Finish refactring processed configuraiton, and add test validating ip range matching

2f875c40 · Pawel Chojnacki · e5a6f268 · 2f875c40 · 2f875c40
Commit 2f875c40 authored Jul 04, 2017 by Pawel Chojnacki
2 changed files
--- a/app/controllers/concerns/requires_whitelisted_monitoring_client.rb
+++ b/app/controllers/concerns/requires_whitelisted_monitoring_client.rb
 module RequiresWhitelistedMonitoringClient
  extend ActiveSupport::Concern
  included do
-    before_action :validate_ip_whitelisted!
+    before_action :validate_ip_whitelisted_or_token_is_valid!
  end

  private

-  def validate_ip_whitelisted!
+  def validate_ip_whitelisted_or_token_is_valid!
    render_404 unless client_ip_whitelisted? || token_valid?
  end

  def client_ip_whitelisted?
-    Settings.monitoring.ip_whitelist.any? { |e| e.include?(Gitlab::RequestContext.client_ip) }
+    ip_whitelist.any? { |e| e.include?(Gitlab::RequestContext.client_ip) }
  end

  def ip_whitelist

--- a/spec/controllers/metrics_controller_spec.rb
+++ b/spec/controllers/metrics_controller_spec.rb
@@ -6,21 +6,19 @@ describe MetricsController do
  let(:json_response) { JSON.parse(response.body) }
  let(:metrics_multiproc_dir) { Dir.mktmpdir }
  let(:whitelisted_ip) { '127.0.0.1' }
-  let(:not_whitelisted_ip) { '127.0.0.2' }
+  let(:whitelisted_ip_range) { '10.0.0.0/24' }
+  let(:ip_in_whitelisted_range) { '10.0.0.1' }
+  let(:not_whitelisted_ip) { '10.0.1.1' }

  before do
    stub_env('IN_MEMORY_APPLICATION_SETTINGS', 'false')
    stub_env('prometheus_multiproc_dir', metrics_multiproc_dir)
    allow(Gitlab::Metrics).to receive(:prometheus_metrics_enabled?).and_return(true)
-    allow(Settings.monitoring).to receive(:ip_whitelist).and_return([IPAddr.new(whitelisted_ip)])
+    allow(Settings.monitoring).to receive(:ip_whitelist).and_return([whitelisted_ip, whitelisted_ip_range])
  end

  describe '#index' do
-    context 'accessed from whitelisted ip' do
-      before do
-        allow(Gitlab::RequestContext).to receive(:client_ip).and_return(whitelisted_ip)
-      end
-
+    shared_examples_for 'endpoint providing metrics' do
      it 'returns DB ping metrics' do
        get :index

@@ -61,6 +59,22 @@ describe MetricsController do
      end
    end

+    context 'accessed from whitelisted ip' do
+      before do
+        allow(Gitlab::RequestContext).to receive(:client_ip).and_return(whitelisted_ip)
+      end
+
+      it_behaves_like 'endpoint providing metrics'
+    end
+
+    context 'accessed from ip in whitelisted range' do
+      before do
+        allow(Gitlab::RequestContext).to receive(:client_ip).and_return(ip_in_whitelisted_range)
+      end
+
+      it_behaves_like 'endpoint providing metrics'
+    end
+
    context 'accessed from not whitelisted ip' do
      before do
        allow(Gitlab::RequestContext).to receive(:client_ip).and_return(not_whitelisted_ip)