github.com/crowdsecurity/crowdsec@v1.6.1/test/bats/99_lapi-stream-mode-scenario.bats (about) 1 #!/usr/bin/env bats 2 # vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si: 3 4 set -u 5 6 setup_file() { 7 load "../lib/setup_file.sh" 8 ./instance-data load 9 ./instance-crowdsec start 10 API_KEY=$(cscli bouncers add testbouncer -o raw) 11 export API_KEY 12 CROWDSEC_API_URL="http://localhost:8080" 13 export CROWDSEC_API_URL 14 } 15 16 teardown_file() { 17 load "../lib/teardown_file.sh" 18 } 19 20 setup() { 21 load "../lib/setup.sh" 22 skip 23 } 24 25 #---------- 26 27 api() { 28 URI="$1" 29 curl -s -H "X-Api-Key:${API_KEY}" "${CROWDSEC_API_URL}${URI}" 30 } 31 32 output_new_decisions() { 33 jq -c '.new | map(select(.origin!="CAPI")) | .[] | del(.id) | (.. | .duration?) |= capture("(?<d>[[:digit:]]+h[[:digit:]]+m)").d' <(output) | sort 34 } 35 36 37 @test "adding decisions with different duration, scenario, origin" { 38 # origin: test 39 rune -0 cscli decisions add -i 127.0.0.1 -d 1h -R crowdsecurity/test 40 ./instance-crowdsec stop 41 rune -0 ./instance-db exec_sql "update decisions set origin='test' where origin='cscli'" 42 ./instance-crowdsec start 43 44 rune -0 cscli decisions add -i 127.0.0.1 -d 3h -R crowdsecurity/ssh_bf 45 ./instance-crowdsec stop 46 rune -0 ./instance-db exec_sql "update decisions set origin='another_origin' where origin='cscli'" 47 ./instance-crowdsec start 48 49 rune -0 cscli decisions add -i 127.0.0.1 -d 5h -R crowdsecurity/longest 50 rune -0 cscli decisions add -i 127.0.0.2 -d 3h -R crowdsecurity/test 51 rune -0 cscli decisions add -i 127.0.0.2 -d 3h -R crowdsecurity/ssh_bf 52 rune -0 cscli decisions add -i 127.0.0.2 -d 1h -R crowdsecurity/ssh_bf 53 ./instance-crowdsec stop 54 rune -0 ./instance-db exec_sql "update decisions set origin='test' where origin='cscli'" 55 ./instance-crowdsec start 56 57 # origin: another_origin 58 rune -0 cscli decisions add -i 127.0.0.2 -d 2h -R crowdsecurity/test 59 ./instance-crowdsec stop 60 rune -0 ./instance-db exec_sql "update decisions set origin='another_origin' where origin='cscli'" 61 ./instance-crowdsec start 62 } 63 64 @test "test startup" { 65 rune -0 api "/v1/decisions/stream?startup=true" 66 rune -0 output_new_decisions 67 assert_output - <<-EOT 68 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 69 {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} 70 EOT 71 } 72 73 @test "test startup with scenarios containing" { 74 rune -0 api "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf" 75 rune -0 output_new_decisions 76 assert_output - <<-EOT 77 {"duration":"2h59m","origin":"another_origin","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.1"} 78 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.2"} 79 EOT 80 } 81 82 @test "test startup with multiple scenarios containing" { 83 rune -0 api "/v1/decisions/stream?startup=true&scenarios_containing=ssh_bf,test" 84 rune -0 output_new_decisions 85 assert_output - <<-EOT 86 {"duration":"2h59m","origin":"another_origin","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.1"} 87 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 88 EOT 89 } 90 91 @test "test startup with unknown scenarios containing" { 92 rune -0 api "/v1/decisions/stream?startup=true&scenarios_containing=unknown" 93 assert_output '{"deleted":null,"new":null}' 94 } 95 96 @test "test startup with scenarios containing and not containing" { 97 rune -0 api "/v1/decisions/stream?startup=true&scenarios_containing=test&scenarios_not_containing=ssh_bf" 98 rune -0 output_new_decisions 99 assert_output - <<-EOT 100 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 101 {"origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.1"} 102 EOT 103 } 104 105 @test "test startup with scenarios containing and not containing 2" { 106 rune -0 api "/v1/decisions/stream?startup=true&scenarios_containing=longest&scenarios_not_containing=ssh_bf,test" 107 rune -0 output_new_decisions 108 assert_output - <<-EOT 109 {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} 110 EOT 111 } 112 113 @test "test startup with scenarios not containing" { 114 rune -0 api "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf" 115 rune -0 output_new_decisions 116 assert_output - <<-EOT 117 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 118 {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} 119 EOT 120 } 121 122 @test "test startup with multiple scenarios not containing" { 123 rune -0 api "/v1/decisions/stream?startup=true&scenarios_not_containing=ssh_bf,test" 124 rune -0 output_new_decisions 125 assert_output - <<-EOT 126 {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} 127 EOT 128 } 129 130 @test "test startup with origins parameter" { 131 rune -0 api "/v1/decisions/stream?startup=true&origins=another_origin" 132 rune -0 output_new_decisions 133 assert_output - <<-EOT 134 {"duration":"1h59m","origin":"another_origin","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 135 {"duration":"2h59m","origin":"another_origin","scenario":"crowdsecurity/ssh_bf","scope":"Ip","type":"ban","value":"127.0.0.1"} 136 EOT 137 } 138 139 @test "test startup with multiple origins parameter" { 140 rune -0 api "/v1/decisions/stream?startup=true&origins=another_origin,test" 141 rune -0 output_new_decisions 142 assert_output - <<-EOT 143 {"duration":"2h59m","origin":"test","scenario":"crowdsecurity/test","scope":"Ip","type":"ban","value":"127.0.0.2"} 144 {"duration":"4h59m","origin":"test","scenario":"crowdsecurity/longest","scope":"Ip","type":"ban","value":"127.0.0.1"} 145 EOT 146 } 147 148 @test "test startup with unknown origins" { 149 rune -0 api "/v1/decisions/stream?startup=true&origins=unknown" 150 assert_output '{"deleted":null,"new":null}' 151 } 152 153 #@test "delete decision 3 (127.0.0.1)" { 154 # 155 # { 156 # TestName: "delete decisions 3 (127.0.0.1)", 157 # Method: "DELETE", 158 # Route: "/v1/decisions/3", 159 # CheckCodeOnly: true, 160 # Code: 200, 161 # LenNew: 0, 162 # LenDeleted: 0, 163 # AuthType: PASSWORD, 164 # DelChecks: []DecisionCheck{}, 165 # NewChecks: []DecisionCheck{}, 166 # TestName: "check that 127.0.0.1 is not in deleted IP", 167 # Method: "GET", 168 # Route: "/v1/decisions/stream?startup=true", 169 # CheckCodeOnly: false, 170 # Code: 200, 171 # LenNew: 2, 172 # LenDeleted: 0, 173 # AuthType: APIKEY, 174 # DelChecks: []DecisionCheck{}, 175 # NewChecks: []DecisionCheck{}, 176 # }, 177 # { 178 # TestName: "delete decisions 2 (127.0.0.1)", 179 # Method: "DELETE", 180 # Route: "/v1/decisions/2", 181 # CheckCodeOnly: true, 182 # Code: 200, 183 # LenNew: 0, 184 # LenDeleted: 0, 185 # AuthType: PASSWORD, 186 # DelChecks: []DecisionCheck{}, 187 # NewChecks: []DecisionCheck{}, 188 # }, 189 # { 190 # TestName: "check that 127.0.0.1 is not in deleted IP", 191 # Method: "GET", 192 # Route: "/v1/decisions/stream?startup=true", 193 # CheckCodeOnly: false, 194 # Code: 200, 195 # LenNew: 2, 196 # LenDeleted: 0, 197 # AuthType: APIKEY, 198 # DelChecks: []DecisionCheck{}, 199 # NewChecks: []DecisionCheck{}, 200 # }, 201 # { 202 # TestName: "delete decisions 1 (127.0.0.1)", 203 # Method: "DELETE", 204 # Route: "/v1/decisions/1", 205 # CheckCodeOnly: true, 206 # Code: 200, 207 # LenNew: 0, 208 # LenDeleted: 0, 209 # AuthType: PASSWORD, 210 # DelChecks: []DecisionCheck{}, 211 # NewChecks: []DecisionCheck{}, 212 # }, 213 # TestName: "127.0.0.1 should be in deleted now", 214 # Method: "GET", 215 # Route: "/v1/decisions/stream?startup=true", 216 # CheckCodeOnly: false, 217 # Code: 200, 218 # LenNew: 1, 219 # LenDeleted: 1, 220 # AuthType: APIKEY, 221 # DelChecks: []DecisionCheck{ 222 # { 223 # ID: int64(1), 224 # Origin: "test", 225 # Scenario: "crowdsecurity/test", 226 # Value: "127.0.0.1", 227 # Duration: "-", // we check that the time is negative 228 # }, 229 # }, 230 # NewChecks: []DecisionCheck{}, 231 # }, 232 #} 233