bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiserver/decisions_test.go (about) 1 package apiserver 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "io/ioutil" 7 "net/http" 8 "net/http/httptest" 9 "strings" 10 "testing" 11 "time" 12 13 "bitbucket.org/Aishee/synsec/pkg/models" 14 log "github.com/sirupsen/logrus" 15 "github.com/stretchr/testify/assert" 16 ) 17 18 func TestDeleteDecisionRange(t *testing.T) { 19 router, loginResp, err := InitMachineTest() 20 if err != nil { 21 log.Fatalln(err.Error()) 22 } 23 24 // Create Valid Alert 25 alertContentBytes, err := ioutil.ReadFile("./tests/alert_minibulk.json") 26 if err != nil { 27 log.Fatal(err) 28 } 29 alerts := make([]*models.Alert, 0) 30 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 31 log.Fatal(err) 32 } 33 34 for _, alert := range alerts { 35 *alert.StartAt = time.Now().Format(time.RFC3339) 36 *alert.StopAt = time.Now().Format(time.RFC3339) 37 } 38 39 alertContent, err := json.Marshal(alerts) 40 if err != nil { 41 log.Fatal(err) 42 } 43 44 w := httptest.NewRecorder() 45 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 46 req.Header.Add("User-Agent", UserAgent) 47 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 48 router.ServeHTTP(w, req) 49 50 // delete by ip wrong 51 w = httptest.NewRecorder() 52 req, _ = http.NewRequest("DELETE", "/v1/decisions?range=1.2.3.0/24", strings.NewReader("")) 53 req.Header.Add("User-Agent", UserAgent) 54 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 55 router.ServeHTTP(w, req) 56 assert.Equal(t, 200, w.Code) 57 assert.Equal(t, `{"nbDeleted":"0"}`, w.Body.String()) 58 59 // delete by range 60 w = httptest.NewRecorder() 61 req, _ = http.NewRequest("DELETE", "/v1/decisions?range=91.121.79.0/24&contains=false", strings.NewReader("")) 62 req.Header.Add("User-Agent", UserAgent) 63 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 64 router.ServeHTTP(w, req) 65 assert.Equal(t, 200, w.Code) 66 assert.Equal(t, `{"nbDeleted":"2"}`, w.Body.String()) 67 68 // delete by range : ensure it was already deleted 69 w = httptest.NewRecorder() 70 req, _ = http.NewRequest("DELETE", "/v1/decisions?range=91.121.79.0/24", strings.NewReader("")) 71 req.Header.Add("User-Agent", UserAgent) 72 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 73 router.ServeHTTP(w, req) 74 assert.Equal(t, 200, w.Code) 75 assert.Equal(t, `{"nbDeleted":"0"}`, w.Body.String()) 76 } 77 78 func TestDeleteDecisionFilter(t *testing.T) { 79 router, loginResp, err := InitMachineTest() 80 if err != nil { 81 log.Fatalln(err.Error()) 82 } 83 84 // Create Valid Alert 85 alertContentBytes, err := ioutil.ReadFile("./tests/alert_minibulk.json") 86 if err != nil { 87 log.Fatal(err) 88 } 89 alerts := make([]*models.Alert, 0) 90 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 91 log.Fatal(err) 92 } 93 94 for _, alert := range alerts { 95 *alert.StartAt = time.Now().Format(time.RFC3339) 96 *alert.StopAt = time.Now().Format(time.RFC3339) 97 } 98 99 alertContent, err := json.Marshal(alerts) 100 if err != nil { 101 log.Fatal(err) 102 } 103 104 w := httptest.NewRecorder() 105 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 106 req.Header.Add("User-Agent", UserAgent) 107 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 108 router.ServeHTTP(w, req) 109 110 // delete by ip wrong 111 w = httptest.NewRecorder() 112 req, _ = http.NewRequest("DELETE", "/v1/decisions?ip=1.2.3.4", strings.NewReader("")) 113 req.Header.Add("User-Agent", UserAgent) 114 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 115 router.ServeHTTP(w, req) 116 assert.Equal(t, 200, w.Code) 117 assert.Equal(t, `{"nbDeleted":"0"}`, w.Body.String()) 118 119 // delete by ip good 120 w = httptest.NewRecorder() 121 req, _ = http.NewRequest("DELETE", "/v1/decisions?ip=91.121.79.179", strings.NewReader("")) 122 req.Header.Add("User-Agent", UserAgent) 123 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 124 router.ServeHTTP(w, req) 125 assert.Equal(t, 200, w.Code) 126 assert.Equal(t, `{"nbDeleted":"1"}`, w.Body.String()) 127 128 // delete by scope/value 129 w = httptest.NewRecorder() 130 req, _ = http.NewRequest("DELETE", "/v1/decisions?scope=Ip&value=91.121.79.178", strings.NewReader("")) 131 req.Header.Add("User-Agent", UserAgent) 132 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 133 router.ServeHTTP(w, req) 134 assert.Equal(t, 200, w.Code) 135 assert.Equal(t, `{"nbDeleted":"1"}`, w.Body.String()) 136 } 137 138 func TestGetDecisionFilters(t *testing.T) { 139 router, loginResp, err := InitMachineTest() 140 if err != nil { 141 log.Fatalln(err.Error()) 142 } 143 144 // Create Valid Alert 145 alertContentBytes, err := ioutil.ReadFile("./tests/alert_minibulk.json") 146 if err != nil { 147 log.Fatal(err) 148 } 149 alerts := make([]*models.Alert, 0) 150 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 151 log.Fatal(err) 152 } 153 154 for _, alert := range alerts { 155 *alert.StartAt = time.Now().Format(time.RFC3339) 156 *alert.StopAt = time.Now().Format(time.RFC3339) 157 } 158 159 alertContent, err := json.Marshal(alerts) 160 if err != nil { 161 log.Fatal(err) 162 } 163 164 w := httptest.NewRecorder() 165 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 166 req.Header.Add("User-Agent", UserAgent) 167 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 168 router.ServeHTTP(w, req) 169 170 APIKey, err := CreateTestBouncer() 171 if err != nil { 172 log.Fatalf("%s", err.Error()) 173 } 174 175 // Get Decision 176 w = httptest.NewRecorder() 177 req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader("")) 178 req.Header.Add("User-Agent", UserAgent) 179 req.Header.Add("X-Api-Key", APIKey) 180 router.ServeHTTP(w, req) 181 assert.Equal(t, 200, w.Code) 182 assert.Contains(t, w.Body.String(), `"id":1,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.179"`) 183 assert.Contains(t, w.Body.String(), `"id":2,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.178"`) 184 185 // Get Decision : type filter 186 w = httptest.NewRecorder() 187 req, _ = http.NewRequest("GET", "/v1/decisions?type=ban", strings.NewReader("")) 188 req.Header.Add("User-Agent", UserAgent) 189 req.Header.Add("X-Api-Key", APIKey) 190 router.ServeHTTP(w, req) 191 assert.Equal(t, 200, w.Code) 192 assert.Contains(t, w.Body.String(), `"id":1,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.179"`) 193 assert.Contains(t, w.Body.String(), `"id":2,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.178"`) 194 195 // Get Decision : scope/value 196 w = httptest.NewRecorder() 197 req, _ = http.NewRequest("GET", "/v1/decisions?scope=Ip&value=91.121.79.179", strings.NewReader("")) 198 req.Header.Add("User-Agent", UserAgent) 199 req.Header.Add("X-Api-Key", APIKey) 200 router.ServeHTTP(w, req) 201 assert.Equal(t, 200, w.Code) 202 assert.Contains(t, w.Body.String(), `"id":1,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.179"`) 203 assert.NotContains(t, w.Body.String(), `"id":2,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.178"`) 204 205 // Get Decision : ip filter 206 w = httptest.NewRecorder() 207 req, _ = http.NewRequest("GET", "/v1/decisions?ip=91.121.79.179", strings.NewReader("")) 208 req.Header.Add("User-Agent", UserAgent) 209 req.Header.Add("X-Api-Key", APIKey) 210 router.ServeHTTP(w, req) 211 assert.Equal(t, 200, w.Code) 212 assert.Contains(t, w.Body.String(), `"id":1,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.179"`) 213 assert.NotContains(t, w.Body.String(), `"id":2,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.178"`) 214 215 // Get decision : by range 216 w = httptest.NewRecorder() 217 req, _ = http.NewRequest("GET", "/v1/decisions?range=91.121.79.0/24&contains=false", strings.NewReader("")) 218 req.Header.Add("User-Agent", UserAgent) 219 req.Header.Add("X-Api-Key", APIKey) 220 router.ServeHTTP(w, req) 221 assert.Equal(t, 200, w.Code) 222 assert.Contains(t, w.Body.String(), `"id":1,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.179"`) 223 assert.Contains(t, w.Body.String(), `"id":2,"origin":"synsec","scenario":"breakteam/ssh-bf","scope":"Ip","type":"ban","value":"91.121.79.178"`) 224 } 225 226 func TestGetDecision(t *testing.T) { 227 router, loginResp, err := InitMachineTest() 228 if err != nil { 229 log.Fatalln(err.Error()) 230 } 231 232 // Create Valid Alert 233 alertContentBytes, err := ioutil.ReadFile("./tests/alert_sample.json") 234 if err != nil { 235 log.Fatal(err) 236 } 237 alerts := make([]*models.Alert, 0) 238 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 239 log.Fatal(err) 240 } 241 242 for _, alert := range alerts { 243 *alert.StartAt = time.Now().Format(time.RFC3339) 244 *alert.StopAt = time.Now().Format(time.RFC3339) 245 } 246 247 alertContent, err := json.Marshal(alerts) 248 if err != nil { 249 log.Fatal(err) 250 } 251 w := httptest.NewRecorder() 252 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 253 req.Header.Add("User-Agent", UserAgent) 254 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 255 router.ServeHTTP(w, req) 256 257 APIKey, err := CreateTestBouncer() 258 if err != nil { 259 log.Fatalf("%s", err.Error()) 260 } 261 262 // Get Decision with invalid filter 263 w = httptest.NewRecorder() 264 req, _ = http.NewRequest("GET", "/v1/decisions?test=test", strings.NewReader("")) 265 req.Header.Add("User-Agent", UserAgent) 266 req.Header.Add("X-Api-Key", APIKey) 267 router.ServeHTTP(w, req) 268 269 assert.Equal(t, 500, w.Code) 270 assert.Equal(t, "{\"message\":\"'test' doesn't exist: invalid filter\"}", w.Body.String()) 271 272 // Get Decision 273 w = httptest.NewRecorder() 274 req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader("")) 275 req.Header.Add("User-Agent", UserAgent) 276 req.Header.Add("X-Api-Key", APIKey) 277 router.ServeHTTP(w, req) 278 279 assert.Equal(t, 200, w.Code) 280 assert.Contains(t, w.Body.String(), "\"id\":1,\"origin\":\"test\",\"scenario\":\"breakteam/test\",\"scope\":\"ip\",\"type\":\"ban\",\"value\":\"127.0.0.1\"}]") 281 282 } 283 284 func TestDeleteDecisionByID(t *testing.T) { 285 router, loginResp, err := InitMachineTest() 286 if err != nil { 287 log.Fatalln(err.Error()) 288 } 289 290 // Create Valid Alert 291 alertContentBytes, err := ioutil.ReadFile("./tests/alert_sample.json") 292 if err != nil { 293 log.Fatal(err) 294 } 295 alerts := make([]*models.Alert, 0) 296 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 297 log.Fatal(err) 298 } 299 300 for _, alert := range alerts { 301 *alert.StartAt = time.Now().Format(time.RFC3339) 302 *alert.StopAt = time.Now().Format(time.RFC3339) 303 } 304 305 alertContent, err := json.Marshal(alerts) 306 if err != nil { 307 log.Fatal(err) 308 } 309 w := httptest.NewRecorder() 310 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 311 req.Header.Add("User-Agent", UserAgent) 312 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 313 router.ServeHTTP(w, req) 314 315 // Delete alert with Invalid ID 316 w = httptest.NewRecorder() 317 req, _ = http.NewRequest("DELETE", "/v1/decisions/test", strings.NewReader("")) 318 req.Header.Add("User-Agent", UserAgent) 319 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 320 router.ServeHTTP(w, req) 321 322 assert.Equal(t, 400, w.Code) 323 assert.Equal(t, "{\"message\":\"decision_id must be valid integer\"}", w.Body.String()) 324 325 // Delete alert with ID that not exist 326 w = httptest.NewRecorder() 327 req, _ = http.NewRequest("DELETE", "/v1/decisions/100", strings.NewReader("")) 328 req.Header.Add("User-Agent", UserAgent) 329 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 330 router.ServeHTTP(w, req) 331 332 assert.Equal(t, 500, w.Code) 333 assert.Equal(t, "{\"message\":\"decision with id '100' doesn't exist: unable to delete\"}", w.Body.String()) 334 335 // Delete alert with valid ID 336 w = httptest.NewRecorder() 337 req, _ = http.NewRequest("DELETE", "/v1/decisions/1", strings.NewReader("")) 338 req.Header.Add("User-Agent", UserAgent) 339 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 340 router.ServeHTTP(w, req) 341 342 assert.Equal(t, 200, w.Code) 343 assert.Equal(t, "{\"nbDeleted\":\"1\"}", w.Body.String()) 344 345 } 346 347 func TestDeleteDecision(t *testing.T) { 348 router, loginResp, err := InitMachineTest() 349 if err != nil { 350 log.Fatalln(err.Error()) 351 } 352 353 // Create Valid Alert 354 alertContentBytes, err := ioutil.ReadFile("./tests/alert_sample.json") 355 if err != nil { 356 log.Fatal(err) 357 } 358 alerts := make([]*models.Alert, 0) 359 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 360 log.Fatal(err) 361 } 362 363 for _, alert := range alerts { 364 *alert.StartAt = time.Now().Format(time.RFC3339) 365 *alert.StopAt = time.Now().Format(time.RFC3339) 366 } 367 368 alertContent, err := json.Marshal(alerts) 369 if err != nil { 370 log.Fatal(err) 371 } 372 373 w := httptest.NewRecorder() 374 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 375 req.Header.Add("User-Agent", UserAgent) 376 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 377 router.ServeHTTP(w, req) 378 379 // Delete alert with Invalid filter 380 w = httptest.NewRecorder() 381 req, _ = http.NewRequest("DELETE", "/v1/decisions?test=test", strings.NewReader("")) 382 req.Header.Add("User-Agent", UserAgent) 383 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 384 router.ServeHTTP(w, req) 385 386 assert.Equal(t, 500, w.Code) 387 assert.Equal(t, "{\"message\":\"'test' doesn't exist: invalid filter\"}", w.Body.String()) 388 389 // Delete alert 390 w = httptest.NewRecorder() 391 req, _ = http.NewRequest("DELETE", "/v1/decisions", strings.NewReader("")) 392 req.Header.Add("User-Agent", UserAgent) 393 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 394 router.ServeHTTP(w, req) 395 396 assert.Equal(t, 200, w.Code) 397 assert.Equal(t, "{\"nbDeleted\":\"1\"}", w.Body.String()) 398 399 } 400 401 func TestStreamDecision(t *testing.T) { 402 router, loginResp, err := InitMachineTest() 403 if err != nil { 404 log.Fatalln(err.Error()) 405 } 406 407 // Create Valid Alert 408 alertContentBytes, err := ioutil.ReadFile("./tests/alert_sample.json") 409 if err != nil { 410 log.Fatal(err) 411 } 412 alerts := make([]*models.Alert, 0) 413 if err := json.Unmarshal(alertContentBytes, &alerts); err != nil { 414 log.Fatal(err) 415 } 416 417 for _, alert := range alerts { 418 *alert.StartAt = time.Now().Format(time.RFC3339) 419 *alert.StopAt = time.Now().Format(time.RFC3339) 420 } 421 422 alertContent, err := json.Marshal(alerts) 423 if err != nil { 424 log.Fatal(err) 425 } 426 w := httptest.NewRecorder() 427 req, _ := http.NewRequest("POST", "/v1/alerts", strings.NewReader(string(alertContent))) 428 req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", loginResp.Token)) 429 router.ServeHTTP(w, req) 430 431 APIKey, err := CreateTestBouncer() 432 if err != nil { 433 log.Fatalf("%s", err.Error()) 434 } 435 436 // Get Stream 437 w = httptest.NewRecorder() 438 req, _ = http.NewRequest("GET", "/v1/decisions/stream", strings.NewReader("")) 439 req.Header.Add("X-Api-Key", APIKey) 440 router.ServeHTTP(w, req) 441 442 assert.Equal(t, 200, w.Code) 443 assert.Equal(t, "{\"deleted\":null,\"new\":null}", w.Body.String()) 444 445 // Get Stream just startup 446 w = httptest.NewRecorder() 447 req, _ = http.NewRequest("GET", "/v1/decisions/stream?startup=true", strings.NewReader("")) 448 req.Header.Add("X-Api-Key", APIKey) 449 router.ServeHTTP(w, req) 450 451 assert.Equal(t, 200, w.Code) 452 assert.Contains(t, w.Body.String(), "\"id\":1,\"origin\":\"test\",\"scenario\":\"breakteam/test\",\"scope\":\"ip\",\"type\":\"ban\",\"value\":\"127.0.0.1\"}]}") 453 }