improve tests

burpui/misc/acl/basic.py

@@ -19,12 +19,15 @@ class ACLloader(BUIaclLoader):
         with open(conf) as fp:
             c.readfp(fp)
             if c.has_section('BASIC:ACL'):
-                temp = c.get('BASIC:ACL', 'admin')
                 try:
-                    adms = json.loads(temp)
-                except Exception, e:
-                    self.app.logger.error(str(e))
-                    adms = [temp]
+                    temp = c.get('BASIC:ACL', 'admin')
+                    try:
+                        adms = json.loads(temp)
+                    except Exception as e:
+                        self.app.logger.error(str(e))
+                        adms = [temp]
+                except Exception as e:
+                    self.app.logger.warning(str(e))
                 for opt in c.options('BASIC:ACL'):
                     if opt == 'admin':
                         continue
@@ -34,7 +37,7 @@ class ACLloader(BUIaclLoader):
                         rec = json.loads(lit)
                         if isinstance(rec, dict):
                             self.servers[opt] = rec.keys()
-                    except Exception, e:
+                    except Exception as e:
                         self.app.logger.error(str(e))
                         rec = [lit]
                     self.clients[opt] = rec

test/run_tests.sh

@@ -23,9 +23,10 @@ echo "test requirements"
     echo "python2.7 is missing... Installing it"
     [ $ISROOT -eq 1 ] && apt-get -y install python2.7 python
 }
-#echo "install lib devel..."
-#apt-get update
-#apt-get -y install python-pip python
+
+echo "install lib devel..."
+apt-get update
+apt-get -y install python-pip python
 ##apt-get -y install python2.7-dev python2.6-dev libsasl2-dev
 
 echo "check files"

test/test5.cfg

@@ -0,0 +1,55 @@
+[Global]
+# On which port is the application listening
+port: 5001
+# On which address is the application listening
+# '::' is the default for all IPv6
+bind: ::
+# enable SSL
+ssl: false
+# ssl cert
+sslcert: /etc/burp/ssl_cert-server.pem
+# ssl key
+sslkey: /etc/burp/ssl_cert-server.key
+# burp server version (currently only burp 1.x is implemented)
+version: 1
+# Handle multiple bui-servers or not
+# If set to 'false', you will need to declare at least one 'Agent' section (see
+# bellow)
+standalone: true
+# authentication plugin (mandatory)
+# list the misc/auth directory to see the available backends
+# to disable authentication you can set "auth: none"
+auth: basic
+# acl plugin                                                                    
+# list misc/auth directory to see the available backends                        
+# default is no ACL
+acl: basic
+
+[UI]
+# refresh interval of the pages in seconds
+refresh: 15
+
+# burp1 backend specific options
+[Burp1]
+# burp status address (can only be '127.0.0.1' or '::1'
+bhost: 127.0.0.1
+# burp status port
+bport: 9999
+# burp binary
+burpbin: /dev/null
+# vss_strip binary
+stripbin: /dev/null
+# temporary dir for the on the fly restoration
+tmpdir: /dev/null
+# burp client configuration file used for the restoration (Default: None)
+bconfcli: /dev/null
+# burp server configuration file used for the setting page
+bconfsrv: /dev/null
+
+[BASIC]
+admin: admin
+user1: password
+
+[BASIC:ACL]
+user1: ["client1", "client2"]
+user2: {"agent1": ["client3"]}

test/test_burpui.py

@@ -4,7 +4,6 @@ import sys
 import os
 import unittest
 import urllib2
-import pprint
 from flask.ext.testing import LiveServerTestCase, TestCase
 
 sys.path.append('{0}/..'.format(os.path.join(os.path.dirname(os.path.realpath(__file__)))))
@@ -174,5 +173,43 @@ class BurpuiLoginTestCase(TestCase):
 		rv = self.login('toto', 'toto')
 		assert 'Wrong username or password' in rv.data
 
+class BurpuiACLTestCase(TestCase):
+
+	def setUp(self):
+		print '\nBegin Test 5\n'
+
+	def tearDown(self):
+		print '\nTest 5 Finished!\n'
+
+	def login(self, username, password):
+		return self.client.post('/login', data=dict(
+			username=username,
+			password=password
+		), follow_redirects=True)
+
+	def create_app(self):
+		conf = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'test5.cfg')
+		BUIinit(conf, False, False)
+		app.config['TESTING'] = True
+		app.config['LIVESERVER_PORT'] = 5001
+		app.config['WTF_CSRF_ENABLED'] = False
+		bui.cli.port = 9999
+		login_manager.init_app(app)
+		return app
+
+	def test_login_ko(self):
+		rv = self.login('admin', 'toto')
+		assert 'Wrong username or password' in rv.data
+
+	def test_config_render(self):
+		rv = self.login('admin', 'admin')
+		response = self.client.get('/settings')
+		assert 'Burp Configuration' in response.data
+
+	def test_config_render_ko(self):
+		rv = self.login('user1', 'password')
+		response = self.client.get('/settings')
+		self.assert403(response)
+
 if __name__ == '__main__':
 	unittest.main()