Port 232-csp.t etap test suite to eunit

3 files changed, 97 insertions, 85 deletions

diff --git a/test/couchdb/Makefile.am b/test/couchdb/Makefile.am
index 08ff76aad..dcb8fa48d 100644
--- a/test/couchdb/Makefile.am
+++ b/test/couchdb/Makefile.am
@@ -42,6 +42,7 @@ eunit_files = \
     couchdb_attachments_tests.erl \
     couchdb_compaction_daemon.erl \
     couchdb_cors_tests.erl \
+    couchdb_csp_tests.erl \
     couchdb_file_compression_tests.erl \
     couchdb_http_proxy_tests.erl \
     couchdb_modules_load_tests.erl \
diff --git a/test/couchdb/couchdb_csp_tests.erl b/test/couchdb/couchdb_csp_tests.erl
new file mode 100644
index 000000000..adb0e6d2a
--- /dev/null
+++ b/test/couchdb/couchdb_csp_tests.erl
@@ -0,0 +1,96 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(couchdb_csp_tests).
+
+-include("couch_eunit.hrl").
+
+-define(TIMEOUT, 1000).
+
+
+start() ->
+    {ok, Pid} = couch_server_sup:start_link(?CONFIG_CHAIN),
+    Pid.
+
+stop(Pid) ->
+    couch_server_sup:stop(),
+    erlang:monitor(process, Pid),
+    receive
+        {'DOWN', _, _, Pid, _} ->
+            ok
+    after ?TIMEOUT ->
+        throw({timeout, server_stop})
+    end.
+
+setup() ->
+    ok = couch_config:set("csp", "enable", "true", false),
+    Addr = couch_config:get("httpd", "bind_address", "127.0.0.1"),
+    Port = integer_to_list(mochiweb_socket_server:get(couch_httpd, port)),
+    lists:concat(["http://", Addr, ":", Port, "/_utils/"]).
+
+teardown(_) ->
+    ok.
+
+
+csp_test_() ->
+    {
+        "Content Security Policy tests",
+        {
+            setup,
+            fun start/0, fun stop/1,
+            {
+                foreach,
+                fun setup/0, fun teardown/1,
+                [
+                    fun should_not_return_any_csp_headers_when_disabled/1,
+                    fun should_apply_default_policy/1,
+                    fun should_return_custom_policy/1,
+                    fun should_only_enable_csp_when_true/1
+                ]
+            }
+        }
+    }.
+
+
+should_not_return_any_csp_headers_when_disabled(Url) ->
+    ?_assertEqual(undefined,
+        begin
+            ok = couch_config:set("csp", "enable", "false", false),
+            {ok, _, Headers, _} = test_request:get(Url),
+            proplists:get_value("Content-Security-Policy", Headers)
+        end).
+
+should_apply_default_policy(Url) ->
+    ?_assertEqual(
+        "default-src 'self'; img-src 'self'; font-src 'self'; "
+        "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';",
+        begin
+            {ok, _, Headers, _} = test_request:get(Url),
+            proplists:get_value("Content-Security-Policy", Headers)
+        end).
+
+should_return_custom_policy(Url) ->
+    ?_assertEqual("default-src 'http://example.com';",
+        begin
+            ok = couch_config:set("csp", "header_value",
+                                  "default-src 'http://example.com';", false),
+            {ok, _, Headers, _} = test_request:get(Url),
+            proplists:get_value("Content-Security-Policy", Headers)
+        end).
+
+should_only_enable_csp_when_true(Url) ->
+    ?_assertEqual(undefined,
+        begin
+            ok = couch_config:set("csp", "enable", "tru", false),
+            {ok, _, Headers, _} = test_request:get(Url),
+            proplists:get_value("Content-Security-Policy", Headers)
+        end).
diff --git a/test/etap/232-csp.t b/test/etap/232-csp.t
deleted file mode 100644
index 6dbce6aa0..000000000
--- a/test/etap/232-csp.t
+++ /dev/null
@@ -1,85 +0,0 @@
-#!/usr/bin/env escript
-%% -*- erlang -*-
-
-% Licensed under the Apache License, Version 2.0 (the "License"); you may not
-% use this file except in compliance with the License. You may obtain a copy of
-% the License at
-%
-%   http://www.apache.org/licenses/LICENSE-2.0
-%
-% Unless required by applicable law or agreed to in writing, software
-% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-% License for the specific language governing permissions and limitations under
-% the License.
-
-server() ->
-    lists:concat([
-        "http://127.0.0.1:",
-        mochiweb_socket_server:get(couch_httpd, port),
-        "/_utils/"
-    ]).
-
-
-main(_) ->
-    test_util:init_code_path(),
-
-    etap:plan(3),
-    case (catch test()) of
-        ok ->
-            etap:end_tests();
-        Other ->
-            etap:diag(io_lib:format("Test died abnormally: ~p", [Other])),
-            etap:bail(Other)
-    end,
-    ok.
-
-test() ->
-    %% launch couchdb
-    couch_server_sup:start_link(test_util:config_files()),
-
-    % CSP is disabled by default
-    test_no_csp_headers_server(),
-
-    % Now enable CSP
-    ok = couch_config:set("csp", "enable", "true", false),
-
-    test_default_header_value(),
-
-    ok = couch_config:set("csp", "header_value", "default-src 'http://example.com';", false),
-    test_custom_header_value(),
-
-    % Disabled on all other values than true
-    ok = couch_config:set("csp", "enable", "blerg", false),
-    test_all_other_values_for_enable(),
-
-    timer:sleep(3000),
-    couch_server_sup:stop(),
-    ok.
-
-test_no_csp_headers_server() ->
-    Headers = [{"Origin", "http://127.0.0.1"}],
-    {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []),
-    etap:is(proplists:get_value("Content-Security-Policy", Resp),
-            undefined, "No CSP Headers when disabled").
-
-test_default_header_value() ->
-    Headers = [{"Origin", "http://127.0.0.1"}],
-    {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []),
-    etap:is(proplists:get_value("Content-Security-Policy", Resp),
-            "default-src 'self'; img-src 'self'; font-src 'self'; "
-            "script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline';",
-            "Default CSP Headers when enabled").
-
-test_custom_header_value() ->
-    Headers = [{"Origin", "http://127.0.0.1"}],
-    {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []),
-    etap:is(proplists:get_value("Content-Security-Policy", Resp),
-            "default-src 'http://example.com';",
-            "Custom CSP Headers possible").
-
-test_all_other_values_for_enable() ->
-    Headers = [{"Origin", "http://127.0.0.1"}],
-    {ok, _, Resp, _} = ibrowse:send_req(server(), Headers, get, []),
-    etap:is(proplists:get_value("Content-Security-Policy", Resp),
-            undefined, "No CSP Headers when wrong value given").