Missing changes required to make new UI work (#2793)

* Getting rid of old dapps * Updating proxypac and allowing home.parity on signer * CORS support for API * Fixing CORS - origin is sent with protocol * Fixing signer with proxy * Fixing grumbles * Fix expect msg [ci:skip]
2016-10-22 15:21:41 +02:00
parent 9150fce2f1
commit 3ff1ca81f4
22 changed files with 370 additions and 274 deletions
--- a/dapps/src/tests/api.rs
+++ b/dapps/src/tests/api.rs
@@ -34,7 +34,7 @@ fn should_return_error() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 404 Not Found".to_owned());
-	assert_eq!(response.headers.get(0).unwrap(), "Content-Type: application/json");
+	assert_eq!(response.headers.get(3).unwrap(), "Content-Type: application/json");
 	assert_eq!(response.body, format!("58\n{}\n0\n\n", r#"{"code":"404","title":"Not Found","detail":"Resource you requested has not been found."}"#));
 	assert_security_headers(&response.headers);
 }
@@ -57,8 +57,8 @@ fn should_serve_apps() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
-	assert_eq!(response.headers.get(0).unwrap(), "Content-Type: application/json");
-	assert!(response.body.contains("Parity Home Screen"), response.body);
+	assert_eq!(response.headers.get(3).unwrap(), "Content-Type: application/json");
+	assert!(response.body.contains("Parity UI"), response.body);
 	assert_security_headers(&response.headers);
 }

@@ -80,7 +80,7 @@ fn should_handle_ping() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
-	assert_eq!(response.headers.get(0).unwrap(), "Content-Type: application/json");
+	assert_eq!(response.headers.get(3).unwrap(), "Content-Type: application/json");
 	assert_eq!(response.body, "0\n\n".to_owned());
 	assert_security_headers(&response.headers);
 }
@@ -107,3 +107,54 @@ fn should_try_to_resolve_dapp() {
 	assert_security_headers(&response.headers);
 }

+#[test]
+fn should_return_signer_port_cors_headers() {
+	// given
+	let server = serve();
+
+	// when
+	let response = request(server,
+		"\
+			POST /api/ping HTTP/1.1\r\n\
+			Host: localhost:8080\r\n\
+			Origin: http://127.0.0.1:18180\r\n\
+			Connection: close\r\n\
+			\r\n\
+			{}
+		"
+	);
+
+	// then
+	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
+	assert!(
+		response.headers_raw.contains("Access-Control-Allow-Origin: http://127.0.0.1:18180"),
+		"CORS header for signer missing: {:?}",
+		response.headers
+	);
+}
+
+#[test]
+fn should_return_signer_port_cors_headers_for_home_parity() {
+	// given
+	let server = serve();
+
+	// when
+	let response = request(server,
+		"\
+			POST /api/ping HTTP/1.1\r\n\
+			Host: localhost:8080\r\n\
+			Origin: http://home.parity\r\n\
+			Connection: close\r\n\
+			\r\n\
+			{}
+		"
+	);
+
+	// then
+	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
+	assert!(
+		response.headers_raw.contains("Access-Control-Allow-Origin: http://home.parity"),
+		"CORS header for home.parity missing: {:?}",
+		response.headers
+	);
+}
--- a/dapps/src/tests/authorization.rs
+++ b/dapps/src/tests/authorization.rs
@@ -14,7 +14,7 @@
 // You should have received a copy of the GNU General Public License
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.

-use tests::helpers::{serve_with_auth, request, assert_security_headers};
+use tests::helpers::{serve_with_auth, request, assert_security_headers_for_embed};

 #[test]
 fn should_require_authorization() {
@@ -66,7 +66,7 @@ fn should_allow_on_valid_auth() {
 	// when
 	let response = request(server,
 		"\
-			GET /home/ HTTP/1.1\r\n\
+			GET /ui/ HTTP/1.1\r\n\
 			Host: 127.0.0.1:8080\r\n\
 			Connection: close\r\n\
 			Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l\r\n
@@ -76,5 +76,5 @@ fn should_allow_on_valid_auth() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
-	assert_security_headers(&response.headers);
+	assert_security_headers_for_embed(&response.headers);
 }
--- a/dapps/src/tests/helpers.rs
+++ b/dapps/src/tests/helpers.rs
@@ -18,6 +18,7 @@ use std::env;
 use std::str;
 use std::sync::Arc;
 use rustc_serialize::hex::FromHex;
+use env_logger::LogBuilder;

 use ServerBuilder;
 use Server;
@@ -27,6 +28,7 @@ use devtools::http_client;

 const REGISTRAR: &'static str = "8e4e9b13d4b45cb0befc93c3061b1408f67316b2";
 const URLHINT: &'static str = "deadbeefcafe0000000000000000000000000000";
+const SIGNER_PORT: u16 = 18180;

 pub struct FakeRegistrar {
 	pub calls: Arc<Mutex<Vec<(String, String)>>>,
@@ -58,11 +60,22 @@ impl ContractClient for FakeRegistrar {
 	}
 }

+fn init_logger() {
+	// Initialize logger
+	if let Ok(log) = env::var("RUST_LOG") {
+		let mut builder = LogBuilder::new();
+		builder.parse(&log);
+		builder.init().expect("Logger is initialized only once.");
+	}
+}
+
 pub fn init_server(hosts: Option<Vec<String>>) -> (Server, Arc<FakeRegistrar>) {
+	init_logger();
 	let registrar = Arc::new(FakeRegistrar::new());
 	let mut dapps_path = env::temp_dir();
 	dapps_path.push("non-existent-dir-to-prevent-fs-files-from-loading");
-	let builder = ServerBuilder::new(dapps_path.to_str().unwrap().into(), registrar.clone());
+	let mut builder = ServerBuilder::new(dapps_path.to_str().unwrap().into(), registrar.clone());
+	builder.with_signer_port(Some(SIGNER_PORT));
 	(
 		builder.start_unsecured_http(&"127.0.0.1:0".parse().unwrap(), hosts).unwrap(),
 		registrar,
@@ -70,10 +83,12 @@ pub fn init_server(hosts: Option<Vec<String>>) -> (Server, Arc<FakeRegistrar>) {
 }

 pub fn serve_with_auth(user: &str, pass: &str) -> Server {
+	init_logger();
 	let registrar = Arc::new(FakeRegistrar::new());
 	let mut dapps_path = env::temp_dir();
 	dapps_path.push("non-existent-dir-to-prevent-fs-files-from-loading");
-	let builder = ServerBuilder::new(dapps_path.to_str().unwrap().into(), registrar);
+	let mut builder = ServerBuilder::new(dapps_path.to_str().unwrap().into(), registrar);
+	builder.with_signer_port(Some(SIGNER_PORT));
 	builder.start_basic_auth_http(&"127.0.0.1:0".parse().unwrap(), None, user, pass).unwrap()
 }

@@ -94,5 +109,8 @@ pub fn request(server: Server, request: &str) -> http_client::Response {
 }

 pub fn assert_security_headers(headers: &[String]) {
-	http_client::assert_security_headers_present(headers)
+	http_client::assert_security_headers_present(headers, None)
+}
+pub fn assert_security_headers_for_embed(headers: &[String]) {
+	http_client::assert_security_headers_present(headers, Some(SIGNER_PORT))
 }
--- a/dapps/src/tests/redirection.rs
+++ b/dapps/src/tests/redirection.rs
@@ -33,7 +33,7 @@ fn should_redirect_to_home() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 302 Found".to_owned());
-	assert_eq!(response.headers.get(0).unwrap(), "Location: /home/");
+	assert_eq!(response.headers.get(0).unwrap(), "Location: http://127.0.0.1:18180");
 }

 #[test]
@@ -53,7 +53,7 @@ fn should_redirect_to_home_when_trailing_slash_is_missing() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 302 Found".to_owned());
-	assert_eq!(response.headers.get(0).unwrap(), "Location: /home/");
+	assert_eq!(response.headers.get(0).unwrap(), "Location: http://127.0.0.1:18180");
 }

 #[test]
@@ -73,7 +73,6 @@ fn should_display_404_on_invalid_dapp() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 404 Not Found".to_owned());
-	assert!(response.body.contains("href=\"/home/"));
 	assert_security_headers(&response.headers);
 }

@@ -94,7 +93,6 @@ fn should_display_404_on_invalid_dapp_with_domain() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 404 Not Found".to_owned());
-	assert!(response.body.contains("href=\"http://home.parity/"));
 	assert_security_headers(&response.headers);
 }

@@ -161,7 +159,7 @@ fn should_serve_proxy_pac() {

 	// then
 	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
-	assert_eq!(response.body, "86\n\nfunction FindProxyForURL(url, host) {\n\tif (shExpMatch(host, \"*.parity\"))\n\t{\n\t\treturn \"PROXY 127.0.0.1:8080\";\n\t}\n\n\treturn \"DIRECT\";\n}\n\n0\n\n".to_owned());
+	assert_eq!(response.body, "D5\n\nfunction FindProxyForURL(url, host) {\n\tif (shExpMatch(host, \"home.parity\"))\n\t{\n\t\treturn \"PROXY 127.0.0.1:18180\";\n\t}\n\n\tif (shExpMatch(host, \"*.parity\"))\n\t{\n\t\treturn \"PROXY 127.0.0.1:8080\";\n\t}\n\n\treturn \"DIRECT\";\n}\n\n0\n\n".to_owned());
 	assert_security_headers(&response.headers);
 }

--- a/dapps/src/tests/validation.rs
+++ b/dapps/src/tests/validation.rs
@@ -45,7 +45,7 @@ fn should_allow_valid_host() {
 	// when
 	let response = request(server,
 		"\
-			GET /home/ HTTP/1.1\r\n\
+			GET /ui/ HTTP/1.1\r\n\
 			Host: localhost:8080\r\n\
 			Connection: close\r\n\
 			\r\n\
@@ -66,7 +66,7 @@ fn should_serve_dapps_domains() {
 	let response = request(server,
 		"\
 			GET / HTTP/1.1\r\n\
-			Host: home.parity\r\n\
+			Host: ui.parity\r\n\
 			Connection: close\r\n\
 			\r\n\
 			{}
@@ -98,3 +98,30 @@ fn should_allow_parity_utils_even_on_invalid_domain() {
 	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
 }

+#[test]
+fn should_not_return_cors_headers_for_rpc() {
+	// given
+	let server = serve_hosts(Some(vec!["localhost:8080".into()]));
+
+	// when
+	let response = request(server,
+		"\
+			POST /rpc HTTP/1.1\r\n\
+			Host: localhost:8080\r\n\
+			Origin: null\r\n\
+			Content-Type: application/json\r\n\
+			Connection: close\r\n\
+			\r\n\
+			{}
+		"
+	);
+
+	// then
+	assert_eq!(response.status, "HTTP/1.1 200 OK".to_owned());
+	assert!(
+		!response.headers_raw.contains("Access-Control-Allow-Origin"),
+		"CORS headers were not expected: {:?}",
+		response.headers
+	);
+}
+