QA: rpc_users: Test behaviour of -norpcauth

2025-05-28 13:02:38 +02:00 · 2023-12-26 21:54:57 +00:00 · 2023-12-26 21:54:57 +00:00 · 6b79de4f9a
commit 6b79de4f9a
parent 415734ebaf
1 changed files with 28 additions and 5 deletions
--- a/test/functional/rpc_users.py
+++ b/test/functional/rpc_users.py
@ -101,12 +101,35 @@ class HTTPBasicsTest(BitcoinTestFramework):

        init_error = 'Error: Unable to start HTTP server. See debug log for details.'

-        self.log.info('Check -rpcauth are validated')
-        # Empty -rpcauth= are ignored
-        self.restart_node(0, extra_args=['-rpcauth=', '-rpcauth=abc:$2e32c2f20c67e29c328dd64a4214180f18da9e667d67c458070fd856f1e9e5e7'])
-        self.restart_node(0, extra_args=['-rpcauth='])
+        self.log.info('Check blank -rpcauth is ignored')
+        rpcauth_abc = '-rpcauth=abc:$2e32c2f20c67e29c328dd64a4214180f18da9e667d67c458070fd856f1e9e5e7'
+        rpcauth_def = '-rpcauth=def:$fd7adb152c05ef80dccf50a1fa4c05d5a3ec6da95575fc312ae7c5d091836351'
+        self.restart_node(0, extra_args=['-rpcauth'])
+        self.restart_node(0, extra_args=['-rpcauth=', rpcauth_abc])
+        self.restart_node(0, extra_args=[rpcauth_def, '-rpcauth='])
        # ...without disrupting usage of other -rpcauth tokens
-        self.test_auth(self.nodes[0], 'rt', self.rtpassword)
+        assert_equal(200, call_with_auth(self.nodes[0], 'def', 'abc').status)
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
+
+        self.log.info('Check -norpcauth disables all previous -rpcauth params')
+        self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth'])
+        assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
+        assert_equal(401, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
+
+        self.log.info('Check -norpcauth can be reversed with -rpcauth')
+        self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', '-rpcauth'])
+        # FIXME: assert_equal(200, call_with_auth(self.nodes[0], 'def', 'abc').status)
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
+
+        self.log.info('Check -norpcauth followed by a specific -rpcauth=* restores config file -rpcauth=* values too')
+        self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', rpcauth_abc])
+        assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
+        self.restart_node(0, extra_args=[rpcauth_def, '-norpcauth', '-rpcauth='])
+        assert_equal(401, call_with_auth(self.nodes[0], 'def', 'abc').status)
+        assert_equal(200, call_with_auth(self.nodes[0], 'rt', self.rtpassword).status)
+
+        self.log.info('Check -rpcauth are validated')
        self.stop_node(0)
        self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo'])
        self.nodes[0].assert_start_raises_init_error(expected_msg=init_error, extra_args=['-rpcauth=foo:bar'])