Enforce HerokuappAccess (#78)

* remove BlueRacer support

* Enforce HerokuappAccess whitelisting even if list is unset/empty

Refs teamniteo/operations#2359

.circleci/config.yml

@@ -37,9 +37,4 @@ jobs:
 
       - run:
           name: Test
-          command: poetry run pytest --junitxml junit.xml --cov=pyramid_heroku --cov-fail-under=100
-
-      - run:
-          name: Upload results to blueracer.io
-          command: |
-            bash <(curl -s https://app.blueracer.io/upload)
+          command: poetry run pytest --cov=pyramid_heroku --cov-fail-under=100

README.rst

@@ -8,12 +8,10 @@ pyramid_heroku is a collection of tweens and helpers to successfully run `Pyrami
 
 It provides the following:
 
-* ``ClientAddr`` tween that sets real user's IP to ``request.client_addr``
+* ``ClientAddr`` tween that sets real user's IP to ``request.client_addr``. Without this tween you cannot do IP-based geolocation, IP whitelisting, etc.
 * ``Host`` tween that sets `request.host` to proxied `X-Forwarded-Host` header (note: potential security risk)
-* ``HerokuappAccess`` tween that denies access to your app's
-  ``<app>.herokuapp.com`` domain for any non-whitelisted IPs.
-* ``migrate.py`` script for automatically running alembic migrations on
-  deploy.
+* ``HerokuappAccess`` tween that denies access to your app's ``<app>.herokuapp.com`` domain for any non-whitelisted IPs. This is helpful because you don't want anyone outside your team (i.e. usual visitors/users and search bots) to be able to visit ``<app>.heroku.com`` besides the domain the app is deployed on. This is for security and SEO purposes. 
+* ``migrate.py`` script for automatically running alembic migrations on deploy.
 * ``maintenance.py`` script for controlling Heroku maintenance mode.
 
 

pyramid_heroku/herokuapp_access.py

@@ -27,10 +27,8 @@ def __init__(self, handler, registry):
 
     def __call__(self, request):
         whitelisted_ips = request.registry.settings.get(
-            "pyramid_heroku.herokuapp_whitelist"
+            "pyramid_heroku.herokuapp_whitelist", []
         )
-        if not whitelisted_ips:
-            return self.handler(request)
 
         if (
             "herokuapp.com" in request.headers["Host"]

pyramid_heroku/tests/test_herokuapp_access.py

@@ -81,21 +81,23 @@ def test_other_hostname(self):
         self.handler.assert_called_with(self.request)
 
     def test_herokuapp_whitelist_not_set(self):
+        "Even if whitelist is not set, the protection should still work."
         from pyramid_heroku.herokuapp_access import HerokuappAccess
 
         self.request.client_addr = "6.6.6.6"
         self.request.headers = {"Host": "foo.herokuapp.com"}
         self.request.registry.settings = {}
 
         HerokuappAccess(self.handler, self.request.registry)(self.request)
-        self.handler.assert_called_with(self.request)
+        assert not self.handler.called, "handler should not be called"
 
     def test_herokuapp_whitelist_empty(self):
+        "Even if whitelist is empty, the protection should still work."
         from pyramid_heroku.herokuapp_access import HerokuappAccess
 
         self.request.client_addr = "6.6.6.6"
         self.request.headers = {"Host": "foo.herokuapp.com"}
         self.request.registry.settings = {"pyramid_heroku.herokuapp_whitelist": []}
 
         HerokuappAccess(self.handler, self.request.registry)(self.request)
-        self.handler.assert_called_with(self.request)
+        assert not self.handler.called, "handler should not be called"

pytest.ini

@@ -1,3 +1,2 @@
 [pytest]
 addopts = --doctest-modules
-junit_duration_report = call