require "test_helper" class RulesControllerTest < ActionDispatch::IntegrationTest setup do @user = users(:one) sign_in_as(@user) end test "should create network rule with add_header action" do assert_difference('Rule.count') do post rules_path, params: { rule: { waf_rule_type: "network", waf_action: "add_header", network_range_id: "", conditions: "{}", metadata: "{}", source: "manual", expires_at: "", enabled: "1" }, new_cidr: "52.167.145.0/24", path_pattern: "", match_type: "exact", header_name: "X-Bot-Agent", header_value: "Blah" } end rule = Rule.last assert_equal "network", rule.waf_rule_type assert_equal "add_header", rule.waf_action, "waf_action should be 'add_header' but was #{rule.waf_action.inspect}" assert_equal "X-Bot-Agent", rule.metadata["header_name"] assert_equal "Blah", rule.metadata["header_value"] assert_not_nil rule.network_range # Network range stores as /32 if no prefix given assert_match /52\.167\.145\./, rule.network_range.network.to_s # Verify metadata JSON doesn't have duplicate keys metadata_json = rule.metadata.to_json refute_includes metadata_json, '"header_name":"X-Bot-Agent","header_value":"Blah","reason":"{}","header_name"', "Metadata should not have duplicate keys" end test "should create rule with waf_action properly set from string parameter" do assert_difference('Rule.count') do post rules_path, params: { rule: { waf_rule_type: "network", waf_action: "deny", # Test with different action network_range_id: "", conditions: "{}", metadata: '{"reason": "test"}', source: "manual", enabled: "1" }, new_cidr: "10.0.0.1/32" } end rule = Rule.last assert_equal "deny", rule.waf_action, "waf_action should be 'deny'" assert_equal "network", rule.waf_rule_type end end