Add support for IP-based bans (#1703)

* Add support for IP-based bans. Closes #1534 * Linter cleanup
2022-03-06 20:34:49 -08:00
parent 78c27ddbdd
commit 19b9a8bdf6
21 changed files with 488 additions and 98 deletions
--- a/test/automated/api/chatusers.test.js
+++ b/test/automated/api/chatusers.test.js
@@ -7,6 +7,8 @@ const fs = require('fs');
 const registerChat = require('./lib/chat').registerChat;
 const sendChatMessage = require('./lib/chat').sendChatMessage;

+const localIPAddress = '127.0.0.1';
+
 const testVisibilityMessage = {
  body: 'message ' + Math.floor(Math.random() * 100),
  type: 'CHAT',
@@ -25,61 +27,6 @@ test('can send a chat message', async (done) => {
  sendChatMessage(testVisibilityMessage, accessToken, done);
 });

-test('can disable a user', async (done) => {
-  // To allow for visually being able to see the test hiding the
-  // message add a short delay.
-  await new Promise((r) => setTimeout(r, 1500));
-
-  await request
-    .post('/api/admin/chat/users/setenabled')
-    .send({ userId: userId, enabled: false })
-    .auth('admin', 'abc123')
-    .expect(200);
-  done();
-});
-
-test('verify user is disabled', async (done) => {
-  const response = await request
-    .get('/api/admin/chat/users/disabled')
-    .auth('admin', 'abc123')
-    .expect(200);
-  const tokenCheck = response.body.filter((user) => user.id === userId);
-  expect(tokenCheck).toHaveLength(1);
-  done();
-});
-
-test('verify messages from user are hidden', async (done) => {
-  const response = await request
-    .get('/api/admin/chat/messages')
-    .auth('admin', 'abc123')
-    .expect(200);
-  const message = response.body.filter((obj) => {
-    return obj.user.id === userId;
-  });
-  expect(message[0].user.disabledAt).toBeTruthy();
-  done();
-});
-
-test('can re-enable a user', async (done) => {
-  await request
-    .post('/api/admin/chat/users/setenabled')
-    .send({ userId: userId, enabled: true })
-    .auth('admin', 'abc123')
-    .expect(200);
-  done();
-});
-
-test('verify user is enabled', async (done) => {
-  const response = await request
-    .get('/api/admin/chat/users/disabled')
-    .auth('admin', 'abc123')
-    .expect(200);
-  const tokenCheck = response.body.filter((user) => user.id === userId);
-  expect(tokenCheck).toHaveLength(0);
-
-  done();
-});
-
 test('can set the user as moderator', async (done) => {
  await request
    .post('/api/admin/chat/users/setmoderator')
@@ -133,3 +80,119 @@ test('verify user list is populated', async (done) => {
    done();
  });
 });
+
+test('can disable a user', async (done) => {
+  // To allow for visually being able to see the test hiding the
+  // message add a short delay.
+  await new Promise((r) => setTimeout(r, 1500));
+
+  const ws = new WebSocket(
+    `ws://localhost:8080/ws?accessToken=${accessToken}`,
+    {
+      origin: 'http://localhost:8080',
+    }
+  );
+
+  await request
+    .post('/api/admin/chat/users/setenabled')
+    .send({ userId: userId, enabled: false })
+    .auth('admin', 'abc123')
+    .expect(200);
+
+  await new Promise((r) => setTimeout(r, 1500));
+  done();
+});
+
+test('verify user is disabled', async (done) => {
+  const response = await request
+    .get('/api/admin/chat/users/disabled')
+    .auth('admin', 'abc123')
+    .expect(200);
+  const tokenCheck = response.body.filter((user) => user.id === userId);
+  expect(tokenCheck).toHaveLength(1);
+  done();
+});
+
+test('verify messages from user are hidden', async (done) => {
+  const response = await request
+    .get('/api/admin/chat/messages')
+    .auth('admin', 'abc123')
+    .expect(200);
+  const message = response.body.filter((obj) => {
+    return obj.user.id === userId;
+  });
+  expect(message[0].user.disabledAt).toBeTruthy();
+  done();
+});
+
+test('can re-enable a user', async (done) => {
+  await request
+    .post('/api/admin/chat/users/setenabled')
+    .send({ userId: userId, enabled: true })
+    .auth('admin', 'abc123')
+    .expect(200);
+  done();
+});
+
+test('verify user is enabled', async (done) => {
+  const response = await request
+    .get('/api/admin/chat/users/disabled')
+    .auth('admin', 'abc123')
+    .expect(200);
+  const tokenCheck = response.body.filter((user) => user.id === userId);
+  expect(tokenCheck).toHaveLength(0);
+
+  done();
+});
+
+test('ban an ip address', async (done) => {
+  await request
+    .post('/api/admin/chat/users/ipbans/create')
+    .send({ value: localIPAddress })
+    .auth('admin', 'abc123')
+    .expect(200);
+  done();
+});
+
+// Note: This test expects the local address to be 127.0.0.1.
+// If it's running on an ipv6-only network, for example, things will
+// probably fail.
+test('verify IP address is blocked from the ban', async (done) => {
+  const response = await request
+    .get(`/api/admin/chat/users/ipbans`)
+    .auth('admin', 'abc123')
+    .expect(200);
+
+  expect(response.body).toHaveLength(1);
+  expect(response.body[0].ipAddress).toBe(localIPAddress);
+  done();
+});
+
+test('verify access is denied', async (done) => {
+  await request.get(`/api/chat?accessToken=${accessToken}`).expect(401);
+  done();
+});
+
+test('remove an ip address ban', async (done) => {
+  await request
+    .post('/api/admin/chat/users/ipbans/remove')
+    .send({ value: localIPAddress })
+    .auth('admin', 'abc123')
+    .expect(200);
+  done();
+});
+
+test('verify IP address is no longer banned', async (done) => {
+  const response = await request
+    .get(`/api/admin/chat/users/ipbans`)
+    .auth('admin', 'abc123')
+    .expect(200);
+
+  expect(response.body).toHaveLength(0);
+  done();
+});
+
+test('verify access is again allowed', async (done) => {
+  await request.get(`/api/chat?accessToken=${accessToken}`).expect(200);
+  done();
+});