[GitHub] [apisix] monkeyDluffy6017 commented on a diff in pull request #9146: fix(cli): fix allow_admin allows non-`127.0.0.0/24` to access admin api with empty admin_key

["monkeyDluffy6017 (via GitHub)" <gi...@apache.org>]

monkeyDluffy6017 commented on code in PR #9146:
URL: https://github.com/apache/apisix/pull/9146#discussion_r1147647944


##########
t/cli/test_admin.sh:
##########
@@ -154,6 +154,43 @@ fi
 
 echo "pass: missing admin key and show ERROR message"
 
+# missing admin key, only allow 127.0.0.0/24 to access admin api
+
+echo '
+deployment:
+  admin:
+    allow_admin:
+      - 127.0.0.0/24
+    allow_admin: ~
+' > conf/config.yaml
+
+make init > output.log 2>&1 | true
+
+grep -E "ERROR: missing valid Admin API token." output.log > /dev/null
+if [ $? -eq 0 ]; then

Review Comment:
   I have checked with @spacewander, the condition is correct



##########
t/cli/test_admin.sh:
##########
@@ -154,6 +154,43 @@ fi
 
 echo "pass: missing admin key and show ERROR message"
 
+# missing admin key, only allow 127.0.0.0/24 to access admin api
+
+echo '
+deployment:
+  admin:
+    allow_admin:
+      - 127.0.0.0/24
+    allow_admin: ~
+' > conf/config.yaml
+
+make init > output.log 2>&1 | true
+
+grep -E "ERROR: missing valid Admin API token." output.log > /dev/null
+if [ $? -eq 0 ]; then

Review Comment:
   I have checked with @spacewander, the condition is correct



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org