feature(api): add forbidden_network? to api_token

This commit is contained in:
simon lehericey 2023-12-21 13:59:21 +01:00
parent 352924ed52
commit 6e5678d1c2
2 changed files with 38 additions and 0 deletions

View file

@ -65,6 +65,12 @@ class APIToken < ApplicationRecord
end
end
def forbidden_network?(ip)
return false if authorized_networks.blank?
authorized_networks.none? { |range| range.include?(ip) }
end
class << self
def generate(administrateur)
plain_token = generate_unique_secure_token

View file

@ -177,4 +177,36 @@ describe APIToken, type: :model do
it { is_expected.to eq([IPAddr.new(ip)]) }
end
end
describe '#forbidden_network?' do
let(:api_token_and_packed_token) { APIToken.generate(administrateur) }
let(:api_token) { api_token_and_packed_token.first }
let(:authorized_networks) { [] }
before { api_token.update!(authorized_networks: authorized_networks) }
subject { api_token.forbidden_network?(ip) }
context 'when no authorized networks are defined' do
let(:ip) { '192.168.1.1' }
it { is_expected.to be_falsey }
end
context 'when a single authorized network is defined' do
let(:authorized_networks) { [IPAddr.new('192.168.1.0/24')] }
context 'and the request comes from it' do
let(:ip) { '192.168.1.1' }
it { is_expected.to be_falsey }
end
context 'and the request does not come from it' do
let(:ip) { '192.168.2.1' }
it { is_expected.to be_truthy }
end
end
end
end