remove redundant tests

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby 2023-06-16 12:37:52 +02:00 committed by Kristoffer Dalby
parent 88ca2501d1
commit fcdc7a6f7d
2 changed files with 34 additions and 149 deletions

View file

@ -12,7 +12,6 @@ import (
"github.com/juanfont/headscale/hscontrol/types" "github.com/juanfont/headscale/hscontrol/types"
"github.com/juanfont/headscale/hscontrol/util" "github.com/juanfont/headscale/hscontrol/util"
"gopkg.in/check.v1" "gopkg.in/check.v1"
"tailscale.com/tailcfg"
"tailscale.com/types/key" "tailscale.com/types/key"
) )
@ -659,131 +658,3 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) {
c.Assert(channelUpdates, check.Equals, int32(4)) c.Assert(channelUpdates, check.Equals, int32(4))
} }
func TestMachine_canAccess(t *testing.T) {
type args struct {
filter []tailcfg.FilterRule
machine2 *types.Machine
}
tests := []struct {
name string
machine types.Machine
args args
want bool
}{
{
name: "no-rules",
machine: types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.1"),
},
},
args: args{
filter: []tailcfg.FilterRule{},
machine2: &types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.2"),
},
},
},
want: false,
},
{
name: "wildcard",
machine: types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.1"),
},
},
args: args{
filter: []tailcfg.FilterRule{
{
SrcIPs: []string{"*"},
DstPorts: []tailcfg.NetPortRange{
{
IP: "*",
Ports: tailcfg.PortRange{
First: 0,
Last: 65535,
},
},
},
},
},
machine2: &types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.2"),
},
},
},
want: true,
},
{
name: "explicit-m1-to-m2",
machine: types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.1"),
},
},
args: args{
filter: []tailcfg.FilterRule{
{
SrcIPs: []string{"10.0.0.1"},
DstPorts: []tailcfg.NetPortRange{
{
IP: "10.0.0.2",
Ports: tailcfg.PortRange{
First: 0,
Last: 65535,
},
},
},
},
},
machine2: &types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.2"),
},
},
},
want: true,
},
{
name: "explicit-m2-to-m1",
machine: types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.1"),
},
},
args: args{
filter: []tailcfg.FilterRule{
{
SrcIPs: []string{"10.0.0.2"},
DstPorts: []tailcfg.NetPortRange{
{
IP: "10.0.0.1",
Ports: tailcfg.PortRange{
First: 0,
Last: 65535,
},
},
},
},
},
machine2: &types.Machine{
IPAddresses: types.MachineAddresses{
netip.MustParseAddr("10.0.0.2"),
},
},
},
want: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
if got := tt.machine.CanAccess(tt.args.filter, tt.args.machine2); got != tt.want {
t.Errorf("Machine.CanAccess() = %v, want %v", got, tt.want)
}
})
}
}

View file

@ -16,18 +16,44 @@ func Test_MachineCanAccess(t *testing.T) {
want bool want bool
}{ }{
{ {
name: "other-cant-access-src", name: "no-rules",
machine1: Machine{ machine1: Machine{
ID: 0, IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.1")},
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.1")}, },
Hostname: "mini", machine2: Machine{
User: User{Name: "mini"}, IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.2")},
},
rules: []tailcfg.FilterRule{},
want: false,
},
{
name: "wildcard",
machine1: Machine{
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.1")},
},
machine2: Machine{
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.2")},
},
rules: []tailcfg.FilterRule{
{
SrcIPs: []string{"*"},
DstPorts: []tailcfg.NetPortRange{
{
IP: "*",
Ports: tailcfg.PortRangeAny,
},
},
},
},
want: true,
},
{
name: "other-cant-access-src",
machine1: Machine{
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.1")},
}, },
machine2: Machine{ machine2: Machine{
ID: 2,
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")}, IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
Hostname: "peer2",
User: User{Name: "peer2"},
}, },
rules: []tailcfg.FilterRule{ rules: []tailcfg.FilterRule{
{ {
@ -42,16 +68,10 @@ func Test_MachineCanAccess(t *testing.T) {
{ {
name: "dest-cant-access-src", name: "dest-cant-access-src",
machine1: Machine{ machine1: Machine{
ID: 2,
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")}, IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
Hostname: "peer2",
User: User{Name: "peer2"},
}, },
machine2: Machine{ machine2: Machine{
ID: 0,
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")}, IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")},
Hostname: "mini",
User: User{Name: "mini"},
}, },
rules: []tailcfg.FilterRule{ rules: []tailcfg.FilterRule{
{ {
@ -66,16 +86,10 @@ func Test_MachineCanAccess(t *testing.T) {
{ {
name: "src-can-access-dest", name: "src-can-access-dest",
machine1: Machine{ machine1: Machine{
ID: 0,
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")}, IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")},
Hostname: "mini",
User: User{Name: "mini"},
}, },
machine2: Machine{ machine2: Machine{
ID: 2,
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")}, IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
Hostname: "peer2",
User: User{Name: "peer2"},
}, },
rules: []tailcfg.FilterRule{ rules: []tailcfg.FilterRule{
{ {