Do not allow external requests during testing

ElixirTeSS · Nov 21, 2024 · 45ecb06 · 45ecb06
1 parent 55d2430
commit 45ecb06
Show file tree

Hide file tree

Showing 6 changed files with 44 additions and 15 deletions.
diff --git a/test/config/test_ingestion_bad.yml b/test/config/test_ingestion_bad.yml
@@ -4,6 +4,6 @@ username: Bob
 sources:
   - id: 1
     provider: 'Dummy Provider'            # content provider's title - not found
-    url: https://app.com/event.csv      # the root URL required to access the source
+    url: https://app.com/events.csv      # the root URL required to access the source
     method: csv                         # one of 'csv', 'api', 'html'
     enabled: true
diff --git a/test/controllers/application_controller_test.rb b/test/controllers/application_controller_test.rb
@@ -36,8 +36,10 @@ class ApplicationControllerTest < ActionController::TestCase
     get :test_url, params: { url: 'http://notrealhost.goldfish', format: :json }
     assert_equal 'Could not access the given URL', JSON.parse(response.body)['message']
 
-    get :test_url, params: { url: 'http://127.0.0.1', format: :json }
-    assert_equal 'Could not access the given URL', JSON.parse(response.body)['message']
+    with_net_connection do
+      get :test_url, params: { url: 'http://127.0.0.1', format: :json }
+      assert_equal 'Could not access the given URL', JSON.parse(response.body)['message']
+    end
   end
 
 end
diff --git a/test/models/profile_test.rb b/test/models/profile_test.rb
@@ -84,8 +84,10 @@ class ProfileTest < ActiveSupport::TestCase
     refute profile.errors.added?(:website, 'is blocked')
 
     # private address
-    refute profile.update(website: 'http://127.0.0.1')
-    assert profile.errors.added?(:website, 'is not accessible')
+    with_net_connection do # Allow request through to be caught by private_address_check
+      refute profile.update(website: 'http://127.0.0.1')
+      assert profile.errors.added?(:website, 'is not accessible')
+    end
 
     # address that times out
     refute profile.update(website: 'http://slowhost.com')

diff --git a/test/models/source_test.rb b/test/models/source_test.rb
@@ -1,7 +1,6 @@
 require 'test_helper'
 
 class SourceTest < ActiveSupport::TestCase
-
   setup do
     @user = users :scraper_user
     assert_not_nil @user
@@ -238,7 +237,7 @@ class SourceTest < ActiveSupport::TestCase
     User.current_user = source.user
 
     assert_difference('PublicActivity::Activity.count', 2) do
-      source.url = 'https://icalendars.golf/calendar123.ical'
+      source.url = 'https://pawsey.org.au/event/pawsey-intern-showcase-2022/?ical=true'
       source.method = 'ical'
       source.save!
     end

diff --git a/test/test_helper.rb b/test/test_helper.rb
@@ -25,7 +25,7 @@
 require 'vcr'
 require_relative './schema_helper'
 
-WebMock.disable_net_connect!(allow_localhost: true, allow: 'api.codacy.com')
+WebMock.disable_net_connect!(allow_localhost: true)
 unless ENV['RM_INFO']
   Minitest::Reporters.use! [Minitest::Reporters::DefaultReporter.new(
     fast_fail: true, color: true, detailed_skip: false, slow_count: 10
@@ -35,7 +35,7 @@
 VCR.configure do |config|
   config.cassette_library_dir = 'test/vcr_cassettes'
   config.hook_into :webmock
-  config.allow_http_connections_when_no_cassette = true
+  # config.allow_http_connections_when_no_cassette = true
 end
 
 class ActiveSupport::TestCase
@@ -74,6 +74,27 @@ def with_settings(settings, overwrite = false, &block)
     orig_config.each { |k, v| TeSS::Config[k] = v }
   end
 
+  # Allow a net request to bypass VCR and webmock
+  def with_net_connection(&block)
+    @__webmock_allow_net_connect = WebMock::Config.instance.allow_net_connect
+    @__webmock_opts = {
+      allow_localhost: WebMock::Config.instance.allow_localhost,
+      allow: WebMock::Config.instance.allow,
+      net_http_connect_on_start: WebMock::Config.instance.net_http_connect_on_start
+    }
+    WebMock.allow_net_connect!
+    VCR.configure do |c|
+      @__vcr_allow_http = c.allow_http_connections_when_no_cassette?
+      c.allow_http_connections_when_no_cassette = true
+    end
+    block.call
+  ensure
+    WebMock.disable_net_connect!(@__webmock_opts) unless @__webmock_allow_net_connect
+    VCR.configure do |c|
+      c.allow_http_connections_when_no_cassette = @__vcr_allow_http
+    end
+  end
+
   # reset dictionaries to their default values
   def reset_dictionaries
     dictionaries = TeSS::Config.dictionaries
@@ -210,6 +231,8 @@ def mock_orcids
 
   def mock_ingestions
     [{ url: 'https://app.com/events.csv', filename: 'events.csv' },
+     { url: 'https://somewhere.com/stuff', filename: 'events.csv' },
+     { url: 'https://website.org/', filename: 'events.csv' },
      { url: 'https://raw.githubusercontent.com/nci900/NCI_feed_to_DReSA/master/event_NCI.csv', filename: 'events_NCI.csv' },
      { url: 'https://app.com/materials.csv', filename: 'materials.csv' },
      { url: 'https://app.com/events/event3.html' },
@@ -219,6 +242,7 @@ def mock_ingestions
      { url: 'https://zenodo.org/api/records/?communities=australianbiocommons-training', filename: 'zenodo_abt.json' },
      { url: 'https://tess.elixir-europe.org/events?include_expired=false&content_provider[]=Australian BioCommons', filename: 'response_1642570417380.json' },
      { url: 'https://app.com/events/sitemap.xml', filename: 'Test-Sitemap.xml' },
+     { url: 'https://new.source.loc/sitemap.xml', filename: 'Test-Sitemap.xml' },
      { url: 'https://pawsey.org.au/event/ask-me-anything-porous-media-visualisation-and-lbpm/?ical=true', filename: 'icalendar/ask-me-anything-porous-media-visualisation-and-lbpm.ics' },
      { url: 'https://pawsey.org.au/event/experience-with-porting-and-scaling-codes-on-amd-gpus/?ical=true', filename: 'icalendar/experience-with-porting-and-scaling-codes-on-amd-gpus.ics' },
      { url: 'https://pawsey.org.au/event/nvidia-cuquantum-session/?ical=true', filename: 'icalendar/nvidia-cuquantum-session.ics' },
@@ -250,7 +274,7 @@ def mock_ingestions
      { url: 'https://www.eventbriteapi.com/v3/organizations/34338661734', status: 404 }].each do |opts|
       url = opts.delete(:url)
       method = opts.delete(:method) || :get
-      opts[:body] = File.open(Rails.root.join('test', 'fixtures', 'files', 'ingestion', opts.delete(:filename))) if opts.key?(:filename)
+      opts[:body] ||= File.open(Rails.root.join('test', 'fixtures', 'files', 'ingestion', opts.delete(:filename))) if opts.key?(:filename)
       opts[:status] ||= 200
       opts[:headers] ||= {}
 

diff --git a/test/unit/image_attachment_test.rb b/test/unit/image_attachment_test.rb
@@ -103,12 +103,14 @@ class ImageAttachmentTest < ActiveSupport::TestCase
   end
 
   test 'should not permit internal image URL address' do
-    provider = content_providers(:goblet)
-    provider.image_url = 'http://127.0.0.1/image.png'
+    with_net_connection do # Allow request through to be caught by private_address_check
+      provider = content_providers(:goblet)
+      provider.image_url = 'http://127.0.0.1/image.png'
 
-    refute provider.save
+      refute provider.save
 
-    assert_equal 1, provider.errors[:image_url].length
-    assert provider.errors[:image_url].first.include?('could not be accessed')
+      assert_equal 1, provider.errors[:image_url].length
+      assert provider.errors[:image_url].first.include?('could not be accessed')
+    end
   end
 end