Merge pull request #6 from crowdsecurity/more-tests

mobula9 · web-flow · commit ac780656d890 · 2020-12-26T12:05:57.000+01:00
test more cases
diff --git a/.gitignore b/.gitignore
@@ -7,8 +7,9 @@ vendor/
 #Tools
 node_modules/
 .test-results*
+tests/functional/screenshots
 
 # App
 .bouncer-key
 .cache/
-*.log
+*.log
diff --git a/inc/admin/advanced-settings.php b/inc/admin/advanced-settings.php
@@ -27,8 +27,8 @@ function adminAdvancedSettings()
     <p>With the stream mode, every decision is retrieved in an asynchronous way. 3 advantages: <br>&nbsp;1) Inivisible latency when loading pages<br>&nbsp;2) The IP verifications works even if your CrowdSec is not reachable.<br>&nbsp;3) The API can never be overloaded by the WordPress traffic</p>
     <p>Note: This method has one limit: all the decisions updates since the previous resync will not be taken in account until the next resync.</p>'.
         (get_option('crowdsec_stream_mode') ?
-            '<p><input style="margin-right:10px" type="button" value="Refresh the cache now" class="button button-secondary button-small" onclick="document.getElementById(\'crowdsec_ation_refresh_cache\').submit();"></p>' :
-            '<p><input style="margin-right:10px" type="button" disabled="disabled" value="Refresh the cache now" class="button button-secondary button-small"></p>'));
+            '<p><input id="crowdsec_refresh_cache" style="margin-right:10px" type="button" value="Refresh the cache now" class="button button-secondary button-small" onclick="document.getElementById(\'crowdsec_ation_refresh_cache\').submit();"></p>' :
+            '<p><input id="crowdsec_refresh_cache" style="margin-right:10px" type="button" disabled="disabled" value="Refresh the cache now" class="button button-secondary button-small"></p>'));
 
     // Field "crowdsec_stream_mode_refresh_frequency"
     addFieldString('crowdsec_stream_mode_refresh_frequency', 'Resync decisions each<br>(stream mode only)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_stream_mode', function ($input) {
@@ -61,7 +61,7 @@ function adminAdvancedSettings()
      ** Section "Cache" **
      ********************/
 
-    add_settings_section('crowdsec_admin_advanced_cache', 'Caching configuration <input style="margin-left: 7px;margin-top: -3px;" type="button" value="Clear now" class="button button-secondary button-small" onclick="if (confirm(\'Are you sure you want to completely clear the cache?\')) document.getElementById(\'crowdsec_ation_clear_cache\').submit();">', function () {
+    add_settings_section('crowdsec_admin_advanced_cache', 'Caching configuration <input id="crowdsec_clear_cache" style="margin-left: 7px;margin-top: -3px;" type="button" value="Clear now" class="button button-secondary button-small" onclick="if (confirm(\'Are you sure you want to completely clear the cache?\')) document.getElementById(\'crowdsec_ation_clear_cache\').submit();">', function () {
         ?>
         <p>Polish the decisions cache settings by selecting the best technology or the cache durations best suited to your use.</p>
 <?php
@@ -141,7 +141,7 @@ function adminAdvancedSettings()
 
         return $input;
     }, ((CROWDSEC_CACHE_SYSTEM_PHPFS === get_option('crowdsec_cache_system')) ?
-        '<input style="margin-right:10px" type="button" value="Prune now" class="button button-secondary" onclick="document.getElementById(\'crowdsec_ation_prune_cache\').submit();">' : '').
+        '<input style="margin-right:10px" type="button" id="crowdsec_prune_cache" value="Prune now" class="button button-secondary" onclick="document.getElementById(\'crowdsec_ation_prune_cache\').submit();">' : '').
         '<p>The File system cache is faster than calling LAPI. Redis or Memcached is faster than the File System cache.</p>', [
         CROWDSEC_CACHE_SYSTEM_PHPFS => 'File system',
         CROWDSEC_CACHE_SYSTEM_REDIS => 'Redis',
@@ -150,7 +150,7 @@ function adminAdvancedSettings()
 
     // Field "crowdsec_clean_ip_cache_duration"
     addFieldString('crowdsec_clean_ip_cache_duration', 'Recheck clean IPs each<br>(live mode only)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
-        if ((int) $input <= 0) {
+        if (!get_option('crowdsec_stream_mode') && (int) $input <= 0) {
             add_settings_error('Recheck clean IPs each', 'crowdsec_error', 'Recheck clean IPs each: Minimum is 1 second.');
 
             return '1';
@@ -161,7 +161,7 @@ function adminAdvancedSettings()
 
     // Field "crowdsec_bad_ip_cache_duration"
     addFieldString('crowdsec_bad_ip_cache_duration', 'Recheck bad IPs each<br>(live mode only)', 'crowdsec_plugin_advanced_settings', 'crowdsec_advanced_settings', 'crowdsec_admin_advanced_cache', function ($input) {
-        if ((int) $input <= 0) {
+        if (!get_option('crowdsec_stream_mode') && (int) $input <= 0) {
             add_settings_error('Recheck bad IPs each', 'crowdsec_error', 'Recheck bad IPs each: Minimum is 1 second.');
 
             return '1';
diff --git a/tests/functional/CustomEnvironment.js b/tests/functional/CustomEnvironment.js
@@ -0,0 +1,25 @@
+const PlaywrightEnvironment = require("jest-playwright-preset/lib/PlaywrightEnvironment")
+	.default;
+
+class CustomEnvironment extends PlaywrightEnvironment {
+	async setup() {
+		await super.setup();
+	}
+
+	async teardown() {
+		await super.teardown();
+	}
+
+	async handleTestEvent(event) {
+		if (event.name === "test_done" && event.test.errors.length > 0) {
+			const parentName = event.test.parent.name.replace(/\W/g, "-");
+			const specName = event.test.name.replace(/\W/g, "-");
+
+			await this.global.page.screenshot({
+				path: `screenshots/${parentName}_${specName}.png`,
+			});
+		}
+	}
+}
+
+module.exports = CustomEnvironment;
diff --git a/tests/functional/__tests__/functional.js b/tests/functional/__tests__/functional.js
@@ -353,7 +353,23 @@ describe(`Run in Live mode`, () => {
 		await publicHomepageShouldBeAccessible();
 	});
 
+	it("Should fallback to the selected remedition for unknown remediation", async () => {
+		await removeAllDecisions();
+		await addDecision(CLIENT_IP, "mfa", (15 * 60)+"s");
+		await wait(1000);
+		await publicHomepageShouldBeCaptchaWall();
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.selectOption(
+			"[name=crowdsec_fallback_remediation]",
+			"bypass"
+		);
+		await onAdminSaveSettings();
+		await publicHomepageShouldBeAccessible();
+	});
+
 	it('Should handle X-Forwarded-For header for whitelisted IPs only"', async () => {
+		await removeAllDecisions();
 		await banIpForSeconds(OTHER_IP, 15 * 60);
 
 		// Should be banned as current IP is not trust by CDN
@@ -372,6 +388,46 @@ describe(`Run in Live mode`, () => {
 		// // Remove the XFF header for next requests
 		page.setExtraHTTPHeaders({});
 	});
+
+	it("Should prune the File system cache", async () => {
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.click("#crowdsec_prune_cache");
+		await waitForNavigation;
+
+		await expect(page).toHaveText(
+			"#wpbody-content > div.wrap > div.notice.notice-success",
+			"CrowdSec cache has just been pruned."
+		);
+	});
+
+	it("Should clear the cache on demand", async () => {
+		await onAdminGoToAdvancedPage();
+		await onAdminAdvancedSettingsPageSetCleanIpCacheDurationTo(60);
+		await onAdminAdvancedSettingsPageSetBadIpCacheDurationTo(60);
+		await onAdminSaveSettings();
+		await banOwnIpForSeconds(15 * 60);
+		await publicHomepageShouldBeBanWall();
+		wait(2000);
+		await publicHomepageShouldBeBanWall();
+		await removeAllDecisions();
+		wait(2000);
+		await publicHomepageShouldBeBanWall();
+
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.on('dialog', async (dialog) => {
+			await dialog.accept();
+		});
+		await page.click("#crowdsec_clear_cache");
+		await waitForNavigation;
+
+		await expect(page).toHaveText(
+			"#wpbody-content > div.wrap > div.notice.notice-success",
+			"CrowdSec cache has just been cleared."
+		);
+		await publicHomepageShouldBeAccessible();
+	});
 });
 
 describe(`Run in Stream mode`, () => {
@@ -398,58 +454,97 @@ describe(`Run in Stream mode`, () => {
 		await forceCronRun();
 		await publicHomepageShouldBeAccessible();
 	});
-});
 
-/*
-# Public website only
-
-In live mode (1s + 1s), disable "Public website only"
-Ban current IP during 5 sec
-Try to access admin each 2 sec
-The third time admin should be back
-Re-enable "Public website only"
-
-# Manually clear the cache
+	it("Should refresh the cache", async () => {
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.click("#crowdsec_refresh_cache");
+		await waitForNavigation;
 
-Set cache duration to 1min (clean + bad IP)
-Remove all decisions + Ban current IP during 15min
-The public page should be forbidden
-Remove all decisions
-The public page should still be forbidden
-Click the "Clear now" button
-The public page should be accessible
+		await expect(page).toHaveText(
+			"#wpbody-content > div.wrap > div.notice.notice-success",
+			"The cache has just been refreshed (0 new decision, 0 deleted)."
+		);
+	});
+});
 
-# Refresh cache button
+describe(`Use Redis technology`, () => {
+	it('Should be able to use Redis cache"', async () => {
+		notify("Use Redis technology");
 
-(to write)
+		// TODO (+ bad DSN format, + DSN down)
 
-# Stream mode: Resync decisions each
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.selectOption("[name=crowdsec_cache_system]", "redis");
+		await wait(200);
+		await fillInput("crowdsec_redis_dsn", "redis://redis:6379"); // TODO test bad DSN format and test DSN down
+		await onAdminSaveSettings();
 
-Remove all decisions + Ban current IP during 15min
-Set stream mode with 15 seconds resync
-Refresh cache
+		await expect(page).toHaveText(
+			"#wpbody-content > div.wrap > div.notice.notice-success",
+			"As the stream mode is enabled, the cache has just been warmed up, there is now 0 decision in cache."
+		);
 
-(to finish, I'm gonna sleep)
+		await publicHomepageShouldBeAccessible();
+		await banOwnIpForSeconds(15 * 60);
+		await forceCronRun();
+		await publicHomepageShouldBeBanWall();
+		await removeAllDecisions();
+		await forceCronRun();
+		await publicHomepageShouldBeAccessible();
+	});
+});
 
-# Loop avec Redis / Memcached (+ mauvais format DSN, DSN down)
+describe(`Use Memcached technology`, () => {
+	it('Should be able to use Memcached cache"', async () => {
+		notify("Use Memcached technology");
 
-(to write)
+		await goToAdmin();
+		await onAdminGoToAdvancedPage();
+		await page.selectOption("[name=crowdsec_cache_system]", "memcached");
+		await wait(200);
+		await fillInput(
+			"crowdsec_memcached_dsn",
+			"memcached://memcached:11211"
+		);
 
-# Fallback
+		// TODO test bad DSN format and test DSN down
 
-(to write)
+		await onAdminSaveSettings();
+		await expect(page).toHaveText(
+			"#wpbody-content > div.wrap > div.notice.notice-success",
+			"As the stream mode is enabled, the cache has just been warmed up, there is now 0 decision in cache."
+		);
 
+		await publicHomepageShouldBeAccessible();
+		await banOwnIpForSeconds(15 * 60);
+		await forceCronRun();
+		await publicHomepageShouldBeBanWall();
+		await removeAllDecisions();
+		await forceCronRun();
+		await publicHomepageShouldBeAccessible();
+	});
+});
 
-# Recheck clean IP
+/*
+# Public website only
 
-(to write)
+In live mode (1s + 1s), disable "Public website only"
+Ban current IP during 5 sec
+Try to access admin each 2 sec
+The third time admin should be back
+Re-enable "Public website only"
 
-# Recheck Bad IP
+# Stream mode: Resync decisions each
 
-(to write)
+Remove all decisions + Ban current IP during 15min
+Set stream mode with 15 seconds resync
+Refresh cache
+(to finish writing)
 
-# Prune FS Cache
+# Recheck clean IP (to write)
 
-(to write)
+# Recheck Bad IP (to write)
 
 */
diff --git a/tests/functional/jest.config.js b/tests/functional/jest.config.js
@@ -1,3 +1,4 @@
 module.exports = {
-    preset: "jest-playwright-preset"
+    preset: "jest-playwright-preset",
+    testEnvironment: "./CustomEnvironment.js"
 }
diff --git a/tests/functional/utils/watcherClient.js b/tests/functional/utils/watcherClient.js
@@ -94,7 +94,7 @@ module.exports.addDecision = async (
 	const startLongIp = ip2long(startIp);
 	const endLongIp = ip2long(endIp);
 	const isRange = startLongIp !== endLongIp;
-	const scenario = `ban ${
+	const scenario = `add ${remediation} to ${
 		isRange ? `range ${startIp} to ${endIp}` : `ip ${startIp}`
     } for ${duration} for functional tests`;
     const scope = isRange ? "Range" : "Ip";
@@ -133,8 +133,13 @@ module.exports.addDecision = async (
             start_at: startAt.toISOString(),
             stop_at: stopAt.toISOString(),
         },
-    ];
-    const response = await httpClient.post("/v1/alerts", body);
+	];
+	try {
+		const response = await httpClient.post("/v1/alerts", body);
+	} catch (error) {
+		console.log(error.response);
+		throw new Error(error);
+	}
 }
 
 module.exports.deleteAllDecisions = async () => {

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,4 @@`
`1`	`1`	`module.exports = {`
`2`		`- preset: "jest-playwright-preset"`
	`2`	`+ preset: "jest-playwright-preset",`
	`3`	`+ testEnvironment: "./CustomEnvironment.js"`
`3`	`4`	`}`