
    1522. 

  1522. 	require.Equal(t, "myfile.txt", msg.Attachment.Name)
    1523. 

  1523. 	require.Equal(t, "text/plain; charset=utf-8", msg.Attachment.Type)
    1524. 

  1524. 	require.Equal(t, int64(21), msg.Attachment.Size)
    1525. 

  1525. 	require.GreaterOrEqual(t, msg.Attachment.Expires, time.Now().Add(3*time.Hour).Unix())
    1526. 

  1526. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1527. 

  1527. 	require.Equal(t, netip.Addr{}, msg.Sender) // Should never be returned
    1528. 

  1528. 	require.FileExists(t, filepath.Join(s.config.AttachmentCacheDir, msg.ID))
    1529. 

  1529. 

  1530. 	path := strings.TrimPrefix(msg.Attachment.URL, "http://127.0.0.1:12345")
    1531. 

  1531. 	response = request(t, s, "GET", path, "", nil)
    1532. 

  1532. 	require.Equal(t, 200, response.Code)
    1533. 

  1533. 	require.Equal(t, "21", response.Header().Get("Content-Length"))
    1534. 

  1534. 	require.Equal(t, content, response.Body.String())
    1535. 

  1535. 

  1536. 	// Slightly unrelated cross-test: make sure we add an owner for internal attachments
    1537. 

  1537. 	size, err := s.messageCache.AttachmentBytesUsedBySender("1.2.3.4")
    1538. 

  1538. 	require.Nil(t, err)
    1539. 

  1539. 	require.Equal(t, int64(21), size)
    1540. 

  1540. }
    1541. 

  1541. 

  1542. func TestServer_PublishAttachmentExternalWithoutFilename(t *testing.T) {
    1543. 

  1543. 	s := newTestServer(t, newTestConfig(t))
    1544. 

  1544. 	response := request(t, s, "PUT", "/mytopic", "", map[string]string{
    1545. 

  1545. 		"Attach": "https://upload.wikimedia.org/wikipedia/commons/f/fd/Pink_flower.jpg",
    1546. 

  1546. 	})
    1547. 

  1547. 	msg := toMessage(t, response.Body.String())
    1548. 

  1548. 	require.Equal(t, "You received a file: Pink_flower.jpg", msg.Message)
    1549. 

  1549. 	require.Equal(t, "Pink_flower.jpg", msg.Attachment.Name)
    1550. 

  1550. 	require.Equal(t, "https://upload.wikimedia.org/wikipedia/commons/f/fd/Pink_flower.jpg", msg.Attachment.URL)
    1551. 

  1551. 	require.Equal(t, "", msg.Attachment.Type)
    1552. 

  1552. 	require.Equal(t, int64(0), msg.Attachment.Size)
    1553. 

  1553. 	require.Equal(t, int64(0), msg.Attachment.Expires)
    1554. 

  1554. 	require.Equal(t, netip.Addr{}, msg.Sender)
    1555. 

  1555. 

  1556. 	// Slightly unrelated cross-test: make sure we don't add an owner for external attachments
    1557. 

  1557. 	size, err := s.messageCache.AttachmentBytesUsedBySender("127.0.0.1")
    1558. 

  1558. 	require.Nil(t, err)
    1559. 

  1559. 	require.Equal(t, int64(0), size)
    1560. 

  1560. }
    1561. 

  1561. 

  1562. func TestServer_PublishAttachmentExternalWithFilename(t *testing.T) {
    1563. 

  1563. 	s := newTestServer(t, newTestConfig(t))
    1564. 

  1564. 	response := request(t, s, "PUT", "/mytopic", "This is a custom message", map[string]string{
    1565. 

  1565. 		"X-Attach": "https://upload.wikimedia.org/wikipedia/commons/f/fd/Pink_flower.jpg",
    1566. 

  1566. 		"File":     "some file.jpg",
    1567. 

  1567. 	})
    1568. 

  1568. 	msg := toMessage(t, response.Body.String())
    1569. 

  1569. 	require.Equal(t, "This is a custom message", msg.Message)
    1570. 

  1570. 	require.Equal(t, "some file.jpg", msg.Attachment.Name)
    1571. 

  1571. 	require.Equal(t, "https://upload.wikimedia.org/wikipedia/commons/f/fd/Pink_flower.jpg", msg.Attachment.URL)
    1572. 

  1572. 	require.Equal(t, "", msg.Attachment.Type)
    1573. 

  1573. 	require.Equal(t, int64(0), msg.Attachment.Size)
    1574. 

  1574. 	require.Equal(t, int64(0), msg.Attachment.Expires)
    1575. 

  1575. 	require.Equal(t, netip.Addr{}, msg.Sender)
    1576. 

  1576. }
    1577. 

  1577. 

  1578. func TestServer_PublishAttachmentBadURL(t *testing.T) {
    1579. 

  1579. 	s := newTestServer(t, newTestConfig(t))
    1580. 

  1580. 	response := request(t, s, "PUT", "/mytopic?a=not+a+URL", "", nil)
    1581. 

  1581. 	err := toHTTPError(t, response.Body.String())
    1582. 

  1582. 	require.Equal(t, 400, response.Code)
    1583. 

  1583. 	require.Equal(t, 400, err.HTTPCode)
    1584. 

  1584. 	require.Equal(t, 40013, err.Code)
    1585. 

  1585. }
    1586. 

  1586. 

  1587. func TestServer_PublishAttachmentTooLargeContentLength(t *testing.T) {
    1588. 

  1588. 	content := util.RandomString(5000) // > 4096
    1589. 

  1589. 	s := newTestServer(t, newTestConfig(t))
    1590. 

  1590. 	response := request(t, s, "PUT", "/mytopic", content, map[string]string{
    1591. 

  1591. 		"Content-Length": "20000000",
    1592. 

  1592. 	})
    1593. 

  1593. 	err := toHTTPError(t, response.Body.String())
    1594. 

  1594. 	require.Equal(t, 413, response.Code)
    1595. 

  1595. 	require.Equal(t, 413, err.HTTPCode)
    1596. 

  1596. 	require.Equal(t, 41301, err.Code)
    1597. 

  1597. }
    1598. 

  1598. 

  1599. func TestServer_PublishAttachmentTooLargeBodyAttachmentFileSizeLimit(t *testing.T) {
    1600. 

  1600. 	content := util.RandomString(5001) // > 5000, see below
    1601. 

  1601. 	c := newTestConfig(t)
    1602. 

  1602. 	c.AttachmentFileSizeLimit = 5000
    1603. 

  1603. 	s := newTestServer(t, c)
    1604. 

  1604. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1605. 

  1605. 	err := toHTTPError(t, response.Body.String())
    1606. 

  1606. 	require.Equal(t, 413, response.Code)
    1607. 

  1607. 	require.Equal(t, 413, err.HTTPCode)
    1608. 

  1608. 	require.Equal(t, 41301, err.Code)
    1609. 

  1609. }
    1610. 

  1610. 

  1611. func TestServer_PublishAttachmentExpiryBeforeDelivery(t *testing.T) {
    1612. 

  1612. 	c := newTestConfig(t)
    1613. 

  1613. 	c.AttachmentExpiryDuration = 10 * time.Minute
    1614. 

  1614. 	s := newTestServer(t, c)
    1615. 

  1615. 	response := request(t, s, "PUT", "/mytopic", util.RandomString(5000), map[string]string{
    1616. 

  1616. 		"Delay": "11 min", // > AttachmentExpiryDuration
    1617. 

  1617. 	})
    1618. 

  1618. 	err := toHTTPError(t, response.Body.String())
    1619. 

  1619. 	require.Equal(t, 400, response.Code)
    1620. 

  1620. 	require.Equal(t, 400, err.HTTPCode)
    1621. 

  1621. 	require.Equal(t, 40015, err.Code)
    1622. 

  1622. }
    1623. 

  1623. 

  1624. func TestServer_PublishAttachmentTooLargeBodyVisitorAttachmentTotalSizeLimit(t *testing.T) {
    1625. 

  1625. 	c := newTestConfig(t)
    1626. 

  1626. 	c.VisitorAttachmentTotalSizeLimit = 10000
    1627. 

  1627. 	s := newTestServer(t, c)
    1628. 

  1628. 

  1629. 	response := request(t, s, "PUT", "/mytopic", "text file!"+util.RandomString(4990), nil)
    1630. 

  1630. 	msg := toMessage(t, response.Body.String())
    1631. 

  1631. 	require.Equal(t, 200, response.Code)
    1632. 

  1632. 	require.Equal(t, "You received a file: attachment.txt", msg.Message)
    1633. 

  1633. 	require.Equal(t, int64(5000), msg.Attachment.Size)
    1634. 

  1634. 

  1635. 	content := util.RandomString(5001) // 5000+5001 > , see below
    1636. 

  1636. 	response = request(t, s, "PUT", "/mytopic", content, nil)
    1637. 

  1637. 	err := toHTTPError(t, response.Body.String())
    1638. 

  1638. 	require.Equal(t, 413, response.Code)
    1639. 

  1639. 	require.Equal(t, 413, err.HTTPCode)
    1640. 

  1640. 	require.Equal(t, 41301, err.Code)
    1641. 

  1641. }
    1642. 

  1642. 

  1643. func TestServer_PublishAttachmentAndExpire(t *testing.T) {
    1644. 

  1644. 	t.Parallel()
    1645. 

  1645. 	content := util.RandomString(5000) // > 4096
    1646. 

  1646. 

  1647. 	c := newTestConfig(t)
    1648. 

  1648. 	c.AttachmentExpiryDuration = time.Millisecond // Hack
    1649. 

  1649. 	s := newTestServer(t, c)
    1650. 

  1650. 

  1651. 	// Publish and make sure we can retrieve it
    1652. 

  1652. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1653. 

  1653. 	msg := toMessage(t, response.Body.String())
    1654. 

  1654. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1655. 

  1655. 	file := filepath.Join(s.config.AttachmentCacheDir, msg.ID)
    1656. 

  1656. 	require.FileExists(t, file)
    1657. 

  1657. 

  1658. 	path := strings.TrimPrefix(msg.Attachment.URL, "http://127.0.0.1:12345")
    1659. 

  1659. 	response = request(t, s, "GET", path, "", nil)
    1660. 

  1660. 	require.Equal(t, 200, response.Code)
    1661. 

  1661. 	require.Equal(t, content, response.Body.String())
    1662. 

  1662. 

  1663. 	// Prune and makes sure it's gone
    1664. 

  1664. 	time.Sleep(time.Second) // Sigh ...
    1665. 

  1665. 	s.execManager()
    1666. 

  1666. 	require.NoFileExists(t, file)
    1667. 

  1667. 	response = request(t, s, "GET", path, "", nil)
    1668. 

  1668. 	require.Equal(t, 404, response.Code)
    1669. 

  1669. }
    1670. 

  1670. 

  1671. func TestServer_PublishAttachmentWithTierBasedExpiry(t *testing.T) {
    1672. 

  1672. 	t.Parallel()
    1673. 

  1673. 	content := util.RandomString(5000) // > 4096
    1674. 

  1674. 

  1675. 	c := newTestConfigWithAuthFile(t)
    1676. 

  1676. 	c.AttachmentExpiryDuration = time.Millisecond // Hack
    1677. 

  1677. 	s := newTestServer(t, c)
    1678. 

  1678. 

  1679. 	// Create tier with certain limits
    1680. 

  1680. 	sevenDays := time.Duration(604800) * time.Second
    1681. 

  1681. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    1682. 

  1682. 		Code:                     "test",
    1683. 

  1683. 		MessageLimit:             10,
    1684. 

  1684. 		MessageExpiryDuration:    sevenDays,
    1685. 

  1685. 		AttachmentFileSizeLimit:  50_000,
    1686. 

  1686. 		AttachmentTotalSizeLimit: 200_000,
    1687. 

  1687. 		AttachmentExpiryDuration: sevenDays, // 7 days
    1688. 

  1688. 		AttachmentBandwidthLimit: 100000,
    1689. 

  1689. 	}))
    1690. 

  1690. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1691. 

  1691. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    1692. 

  1692. 

  1693. 	// Publish and make sure we can retrieve it
    1694. 

  1694. 	response := request(t, s, "PUT", "/mytopic", content, map[string]string{
    1695. 

  1695. 		"Authorization": util.BasicAuth("phil", "phil"),
    1696. 

  1696. 	})
    1697. 

  1697. 	require.Equal(t, 200, response.Code)
    1698. 

  1698. 	msg := toMessage(t, response.Body.String())
    1699. 

  1699. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1700. 

  1700. 	require.True(t, msg.Attachment.Expires > time.Now().Add(sevenDays-30*time.Second).Unix())
    1701. 

  1701. 	require.True(t, msg.Expires > time.Now().Add(sevenDays-30*time.Second).Unix())
    1702. 

  1702. 	file := filepath.Join(s.config.AttachmentCacheDir, msg.ID)
    1703. 

  1703. 	require.FileExists(t, file)
    1704. 

  1704. 

  1705. 	path := strings.TrimPrefix(msg.Attachment.URL, "http://127.0.0.1:12345")
    1706. 

  1706. 	response = request(t, s, "GET", path, "", nil)
    1707. 

  1707. 	require.Equal(t, 200, response.Code)
    1708. 

  1708. 	require.Equal(t, content, response.Body.String())
    1709. 

  1709. 

  1710. 	// Prune and makes sure it's still there
    1711. 

  1711. 	time.Sleep(time.Second) // Sigh ...
    1712. 

  1712. 	s.execManager()
    1713. 

  1713. 	require.FileExists(t, file)
    1714. 

  1714. 	response = request(t, s, "GET", path, "", nil)
    1715. 

  1715. 	require.Equal(t, 200, response.Code)
    1716. 

  1716. }
    1717. 

  1717. 

  1718. func TestServer_PublishAttachmentWithTierBasedBandwidthLimit(t *testing.T) {
    1719. 

  1719. 	content := util.RandomString(5000) // > 4096
    1720. 

  1720. 

  1721. 	c := newTestConfigWithAuthFile(t)
    1722. 

  1722. 	c.VisitorAttachmentDailyBandwidthLimit = 1000 // Much lower than tier bandwidth!
    1723. 

  1723. 	s := newTestServer(t, c)
    1724. 

  1724. 

  1725. 	// Create tier with certain limits
    1726. 

  1726. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    1727. 

  1727. 		Code:                     "test",
    1728. 

  1728. 		MessageLimit:             10,
    1729. 

  1729. 		MessageExpiryDuration:    time.Hour,
    1730. 

  1730. 		AttachmentFileSizeLimit:  50_000,
    1731. 

  1731. 		AttachmentTotalSizeLimit: 200_000,
    1732. 

  1732. 		AttachmentExpiryDuration: time.Hour,
    1733. 

  1733. 		AttachmentBandwidthLimit: 14000, // < 3x5000 bytes -> enough for one upload, one download
    1734. 

  1734. 	}))
    1735. 

  1735. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1736. 

  1736. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    1737. 

  1737. 

  1738. 	// Publish and make sure we can retrieve it
    1739. 

  1739. 	rr := request(t, s, "PUT", "/mytopic", content, map[string]string{
    1740. 

  1740. 		"Authorization": util.BasicAuth("phil", "phil"),
    1741. 

  1741. 	})
    1742. 

  1742. 	require.Equal(t, 200, rr.Code)
    1743. 

  1743. 	msg := toMessage(t, rr.Body.String())
    1744. 

  1744. 

  1745. 	// Retrieve it (first time succeeds)
    1746. 

  1746. 	rr = request(t, s, "GET", "/file/"+msg.ID, content, nil) // File downloads do not send auth headers!!
    1747. 

  1747. 	require.Equal(t, 200, rr.Code)
    1748. 

  1748. 	require.Equal(t, content, rr.Body.String())
    1749. 

  1749. 

  1750. 	// Retrieve it AGAIN (fails, due to bandwidth limit)
    1751. 

  1751. 	rr = request(t, s, "GET", "/file/"+msg.ID, content, nil)
    1752. 

  1752. 	require.Equal(t, 429, rr.Code)
    1753. 

  1753. }
    1754. 

  1754. 

  1755. func TestServer_PublishAttachmentWithTierBasedLimits(t *testing.T) {
    1756. 

  1756. 	smallFile := util.RandomString(20_000)
    1757. 

  1757. 	largeFile := util.RandomString(50_000)
    1758. 

  1758. 

  1759. 	c := newTestConfigWithAuthFile(t)
    1760. 

  1760. 	c.AttachmentFileSizeLimit = 20_000
    1761. 

  1761. 	c.VisitorAttachmentTotalSizeLimit = 40_000
    1762. 

  1762. 	s := newTestServer(t, c)
    1763. 

  1763. 

  1764. 	// Create tier with certain limits
    1765. 

  1765. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    1766. 

  1766. 		Code:                     "test",
    1767. 

  1767. 		MessageLimit:             100,
    1768. 

  1768. 		AttachmentFileSizeLimit:  50_000,
    1769. 

  1769. 		AttachmentTotalSizeLimit: 200_000,
    1770. 

  1770. 		AttachmentExpiryDuration: 30 * time.Second,
    1771. 

  1771. 		AttachmentBandwidthLimit: 1000000,
    1772. 

  1772. 	}))
    1773. 

  1773. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1774. 

  1774. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    1775. 

  1775. 

  1776. 	// Publish small file as anonymous
    1777. 

  1777. 	response := request(t, s, "PUT", "/mytopic", smallFile, nil)
    1778. 

  1778. 	msg := toMessage(t, response.Body.String())
    1779. 

  1779. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1780. 

  1780. 	require.FileExists(t, filepath.Join(s.config.AttachmentCacheDir, msg.ID))
    1781. 

  1781. 

  1782. 	// Publish large file as anonymous
    1783. 

  1783. 	response = request(t, s, "PUT", "/mytopic", largeFile, nil)
    1784. 

  1784. 	require.Equal(t, 413, response.Code)
    1785. 

  1785. 	require.Equal(t, 41301, toHTTPError(t, response.Body.String()).Code)
    1786. 

  1786. 

  1787. 	// Publish too large file as phil
    1788. 

  1788. 	response = request(t, s, "PUT", "/mytopic", largeFile+" a few more bytes", map[string]string{
    1789. 

  1789. 		"Authorization": util.BasicAuth("phil", "phil"),
    1790. 

  1790. 	})
    1791. 

  1791. 	require.Equal(t, 413, response.Code)
    1792. 

  1792. 	require.Equal(t, 41301, toHTTPError(t, response.Body.String()).Code)
    1793. 

  1793. 

  1794. 	// Publish large file as phil (4x)
    1795. 

  1795. 	for i := 0; i < 4; i++ {
    1796. 

  1796. 		response = request(t, s, "PUT", "/mytopic", largeFile, map[string]string{
    1797. 

  1797. 			"Authorization": util.BasicAuth("phil", "phil"),
    1798. 

  1798. 		})
    1799. 

  1799. 		require.Equal(t, 200, response.Code)
    1800. 

  1800. 		msg = toMessage(t, response.Body.String())
    1801. 

  1801. 		require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1802. 

  1802. 		require.FileExists(t, filepath.Join(s.config.AttachmentCacheDir, msg.ID))
    1803. 

  1803. 	}
    1804. 

  1804. 	response = request(t, s, "PUT", "/mytopic", largeFile, map[string]string{
    1805. 

  1805. 		"Authorization": util.BasicAuth("phil", "phil"),
    1806. 

  1806. 	})
    1807. 

  1807. 	require.Equal(t, 413, response.Code)
    1808. 

  1808. 	require.Equal(t, 41301, toHTTPError(t, response.Body.String()).Code)
    1809. 

  1809. }
    1810. 

  1810. 

  1811. func TestServer_PublishAttachmentBandwidthLimit(t *testing.T) {
    1812. 

  1812. 	content := util.RandomString(5000) // > 4096
    1813. 

  1813. 

  1814. 	c := newTestConfig(t)
    1815. 

  1815. 	c.VisitorAttachmentDailyBandwidthLimit = 5*5000 + 123 // A little more than 1 upload and 3 downloads
    1816. 

  1816. 	s := newTestServer(t, c)
    1817. 

  1817. 

  1818. 	// Publish attachment
    1819. 

  1819. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1820. 

  1820. 	msg := toMessage(t, response.Body.String())
    1821. 

  1821. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1822. 

  1822. 

  1823. 	// Value it 4 times successfully
    1824. 

  1824. 	path := strings.TrimPrefix(msg.Attachment.URL, "http://127.0.0.1:12345")
    1825. 

  1825. 	for i := 1; i <= 4; i++ { // 4 successful downloads
    1826. 

  1826. 		response = request(t, s, "GET", path, "", nil)
    1827. 

  1827. 		require.Equal(t, 200, response.Code)
    1828. 

  1828. 		require.Equal(t, content, response.Body.String())
    1829. 

  1829. 	}
    1830. 

  1830. 

  1831. 	// And then fail with a 429
    1832. 

  1832. 	response = request(t, s, "GET", path, "", nil)
    1833. 

  1833. 	err := toHTTPError(t, response.Body.String())
    1834. 

  1834. 	require.Equal(t, 429, response.Code)
    1835. 

  1835. 	require.Equal(t, 42905, err.Code)
    1836. 

  1836. }
    1837. 

  1837. 

  1838. func TestServer_PublishAttachmentBandwidthLimitUploadOnly(t *testing.T) {
    1839. 

  1839. 	content := util.RandomString(5000) // > 4096
    1840. 

  1840. 

  1841. 	c := newTestConfig(t)
    1842. 

  1842. 	c.VisitorAttachmentDailyBandwidthLimit = 5*5000 + 500 // 5 successful uploads
    1843. 

  1843. 	s := newTestServer(t, c)
    1844. 

  1844. 

  1845. 	// 5 successful uploads
    1846. 

  1846. 	for i := 1; i <= 5; i++ {
    1847. 

  1847. 		response := request(t, s, "PUT", "/mytopic", content, nil)
    1848. 

  1848. 		msg := toMessage(t, response.Body.String())
    1849. 

  1849. 		require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1850. 

  1850. 	}
    1851. 

  1851. 

  1852. 	// And a failed one
    1853. 

  1853. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1854. 

  1854. 	err := toHTTPError(t, response.Body.String())
    1855. 

  1855. 	require.Equal(t, 413, response.Code)
    1856. 

  1856. 	require.Equal(t, 41301, err.Code)
    1857. 

  1857. }
    1858. 

  1858. 

  1859. func TestServer_PublishAttachmentAndImmediatelyGetItWithCacheTimeout(t *testing.T) {
    1860. 

  1860. 	// This tests the awkward util.Retry in handleFile: Due to the async persisting of messages,
    1861. 

  1861. 	// the message is not immediately available when attempting to download it.
    1862. 

  1862. 

  1863. 	c := newTestConfig(t)
    1864. 

  1864. 	c.CacheBatchTimeout = 500 * time.Millisecond
    1865. 

  1865. 	c.CacheBatchSize = 10
    1866. 

  1866. 	s := newTestServer(t, c)
    1867. 

  1867. 	content := "this is an ATTACHMENT"
    1868. 

  1868. 	rr := request(t, s, "PUT", "/mytopic?f=myfile.txt", content, nil)
    1869. 

  1869. 	m := toMessage(t, rr.Body.String())
    1870. 

  1870. 	require.Equal(t, "myfile.txt", m.Attachment.Name)
    1871. 

  1871. 

  1872. 	path := strings.TrimPrefix(m.Attachment.URL, "http://127.0.0.1:12345")
    1873. 

  1873. 	rr = request(t, s, "GET", path, "", nil)
    1874. 

  1874. 	require.Equal(t, 200, rr.Code) // Not 404!
    1875. 

  1875. 	require.Equal(t, content, rr.Body.String())
    1876. 

  1876. }
    1877. 

  1877. 

  1878. func TestServer_PublishAttachmentAccountStats(t *testing.T) {
    1879. 

  1879. 	content := util.RandomString(4999) // > 4096
    1880. 

  1880. 

  1881. 	c := newTestConfig(t)
    1882. 

  1882. 	c.AttachmentFileSizeLimit = 5000
    1883. 

  1883. 	c.VisitorAttachmentTotalSizeLimit = 6000
    1884. 

  1884. 	s := newTestServer(t, c)
    1885. 

  1885. 

  1886. 	// Upload one attachment
    1887. 

  1887. 	response := request(t, s, "PUT", "/mytopic", content, nil)
    1888. 

  1888. 	msg := toMessage(t, response.Body.String())
    1889. 

  1889. 	require.Contains(t, msg.Attachment.URL, "http://127.0.0.1:12345/file/")
    1890. 

  1890. 

  1891. 	// User stats
    1892. 

  1892. 	response = request(t, s, "GET", "/v1/account", "", nil)
    1893. 

  1893. 	require.Equal(t, 200, response.Code)
    1894. 

  1894. 	account, err := util.UnmarshalJSON[apiAccountResponse](io.NopCloser(response.Body))
    1895. 

  1895. 	require.Nil(t, err)
    1896. 

  1896. 	require.Equal(t, int64(5000), account.Limits.AttachmentFileSize)
    1897. 

  1897. 	require.Equal(t, int64(6000), account.Limits.AttachmentTotalSize)
    1898. 

  1898. 	require.Equal(t, int64(4999), account.Stats.AttachmentTotalSize)
    1899. 

  1899. 	require.Equal(t, int64(1001), account.Stats.AttachmentTotalSizeRemaining)
    1900. 

  1900. 	require.Equal(t, int64(1), account.Stats.Messages)
    1901. 

  1901. }
    1902. 

  1902. 

  1903. func TestServer_Visitor_XForwardedFor_None(t *testing.T) {
    1904. 

  1904. 	c := newTestConfig(t)
    1905. 

  1905. 	c.BehindProxy = true
    1906. 

  1906. 	s := newTestServer(t, c)
    1907. 

  1907. 	r, _ := http.NewRequest("GET", "/bla", nil)
    1908. 

  1908. 	r.RemoteAddr = "8.9.10.11"
    1909. 

  1909. 	r.Header.Set("X-Forwarded-For", "  ") // Spaces, not empty!
    1910. 

  1910. 	v, err := s.maybeAuthenticate(r)
    1911. 

  1911. 	require.Nil(t, err)
    1912. 

  1912. 	require.Equal(t, "8.9.10.11", v.ip.String())
    1913. 

  1913. }
    1914. 

  1914. 

  1915. func TestServer_Visitor_XForwardedFor_Single(t *testing.T) {
    1916. 

  1916. 	c := newTestConfig(t)
    1917. 

  1917. 	c.BehindProxy = true
    1918. 

  1918. 	s := newTestServer(t, c)
    1919. 

  1919. 	r, _ := http.NewRequest("GET", "/bla", nil)
    1920. 

  1920. 	r.RemoteAddr = "8.9.10.11"
    1921. 

  1921. 	r.Header.Set("X-Forwarded-For", "1.1.1.1")
    1922. 

  1922. 	v, err := s.maybeAuthenticate(r)
    1923. 

  1923. 	require.Nil(t, err)
    1924. 

  1924. 	require.Equal(t, "1.1.1.1", v.ip.String())
    1925. 

  1925. }
    1926. 

  1926. 

  1927. func TestServer_Visitor_XForwardedFor_Multiple(t *testing.T) {
    1928. 

  1928. 	c := newTestConfig(t)
    1929. 

  1929. 	c.BehindProxy = true
    1930. 

  1930. 	s := newTestServer(t, c)
    1931. 

  1931. 	r, _ := http.NewRequest("GET", "/bla", nil)
    1932. 

  1932. 	r.RemoteAddr = "8.9.10.11"
    1933. 

  1933. 	r.Header.Set("X-Forwarded-For", "1.2.3.4 , 2.4.4.2,234.5.2.1 ")
    1934. 

  1934. 	v, err := s.maybeAuthenticate(r)
    1935. 

  1935. 	require.Nil(t, err)
    1936. 

  1936. 	require.Equal(t, "234.5.2.1", v.ip.String())
    1937. 

  1937. }
    1938. 

  1938. 

  1939. func TestServer_PublishWhileUpdatingStatsWithLotsOfMessages(t *testing.T) {
    1940. 

  1940. 	t.Parallel()
    1941. 

  1941. 	count := 50000
    1942. 

  1942. 	c := newTestConfig(t)
    1943. 

  1943. 	c.TotalTopicLimit = 50001
    1944. 

  1944. 	c.CacheStartupQueries = "pragma journal_mode = WAL; pragma synchronous = normal; pragma temp_store = memory;"
    1945. 

  1945. 	s := newTestServer(t, c)
    1946. 

  1946. 

  1947. 	// Add lots of messages
    1948. 

  1948. 	log.Info("Adding %d messages", count)
    1949. 

  1949. 	start := time.Now()
    1950. 

  1950. 	messages := make([]*message, 0)
    1951. 

  1951. 	for i := 0; i < count; i++ {
    1952. 

  1952. 		topicID := fmt.Sprintf("topic%d", i)
    1953. 

  1953. 		_, err := s.topicsFromIDs(topicID) // Add topic to internal s.topics array
    1954. 

  1954. 		require.Nil(t, err)
    1955. 

  1955. 		messages = append(messages, newDefaultMessage(topicID, "some message"))
    1956. 

  1956. 	}
    1957. 

  1957. 	require.Nil(t, s.messageCache.addMessages(messages))
    1958. 

  1958. 	log.Info("Done: Adding %d messages; took %s", count, time.Since(start).Round(time.Millisecond))
    1959. 

  1959. 

  1960. 	// Update stats
    1961. 

  1961. 	statsChan := make(chan bool)
    1962. 

  1962. 	go func() {
    1963. 

  1963. 		log.Info("Updating stats")
    1964. 

  1964. 		start := time.Now()
    1965. 

  1965. 		s.execManager()
    1966. 

  1966. 		log.Info("Done: Updating stats; took %s", time.Since(start).Round(time.Millisecond))
    1967. 

  1967. 		statsChan <- true
    1968. 

  1968. 	}()
    1969. 

  1969. 	time.Sleep(50 * time.Millisecond) // Make sure it starts first
    1970. 

  1970. 

  1971. 	// Publish message (during stats update)
    1972. 

  1972. 	log.Info("Publishing message")
    1973. 

  1973. 	start = time.Now()
    1974. 

  1974. 	response := request(t, s, "PUT", "/mytopic", "some body", nil)
    1975. 

  1975. 	m := toMessage(t, response.Body.String())
    1976. 

  1976. 	assert.Equal(t, "some body", m.Message)
    1977. 

  1977. 	assert.True(t, time.Since(start) < 100*time.Millisecond)
    1978. 

  1978. 	log.Info("Done: Publishing message; took %s", time.Since(start).Round(time.Millisecond))
    1979. 

  1979. 

  1980. 	// Wait for all goroutines
    1981. 

  1981. 	select {
    1982. 

  1982. 	case <-statsChan:
    1983. 

  1983. 	case <-time.After(10 * time.Second):
    1984. 

  1984. 		t.Fatal("Timed out waiting for Go routines")
    1985. 

  1985. 	}
    1986. 

  1986. 	log.Info("Done: Waiting for all locks")
    1987. 

  1987. }
    1988. 

  1988. 

  1989. func TestServer_AnonymousUser_And_NonTierUser_Are_Same_Visitor(t *testing.T) {
    1990. 

  1990. 	conf := newTestConfigWithAuthFile(t)
    1991. 

  1991. 	s := newTestServer(t, conf)
    1992. 

  1992. 	defer s.closeDatabases()
    1993. 

  1993. 

  1994. 	// Create user without tier
    1995. 

  1995. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    1996. 

  1996. 

  1997. 	// Publish a message (anonymous user)
    1998. 

  1998. 	rr := request(t, s, "POST", "/mytopic", "hi", nil)
    1999. 

  1999. 	require.Equal(t, 200, rr.Code)
    2000. 

  2000. 

  2001. 	// Publish a message (non-tier user)
    2002. 

  2002. 	rr = request(t, s, "POST", "/mytopic", "hi", map[string]string{
    2003. 

  2003. 		"Authorization": util.BasicAuth("phil", "phil"),
    2004. 

  2004. 	})
    2005. 

  2005. 	require.Equal(t, 200, rr.Code)
    2006. 

  2006. 

  2007. 	// User stats (anonymous user)
    2008. 

  2008. 	rr = request(t, s, "GET", "/v1/account", "", nil)
    2009. 

  2009. 	account, _ := util.UnmarshalJSON[apiAccountResponse](io.NopCloser(rr.Body))
    2010. 

  2010. 	require.Equal(t, int64(2), account.Stats.Messages)
    2011. 

  2011. 

  2012. 	// User stats (non-tier user)
    2013. 

  2013. 	rr = request(t, s, "GET", "/v1/account", "", map[string]string{
    2014. 

  2014. 		"Authorization": util.BasicAuth("phil", "phil"),
    2015. 

  2015. 	})
    2016. 

  2016. 	account, _ = util.UnmarshalJSON[apiAccountResponse](io.NopCloser(rr.Body))
    2017. 

  2017. 	require.Equal(t, int64(2), account.Stats.Messages)
    2018. 

  2018. }
    2019. 

  2019. 

  2020. func TestServer_SubscriberRateLimiting_Success(t *testing.T) {
    2021. 

  2021. 	c := newTestConfigWithAuthFile(t)
    2022. 

  2022. 	c.VisitorRequestLimitBurst = 3
    2023. 

  2023. 	s := newTestServer(t, c)
    2024. 

  2024. 

  2025. 	// "Register" visitor 1.2.3.4 to topic "subscriber1topic" as a rate limit visitor
    2026. 

  2026. 	subscriber1Fn := func(r *http.Request) {
    2027. 

  2027. 		r.RemoteAddr = "1.2.3.4"
    2028. 

  2028. 	}
    2029. 

  2029. 	rr := request(t, s, "GET", "/subscriber1topic/json?poll=1", "", map[string]string{
    2030. 

  2030. 		"Rate-Topics": "subscriber1topic",
    2031. 

  2031. 	}, subscriber1Fn)
    2032. 

  2032. 	require.Equal(t, 200, rr.Code)
    2033. 

  2033. 	require.Equal(t, "", rr.Body.String())
    2034. 

  2034. 

  2035. 	// "Register" visitor 8.7.7.1 to topic "up012345678912" as a rate limit visitor (implicitly via topic name)
    2036. 

  2036. 	subscriber2Fn := func(r *http.Request) {
    2037. 

  2037. 		r.RemoteAddr = "8.7.7.1"
    2038. 

  2038. 	}
    2039. 

  2039. 	rr = request(t, s, "GET", "/up012345678912/json?poll=1", "", nil, subscriber2Fn)
    2040. 

  2040. 	require.Equal(t, 200, rr.Code)
    2041. 

  2041. 	require.Equal(t, "", rr.Body.String())
    2042. 

  2042. 

  2043. 	// Publish 2 messages to "subscriber1topic" as visitor 9.9.9.9. It'd be 3 normally, but the
    2044. 

  2044. 	// GET request before is also counted towards the request limiter.
    2045. 

  2045. 	for i := 0; i < 2; i++ {
    2046. 

  2046. 		rr := request(t, s, "PUT", "/subscriber1topic", "some message", nil)
    2047. 

  2047. 		require.Equal(t, 200, rr.Code)
    2048. 

  2048. 	}
    2049. 

  2049. 	rr = request(t, s, "PUT", "/subscriber1topic", "some message", nil)
    2050. 

  2050. 	require.Equal(t, 429, rr.Code)
    2051. 

  2051. 

  2052. 	// Publish another 2 messages to "up012345678912" as visitor 9.9.9.9
    2053. 

  2053. 	for i := 0; i < 2; i++ {
    2054. 

  2054. 		rr := request(t, s, "PUT", "/up012345678912", "some message", nil)
    2055. 

  2055. 		require.Equal(t, 200, rr.Code) // If we fail here, handlePublish is using the wrong visitor!
    2056. 

  2056. 	}
    2057. 

  2057. 	rr = request(t, s, "PUT", "/up012345678912", "some message", nil)
    2058. 

  2058. 	require.Equal(t, 429, rr.Code)
    2059. 

  2059. 

  2060. 	// Hurray! At this point, visitor 9.9.9.9 has published 4 messages, even though
    2061. 

  2061. 	// VisitorRequestLimitBurst is 3. That means it's working.
    2062. 

  2062. 

  2063. 	// Now let's confirm that so far we haven't used up any of visitor 9.9.9.9's request limiter
    2064. 

  2064. 	// by publishing another 3 requests from it.
    2065. 

  2065. 	for i := 0; i < 3; i++ {
    2066. 

  2066. 		rr := request(t, s, "PUT", "/some-other-topic", "some message", nil)
    2067. 

  2067. 		require.Equal(t, 200, rr.Code)
    2068. 

  2068. 	}
    2069. 

  2069. 	rr = request(t, s, "PUT", "/some-other-topic", "some message", nil)
    2070. 

  2070. 	require.Equal(t, 429, rr.Code)
    2071. 

  2071. }
    2072. 

  2072. 

  2073. func TestServer_SubscriberRateLimiting_UP_Only(t *testing.T) {
    2074. 

  2074. 	c := newTestConfigWithAuthFile(t)
    2075. 

  2075. 	c.VisitorRequestLimitBurst = 3
    2076. 

  2076. 	s := newTestServer(t, c)
    2077. 

  2077. 

  2078. 	// "Register" 5 different UnifiedPush visitors
    2079. 

  2079. 	for i := 0; i < 5; i++ {
    2080. 

  2080. 		subscriberFn := func(r *http.Request) {
    2081. 

  2081. 			r.RemoteAddr = fmt.Sprintf("1.2.3.%d", i+1)
    2082. 

  2082. 		}
    2083. 

  2083. 		rr := request(t, s, "GET", fmt.Sprintf("/up12345678901%d/json?poll=1", i), "", nil, subscriberFn)
    2084. 

  2084. 		require.Equal(t, 200, rr.Code)
    2085. 

  2085. 	}
    2086. 

  2086. 

  2087. 	// Publish 2 messages per topic
    2088. 

  2088. 	for i := 0; i < 5; i++ {
    2089. 

  2089. 		for j := 0; j < 2; j++ {
    2090. 

  2090. 			rr := request(t, s, "PUT", fmt.Sprintf("/up12345678901%d?up=1", i), "some message", nil)
    2091. 

  2091. 			require.Equal(t, 200, rr.Code)
    2092. 

  2092. 		}
    2093. 

  2093. 	}
    2094. 

  2094. }
    2095. 

  2095. 

  2096. func TestServer_Matrix_SubscriberRateLimiting_UP_Only(t *testing.T) {
    2097. 

  2097. 	c := newTestConfig(t)
    2098. 

  2098. 	c.VisitorRequestLimitBurst = 3
    2099. 

  2099. 	s := newTestServer(t, c)
    2100. 

  2100. 

  2101. 	// "Register" 5 different UnifiedPush visitors
    2102. 

  2102. 	for i := 0; i < 5; i++ {
    2103. 

  2103. 		rr := request(t, s, "GET", fmt.Sprintf("/up12345678901%d/json?poll=1", i), "", nil, func(r *http.Request) {
    2104. 

  2104. 			r.RemoteAddr = fmt.Sprintf("1.2.3.%d", i+1)
    2105. 

  2105. 		})
    2106. 

  2106. 		require.Equal(t, 200, rr.Code)
    2107. 

  2107. 	}
    2108. 

  2108. 

  2109. 	// Publish 2 messages per topic
    2110. 

  2110. 	for i := 0; i < 5; i++ {
    2111. 

  2111. 		notification := fmt.Sprintf(`{"notification":{"devices":[{"pushkey":"http://127.0.0.1:12345/up12345678901%d?up=1"}]}}`, i)
    2112. 

  2112. 		for j := 0; j < 2; j++ {
    2113. 

  2113. 			response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    2114. 

  2114. 			require.Equal(t, 200, response.Code)
    2115. 

  2115. 			require.Equal(t, `{"rejected":[]}`+"\n", response.Body.String())
    2116. 

  2116. 		}
    2117. 

  2117. 		response := request(t, s, "POST", "/_matrix/push/v1/notify", notification, nil)
    2118. 

  2118. 		require.Equal(t, 429, response.Code, notification)
    2119. 

  2119. 		require.Equal(t, 42901, toHTTPError(t, response.Body.String()).Code)
    2120. 

  2120. 	}
    2121. 

  2121. }
    2122. 

  2122. 

  2123. func TestServer_SubscriberRateLimiting_VisitorExpiration(t *testing.T) {
    2124. 

  2124. 	c := newTestConfig(t)
    2125. 

  2125. 	c.VisitorRequestLimitBurst = 3
    2126. 

  2126. 	s := newTestServer(t, c)
    2127. 

  2127. 

  2128. 	// "Register" rate visitor
    2129. 

  2129. 	subscriberFn := func(r *http.Request) {
    2130. 

  2130. 		r.RemoteAddr = "1.2.3.4"
    2131. 

  2131. 	}
    2132. 

  2132. 	rr := request(t, s, "GET", "/mytopic/json?poll=1", "", map[string]string{
    2133. 

  2133. 		"rate-topics": "mytopic",
    2134. 

  2134. 	}, subscriberFn)
    2135. 

  2135. 	require.Equal(t, 200, rr.Code)
    2136. 

  2136. 	require.Equal(t, "1.2.3.4", s.topics["mytopic"].rateVisitor.ip.String())
    2137. 

  2137. 	require.Equal(t, s.visitors["ip:1.2.3.4"], s.topics["mytopic"].rateVisitor)
    2138. 

  2138. 

  2139. 	// Publish message, observe rate visitor tokens being decreased
    2140. 

  2140. 	response := request(t, s, "POST", "/mytopic", "some message", nil)
    2141. 

  2141. 	require.Equal(t, 200, response.Code)
    2142. 

  2142. 	require.Equal(t, int64(0), s.visitors["ip:9.9.9.9"].messagesLimiter.Value())
    2143. 

  2143. 	require.Equal(t, int64(1), s.topics["mytopic"].rateVisitor.messagesLimiter.Value())
    2144. 

  2144. 	require.Equal(t, s.visitors["ip:1.2.3.4"], s.topics["mytopic"].rateVisitor)
    2145. 

  2145. 

  2146. 	// Expire visitor
    2147. 

  2147. 	s.visitors["ip:1.2.3.4"].seen = time.Now().Add(-1 * 25 * time.Hour)
    2148. 

  2148. 	s.pruneVisitors()
    2149. 

  2149. 

  2150. 	// Publish message again, observe that rateVisitor is not used anymore and is reset
    2151. 

  2151. 	response = request(t, s, "POST", "/mytopic", "some message", nil)
    2152. 

  2152. 	require.Equal(t, 200, response.Code)
    2153. 

  2153. 	require.Equal(t, int64(1), s.visitors["ip:9.9.9.9"].messagesLimiter.Value())
    2154. 

  2154. 	require.Nil(t, s.topics["mytopic"].rateVisitor)
    2155. 

  2155. 	require.Nil(t, s.visitors["ip:1.2.3.4"])
    2156. 

  2156. }
    2157. 

  2157. 

  2158. func TestServer_SubscriberRateLimiting_ProtectedTopics(t *testing.T) {
    2159. 

  2159. 	c := newTestConfigWithAuthFile(t)
    2160. 

  2160. 	c.AuthDefault = user.PermissionDenyAll
    2161. 

  2161. 	s := newTestServer(t, c)
    2162. 

  2162. 

  2163. 	// Create some ACLs
    2164. 

  2164. 	require.Nil(t, s.userManager.AddTier(&user.Tier{
    2165. 

  2165. 		Code:         "test",
    2166. 

  2166. 		MessageLimit: 5,
    2167. 

  2167. 	}))
    2168. 

  2168. 	require.Nil(t, s.userManager.AddUser("ben", "ben", user.RoleUser))
    2169. 

  2169. 	require.Nil(t, s.userManager.ChangeTier("ben", "test"))
    2170. 

  2170. 	require.Nil(t, s.userManager.AllowAccess("ben", "announcements", user.PermissionReadWrite))
    2171. 

  2171. 	require.Nil(t, s.userManager.AllowAccess(user.Everyone, "announcements", user.PermissionRead))
    2172. 

  2172. 	require.Nil(t, s.userManager.AllowAccess(user.Everyone, "public_topic", user.PermissionReadWrite))
    2173. 

  2173. 

  2174. 	require.Nil(t, s.userManager.AddUser("phil", "phil", user.RoleUser))
    2175. 

  2175. 	require.Nil(t, s.userManager.ChangeTier("phil", "test"))
    2176. 

  2176. 	require.Nil(t, s.userManager.AddReservation("phil", "reserved-for-phil", user.PermissionReadWrite))
    2177. 

  2177. 

  2178. 	// Set rate visitor as user "phil" on topic
    2179. 

  2179. 	// - "reserved-for-phil": Allowed, because I am the owner
    2180. 

  2180. 	// - "public_topic": Allowed, because it has read-write permissions for everyone
    2181. 

  2181. 	// - "announcements": NOT allowed, because it has read-only permissions for everyone
    2182. 

  2182. 	rr := request(t, s, "GET", "/reserved-for-phil,public_topic,announcements/json?poll=1", "", map[string]string{
    2183. 

  2183. 		"Authorization": util.BasicAuth("phil", "phil"),
    2184. 

  2184. 		"Rate-Topics":   "reserved-for-phil,public_topic,announcements",
    2185. 

  2185. 	})
    2186. 

  2186. 	require.Equal(t, 200, rr.Code)
    2187. 

  2187. 	require.Equal(t, "phil", s.topics["reserved-for-phil"].rateVisitor.user.Name)
    2188. 

  2188. 	require.Equal(t, "phil", s.topics["public_topic"].rateVisitor.user.Name)
    2189. 

  2189. 	require.Nil(t, s.topics["announcements"].rateVisitor)
    2190. 

  2190. 

  2191. 	// Set rate visitor as user "ben" on topic
    2192. 

  2192. 	// - "reserved-for-phil": NOT allowed, because I am not the owner
    2193. 

  2193. 	// - "public_topic": Allowed, because it has read-write permissions for everyone
    2194. 

  2194. 	// - "announcements": Allowed, because I have read-write permissions
    2195. 

  2195. 	rr = request(t, s, "GET", "/reserved-for-phil,public_topic,announcements/json?poll=1", "", map[string]string{
    2196. 

  2196. 		"Authorization": util.BasicAuth("ben", "ben"),
    2197. 

  2197. 		"Rate-Topics":   "reserved-for-phil,public_topic,announcements",
    2198. 

  2198. 	})
    2199. 

  2199. 	require.Equal(t, 200, rr.Code)
    2200. 

  2200. 	require.Equal(t, "phil", s.topics["reserved-for-phil"].rateVisitor.user.Name)
    2201. 

  2201. 	require.Equal(t, "ben", s.topics["public_topic"].rateVisitor.user.Name)
    2202. 

  2202. 	require.Equal(t, "ben", s.topics["announcements"].rateVisitor.user.Name)
    2203. 

  2203. }
    2204. 

  2204. 

  2205. func TestServer_SubscriberRateLimiting_ProtectedTopics_WithDefaultReadWrite(t *testing.T) {
    2206. 

  2206. 	c := newTestConfigWithAuthFile(t)
    2207. 

  2207. 	c.AuthDefault = user.PermissionReadWrite
    2208. 

  2208. 	s := newTestServer(t, c)
    2209. 

  2209. 

  2210. 	// Create some ACLs
    2211. 

  2211. 	require.Nil(t, s.userManager.AllowAccess(user.Everyone, "announcements", user.PermissionRead))
    2212. 

  2212. 

  2213. 	// Set rate visitor as ip:1.2.3.4 on topic
    2214. 

  2214. 	// - "up123456789012": Allowed, because no ACLs and nobody owns the topic
    2215. 

  2215. 	// - "announcements": NOT allowed, because it has read-only permissions for everyone
    2216. 

  2216. 	rr := request(t, s, "GET", "/up123456789012,announcements/json?poll=1", "", nil, func(r *http.Request) {
    2217. 

  2217. 		r.RemoteAddr = "1.2.3.4"
    2218. 

  2218. 	})
    2219. 

  2219. 	require.Equal(t, 200, rr.Code)
    2220. 

  2220. 	require.Equal(t, "1.2.3.4", s.topics["up123456789012"].rateVisitor.ip.String())
    2221. 

  2221. 	require.Nil(t, s.topics["announcements"].rateVisitor)
    2222. 

  2222. }
    2223. 

  2223. 

  2224. func newTestConfig(t *testing.T) *Config {
    2225. 

  2225. 	conf := NewConfig()
    2226. 

  2226. 	conf.BaseURL = "http://127.0.0.1:12345"
    2227. 

  2227. 	conf.CacheFile = filepath.Join(t.TempDir(), "cache.db")
    2228. 

  2228. 	conf.CacheStartupQueries = "pragma journal_mode = WAL; pragma synchronous = normal; pragma temp_store = memory;"
    2229. 

  2229. 	conf.AttachmentCacheDir = t.TempDir()
    2230. 

  2230. 	return conf
    2231. 

  2231. }
    2232. 

  2232. 

  2233. func newTestConfigWithAuthFile(t *testing.T) *Config {
    2234. 

  2234. 	conf := newTestConfig(t)
    2235. 

  2235. 	conf.AuthFile = filepath.Join(t.TempDir(), "user.db")
    2236. 

  2236. 	conf.AuthStartupQueries = "pragma journal_mode = WAL; pragma synchronous = normal; pragma temp_store = memory;"
    2237. 

  2237. 	conf.AuthBcryptCost = bcrypt.MinCost // This speeds up tests a lot
    2238. 

  2238. 	return conf
    2239. 

  2239. }
    2240. 

  2240. 

  2241. func newTestServer(t *testing.T, config *Config) *Server {
    2242. 

  2242. 	server, err := New(config)
    2243. 

  2243. 	if err != nil {
    2244. 

  2244. 		t.Fatal(err)
    2245. 

  2245. 	}
    2246. 

  2246. 	return server
    2247. 

  2247. }
    2248. 

  2248. 

  2249. func request(t *testing.T, s *Server, method, url, body string, headers map[string]string, fn ...func(r *http.Request)) *httptest.ResponseRecorder {
    2250. 

  2250. 	rr := httptest.NewRecorder()
    2251. 

  2251. 	r, err := http.NewRequest(method, url, strings.NewReader(body))
    2252. 

  2252. 	if err != nil {
    2253. 

  2253. 		t.Fatal(err)
    2254. 

  2254. 	}
    2255. 

  2255. 	r.RemoteAddr = "9.9.9.9" // Used for tests
    2256. 

  2256. 	for k, v := range headers {
    2257. 

  2257. 		r.Header.Set(k, v)
    2258. 

  2258. 	}
    2259. 

  2259. 	for _, f := range fn {
    2260. 

  2260. 		f(r)
    2261. 

  2261. 	}
    2262. 

  2262. 	s.handle(rr, r)
    2263. 

  2263. 	return rr
    2264. 

  2264. }
    2265. 

  2265. 

  2266. func subscribe(t *testing.T, s *Server, url string, rr *httptest.ResponseRecorder) context.CancelFunc {
    2267. 

  2267. 	ctx, cancel := context.WithCancel(context.Background())
    2268. 

  2268. 	req, err := http.NewRequestWithContext(ctx, "GET", url, nil)
    2269. 

  2269. 	if err != nil {
    2270. 

  2270. 		t.Fatal(err)
    2271. 

  2271. 	}
    2272. 

  2272. 	done := make(chan bool)
    2273. 

  2273. 	go func() {
    2274. 

  2274. 		s.handle(rr, req)
    2275. 

  2275. 		done <- true
    2276. 

  2276. 	}()
    2277. 

  2277. 	cancelAndWaitForDone := func() {
    2278. 

  2278. 		time.Sleep(200 * time.Millisecond)
    2279. 

  2279. 		cancel()
    2280. 

  2280. 		<-done
    2281. 

  2281. 	}
    2282. 

  2282. 	time.Sleep(200 * time.Millisecond)
    2283. 

  2283. 	return cancelAndWaitForDone
    2284. 

  2284. }
    2285. 

  2285. 

  2286. func toMessages(t *testing.T, s string) []*message {
    2287. 

  2287. 	messages := make([]*message, 0)
    2288. 

  2288. 	scanner := bufio.NewScanner(strings.NewReader(s))
    2289. 

  2289. 	for scanner.Scan() {
    2290. 

  2290. 		messages = append(messages, toMessage(t, scanner.Text()))
    2291. 

  2291. 	}
    2292. 

  2292. 	return messages
    2293. 

  2293. }
    2294. 

  2294. 

  2295. func toMessage(t *testing.T, s string) *message {
    2296. 

  2296. 	var m message
    2297. 

  2297. 	require.Nil(t, json.NewDecoder(strings.NewReader(s)).Decode(&m))
    2298. 

  2298. 	return &m
    2299. 

  2299. }
    2300. 

  2300. 

  2301. func toHTTPError(t *testing.T, s string) *errHTTP {
    2302. 

  2302. 	var e errHTTP
    2303. 

  2303. 	require.Nil(t, json.NewDecoder(strings.NewReader(s)).Decode(&e))
    2304. 

  2304. 	return &e
    2305. 

  2305. }
    2306. 

  2306. 

  2307. func readAll(t *testing.T, rc io.ReadCloser) string {
    2308. 

  2308. 	b, err := io.ReadAll(rc)
    2309. 

  2309. 	if err != nil {
    2310. 

  2310. 		t.Fatal(err)
    2311. 

  2311. 	}
    2312. 

  2312. 	return string(b)
    2313. 

  2313. }
    2314.