ARCHIVE/clio
1
0
Fork 0
mirror of https://github.com/XRPLF/clio.git synced 2026-04-29 15:37:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
fe0bf736fb7f2fbc6f2125bc0deb197ef21ca2e1
clio/tests/unit/web/dosguard/WhitelistHandlerTests.cpp
Sergey Kuznetsov fe0bf736fb refactor: Use error code in make_address() calls (#3044) 
Function `ip::make_address()` throws an exception on an invalid IP.
Refactor to a better error handling without exceptions.
2026-04-27 11:32:07 +01:00

184 lines
5.7 KiB
C++
Raw Blame History

#include "util/config/Array.hpp"
#include "util/config/ConfigDefinition.hpp"
#include "util/config/ConfigFileJson.hpp"
#include "util/config/ConfigValue.hpp"
#include "util/config/Types.hpp"
#include "util/log/Logger.hpp"
#include "web/dosguard/WhitelistHandler.hpp"
#include <boost/json/parse.hpp>
#include <boost/json/value.hpp>
#include <gmock/gmock.h>
#include <gtest/gtest.h>
#include <expected>
#include <string>
#include <string_view>
#include <vector>
using namespace util;
using namespace util::config;
using namespace web::dosguard;
struct WhitelistHandlerTest : public virtual ::testing::Test {};
inline static ClioConfigDefinition
getParseWhitelistHandlerConfig(boost::json::value val)
{
ConfigFileJson const jsonVal{val.as_object()};
auto config =
ClioConfigDefinition{{"dos_guard.whitelist.[]", Array{ConfigValue{ConfigType::String}}}};
auto const errors = config.parse(jsonVal);
[&]() { ASSERT_FALSE(errors.has_value()); }();
return config;
}
TEST_F(WhitelistHandlerTest, TestWhiteListIPV4)
{
struct MockResolver {
MOCK_METHOD(std::vector<std::string>, resolve, (std::string_view, std::string_view));
MOCK_METHOD(std::vector<std::string>, resolve, (std::string_view));
};
testing::StrictMock<MockResolver> mockResolver;
static constexpr auto kJSON_DATA_IP_V4 = R"JSON(
{
"dos_guard": {
"whitelist": [
"127.0.0.1",
"192.168.0.1/22",
"10.0.0.1"
]
}
}
)JSON";
EXPECT_CALL(mockResolver, resolve(testing::_))
.Times(3)
.WillRepeatedly([](auto hostname) -> std::vector<std::string> {
return {std::string{hostname}};
});
ClioConfigDefinition const cfg{
getParseWhitelistHandlerConfig(boost::json::parse(kJSON_DATA_IP_V4))
};
auto const result = WhitelistHandler::create(cfg, mockResolver);
ASSERT_TRUE(result.has_value());
auto const& whitelistHandler = *result;
EXPECT_TRUE(whitelistHandler.isWhiteListed("192.168.1.10"));
EXPECT_FALSE(whitelistHandler.isWhiteListed("193.168.0.123"));
EXPECT_TRUE(whitelistHandler.isWhiteListed("10.0.0.1"));
EXPECT_FALSE(whitelistHandler.isWhiteListed("10.0.0.2"));
}
TEST_F(WhitelistHandlerTest, TestWhiteListResolvesHostname)
{
static constexpr auto kJSON_DATA_IP_V4 = R"JSON(
{
"dos_guard": {
"whitelist": [
"localhost",
"10.0.0.1"
]
}
}
)JSON";
ClioConfigDefinition const cfg{
getParseWhitelistHandlerConfig(boost::json::parse(kJSON_DATA_IP_V4))
};
auto const result = WhitelistHandler::create(cfg);
ASSERT_TRUE(result.has_value());
auto const& whitelistHandler = *result;
EXPECT_TRUE(whitelistHandler.isWhiteListed("127.0.0.1"));
EXPECT_FALSE(whitelistHandler.isWhiteListed("193.168.0.123"));
EXPECT_TRUE(whitelistHandler.isWhiteListed("10.0.0.1"));
EXPECT_FALSE(whitelistHandler.isWhiteListed("10.0.0.2"));
}
TEST_F(WhitelistHandlerTest, TestWhiteListIPV6)
{
static constexpr auto kJSON_DATA_IP_V6 = R"JSON(
{
"dos_guard": {
"whitelist": [
"2002:1dd8:85a7:0000:0000:8a6e:0000:1111",
"2001:0db8:85a3:0000:0000:8a2e:0000:0000/22"
]
}
}
)JSON";
ClioConfigDefinition const cfg{
getParseWhitelistHandlerConfig(boost::json::parse(kJSON_DATA_IP_V6))
};
auto const result = WhitelistHandler::create(cfg);
ASSERT_TRUE(result.has_value());
auto const& whitelistHandler = *result;
EXPECT_TRUE(whitelistHandler.isWhiteListed("2002:1dd8:85a7:0000:0000:8a6e:0000:1111"));
EXPECT_FALSE(whitelistHandler.isWhiteListed("2002:1dd8:85a7:1101:0000:8a6e:0000:1111"));
EXPECT_TRUE(whitelistHandler.isWhiteListed("2001:0db8:85a3:0000:0000:8a2e:0000:0000"));
EXPECT_TRUE(whitelistHandler.isWhiteListed("2001:0db8:85a3:0000:1111:8a2e:0370:7334"));
}
struct WhitelistTest : public virtual ::testing::Test {};
TEST_F(WhitelistTest, AddValidIPV4)
{
Whitelist whitelist;
EXPECT_TRUE(whitelist.add("1.2.3.4").has_value());
}
TEST_F(WhitelistTest, AddInvalidIP)
{
Whitelist whitelist;
auto const result = whitelist.add("not-an-ip");
ASSERT_FALSE(result.has_value());
EXPECT_THAT(result.error(), testing::HasSubstr("not-an-ip"));
}
TEST_F(WhitelistTest, AddInvalidNetwork)
{
Whitelist whitelist;
auto const result = whitelist.add("not-a-net/24");
ASSERT_FALSE(result.has_value());
EXPECT_THAT(result.error(), testing::HasSubstr("not-a-net/24"));
}
TEST_F(WhitelistTest, IsWhiteListedWithInvalidIP)
{
Whitelist whitelist;
EXPECT_FALSE(whitelist.isWhiteListed("not-an-ip"));
}
TEST_F(WhitelistHandlerTest, CreateWithInvalidIPFails)
{
struct MockResolver {
MOCK_METHOD(std::vector<std::string>, resolve, (std::string_view, std::string_view));
MOCK_METHOD(std::vector<std::string>, resolve, (std::string_view));
};
static constexpr auto kJSON = R"JSON(
{
"dos_guard": {
"whitelist": ["not-an-ip"]
}
}
)JSON";
testing::StrictMock<MockResolver> mockResolver;
EXPECT_CALL(mockResolver, resolve(testing::_))
.WillOnce([](auto hostname) -> std::vector<std::string> {
return {std::string{hostname}};
});
ClioConfigDefinition const cfg{getParseWhitelistHandlerConfig(boost::json::parse(kJSON))};
auto const result = WhitelistHandler::create(cfg, mockResolver);
ASSERT_FALSE(result.has_value());
EXPECT_THAT(result.error(), testing::HasSubstr("not-an-ip"));
}
Reference in New Issue View Git Blame Copy Permalink