remove redundant tests
Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
parent
88ca2501d1
commit
fcdc7a6f7d
2 changed files with 34 additions and 149 deletions
|
@ -12,7 +12,6 @@ import (
|
|||
"github.com/juanfont/headscale/hscontrol/types"
|
||||
"github.com/juanfont/headscale/hscontrol/util"
|
||||
"gopkg.in/check.v1"
|
||||
"tailscale.com/tailcfg"
|
||||
"tailscale.com/types/key"
|
||||
)
|
||||
|
||||
|
@ -659,131 +658,3 @@ func (s *Suite) TestAutoApproveRoutes(c *check.C) {
|
|||
|
||||
c.Assert(channelUpdates, check.Equals, int32(4))
|
||||
}
|
||||
|
||||
func TestMachine_canAccess(t *testing.T) {
|
||||
type args struct {
|
||||
filter []tailcfg.FilterRule
|
||||
machine2 *types.Machine
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
machine types.Machine
|
||||
args args
|
||||
want bool
|
||||
}{
|
||||
{
|
||||
name: "no-rules",
|
||||
machine: types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.1"),
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
filter: []tailcfg.FilterRule{},
|
||||
machine2: &types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.2"),
|
||||
},
|
||||
},
|
||||
},
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "wildcard",
|
||||
machine: types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.1"),
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
filter: []tailcfg.FilterRule{
|
||||
{
|
||||
SrcIPs: []string{"*"},
|
||||
DstPorts: []tailcfg.NetPortRange{
|
||||
{
|
||||
IP: "*",
|
||||
Ports: tailcfg.PortRange{
|
||||
First: 0,
|
||||
Last: 65535,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
machine2: &types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.2"),
|
||||
},
|
||||
},
|
||||
},
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "explicit-m1-to-m2",
|
||||
machine: types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.1"),
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
filter: []tailcfg.FilterRule{
|
||||
{
|
||||
SrcIPs: []string{"10.0.0.1"},
|
||||
DstPorts: []tailcfg.NetPortRange{
|
||||
{
|
||||
IP: "10.0.0.2",
|
||||
Ports: tailcfg.PortRange{
|
||||
First: 0,
|
||||
Last: 65535,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
machine2: &types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.2"),
|
||||
},
|
||||
},
|
||||
},
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "explicit-m2-to-m1",
|
||||
machine: types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.1"),
|
||||
},
|
||||
},
|
||||
args: args{
|
||||
filter: []tailcfg.FilterRule{
|
||||
{
|
||||
SrcIPs: []string{"10.0.0.2"},
|
||||
DstPorts: []tailcfg.NetPortRange{
|
||||
{
|
||||
IP: "10.0.0.1",
|
||||
Ports: tailcfg.PortRange{
|
||||
First: 0,
|
||||
Last: 65535,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
machine2: &types.Machine{
|
||||
IPAddresses: types.MachineAddresses{
|
||||
netip.MustParseAddr("10.0.0.2"),
|
||||
},
|
||||
},
|
||||
},
|
||||
want: false,
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if got := tt.machine.CanAccess(tt.args.filter, tt.args.machine2); got != tt.want {
|
||||
t.Errorf("Machine.CanAccess() = %v, want %v", got, tt.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
|
@ -16,18 +16,44 @@ func Test_MachineCanAccess(t *testing.T) {
|
|||
want bool
|
||||
}{
|
||||
{
|
||||
name: "other-cant-access-src",
|
||||
name: "no-rules",
|
||||
machine1: Machine{
|
||||
ID: 0,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.1")},
|
||||
Hostname: "mini",
|
||||
User: User{Name: "mini"},
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.1")},
|
||||
},
|
||||
machine2: Machine{
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.2")},
|
||||
},
|
||||
rules: []tailcfg.FilterRule{},
|
||||
want: false,
|
||||
},
|
||||
{
|
||||
name: "wildcard",
|
||||
machine1: Machine{
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.1")},
|
||||
},
|
||||
machine2: Machine{
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("10.0.0.2")},
|
||||
},
|
||||
rules: []tailcfg.FilterRule{
|
||||
{
|
||||
SrcIPs: []string{"*"},
|
||||
DstPorts: []tailcfg.NetPortRange{
|
||||
{
|
||||
IP: "*",
|
||||
Ports: tailcfg.PortRangeAny,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
want: true,
|
||||
},
|
||||
{
|
||||
name: "other-cant-access-src",
|
||||
machine1: Machine{
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.1")},
|
||||
},
|
||||
machine2: Machine{
|
||||
ID: 2,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
|
||||
Hostname: "peer2",
|
||||
User: User{Name: "peer2"},
|
||||
},
|
||||
rules: []tailcfg.FilterRule{
|
||||
{
|
||||
|
@ -42,16 +68,10 @@ func Test_MachineCanAccess(t *testing.T) {
|
|||
{
|
||||
name: "dest-cant-access-src",
|
||||
machine1: Machine{
|
||||
ID: 2,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
|
||||
Hostname: "peer2",
|
||||
User: User{Name: "peer2"},
|
||||
},
|
||||
machine2: Machine{
|
||||
ID: 0,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")},
|
||||
Hostname: "mini",
|
||||
User: User{Name: "mini"},
|
||||
},
|
||||
rules: []tailcfg.FilterRule{
|
||||
{
|
||||
|
@ -66,16 +86,10 @@ func Test_MachineCanAccess(t *testing.T) {
|
|||
{
|
||||
name: "src-can-access-dest",
|
||||
machine1: Machine{
|
||||
ID: 0,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.2")},
|
||||
Hostname: "mini",
|
||||
User: User{Name: "mini"},
|
||||
},
|
||||
machine2: Machine{
|
||||
ID: 2,
|
||||
IPAddresses: []netip.Addr{netip.MustParseAddr("100.64.0.3")},
|
||||
Hostname: "peer2",
|
||||
User: User{Name: "peer2"},
|
||||
},
|
||||
rules: []tailcfg.FilterRule{
|
||||
{
|
||||
|
|
Loading…
Reference in a new issue