github.com/newrelic/go-agent@v3.26.0+incompatible/internal/security_policies_test.go

github.com/newrelic/go-agent@v3.26.0+incompatible/internal/security_policies_test.go (about)

     1  // Copyright 2020 New Relic Corporation. All rights reserved.
     2  // SPDX-License-Identifier: Apache-2.0
     3  
     4  package internal
     5  
     6  import (
     7  	"encoding/json"
     8  	"testing"
     9  )
    10  
    11  func testBool(t *testing.T, name string, expected, got bool) {
    12  	if expected != got {
    13  		t.Errorf("%v: expected=%v got=%v", name, expected, got)
    14  	}
    15  }
    16  
    17  func TestSecurityPoliciesPresent(t *testing.T) {
    18  	inputJSON := []byte(`{
    19  		"record_sql":                    { "enabled": false, "required": false },
    20  	        "attributes_include":            { "enabled": false, "required": false },
    21  	        "allow_raw_exception_messages":  { "enabled": false, "required": false },
    22  	        "custom_events":                 { "enabled": false, "required": false },
    23  	        "custom_parameters":             { "enabled": false, "required": false },
    24  	        "custom_instrumentation_editor": { "enabled": false, "required": false },
    25  	        "message_parameters":            { "enabled": false, "required": false },
    26  	        "job_arguments":                 { "enabled": false, "required": false }
    27  	}`)
    28  	var policies SecurityPolicies
    29  	err := json.Unmarshal(inputJSON, &policies)
    30  	if nil != err {
    31  		t.Fatal(err)
    32  	}
    33  	connectJSON, err := json.Marshal(policies)
    34  	if nil != err {
    35  		t.Fatal(err)
    36  	}
    37  	expectJSON := CompactJSONString(`{
    38  		"record_sql":                      { "enabled": false },
    39  		"attributes_include":              { "enabled": false },
    40  		"allow_raw_exception_messages":    { "enabled": false },
    41  		"custom_events":                   { "enabled": false },
    42  		"custom_parameters":               { "enabled": false }
    43  	}`)
    44  	if string(connectJSON) != expectJSON {
    45  		t.Error(string(connectJSON), expectJSON)
    46  	}
    47  	testBool(t, "PointerIfPopulated", true, nil != policies.PointerIfPopulated())
    48  	testBool(t, "RecordSQLEnabled", false, policies.RecordSQL.Enabled())
    49  	testBool(t, "AttributesIncludeEnabled", false, policies.AttributesInclude.Enabled())
    50  	testBool(t, "AllowRawExceptionMessages", false, policies.AllowRawExceptionMessages.Enabled())
    51  	testBool(t, "CustomEventsEnabled", false, policies.CustomEvents.Enabled())
    52  	testBool(t, "CustomParametersEnabled", false, policies.CustomParameters.Enabled())
    53  }
    54  
    55  func TestNilSecurityPolicies(t *testing.T) {
    56  	var policies SecurityPolicies
    57  	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
    58  	testBool(t, "RecordSQLEnabled", true, policies.RecordSQL.Enabled())
    59  	testBool(t, "AttributesIncludeEnabled", true, policies.AttributesInclude.Enabled())
    60  	testBool(t, "AllowRawExceptionMessages", true, policies.AllowRawExceptionMessages.Enabled())
    61  	testBool(t, "CustomEventsEnabled", true, policies.CustomEvents.Enabled())
    62  	testBool(t, "CustomParametersEnabled", true, policies.CustomParameters.Enabled())
    63  }
    64  
    65  func TestUnknownRequiredPolicy(t *testing.T) {
    66  	inputJSON := []byte(`{
    67  		"record_sql":                    { "enabled": false, "required": false },
    68  	        "attributes_include":            { "enabled": false, "required": false },
    69  	        "allow_raw_exception_messages":  { "enabled": false, "required": false },
    70  	        "custom_events":                 { "enabled": false, "required": false },
    71  	        "custom_parameters":             { "enabled": false, "required": false },
    72  	        "custom_instrumentation_editor": { "enabled": false, "required": false },
    73  	        "message_parameters":            { "enabled": false, "required": false },
    74  	        "job_arguments":                 { "enabled": false, "required": false },
    75  		"unknown_policy":                { "enabled": false, "required": true  }
    76  	}`)
    77  	var policies SecurityPolicies
    78  	err := json.Unmarshal(inputJSON, &policies)
    79  	if nil == err {
    80  		t.Fatal(err)
    81  	}
    82  	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
    83  	testBool(t, "unknown required policy should be disconnect", true, isDisconnectSecurityPolicyError(err))
    84  }
    85  
    86  func TestSecurityPolicyMissing(t *testing.T) {
    87  	inputJSON := []byte(`{
    88  		"record_sql":                    { "enabled": false, "required": false },
    89  		"attributes_include":            { "enabled": false, "required": false },
    90  		"allow_raw_exception_messages":  { "enabled": false, "required": false },
    91  		"custom_events":                 { "enabled": false, "required": false },
    92  		"request_parameters":            { "enabled": false, "required": false }
    93  	}`)
    94  	var policies SecurityPolicies
    95  	err := json.Unmarshal(inputJSON, &policies)
    96  	_, ok := err.(errUnsetPolicy)
    97  	if !ok {
    98  		t.Fatal(err)
    99  	}
   100  	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
   101  	testBool(t, "missing policy should be disconnect", true, isDisconnectSecurityPolicyError(err))
   102  }
   103  
   104  func TestMalformedPolicies(t *testing.T) {
   105  	inputJSON := []byte(`{`)
   106  	var policies SecurityPolicies
   107  	err := json.Unmarshal(inputJSON, &policies)
   108  	if nil == err {
   109  		t.Fatal(err)
   110  	}
   111  	testBool(t, "malformed policies should not be disconnect", false, isDisconnectSecurityPolicyError(err))
   112  }