Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Updates

Browse Source
This commit is contained in:
Dan Milne
2025-11-14 16:35:49 +11:00
parent df94ac9720
commit 6433f6c5bb
30 changed files with 833 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/integration/waf_policy_brazil_test.rb
View File

@@ -93,7 +93,7 @@ class WafPolicyBrazilTest < Minitest::Test
assert_equal 1, generated_rules.count, "Should have generated exactly one blocking rule"
rule = generated_rules.first
assert_equal 'deny', rule.action
assert_equal 'deny', rule.waf_action
assert_equal network_range, rule.network_range
assert_equal @brazil_policy, rule.waf_policy
assert_equal "policy", rule.source

2
test/integration/waf_policy_integration_test.rb
View File

@@ -94,7 +94,7 @@ class WafPolicyIntegrationTest < ActiveSupport::TestCase
assert_equal 1, generated_rules.count, "Should have generated exactly one blocking rule"
rule = generated_rules.first
assert_equal 'deny', rule.action
assert_equal 'deny', rule.waf_action
assert_equal network_range, rule.network_range
assert_equal @brazil_policy, rule.waf_policy
assert_equal "policy:Block Brazil", rule.source

6
test/jobs/path_scanner_detector_job_test.rb
View File

@@ -32,8 +32,8 @@ class PathScannerDetectorJobTest < ActiveJob::TestCase
rule = Rule.where(source: "auto:scanner_detected").last
assert_not_nil rule
assert_equal "network_v4", rule.rule_type
assert_equal "deny", rule.action
assert_equal "network", rule.waf_rule_type
assert_equal "deny", rule.waf_action
assert_equal "#{ip}/32", rule.cidr
assert_equal 32, rule.priority
assert rule.enabled?
@@ -186,7 +186,7 @@ class PathScannerDetectorJobTest < ActiveJob::TestCase
assert_equal 1, count
rule = Rule.where(source: "auto:scanner_detected").last
assert_equal "network_v6", rule.rule_type
assert_equal "network", rule.waf_rule_type
assert_equal "#{ip}/32", rule.cidr
end

4
test/services/waf_policy_matcher_test.rb
View File

@@ -167,7 +167,7 @@ class WafPolicyMatcherTest < ActiveSupport::TestCase
rule = generated_rules.first
assert_equal brazil_policy, rule.waf_policy
assert_equal @network_range, rule.network_range
assert_equal "deny", rule.action
assert_equal "deny", rule.waf_action
end
test "generate_rules handles multiple matching policies" do
@@ -490,7 +490,7 @@ class WafPolicyMatcherTest < ActiveSupport::TestCase
rule = redirect_policy.create_rule_for_network_range(@network_range)
assert_not_nil rule
assert_equal "redirect", rule.action
assert_equal "redirect", rule.waf_action
assert rule.metadata['redirect_url'].present?
end