mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2024-11-23 14:51:56 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add missing form_secret

Browse source 
Add tests
This commit is contained in:
Till Faelligen 2022-02-14 13:06:36 +01:00
parent 4da7df5e3e
commit ac343861ad
4 changed files with 141 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
dendrite-config.yaml
View file

@ -72,6 +72,8 @@ global:
# If either require_at_registration or send_server_notice_to_guest are true, consent # If either require_at_registration or send_server_notice_to_guest are true, consent
# messages will be sent to the users. # messages will be sent to the users.
user_consent: user_consent:
# Randomly generated string to be used to calculate the HMAC
form_secret: "superSecretRandomlyGeneratedSecret"
# Require consent when user registers for the first time # Require consent when user registers for the first time
require_at_registration: false require_at_registration: false
# The name to be shown to the user # The name to be shown to the user

3
setup/config/config_global.go
View file

@ -208,6 +208,8 @@ func (c *DNSCacheOptions) Verify(configErrs *ConfigErrors, isMonolith bool) {
// If either require_at_registration or send_server_notice_to_guest are true, consent // If either require_at_registration or send_server_notice_to_guest are true, consent
// messages will be sent to the users. // messages will be sent to the users.
type UserConsentOptions struct { type UserConsentOptions struct {
// Randomly generated string to be used to calculate the HMAC
FormSecret string
// Require consent when user registers for the first time // Require consent when user registers for the first time
RequireAtRegistration bool `yaml:"require_at_registration"` RequireAtRegistration bool `yaml:"require_at_registration"`
// The name to be shown to the user // The name to be shown to the user
@ -243,6 +245,7 @@ func (c *UserConsentOptions) Verify(configErrors *ConfigErrors, isMonolith bool)
checkNotEmpty(configErrors, "template_dir", c.TemplateDir) checkNotEmpty(configErrors, "template_dir", c.TemplateDir)
checkNotEmpty(configErrors, "version", c.Version) checkNotEmpty(configErrors, "version", c.Version)
checkNotEmpty(configErrors, "policy_name", c.PolicyName) checkNotEmpty(configErrors, "policy_name", c.PolicyName)
checkNotEmpty(configErrors, "form_secret", c.FormSecret)
if len(*configErrors) > 0 { if len(*configErrors) > 0 {
return return
} }

110
setup/config/config_global_test.go Normal file
View file

@ -0,0 +1,110 @@
package config
import (
"testing"
)
func TestUserConsentOptions_Verify(t *testing.T) {
type args struct {
configErrors *ConfigErrors
isMonolith bool
}
tests := []struct {
name string
fields UserConsentOptions
args args
wantErr bool
}{
{
name: "template dir not set",
fields: UserConsentOptions{
RequireAtRegistration: true,
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: true,
},
{
name: "template dir set",
fields: UserConsentOptions{
RequireAtRegistration: true,
TemplateDir: "testdata/privacy",
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: true,
},
{
name: "policy name not set",
fields: UserConsentOptions{
RequireAtRegistration: true,
TemplateDir: "testdata/privacy",
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: true,
},
{
name: "policy name set",
fields: UserConsentOptions{
RequireAtRegistration: true,
TemplateDir: "testdata/privacy",
PolicyName: "Privacy policy",
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: true,
},
{
name: "version not set",
fields: UserConsentOptions{
RequireAtRegistration: true,
TemplateDir: "testdata/privacy",
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: true,
},
{
name: "everyhing required set",
fields: UserConsentOptions{
RequireAtRegistration: true,
TemplateDir: "./testdata/privacy",
Version: "1.0",
PolicyName: "Privacy policy",
},
args: struct {
configErrors *ConfigErrors
isMonolith bool
}{configErrors: &ConfigErrors{}, isMonolith: true},
wantErr: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &UserConsentOptions{
RequireAtRegistration: tt.fields.RequireAtRegistration,
PolicyName: tt.fields.PolicyName,
Version: tt.fields.Version,
TemplateDir: tt.fields.TemplateDir,
SendServerNoticeToGuest: tt.fields.SendServerNoticeToGuest,
ServerNoticeContent: tt.fields.ServerNoticeContent,
BlockEventsError: tt.fields.BlockEventsError,
}
c.Verify(tt.args.configErrors, tt.args.isMonolith)
if tt.wantErr && tt.args.configErrors == nil {
t.Errorf("expected no errors, got '%+v'", tt.args.configErrors)
}
})
}
}

26
setup/config/testdata/privacy/1.0.gohtml vendored Normal file
View file

@ -0,0 +1,26 @@
<!doctype html>
<html lang="en">
<head>
<title>Matrix.org Privacy policy</title>
</head>
<body>
{{ if .HasConsented }}
<p>
Your base already belong to us.
</p>
{{ else }}
<p>
All your base are belong to us.
</p>
{{ if not .PublicVersion }}
<!-- The variables used here are only provided when the 'u' param is given to the homeserver -->
<form method="post" action="consent">
<input type="hidden" name="v" value="{{ .Version }}"/>
<input type="hidden" name="u" value="{{ .User }}"/>
<input type="hidden" name="h" value="{{ .UserHMAC }}"/>
<input type="submit" value="Sure thing!"/>
</form>
{{ end }}
{{ end }}
</body>
</html>