test(*): Add more tests

crowdsecurity · Jul 11, 2023 · 117f73f · 117f73f
1 parent 2c37f62
commit 117f73f
Show file tree

Hide file tree

Showing 4 changed files with 147 additions and 2 deletions.
diff --git a/Test/EndToEnd/__tests__/add-alert.test.ts b/Test/EndToEnd/__tests__/add-alert.test.ts
@@ -77,4 +77,18 @@ test.describe("Add alert test", () => {
     logContent = await getFileContent(LOG_PATH);
     expect(logContent).toMatch(new RegExp(`Event is in black hole`));
   });
+
+  test("should log error", async ({ runActionPage, page }) => {
+    const badNamedScenario = "test-playwright()";
+    await runActionPage.clearCache();
+    const ip = "5.6.7.8";
+
+    await runActionPage.addAlert(ip, badNamedScenario);
+    await expect(page.locator("body")).toHaveText("false");
+
+    const logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(
+      new RegExp(`Scenario name does not conform to the convention`)
+    );
+  });
 });
diff --git a/Test/EndToEnd/__tests__/detect-pages-scan.test.ts b/Test/EndToEnd/__tests__/detect-pages-scan.test.ts
@@ -11,6 +11,13 @@ test.describe("Detect pages scan", () => {
     expect(logContent).toBe("");
   });
 
+  test("can set default config", async ({
+    adminCrowdSecSecurityConfigPage,
+  }) => {
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await adminCrowdSecSecurityConfigPage.setDefaultConfig();
+  });
+
   test("should be banned if too many try", async ({
     runActionPage,
     noRoutePage,
@@ -35,7 +42,7 @@ test.describe("Detect pages scan", () => {
     expect(page.locator("body")).not.toHaveText(blockRegex);
 
     await noRoutePage.navigateTo(false);
-    // With 11 detection, alert should not have been triggered
+    // With 11 detection, alert should have been triggered
     await expect(page.locator("body")).toHaveText(blockRegex);
     // Clear cache to be able to access admin pages
     await runActionPage.clearCache();
@@ -60,4 +67,119 @@ test.describe("Detect pages scan", () => {
     logContent = await getFileContent(LOG_PATH);
     expect(logContent).toMatch(new RegExp(`Event is in black hole`));
   });
+
+  test("should NOT be banned if too many try (because disabled bounce)", async ({
+    runActionPage,
+    noRoutePage,
+    adminCrowdSecSecurityConfigPage,
+    page,
+  }) => {
+    await runActionPage.clearCache();
+    const ip = await runActionPage.getIp();
+    // Delete all previous events fo IP
+    await runActionPage.deleteEvents(ip);
+
+    //Change config
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await page
+      .getByRole("combobox", { name: "[GLOBAL] Bounce banned IP" })
+      .selectOption("0");
+    await adminCrowdSecSecurityConfigPage.saveConfig();
+
+    for (let i = 0; i < 10; i++) {
+      await noRoutePage.navigateTo();
+    }
+    let logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(
+      new RegExp(
+        `Detected event saved {"ip":"${ip}","scenario":"magento2/pages-scan"}`
+      )
+    );
+    // With 10 detection, alert should not have been triggered
+    expect(page.locator("body")).not.toHaveText(blockRegex);
+
+    await noRoutePage.navigateTo();
+    // With 11 detection, alert should have been triggered but not blocked because of settings
+    await expect(page.locator("body")).not.toHaveText(blockRegex);
+
+    // Push signals manually
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await adminCrowdSecSecurityConfigPage.pushSignals();
+    await expect(page.locator("#signals_push_result")).toContainText(
+      /0 errors for 1 candidates/,
+      {
+        timeout: 30000,
+      }
+    );
+    logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(
+      new RegExp(
+        `Signals have been pushed {"candidates":1,"pushed":1,"errors":0}`
+      )
+    );
+    // Test that event has been detected as in "black hole"
+    await noRoutePage.navigateTo();
+    logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(new RegExp(`Event is in black hole`));
+  });
+
+  test("should NOT be banned if too many try (because disabled local ban)", async ({
+    runActionPage,
+    noRoutePage,
+    adminCrowdSecSecurityConfigPage,
+    page,
+  }) => {
+    await runActionPage.clearCache();
+    const ip = await runActionPage.getIp();
+    // Delete all previous events fo IP
+    await runActionPage.deleteEvents(ip);
+
+    //Change config
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await page
+      .getByRole("combobox", { name: "[GLOBAL] Bounce banned IP" })
+      .selectOption("1");
+    await page
+      .getByRole("combobox", {
+        name: "[GLOBAL] Ban IP locally when a scenario triggers an alert",
+      })
+      .selectOption("0");
+    await adminCrowdSecSecurityConfigPage.saveConfig();
+
+    for (let i = 0; i < 10; i++) {
+      await noRoutePage.navigateTo();
+    }
+    let logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(
+      new RegExp(
+        `Detected event saved {"ip":"${ip}","scenario":"magento2/pages-scan"}`
+      )
+    );
+    // With 10 detection, alert should not have been triggered
+    expect(page.locator("body")).not.toHaveText(blockRegex);
+
+    await noRoutePage.navigateTo();
+    // With 11 detection, alert should have been triggered but not blocked because of settings
+    await expect(page.locator("body")).not.toHaveText(blockRegex);
+
+    // Push signals manually
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await adminCrowdSecSecurityConfigPage.pushSignals();
+    await expect(page.locator("#signals_push_result")).toContainText(
+      /0 errors for 1 candidates/,
+      {
+        timeout: 30000,
+      }
+    );
+    logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(
+      new RegExp(
+        `Signals have been pushed {"candidates":1,"pushed":1,"errors":0}`
+      )
+    );
+    // Test that event has been detected as in "black hole"
+    await noRoutePage.navigateTo();
+    logContent = await getFileContent(LOG_PATH);
+    expect(logContent).toMatch(new RegExp(`Event is in black hole`));
+  });
 });
diff --git a/Test/EndToEnd/__tests__/detect-user-enum.test.ts b/Test/EndToEnd/__tests__/detect-user-enum.test.ts
@@ -29,6 +29,13 @@ test.describe("Detect user enum", () => {
     expect(logContent).toBe("");
   });
 
+  test("can set default config", async ({
+    adminCrowdSecSecurityConfigPage,
+  }) => {
+    await adminCrowdSecSecurityConfigPage.navigateTo();
+    await adminCrowdSecSecurityConfigPage.setDefaultConfig();
+  });
+
   test("should be banned if too many enumeration", async ({
     runActionPage,
     adminLoginPage,
@@ -59,7 +66,7 @@ test.describe("Detect user enum", () => {
 
     await adminLoginPage.navigateTo();
     await adminLoginPage.login("another_bad_name", "password", false);
-    // With 11 detection, alert should not have been triggered
+    // With 11 detection, alert should have been triggered
     await expect(page.locator("body")).toHaveText(blockRegex);
     // Clear cache to be able to access admin pages
     await runActionPage.clearCache();

diff --git a/doc/DEVELOPER.md b/doc/DEVELOPER.md
@@ -158,6 +158,8 @@ We are using a Jest/Playwright Node.js stack to launch a suite of end-to-end tes
 
 Tests code is in the `Test/EndToEnd` folder.
 
+Tests must be run sequentially (`fullyParallel: false` in the `playwright.config.ts` file)
+
 ```bash
 ddev get julienloizelet/ddev-crowdsec-php
 cp .ddev/okaeli-add-on/magento2/custom_files/crowdsec/engine/docker-compose.override.yaml .ddev/docker-compose.override.yaml