From 166e8695d214587906973cbf481e3a896ae37e94 Mon Sep 17 00:00:00 2001
From: Jose Quintana <joseluisquintana20@gmail.com>
Date: Tue, 28 Sep 2021 22:43:28 +0200
Subject: [PATCH] tests: cors use cases

---
 tests/cors.rs         | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 tests/dir_listing.rs  |  2 +-
 tests/static_files.rs |  2 +-
 3 files changed, 72 insertions(+), 2 deletions(-)
 create mode 100644 tests/cors.rs

diff --git a/tests/cors.rs b/tests/cors.rs
new file mode 100644
index 0000000..601d2d8
--- /dev/null
+++ b/tests/cors.rs
@@ -0,0 +1,70 @@
+#![deny(warnings)]
+#![deny(rust_2018_idioms)]
+
+#[cfg(test)]
+mod tests {
+    use headers::HeaderMap;
+    use http::Method;
+    use static_web_server::cors;
+
+    #[tokio::test]
+    async fn allow_methods() {
+        let cors = cors::new("*".to_owned()).unwrap();
+        let headers = HeaderMap::new();
+        let methods = &[Method::GET, Method::HEAD];
+        for method in methods {
+            assert!(cors.check_request(method, &headers).is_ok())
+        }
+
+        let cors = cors::new("https://localhost".to_owned()).unwrap();
+        let mut headers = HeaderMap::new();
+        headers.insert("origin", "https://localhost".parse().unwrap());
+        for method in methods {
+            assert!(cors.check_request(method, &headers).is_ok())
+        }
+    }
+
+    #[test]
+    fn disallow_methods() {
+        let cors = cors::new("*".to_owned()).unwrap();
+        let headers = HeaderMap::new();
+        let methods = [
+            Method::CONNECT,
+            Method::DELETE,
+            Method::OPTIONS,
+            Method::PATCH,
+            Method::POST,
+            Method::PUT,
+            Method::TRACE,
+        ];
+        for method in methods {
+            let res = cors.check_request(&method, &headers);
+            assert!(res.is_ok());
+            assert!(matches!(res.unwrap(), cors::Validated::NotCors));
+        }
+    }
+
+    #[tokio::test]
+    async fn origin_allowed() {
+        let cors = cors::new("*".to_owned()).unwrap();
+        let mut headers = HeaderMap::new();
+        headers.insert("origin", "https://localhost".parse().unwrap());
+        let methods = [Method::GET, Method::HEAD];
+        for method in methods {
+            assert!(cors.check_request(&method, &headers).is_ok())
+        }
+    }
+
+    #[tokio::test]
+    async fn origin_not_allowed() {
+        let cors = cors::new("https://localhost.rs".to_owned()).unwrap();
+        let mut headers = HeaderMap::new();
+        headers.insert("origin", "https://localhost".parse().unwrap());
+        let methods = [Method::GET, Method::HEAD];
+        for method in methods {
+            let res = cors.check_request(&method, &headers);
+            assert!(res.is_err());
+            assert!(matches!(res.unwrap_err(), cors::Forbidden::Origin))
+        }
+    }
+}
diff --git a/tests/dir_listing.rs b/tests/dir_listing.rs
index 23f7e4d..e5eb810 100644
--- a/tests/dir_listing.rs
+++ b/tests/dir_listing.rs
@@ -1,4 +1,5 @@
 #![deny(warnings)]
+#![deny(rust_2018_idioms)]
 
 #[cfg(test)]
 mod tests {
@@ -6,7 +7,6 @@ mod tests {
     use http::{Method, StatusCode};
     use std::path::PathBuf;
 
-    extern crate static_web_server;
     use static_web_server::static_files;
 
     fn root_dir() -> PathBuf {
diff --git a/tests/static_files.rs b/tests/static_files.rs
index 77167dc..1235c9b 100644
--- a/tests/static_files.rs
+++ b/tests/static_files.rs
@@ -1,4 +1,5 @@
 #![deny(warnings)]
+#![deny(rust_2018_idioms)]
 
 #[cfg(test)]
 mod tests {
@@ -8,7 +9,6 @@ mod tests {
     use std::fs;
     use std::path::PathBuf;
 
-    extern crate static_web_server;
     use static_web_server::{compression, static_files};
 
     fn root_dir() -> PathBuf {
--
libgit2 1.7.2