File: security_policies_test.go

package info (click to toggle)
golang-github-newrelic-go-agent 3.15.2-9
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 8,356 kB
  • sloc: sh: 65; makefile: 6
file content (112 lines) | stat: -rw-r--r-- 4,875 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
 
// Copyright 2020 New Relic Corporation. All rights reserved.
// SPDX-License-Identifier: Apache-2.0

package internal

import (
	"encoding/json"
	"testing"
)

func testBool(t *testing.T, name string, expected, got bool) {
	if expected != got {
		t.Errorf("%v: expected=%v got=%v", name, expected, got)
	}
}

func TestSecurityPoliciesPresent(t *testing.T) {
	inputJSON := []byte(`{
		"record_sql":                    { "enabled": false, "required": false },
	        "attributes_include":            { "enabled": false, "required": false },
	        "allow_raw_exception_messages":  { "enabled": false, "required": false },
	        "custom_events":                 { "enabled": false, "required": false },
	        "custom_parameters":             { "enabled": false, "required": false },
	        "custom_instrumentation_editor": { "enabled": false, "required": false },
	        "message_parameters":            { "enabled": false, "required": false },
	        "job_arguments":                 { "enabled": false, "required": false }
	}`)
	var policies SecurityPolicies
	err := json.Unmarshal(inputJSON, &policies)
	if nil != err {
		t.Fatal(err)
	}
	connectJSON, err := json.Marshal(policies)
	if nil != err {
		t.Fatal(err)
	}
	expectJSON := CompactJSONString(`{
		"record_sql":                      { "enabled": false },
		"attributes_include":              { "enabled": false },
		"allow_raw_exception_messages":    { "enabled": false },
		"custom_events":                   { "enabled": false },
		"custom_parameters":               { "enabled": false }
	}`)
	if string(connectJSON) != expectJSON {
		t.Error(string(connectJSON), expectJSON)
	}
	testBool(t, "PointerIfPopulated", true, nil != policies.PointerIfPopulated())
	testBool(t, "RecordSQLEnabled", false, policies.RecordSQL.Enabled())
	testBool(t, "AttributesIncludeEnabled", false, policies.AttributesInclude.Enabled())
	testBool(t, "AllowRawExceptionMessages", false, policies.AllowRawExceptionMessages.Enabled())
	testBool(t, "CustomEventsEnabled", false, policies.CustomEvents.Enabled())
	testBool(t, "CustomParametersEnabled", false, policies.CustomParameters.Enabled())
}

func TestNilSecurityPolicies(t *testing.T) {
	var policies SecurityPolicies
	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
	testBool(t, "RecordSQLEnabled", true, policies.RecordSQL.Enabled())
	testBool(t, "AttributesIncludeEnabled", true, policies.AttributesInclude.Enabled())
	testBool(t, "AllowRawExceptionMessages", true, policies.AllowRawExceptionMessages.Enabled())
	testBool(t, "CustomEventsEnabled", true, policies.CustomEvents.Enabled())
	testBool(t, "CustomParametersEnabled", true, policies.CustomParameters.Enabled())
}

func TestUnknownRequiredPolicy(t *testing.T) {
	inputJSON := []byte(`{
		"record_sql":                    { "enabled": false, "required": false },
	        "attributes_include":            { "enabled": false, "required": false },
	        "allow_raw_exception_messages":  { "enabled": false, "required": false },
	        "custom_events":                 { "enabled": false, "required": false },
	        "custom_parameters":             { "enabled": false, "required": false },
	        "custom_instrumentation_editor": { "enabled": false, "required": false },
	        "message_parameters":            { "enabled": false, "required": false },
	        "job_arguments":                 { "enabled": false, "required": false },
		"unknown_policy":                { "enabled": false, "required": true  }
	}`)
	var policies SecurityPolicies
	err := json.Unmarshal(inputJSON, &policies)
	if nil == err {
		t.Fatal(err)
	}
	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
	testBool(t, "unknown required policy should be disconnect", true, IsDisconnectSecurityPolicyError(err))
}

func TestSecurityPolicyMissing(t *testing.T) {
	inputJSON := []byte(`{
		"record_sql":                    { "enabled": false, "required": false },
		"attributes_include":            { "enabled": false, "required": false },
		"allow_raw_exception_messages":  { "enabled": false, "required": false },
		"custom_events":                 { "enabled": false, "required": false },
		"request_parameters":            { "enabled": false, "required": false }
	}`)
	var policies SecurityPolicies
	err := json.Unmarshal(inputJSON, &policies)
	_, ok := err.(errUnsetPolicy)
	if !ok {
		t.Fatal(err)
	}
	testBool(t, "PointerIfPopulated", false, nil != policies.PointerIfPopulated())
	testBool(t, "missing policy should be disconnect", true, IsDisconnectSecurityPolicyError(err))
}

func TestMalformedPolicies(t *testing.T) {
	inputJSON := []byte(`{`)
	var policies SecurityPolicies
	err := json.Unmarshal(inputJSON, &policies)
	if nil == err {
		t.Fatal(err)
	}
	testBool(t, "malformed policies should not be disconnect", false, IsDisconnectSecurityPolicyError(err))
}