#!/usr/bin/env perl
use strict;
use warnings;
use Test::More;
use Plack::Test;
use HTTP::Request::Common;
use Path::Class;
use Plack::Builder;
my $data_root = file(__FILE__)->dir->subdir('data', '02');
{
my $app = builder {
enable 'Auth::Htpasswd',
file_root => $data_root->subdir('foo');
sub {
[
200,
[ 'Content-Type' => 'text/plain' ],
[ "Hello $_[0]->{REMOTE_USER}: $_[0]->{PATH_INFO}" ],
]
};
};
test_psgi app => $app, client => sub {
my $cb = shift;
{
my $res = $cb->(GET "/");
is($res->code, 401, "plain request gets 401");
}
{
my $res = $cb->(GET "/", 'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 200, "authorized request gets 200");
is($res->content, 'Hello foo: /', "and gets the right content");
}
{
my $res = $cb->(GET "/bar.txt");
is($res->code, 401, "plain request gets 401");
}
{
my $res = $cb->(GET "/bar.txt",
'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 200, "authorized request gets 200");
is($res->content, 'Hello foo: /bar.txt',
"and gets the right content");
}
{
my $res = $cb->(GET "/bar", 'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 200, "authorized request gets 200");
is($res->content, 'Hello foo: /bar', "and gets the right content");
}
{
my $res = $cb->(GET "/bar/baz.txt",
'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 200, "authorized request gets 200");
is($res->content, 'Hello foo: /bar/baz.txt',
"and gets the right content");
}
{
my $res = $cb->(GET "/bar/baz",
'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 401, "user foo isn't authorized for this path");
}
{
my $res = $cb->(GET "/bar/baz",
'Authorization' => 'Basic YmF6OjQzMjE=');
is($res->code, 200, "but user baz is");
is($res->content, 'Hello baz: /bar/baz',
"and gets the right content");
}
{
my $res = $cb->(GET "/bar/baz/quux.txt",
'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 401, "user foo isn't authorized for this path");
}
{
my $res = $cb->(GET "/bar/baz/quux.txt",
'Authorization' => 'Basic YmF6OjQzMjE=');
is($res->code, 200, "but user baz is");
is($res->content, 'Hello baz: /bar/baz/quux.txt',
"and gets the right content");
}
{
my $res = $cb->(GET "/rab/zab");
is($res->code, 401, "plain request gets 401");
}
{
my $res = $cb->(GET "/rab/zab",
'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 200, "authorized request gets 200");
is($res->content, 'Hello foo: /rab/zab',
"and gets the right content");
}
};
}
{
my $app = builder {
enable 'Auth::Htpasswd',
file_root => $data_root->subdir('bar');
sub {
[
200,
[ 'Content-Type' => 'text/plain' ],
[ "Hello $_[0]->{REMOTE_USER}: $_[0]->{PATH_INFO}" ],
]
};
};
test_psgi app => $app, client => sub {
my $cb = shift;
{
my $res = $cb->(GET "/");
is($res->code, 401, "no .htpasswd found means deny");
}
};
}
{
my $app = builder {
enable 'Auth::Htpasswd',
file_root => $data_root->subdir('foo', 'bar');
sub {
[
200,
[ 'Content-Type' => 'text/plain' ],
[ "Hello $_[0]->{REMOTE_USER}: $_[0]->{PATH_INFO}" ],
]
};
};
test_psgi app => $app, client => sub {
my $cb = shift;
{
my $res = $cb->(GET "/", 'Authorization' => 'Basic Zm9vOjEyMzQ=');
is($res->code, 401, "don't look up above file_root for .htpasswd");
}
};
}
done_testing;