opensnitch/daemon/ui/client_test.go

package ui

import (
	"encoding/json"
	"testing"
	"time"

	"github.com/evilsocket/opensnitch/daemon/core"
	"github.com/evilsocket/opensnitch/daemon/firewall/iptables"
	"github.com/evilsocket/opensnitch/daemon/log"
	"github.com/evilsocket/opensnitch/daemon/log/loggers"
	"github.com/evilsocket/opensnitch/daemon/procmon"
	"github.com/evilsocket/opensnitch/daemon/rule"
	"github.com/evilsocket/opensnitch/daemon/statistics"
	"github.com/evilsocket/opensnitch/daemon/ui/config"
)

var (
	defaultConfig = &config.Config{
		ProcMonitorMethod: procmon.MethodProc,
		DefaultAction:     "allow",
		DefaultDuration:   "once",
		InterceptUnknown:  false,
		Firewall:          "nftables",
		Rules: config.RulesOptions{
			Path: "/etc/opensnitchd/rules",
		},
	}
)

func restoreConfigFile(t *testing.T) {
	// start from a clean state
	if _, err := core.Exec("cp", []string{
		// unmodified default config
		"./testdata/default-config.json.orig",
		// config will be modified by some tests
		"./testdata/default-config.json",
	}); err != nil {
		t.Errorf("error copying default config file: %s", err)
	}
}

func validateConfig(t *testing.T, uiClient *Client, cfg *config.Config) {
	if uiClient.ProcMonitorMethod() != cfg.ProcMonitorMethod || procmon.GetMonitorMethod() != uiClient.ProcMonitorMethod() {
		t.Errorf("not expected ProcMonitorMethod value: %s, expected: %s, procmon.MonitorMethod: %s", uiClient.ProcMonitorMethod(), cfg.ProcMonitorMethod, procmon.GetMonitorMethod())
	}
	if uiClient.GetFirewallType() != cfg.Firewall {
		t.Errorf("not expected FirewallType value: %s, expected: %s", uiClient.GetFirewallType(), cfg.Firewall)
	}
	if uiClient.InterceptUnknown() != cfg.InterceptUnknown {
		t.Errorf("not expected InterceptUnknown value: %v, expected: %v", uiClient.InterceptUnknown(), cfg.InterceptUnknown)
	}
	if uiClient.DefaultAction() != rule.Action(cfg.DefaultAction) {
		t.Errorf("not expected DefaultAction value: %s, expected: %s", clientDisconnectedRule.Action, cfg.DefaultAction)
	}
}

func TestClientConfigReloading(t *testing.T) {
	restoreConfigFile(t)
	cfgFile := "./testdata/default-config.json"

	rules, err := rule.NewLoader(false)
	if err != nil {
		log.Fatal("")
	}

	stats := statistics.New(rules)
	loggerMgr := loggers.NewLoggerManager()
	uiClient := NewClient("unix:///tmp/osui.sock", cfgFile, stats, rules, loggerMgr)

	t.Run("validate-load-config", func(t *testing.T) {
		validateConfig(t, uiClient, defaultConfig)
	})

	t.Run("validate-reload-config", func(t *testing.T) {
		reloadConfig := *defaultConfig
		//reloadConfig.ProcMonitorMethod = procmon.MethodProc
		reloadConfig.DefaultAction = string(rule.Deny)
		reloadConfig.InterceptUnknown = true
		reloadConfig.Firewall = iptables.Name
		reloadConfig.FwOptions.QueueBypass = true
		reloadConfig.Server.Address = "unix:///run/user/1000/opensnitch/osui.sock"

		plainJSON, err := json.Marshal(reloadConfig)
		if err != nil {
			t.Errorf("Error marshalling config: %s", err)
		}
		if err = config.Save(configFile, string(plainJSON)); err != nil {
			t.Errorf("error saving config to disk: %s", err)
		}
		// wait for the config to load
		time.Sleep(time.Second * 10)

		validateConfig(t, uiClient, &reloadConfig)
	})
}
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`package ui`

			`import (`
			`"encoding/json"`
			`"testing"`
			`"time"`

			`"github.com/evilsocket/opensnitch/daemon/core"`
			`"github.com/evilsocket/opensnitch/daemon/firewall/iptables"`
			`"github.com/evilsocket/opensnitch/daemon/log"`
			`"github.com/evilsocket/opensnitch/daemon/log/loggers"`
			`"github.com/evilsocket/opensnitch/daemon/procmon"`
			`"github.com/evilsocket/opensnitch/daemon/rule"`
			`"github.com/evilsocket/opensnitch/daemon/statistics"`
			`"github.com/evilsocket/opensnitch/daemon/ui/config"`
			`)`

			`var (`
			`defaultConfig = &config.Config{`
changed ui/client/configuration tests In order to test ebpf<->proc changes we'll need to have access to a valid ebpf module. 2024-05-06 00:10:00 +02:00			`ProcMonitorMethod: procmon.MethodProc,`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`DefaultAction: "allow",`
			`DefaultDuration: "once",`
			`InterceptUnknown: false,`
			`Firewall: "nftables",`
daemon/ui tests updated 2024-10-19 20:43:45 +02:00			`Rules: config.RulesOptions{`
			`Path: "/etc/opensnitchd/rules",`
			`},`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`}`
			`)`

			`func restoreConfigFile(t *testing.T) {`
			`// start from a clean state`
			`if _, err := core.Exec("cp", []string{`
			`// unmodified default config`
			`"./testdata/default-config.json.orig",`
			`// config will be modified by some tests`
			`"./testdata/default-config.json",`
			`}); err != nil {`
			`t.Errorf("error copying default config file: %s", err)`
			`}`
			`}`

			`func validateConfig(t testing.T, uiClient Client, cfg *config.Config) {`
changed ui/client/configuration tests In order to test ebpf<->proc changes we'll need to have access to a valid ebpf module. 2024-05-06 00:10:00 +02:00			`if uiClient.ProcMonitorMethod() != cfg.ProcMonitorMethod \|\| procmon.GetMonitorMethod() != uiClient.ProcMonitorMethod() {`
			`t.Errorf("not expected ProcMonitorMethod value: %s, expected: %s, procmon.MonitorMethod: %s", uiClient.ProcMonitorMethod(), cfg.ProcMonitorMethod, procmon.GetMonitorMethod())`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`}`
			`if uiClient.GetFirewallType() != cfg.Firewall {`
			`t.Errorf("not expected FirewallType value: %s, expected: %s", uiClient.GetFirewallType(), cfg.Firewall)`
			`}`
			`if uiClient.InterceptUnknown() != cfg.InterceptUnknown {`
			`t.Errorf("not expected InterceptUnknown value: %v, expected: %v", uiClient.InterceptUnknown(), cfg.InterceptUnknown)`
			`}`
			`if uiClient.DefaultAction() != rule.Action(cfg.DefaultAction) {`
			`t.Errorf("not expected DefaultAction value: %s, expected: %s", clientDisconnectedRule.Action, cfg.DefaultAction)`
			`}`
			`}`

changed ui/client/configuration tests In order to test ebpf<->proc changes we'll need to have access to a valid ebpf module. 2024-05-06 00:10:00 +02:00			`func TestClientConfigReloading(t *testing.T) {`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`restoreConfigFile(t)`
updated ui/client tests 2023-12-17 00:39:41 +01:00			`cfgFile := "./testdata/default-config.json"`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00
			`rules, err := rule.NewLoader(false)`
			`if err != nil {`
			`log.Fatal("")`
			`}`

			`stats := statistics.New(rules)`
			`loggerMgr := loggers.NewLoggerManager()`
updated ui/client tests 2023-12-17 00:39:41 +01:00			`uiClient := NewClient("unix:///tmp/osui.sock", cfgFile, stats, rules, loggerMgr)`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00
			`t.Run("validate-load-config", func(t *testing.T) {`
			`validateConfig(t, uiClient, defaultConfig)`
			`})`

			`t.Run("validate-reload-config", func(t *testing.T) {`
changed ui/client/configuration tests In order to test ebpf<->proc changes we'll need to have access to a valid ebpf module. 2024-05-06 00:10:00 +02:00			`reloadConfig := *defaultConfig`
			`//reloadConfig.ProcMonitorMethod = procmon.MethodProc`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`reloadConfig.DefaultAction = string(rule.Deny)`
			`reloadConfig.InterceptUnknown = true`
			`reloadConfig.Firewall = iptables.Name`
daemon/ui tests updated 2024-10-19 20:43:45 +02:00			`reloadConfig.FwOptions.QueueBypass = true`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00			`reloadConfig.Server.Address = "unix:///run/user/1000/opensnitch/osui.sock"`

			`plainJSON, err := json.Marshal(reloadConfig)`
			`if err != nil {`
			`t.Errorf("Error marshalling config: %s", err)`
			`}`
			`if err = config.Save(configFile, string(plainJSON)); err != nil {`
			`t.Errorf("error saving config to disk: %s", err)`
			`}`
daemon/ui tests updated 2024-10-19 20:43:45 +02:00			`// wait for the config to load`
			`time.Sleep(time.Second * 10)`
tests: added daemon config tests - Test that the default config is loaded properly. - Test that changes to the config are saved to disk. - Test that changes to the config file on disk are reloaded properly. 2023-07-04 13:25:09 +02:00
			`validateConfig(t, uiClient, &reloadConfig)`
			`})`
			`}`