mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 12:25:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
crowdsec/pkg/apiserver/machines_test.go
blotus d2616766de
Allow auto registration of machines in LAPI (#3202) 
Co-authored-by: marco <marco@crowdsec.net>
2024-09-02 13:13:40 +02:00

225 lines
6.3 KiB
Go
Raw Blame History

package apiserver
import (
"encoding/json"
"net/http"
"net/http/httptest"
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/crowdsecurity/go-cs-lib/ptr"
)
func TestCreateMachine(t *testing.T) {
router, _ := NewAPITest(t)
// Create machine with invalid format
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader("test"))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusBadRequest, w.Code)
assert.Equal(t, `{"message":"invalid character 'e' in literal true (expecting 'r')"}`, w.Body.String())
// Create machine with invalid input
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(`{"test": "test"}`))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusUnprocessableEntity, w.Code)
assert.Equal(t, `{"message":"validation failure list:\nmachine_id in body is required\npassword in body is required"}`, w.Body.String())
// Create machine
b, err := json.Marshal(MachineTest)
require.NoError(t, err)
body := string(b)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusCreated, w.Code)
assert.Equal(t, "", w.Body.String())
}
func TestCreateMachineWithForwardedFor(t *testing.T) {
router, config := NewAPITestForwardedFor(t)
router.TrustedPlatform = "X-Real-IP"
// Create machine
b, err := json.Marshal(MachineTest)
require.NoError(t, err)
body := string(b)
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.Header.Add("X-Real-Ip", "1.1.1.1")
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusCreated, w.Code)
assert.Equal(t, "", w.Body.String())
ip := GetMachineIP(t, *MachineTest.MachineID, config.API.Server.DbConfig)
assert.Equal(t, "1.1.1.1", ip)
}
func TestCreateMachineWithForwardedForNoConfig(t *testing.T) {
router, config := NewAPITest(t)
// Create machine
b, err := json.Marshal(MachineTest)
require.NoError(t, err)
body := string(b)
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.Header.Add("X-Real-IP", "1.1.1.1")
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusCreated, w.Code)
assert.Equal(t, "", w.Body.String())
ip := GetMachineIP(t, *MachineTest.MachineID, config.API.Server.DbConfig)
//For some reason, the IP is empty when running tests
//if no forwarded-for headers are present
assert.Equal(t, "", ip)
}
func TestCreateMachineWithoutForwardedFor(t *testing.T) {
router, config := NewAPITestForwardedFor(t)
// Create machine
b, err := json.Marshal(MachineTest)
require.NoError(t, err)
body := string(b)
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusCreated, w.Code)
assert.Equal(t, "", w.Body.String())
ip := GetMachineIP(t, *MachineTest.MachineID, config.API.Server.DbConfig)
//For some reason, the IP is empty when running tests
//if no forwarded-for headers are present
assert.Equal(t, "", ip)
}
func TestCreateMachineAlreadyExist(t *testing.T) {
router, _ := NewAPITest(t)
body := CreateTestMachine(t, router, "")
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusForbidden, w.Code)
assert.Equal(t, `{"message":"user 'test': user already exist"}`, w.Body.String())
}
func TestAutoRegistration(t *testing.T) {
router, _ := NewAPITest(t)
//Invalid registration token / valid source IP
regReq := MachineTest
regReq.RegistrationToken = invalidRegistrationToken
b, err := json.Marshal(regReq)
require.NoError(t, err)
body := string(b)
w := httptest.NewRecorder()
req, _ := http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.RemoteAddr = "127.0.0.1:4242"
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusUnauthorized, w.Code)
//Invalid registration token / invalid source IP
regReq = MachineTest
regReq.RegistrationToken = invalidRegistrationToken
b, err = json.Marshal(regReq)
require.NoError(t, err)
body = string(b)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.RemoteAddr = "42.42.42.42:4242"
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusUnauthorized, w.Code)
//valid registration token / invalid source IP
regReq = MachineTest
regReq.RegistrationToken = validRegistrationToken
b, err = json.Marshal(regReq)
require.NoError(t, err)
body = string(b)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.RemoteAddr = "42.42.42.42:4242"
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusUnauthorized, w.Code)
//Valid registration token / valid source IP
regReq = MachineTest
regReq.RegistrationToken = validRegistrationToken
b, err = json.Marshal(regReq)
require.NoError(t, err)
body = string(b)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.RemoteAddr = "127.0.0.1:4242"
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusAccepted, w.Code)
//No token / valid source IP
regReq = MachineTest
regReq.MachineID = ptr.Of("test2")
b, err = json.Marshal(regReq)
require.NoError(t, err)
body = string(b)
w = httptest.NewRecorder()
req, _ = http.NewRequest(http.MethodPost, "/v1/watchers", strings.NewReader(body))
req.Header.Add("User-Agent", UserAgent)
req.RemoteAddr = "127.0.0.1:4242"
router.ServeHTTP(w, req)
assert.Equal(t, http.StatusCreated, w.Code)
}
Reference in a new issue View git blame Copy permalink