fix tests (after ssrf merge)

2026-04-25 17:15:21 +02:00 · 2026-04-19 18:59:29 +02:00
parent 220e111400
commit 4231beec86
2 changed files with 16 additions and 17 deletions
--- a/src/backend/core/tests/api/test_messages_import.py
+++ b/src/backend/core/tests/api/test_messages_import.py
@@ -2,7 +2,6 @@
 # pylint: disable=redefined-outer-name, unused-argument, no-value-for-parameter, too-many-lines

 import datetime
-import socket
 from unittest.mock import patch

 from django.core.files.storage import storages
@@ -23,18 +22,18 @@ pytestmark = pytest.mark.django_db

@pytest.fixture(autouse=True)
 def _mock_ssrf_dns():
-    """Short-circuit SSRF DNS validation for IMAP import tests.
+    """Short-circuit SSRF hostname validation for IMAP import tests.

    The IMAP endpoint validates the server hostname via
    ``core.services.ssrf.validate_hostname``; tests use unresolvable fixtures
-    like ``imap.example.com`` so we return a public IP to reach the mocked
-    IMAP task code.
+    like ``imap.example.com`` so we bypass validation at its call site.
+    Patching ``validate_hostname`` (rather than ``socket.getaddrinfo``) keeps
+    the mock scoped to SSRF checks and avoids redirecting unrelated DNS
+    lookups (e.g. to the S3 test fixture backend).
    """
    with patch(
-        "core.services.ssrf.socket.getaddrinfo",
-        return_value=[
-            (socket.AF_INET, socket.SOCK_STREAM, 6, "", ("93.184.216.34", 0))
-        ],
+        "core.services.importer.imap.validate_hostname",
+        return_value=["93.184.216.34"],
    ):
        yield

--- a/src/backend/core/tests/importer/conftest.py
+++ b/src/backend/core/tests/importer/conftest.py
@@ -1,6 +1,5 @@
 """Shared fixtures for importer tests."""

-import socket
 from unittest import mock

 import pytest
@@ -8,17 +7,18 @@ import pytest

@pytest.fixture(autouse=True)
 def _mock_ssrf_dns():
-    """Short-circuit SSRF DNS validation for IMAP tests.
+    """Short-circuit SSRF hostname validation for IMAP tests.

    The IMAP import path validates the server hostname via
-    ``core.services.ssrf.validate_hostname`` which calls ``socket.getaddrinfo``.
-    Test fixtures use unresolvable hostnames like ``imap.example.com``, so we
-    return a valid public IP here to let tests reach the mocked IMAP code.
+    ``core.services.ssrf.validate_hostname``. Test fixtures use unresolvable
+    hostnames like ``imap.example.com``, so we bypass validation to let tests
+    reach the mocked IMAP code. Patching ``validate_hostname`` at its call
+    site (rather than ``socket.getaddrinfo``) keeps the mock scoped to SSRF
+    checks and avoids redirecting unrelated DNS lookups (e.g. to the S3 test
+    fixture backend).
    """
    with mock.patch(
-        "core.services.ssrf.socket.getaddrinfo",
-        return_value=[
-            (socket.AF_INET, socket.SOCK_STREAM, 6, "", ("93.184.216.34", 0))
-        ],
+        "core.services.importer.imap.validate_hostname",
+        return_value=["93.184.216.34"],
    ):
        yield