(t *testing.T, test appsecRuleTest)
| 79 | } |
| 80 | |
| 81 | func testAppSecEngine(t *testing.T, test appsecRuleTest) { |
| 82 | if testing.Verbose() { |
| 83 | log.SetLevel(log.TraceLevel) |
| 84 | } else { |
| 85 | log.SetLevel(log.WarnLevel) |
| 86 | } |
| 87 | |
| 88 | inbandRules := []string{} |
| 89 | nativeInbandRules := []string{} |
| 90 | outofbandRules := []string{} |
| 91 | nativeOutofbandRules := []string{} |
| 92 | InChan := make(chan appsec.ParsedRequest) |
| 93 | OutChan := make(chan pipeline.Event) |
| 94 | |
| 95 | logger := log.WithField("test", test.name) |
| 96 | |
| 97 | //build rules |
| 98 | for ridx, rule := range test.inband_rules { |
| 99 | strRule, _, err := rule.Convert(appsec_rule.ModsecurityRuleType, rule.Name, "test-rule") |
| 100 | if err != nil { |
| 101 | t.Fatalf("failed compilation of rule %d/%d of %s : %s", ridx, len(test.inband_rules), test.name, err) |
| 102 | } |
| 103 | inbandRules = append(inbandRules, strRule) |
| 104 | } |
| 105 | |
| 106 | nativeInbandRules = append(nativeInbandRules, test.inband_native_rules...) |
| 107 | nativeOutofbandRules = append(nativeOutofbandRules, test.outofband_native_rules...) |
| 108 | for ridx, rule := range test.outofband_rules { |
| 109 | strRule, _, err := rule.Convert(appsec_rule.ModsecurityRuleType, rule.Name, "test-rule") |
| 110 | if err != nil { |
| 111 | t.Fatalf("failed compilation of rule %d/%d of %s : %s", ridx, len(test.outofband_rules), test.name, err) |
| 112 | } |
| 113 | outofbandRules = append(outofbandRules, strRule) |
| 114 | } |
| 115 | |
| 116 | appsecCfg := appsec.AppsecConfig{ |
| 117 | Logger: logger, |
| 118 | OnLoad: test.on_load, |
| 119 | PreEval: test.pre_eval, |
| 120 | PostEval: test.post_eval, |
| 121 | OnMatch: test.on_match, |
| 122 | BouncerBlockedHTTPCode: test.BouncerBlockedHTTPCode, |
| 123 | UserBlockedHTTPCode: test.UserBlockedHTTPCode, |
| 124 | UserPassedHTTPCode: test.UserPassedHTTPCode, |
| 125 | DefaultRemediation: test.DefaultRemediation, |
| 126 | DefaultPassAction: test.DefaultPassAction, |
| 127 | } |
| 128 | |
| 129 | // Set phase-scoped hooks if any are provided |
| 130 | if len(test.inband_on_match) > 0 || len(test.inband_pre_eval) > 0 || len(test.inband_post_eval) > 0 { |
| 131 | appsecCfg.InBand = &appsec.AppsecPhaseConfig{ |
| 132 | OnMatch: test.inband_on_match, |
| 133 | PreEval: test.inband_pre_eval, |
| 134 | PostEval: test.inband_post_eval, |
| 135 | } |
| 136 | } |
| 137 | |
| 138 | if len(test.outofband_on_match) > 0 || len(test.outofband_pre_eval) > 0 || len(test.outofband_post_eval) > 0 { |
no test coverage detected
searching dependent graphs…