Skip to content

Commit b6282db

Browse files
achow101achow101
committed
Merge bitcoin/bitcoin#32079: test: Add test coverage for rpcwhitelistdefault when unset
2929da1 test: Add coverage for rpcwhitelistdefault when unset (naiyoma) 535b874 test: Combine rpcwhitelistdefault functions (naiyoma) 2b6ce92 test: Update permissions and string formatting (naiyoma) Pull request description: This is a follow-up PR to address review feedback from [https://github.com/bitcoin/bitcoin/pull/29858](https://github.com/bitcoin/bitcoin/pull/29858) - [x] add case where rpcwhitelistdefault setting is [unset](bitcoin/bitcoin#29858 (review)) - [x] Code [cleanup](bitcoin/bitcoin#29858 (comment)) , change password and f-string formatting - [x] [Combine](bitcoin/bitcoin#29858 (comment)) rpcwhitelistdefault tests into `test_rpcwhitelistdefault_permissions` I am not sure if my approach of adding` test_rpcwhitelistdefault_unset` is better or if I should just include the assertions in the existing `test_rpcwhitelistdefault_permissions` ACKs for top commit: w0xlt: Code review ACK bitcoin/bitcoin@2929da1 achow101: ACK 2929da1 ryanofsky: Code review ACK 2929da1. Only change since last review was simplifying the last commit as suggested Tree-SHA512: 6750dd3e6abaca3a09ad1fd5d07c64767bc59188ff953cbc26aa7796071774cb92745ac82cf91e479632d682fd450bc00d53032454b65b22654a3e770ec68e89
2 parents eb6b100 + 2929da1 commit b6282db

File tree

1 file changed

+23
-25
lines changed

1 file changed

+23
-25
lines changed

test/functional/rpc_whitelist.py

Lines changed: 23 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ def rpccall(node, user, method):
2626

2727

2828
def get_permissions(whitelist):
29-
return [perm for perm in whitelist.replace(" ", "").split(",") if perm]
29+
return [perm for perm in whitelist.split(",") if perm]
3030

3131

3232
class RPCWhitelistTest(BitcoinTestFramework):
@@ -56,7 +56,7 @@ def run_test(self):
5656
# Testing the same permission twice
5757
["strangedude5", "d12c6e962d47a454f962eb41225e6ec8$2dd39635b155536d3c1a2e95d05feff87d5ba55f2d5ff975e6e997a836b717c9", ":getblockcount,getblockcount", "s7R4nG3R7H1nGZ"],
5858
# Test non-whitelisted user
59-
["strangedude6", "ab02e4fb22ef4ab004cca217a49ee8d2$90dd09b08edd12d552d9d8a5ada838dcef2ac587789fa7e9c47f5990e80cdf93", None, "password123"]
59+
["strangedude6", "67e5583538958883291f6917883eca64$8a866953ef9c5b7d078a62c64754a4eb74f47c2c17821eb4237021d7ef44f991", None, "N4SziYbHmhC1"]
6060
]
6161
# These commands shouldn't be allowed for any user to test failures
6262
self.never_allowed = ["getnetworkinfo"]
@@ -74,7 +74,7 @@ def run_test(self):
7474

7575
for user in self.users:
7676
for permission in self.never_allowed:
77-
self.log.info("[" + user[0] + "]: Testing a non permitted permission (" + permission + ")")
77+
self.log.info(f"[{user[0]}]: Testing a non permitted permission ({permission})")
7878
assert_equal(403, rpccall(self.nodes[0], user, permission).status)
7979
# Now test the strange users
8080
for permission in self.never_allowed:
@@ -91,17 +91,24 @@ def run_test(self):
9191
assert_equal(200, rpccall(self.nodes[0], self.strange_users[4], "getblockcount").status)
9292

9393
self.test_users_permissions()
94-
self.test_rpcwhitelistdefault_0_no_permissions()
94+
self.test_rpcwhitelistdefault_permissions(0, 200)
9595

9696
# Replace file configurations
9797
self.nodes[0].replace_in_config([("rpcwhitelistdefault=0", "rpcwhitelistdefault=1")])
9898
with open(self.nodes[0].datadir_path / "bitcoin.conf", 'a', encoding='utf8') as f:
9999
f.write("rpcwhitelist=__cookie__:getblockcount,getblockchaininfo,getmempoolinfo,stop\n")
100100
self.restart_node(0)
101101

102-
# Test rpcwhitelistdefault=1
103102
self.test_users_permissions()
104-
self.test_rpcwhitelistdefault_1_no_permissions()
103+
self.test_rpcwhitelistdefault_permissions(1, 403)
104+
105+
# Ensure that not specifying -rpcwhitelistdefault is the same as
106+
# specifying -rpcwhitelistdefault=1. Only explicitly whitelisted users
107+
# should be allowed.
108+
self.nodes[0].replace_in_config([("rpcwhitelistdefault=1", "")])
109+
self.restart_node(0)
110+
self.test_users_permissions()
111+
self.test_rpcwhitelistdefault_permissions(1, 403)
105112

106113
def test_users_permissions(self):
107114
"""
@@ -113,32 +120,23 @@ def test_users_permissions(self):
113120
for user in self.users:
114121
permissions = get_permissions(user[2])
115122
for permission in permissions:
116-
self.log.info("[" + user[0] + "]: Testing whitelisted user permission (" + permission + ")")
123+
self.log.info(f"[{user[0]}]: Testing whitelisted user permission ({permission})")
117124
assert_equal(200, rpccall(self.nodes[0], user, permission).status)
118-
self.log.info("[" + user[0] + "]: Testing non-permitted permission: getblockchaininfo")
125+
self.log.info(f"[{user[0]}]: Testing non-permitted permission: getblockchaininfo")
119126
assert_equal(403, rpccall(self.nodes[0], user, "getblockchaininfo").status)
120127

121-
def test_rpcwhitelistdefault_0_no_permissions(self):
128+
def test_rpcwhitelistdefault_permissions(self, default_value, expected_status):
122129
"""
123-
* rpcwhitelistdefault=0
130+
* rpcwhitelistdefault={default_value}
124131
* No Permissions defined
125-
Expected result: * strangedude6 (not whitelisted) can access any method
132+
Expected result: strangedude6 (not whitelisted) access is determined by default_value
133+
When default_value=0: expects 200
134+
When default_value=1: expects 403
126135
"""
127-
unrestricted_user = self.strange_users[6]
128-
for permission in ["getbestblockhash", "getblockchaininfo"]:
129-
self.log.info("[" + unrestricted_user[0] + "]: Testing unrestricted user permission (" + permission + ")")
130-
assert_equal(200, rpccall(self.nodes[0], unrestricted_user, permission).status)
131-
132-
def test_rpcwhitelistdefault_1_no_permissions(self):
133-
"""
134-
* rpcwhitelistdefault=1
135-
* No Permissions defined
136-
Expected result: * strangedude6 (not whitelisted) can not access any method
137-
"""
138-
136+
user = self.strange_users[6] # strangedude6
139137
for permission in ["getbestblockhash", "getblockchaininfo"]:
140-
self.log.info("[" + self.strange_users[6][0] + "]: Testing rpcwhitelistdefault=1 no specified permission (" + permission + ")")
141-
assert_equal(403, rpccall(self.nodes[0], self.strange_users[6], permission).status)
138+
self.log.info(f"[{user[0]}]: Testing rpcwhitelistdefault={default_value} no specified permission ({permission})")
139+
assert_equal(expected_status, rpccall(self.nodes[0], user, permission).status)
142140

143141

144142
if __name__ == "__main__":

0 commit comments

Comments
 (0)