Skip to content

Commit

Permalink
Merge pull request #969 from mhaskel/test_fixes
Browse files Browse the repository at this point in the history
Even more mod_security test fixes
  • Loading branch information
cmurphy committed Dec 23, 2014
2 parents d72247a + 1c40ea3 commit 7157b4d
Show file tree
Hide file tree
Showing 2 changed files with 22 additions and 22 deletions.
42 changes: 21 additions & 21 deletions spec/acceptance/mod_security_spec.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
require 'spec_helper_acceptance'

describe 'apache::mod::security class', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
describe 'apache::mod::security class', :unless => (UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) or (fact('osfamily') == 'Debian' and (fact('lsbdistcodename') == 'squeeze' or fact('lsbdistcodename') == 'lucid' or fact('lsbdistcodename') == 'precise'))) do
case fact('osfamily')
when 'Debian'
mod_dir = '/etc/apache2/mods-available'
Expand All @@ -22,13 +22,13 @@

it 'succeeds in puppeting mod_security' do
pp= <<-EOS
host { 'modsec.example.com': ip => '127.0.0.1', }
class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
docroot => '/var/www/html',
}
host { 'modsec.example.com': ip => '127.0.0.1', }
file { '/var/www/html/index.html':
ensure => file,
content => 'Index page',
Expand All @@ -51,31 +51,31 @@ class { 'apache::mod::security': }
end

it 'should return index page' do
shell('/usr/bin/curl -H"User-Agent: beaker" modsec.example.com:80') do |r|
shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r|
expect(r.stdout).to match(/Index page/)
expect(r.exit_code).to eq(0)
end
end

it 'should block query with SQL' do
shell '/usr/bin/curl -H"User-Agent beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
end

end #default mod_security config

context "mod_security should allow disabling by vhost" do
it 'succeeds in puppeting mod_security' do
pp= <<-EOS
host { 'modsec.example.com': ip => '127.0.0.1', }
class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
docroot => '/var/www/html',
port => '80',
docroot => '/var/www/html',
}
host { 'modsec.example.com': ip => '127.0.0.1', }
file { '/var/www/html/index.html':
ensure => file,
content => "Index page\\n",
content => 'Index page',
}
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -91,7 +91,7 @@ class { 'apache::mod::security': }
end

it 'should block query with SQL' do
shell '/usr/bin/curl -H"User-Agent: beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
end

it 'should disable mod_security per vhost' do
Expand All @@ -108,7 +108,7 @@ class { 'apache::mod::security': }
end

it 'should return index page' do
shell('/usr/bin/curl -H"User-Agent: beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r|
shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r|
expect(r.stdout).to match(/Index page/)
expect(r.exit_code).to eq(0)
end
Expand All @@ -118,16 +118,16 @@ class { 'apache::mod::security': }
context "mod_security should allow disabling by ip" do
it 'succeeds in puppeting mod_security' do
pp= <<-EOS
host { 'modsec.example.com': ip => '127.0.0.1', }
class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
docroot => '/var/www/html',
port => '80',
docroot => '/var/www/html',
}
host { 'modsec.example.com': ip => '127.0.0.1', }
file { '/var/www/html/index.html':
ensure => file,
content => "Index page\\n",
content => 'Index page',
}
EOS
apply_manifest(pp, :catch_failures => true)
Expand All @@ -143,7 +143,7 @@ class { 'apache::mod::security': }
end

it 'should block query with SQL' do
shell '/usr/bin/curl -H"User-Agent: beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
end

it 'should disable mod_security per vhost' do
Expand All @@ -160,7 +160,7 @@ class { 'apache::mod::security': }
end

it 'should return index page' do
shell('/usr/bin/curl -H"User-Agent: beaker" modsec.example.com:80') do |r|
shell('/usr/bin/curl -A beaker modsec.example.com:80') do |r|
expect(r.stdout).to match(/Index page/)
expect(r.exit_code).to eq(0)
end
Expand All @@ -170,13 +170,13 @@ class { 'apache::mod::security': }
context "mod_security should allow disabling by id" do
it 'succeeds in puppeting mod_security' do
pp= <<-EOS
host { 'modsec.example.com': ip => '127.0.0.1', }
class { 'apache': }
class { 'apache::mod::security': }
apache::vhost { 'modsec.example.com':
port => '80',
docroot => '/var/www/html',
port => '80',
docroot => '/var/www/html',
}
host { 'modsec.example.com': ip => '127.0.0.1', }
file { '/var/www/html/index.html':
ensure => file,
content => 'Index page',
Expand All @@ -199,7 +199,7 @@ class { 'apache::mod::security': }
end

it 'should block query with SQL' do
shell '/usr/bin/curl -H"User-Agent: beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
shell '/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users', :acceptable_exit_codes => [22]
end

it 'should disable mod_security per vhost' do
Expand All @@ -216,7 +216,7 @@ class { 'apache::mod::security': }
end

it 'should return index page' do
shell('/usr/bin/curl -H"User-Agent: beaker" -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r|
shell('/usr/bin/curl -A beaker -f modsec.example.com:80?SELECT%20*FROM%20mysql.users') do |r|
expect(r.stdout).to match(/Index page/)
expect(r.exit_code).to eq(0)
end
Expand Down
2 changes: 1 addition & 1 deletion spec/spec_helper_acceptance.rb
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@
on host, puppet('module','install','puppetlabs-apt'), { :acceptable_exit_codes => [0,1] }
end
on host, puppet('module','install','puppetlabs-stdlib'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module','install','puppetlabs-concat'), { :acceptable_exit_codes => [0,1] }
on host, puppet('module','install','puppetlabs-concat', '--version 1.1.1', '--force'), { :acceptable_exit_codes => [0,1] }
end
end
end

0 comments on commit 7157b4d

Please sign in to comment.