#! /bin/sh
# PCP QA Test No. 660
# checks basic pmwebd functionality
#
# Copyright (c) 2013-2015 Red Hat, Inc.  All Rights Reserved.
#
seq=`basename $0`
echo "QA output created by $seq"

. ./common.webapi

which curl >/dev/null 2>&1 || _notrun "No curl binary installed"
[ -f ${PCP_BINADM_DIR}/pmwebd ] || _notrun "pmwebd package not installed"
# nb: wget dispreferred because of its processing of .. relative links,
# so it's harder to stress pmwebd's base-directory-escaping logic

$sudo rm -fr $tmp.dir
$sudo rm -f $tmp.*
rm -f $seq.full

signal=$PCP_BINADM_DIR/pmsignal
status=1	# failure is the default!
username=`id -u -n`

_cleanup()
{
    $sudo rm -fr $tmp.dir
    $sudo rm -f $tmp.*
    $sudo $signal -a pmwebd >/dev/null 2>&1
    $sudo $PCP_RC_DIR/pmwebd restart >/dev/null 2>&1
}
trap "_cleanup; exit \$status" 0 1 2 3 15

#
# on one QA host (bozo) where bind is running (may or not be related)
# the test emits
# * Hostname was NOT found in DNS cache
# instead of
# * About to connect() to LOCALHOST port 44323 (####)
# but otherwise works.
# This error message apparently comes from deep inside the non-PCP code.
# So filter to remove both variants to ensure the test is deemed to
# have passed.
#
# Also there is some other noise from a similar source but different
# causes, e.g.
#
# * Connected to LOCALHOST (LOCALADDR) port 44323 (####)
# * HTTP 1.1 or later with persistent connection, pipelining supported
# * additional stuff not fine transfer.c:1037: 0 0
# *   Trying LOCALADDR...
# * Connection refused
# * connect to ::1 port 44323 failed: Connection refused
# WARNING: gnome-keyring:: couldn't connect to: ...
# * [othewise blank line]
# [blank line]
#
_filter()
{
    sed \
	-e '/Hostname was NOT found in DNS cache/d' \
	-e '/About to connect() to LOCALHOST port 44323 (####)/d' \
	-e '/^\* Connected to LOCALHOST (LOCALADDR) port 44323/d' \
	-e '/^\* HTTP 1.1 or later with persistent connection/d' \
	-e '/^\* additional stuff not fine/d' \
	-e '/^\*  *Trying LOCALADDR/d' \
	-e '/^\* Connection refused/d' \
	-e '/^\* connect to .*: Connection refused/d' \
	-e '/WARNING: gnome-keyring::/d' \
	-e '/^\*$/d' \
	-e '/^[ 	]*$/d'
}

ipv6local=`_ipv6_localhost`
echo "ipv6local=$ipv6local" >>$seq.full

$sudo $PCP_RC_DIR/pmwebd stop >/dev/null 2>&1
$sudo $signal -a pmwebd >/dev/null 2>&1

webargs="-U $username"

echo | tee -a $seq.full
echo "=== pmwebd default startup  ===" | tee -a $seq.full
$PCP_BINADM_DIR/pmwebd $webargs -l $tmp.out -v -t10 &

echo "pid=$!" >>$seq.full
_wait_for_pmwebd_logfile $tmp.out

# prepare the expected output file based on detected mode
rm -f $seq.out
if grep -q IPv6 $tmp.out; then
    grep -q IPv4 $tmp.out || _notrun "QA host running in IPv6 mode only"
    ln $seq.out.46 $seq.out	# ipv6 + ipv4
else
    ln $seq.out.4 $seq.out	# ipv4 only
fi

curl -s -S "http://localhost:44323/pmapi/context?local=ANYTHING" \
| tee -a $seq.full \
| awk '{print $2}'
echo >>$seq.full
if grep -q IPv6 $tmp.out; then
    curl -s -S "http://$ipv6local:44323/pmapi/context?local=ANYTHING" \
    | tee -a $seq.full \
    | awk '{print $2}'
fi

echo | tee -a $seq.full
echo "=== pmwebd security constraints, file service ===" | tee -a $seq.full
$sudo $signal -a pmwebd >/dev/null 2>&1
sleep 2		# let it shutdown

cat $tmp.out >> $seq.full
$PCP_BINADM_DIR/pmwebd $webargs -R `pwd` -c 2222 -L -h localhost -N -vv -l $tmp.out >$tmp.err 2>&1 &
sleep 2		# let it start up
cat $tmp.err >> $seq.full

echo "+++ should fail due to -N" | tee -a $seq.full
curl -s -S "http://localhost:44323/pmapi/context?local=anything" \
| tee -a $seq.full \
| _webapi_response_filter
echo | tee -a $seq.full

echo "+++ should fail due to nonexistent context#" | tee -a $seq.full
curl -s -S "http://localhost:44323/pmapi/2225/_fetch" \
| tee -a $seq.full \
| _webapi_response_filter
echo | tee -a $seq.full

echo "+++ should fail with a different error (insufficient elements; ie pmFetch failed)" | tee -a $seq.full
# NB: the curl -v part reports http headers too, for ACAO presence assertion
curl -s -v -S "http://localhost:44323/pmapi/2222/_fetch?names=" 2>&1 \
| tee -a $seq.full \
| _webapi_response_filter \
| _filter
echo | tee -a $seq.full

echo "+++ should fail with a different error (insufficient elements; ie pmFetch failed)" | tee -a $seq.full
curl -s -S "http://localhost:44323/pmapi/2223/_fetch?pmids=" \
| tee -a $seq.full \
| _webapi_response_filter
echo | tee -a $seq.full

# filter for responses from newer microhttpd libraries, where
# symlink paths are rewritten (with verbose diagnostics that
# indicate this, also).
# Note: the request below must still generate a 400 response.
_symlink_response_filter()
{
    sed \
	-e 's,/../../etc/passwd,/etc/passwd,g' \
	-e '/Rebuilt URL to:.*\/etc\/passwd/d' \
    #end
}

echo "+++ should fail due to suspicious pmresapi path name" | tee -a $seq.full
curl -s -v -S "http://localhost:44323/../../etc/passwd" 2>&1 \
| tee -a $seq.full \
| _webapi_response_filter \
| _symlink_response_filter \
| _filter
echo | tee -a $seq.full

echo "+++ should fail due to non-enablement of graphite" | tee -a $seq.full
curl -s -v -S "http://localhost:44323/graphite/render?target=*" 2>&1 \
| tee -a $seq.full \
| _webapi_response_filter \
| _filter

echo | tee -a $seq.full
echo "+++ should pass, feed this very script" | tee -a $seq.full
curl -s -S "http://localhost:44323/$seq" > $tmp.out2
diff $tmp.out2 $0 && echo file service ok

cat $tmp.out >> $seq.full

status=0
exit
