github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 22:43:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: SSO code should respect IP address filters

Browse Source
This commit is contained in:
Robin Ward
2015-02-23 15:58:45 -05:00
parent d63aed69f7
commit ca5730018a
6 changed files with 33 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
spec/controllers/session_controller_spec.rb
View File

@ -67,6 +67,21 @@ describe SessionController do
expect(logged_on_user.single_sign_on_record.external_username).to eq('sam')
end
it 'respects IP restrictions' do
sso = get_sso('/a/')
sso.external_id = '666' # the number of the beast
sso.email = 'bob@bob.com'
sso.name = 'Sam Saffron'
sso.username = 'sam'
screened_ip = Fabricate(:screened_ip_address)
ActionDispatch::Request.any_instance.stubs(:remote_ip).returns(screened_ip.ip_address)
get :sso_login, Rack::Utils.parse_query(sso.payload)
logged_on_user = Discourse.current_user_provider.new(request.env).current_user
expect(logged_on_user).to eq(nil)
end
it 'allows you to create an admin account' do
sso = get_sso('/a/')
sso.external_id = '666' # the number of the beast
@ -409,7 +424,6 @@ describe SessionController do
context 'when admins are restricted by ip address' do
let(:permitted_ip_address) { '111.234.23.11' }
before do
Fabricate(:screened_ip_address, ip_address: permitted_ip_address, action_type: ScreenedIpAddress.actions[:allow_admin])
end