mirror of
https://github.com/TecharoHQ/anubis.git
synced 2025-08-03 17:59:24 -04:00
226cf36bf7
* feat(config): add Thresholds to the top level config file Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(config): make String() on ExpressionOrList join the component expressions Signed-off-by: Xe Iaso <me@xeiaso.net> * test(config): ensure unparseable json fails Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(config): if no thresholds are set, use the default thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(policy): half implement thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(policy): continue wiring things up Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(lib): wire up thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib): handle behavior from legacy configurations Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: document thresholds Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG, refer to threshold configuration Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): fix build Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(lib): fix U1000 Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: Jason Cameron <git@jasoncameron.dev> Co-authored-by: Jason Cameron <git@jasoncameron.dev>
93 lines
1.8 KiB
Go
93 lines
1.8 KiB
Go
package config
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"testing"
|
|
)
|
|
|
|
func TestThresholdValid(t *testing.T) {
|
|
for _, tt := range []struct {
|
|
name string
|
|
input *Threshold
|
|
err error
|
|
}{
|
|
{
|
|
name: "basic allow",
|
|
input: &Threshold{
|
|
Name: "basic-allow",
|
|
Expression: &ExpressionOrList{Expression: "true"},
|
|
Action: RuleAllow,
|
|
},
|
|
err: nil,
|
|
},
|
|
{
|
|
name: "basic challenge",
|
|
input: &Threshold{
|
|
Name: "basic-challenge",
|
|
Expression: &ExpressionOrList{Expression: "true"},
|
|
Action: RuleChallenge,
|
|
Challenge: &ChallengeRules{
|
|
Algorithm: "fast",
|
|
Difficulty: 1,
|
|
ReportAs: 1,
|
|
},
|
|
},
|
|
err: nil,
|
|
},
|
|
{
|
|
name: "no name",
|
|
input: &Threshold{},
|
|
err: ErrThresholdMustHaveName,
|
|
},
|
|
{
|
|
name: "no expression",
|
|
input: &Threshold{},
|
|
err: ErrThresholdMustHaveName,
|
|
},
|
|
{
|
|
name: "invalid expression",
|
|
input: &Threshold{
|
|
Expression: &ExpressionOrList{},
|
|
},
|
|
err: ErrExpressionEmpty,
|
|
},
|
|
{
|
|
name: "invalid action",
|
|
input: &Threshold{},
|
|
err: ErrUnknownAction,
|
|
},
|
|
{
|
|
name: "challenge action but no challenge",
|
|
input: &Threshold{
|
|
Action: RuleChallenge,
|
|
},
|
|
err: ErrThresholdChallengeMustHaveChallenge,
|
|
},
|
|
{
|
|
name: "challenge invalid",
|
|
input: &Threshold{
|
|
Action: RuleChallenge,
|
|
Challenge: &ChallengeRules{Difficulty: 0, ReportAs: 0},
|
|
},
|
|
err: ErrChallengeDifficultyTooLow,
|
|
},
|
|
} {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if err := tt.input.Valid(); !errors.Is(err, tt.err) {
|
|
t.Errorf("threshold is invalid: %v", err)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestDefaultThresholdsValid(t *testing.T) {
|
|
for i, th := range DefaultThresholds {
|
|
t.Run(fmt.Sprintf("%d %s", i, th.Name), func(t *testing.T) {
|
|
if err := th.Valid(); err != nil {
|
|
t.Errorf("threshold invalid: %v", err)
|
|
}
|
|
})
|
|
}
|
|
}
|