From 50499a4628988026b94dc7bfe215f8e52cadfc75 Mon Sep 17 00:00:00 2001 From: Alexandre Rulleau Date: Tue, 10 Dec 2024 13:51:40 +0100 Subject: [PATCH] test(appsec: extension): add special cases tests for automated functions Signed-off-by: Alexandre Rulleau --- ...ogin_failure_event_automated_no_login.phpt | 31 ++++++++++++++++ ..._failure_event_automated_no_root_span.phpt | 29 +++++++++++++++ ...login_failure_event_automated_no_user.phpt | 31 ++++++++++++++++ ...rack_user_login_failure_event_no_user.phpt | 8 ++-- ...n_success_event_automated_empty_login.phpt | 32 ++++++++++++++++ ...in_success_event_automated_empty_user.phpt | 37 +++++++++++++++++++ ..._success_event_automated_no_root_span.phpt | 32 ++++++++++++++++ ...r_signup_event_automated_empty_login.phpt} | 0 ...ser_signup_event_automated_empty_user.phpt | 37 +++++++++++++++++++ 9 files changed, 233 insertions(+), 4 deletions(-) create mode 100644 appsec/tests/extension/track_user_login_failure_event_automated_no_login.phpt create mode 100644 appsec/tests/extension/track_user_login_failure_event_automated_no_root_span.phpt create mode 100644 appsec/tests/extension/track_user_login_failure_event_automated_no_user.phpt create mode 100644 appsec/tests/extension/track_user_login_success_event_automated_empty_login.phpt create mode 100644 appsec/tests/extension/track_user_login_success_event_automated_empty_user.phpt create mode 100644 appsec/tests/extension/track_user_login_success_event_automated_no_root_span.phpt rename appsec/tests/extension/{track_user_signup_event_empty_login.phpt => track_user_signup_event_automated_empty_login.phpt} (100%) create mode 100644 appsec/tests/extension/track_user_signup_event_automated_empty_user.phpt diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_no_login.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_no_login.phpt new file mode 100644 index 0000000000..6591c4e308 --- /dev/null +++ b/appsec/tests/extension/track_user_login_failure_event_automated_no_login.phpt @@ -0,0 +1,31 @@ +--TEST-- +Track an automated user login failure event without login provided and verify the tags in the root span +--INI-- +extension=ddtrace.so +--ENV-- +DD_APPSEC_ENABLED=1 +--FILE-- + +--EXPECTF-- +root_span_get_meta(): +Array +( + [runtime-id] => %s + [appsec.events.users.login.failure.usr.id] => automatedID + [_dd.appsec.usr.id] => automatedID + [_dd.appsec.events.users.login.failure.auto.mode] => identification + [appsec.events.users.login.failure.track] => true + [appsec.events.users.login.failure.usr.exists] => false + [appsec.events.users.login.failure] => null +) diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_no_root_span.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_no_root_span.phpt new file mode 100644 index 0000000000..673aa594a0 --- /dev/null +++ b/appsec/tests/extension/track_user_login_failure_event_automated_no_root_span.phpt @@ -0,0 +1,29 @@ +--TEST-- +Track an automated user login failure event when no root span is available and verify the logs +--INI-- +extension=ddtrace.so +datadog.appsec.log_file=/tmp/php_appsec_test.log +datadog.appsec.log_level=debug +--ENV-- +DD_TRACE_GENERATE_ROOT_SPAN=0 +DD_APPSEC_ENABLED=1 +--FILE-- + "something", + "metadata" => "some other metadata", + "email" => "noneofyour@business.com" +]); + + +require __DIR__ . '/inc/logging.php'; +match_log("/No root span available on request init/"); +?> +--EXPECTF-- +found message in log matching /No root span available on request init/ diff --git a/appsec/tests/extension/track_user_login_failure_event_automated_no_user.phpt b/appsec/tests/extension/track_user_login_failure_event_automated_no_user.phpt new file mode 100644 index 0000000000..5ef291bd7d --- /dev/null +++ b/appsec/tests/extension/track_user_login_failure_event_automated_no_user.phpt @@ -0,0 +1,31 @@ +--TEST-- +Track an automated user login failure event without user provided and verify the tags in the root span +--INI-- +extension=ddtrace.so +--ENV-- +DD_APPSEC_ENABLED=1 +--FILE-- + +--EXPECTF-- +root_span_get_meta(): +Array +( + [runtime-id] => %s + [_dd.appsec.events.users.login.failure.auto.mode] => identification + [appsec.events.users.login.failure.usr.login] => login + [_dd.appsec.usr.login] => login + [appsec.events.users.login.failure.track] => true + [appsec.events.users.login.failure.usr.exists] => false + [appsec.events.users.login.failure] => null +) diff --git a/appsec/tests/extension/track_user_login_failure_event_no_user.phpt b/appsec/tests/extension/track_user_login_failure_event_no_user.phpt index 9676d4c595..1db8ff4490 100644 --- a/appsec/tests/extension/track_user_login_failure_event_no_user.phpt +++ b/appsec/tests/extension/track_user_login_failure_event_no_user.phpt @@ -1,5 +1,5 @@ --TEST-- -Track a user login failure event without user id provided and verify the tags in the root span +Track a user login failure event without user provided and verify the tags in the root span --INI-- extension=ddtrace.so --ENV-- @@ -7,12 +7,12 @@ DD_APPSEC_ENABLED=1 --FILE-- %s - [_dd.appsec.events.users.login.failure.auto.mode] => identification [appsec.events.users.login.failure.track] => true + [_dd.appsec.events.users.login.failure.sdk] => true [appsec.events.users.login.failure.usr.exists] => false [appsec.events.users.login.failure] => null ) diff --git a/appsec/tests/extension/track_user_login_success_event_automated_empty_login.phpt b/appsec/tests/extension/track_user_login_success_event_automated_empty_login.phpt new file mode 100644 index 0000000000..d92c7c82a4 --- /dev/null +++ b/appsec/tests/extension/track_user_login_success_event_automated_empty_login.phpt @@ -0,0 +1,32 @@ +--TEST-- +Track an automated user login success event with an empty user login and verify the logs +--INI-- +extension=ddtrace.so +datadog.appsec.log_file=/tmp/php_appsec_test.log +datadog.appsec.log_level=debug +--ENV-- +DD_APPSEC_ENABLED=1 +--FILE-- + "something", + "metadata" => "some other metadata", + "email" => "noneofyour@business.com" +]); + +echo "root_span_get_meta():\n"; +print_r(root_span_get_meta()); +?> +--EXPECTF-- +root_span_get_meta(): +Array +( + [runtime-id] => %s +) diff --git a/appsec/tests/extension/track_user_login_success_event_automated_empty_user.phpt b/appsec/tests/extension/track_user_login_success_event_automated_empty_user.phpt new file mode 100644 index 0000000000..7647c9497d --- /dev/null +++ b/appsec/tests/extension/track_user_login_success_event_automated_empty_user.phpt @@ -0,0 +1,37 @@ +--TEST-- +Track an automated user login success event with an empty user and verify the tags +--INI-- +extension=ddtrace.so +datadog.appsec.log_file=/tmp/php_appsec_test.log +datadog.appsec.log_level=debug +--ENV-- +DD_APPSEC_ENABLED=1 +--FILE-- + "something", + "metadata" => "some other metadata", + "email" => "noneofyour@business.com" +]); + +echo "root_span_get_meta():\n"; +print_r(root_span_get_meta()); +?> +--EXPECTF-- +root_span_get_meta(): +Array +( + [runtime-id] => %s + [_dd.appsec.events.users.login.success.auto.mode] => identification + [appsec.events.users.login.success.usr.login] => login + [_dd.appsec.usr.login] => login + [appsec.events.users.login.success.track] => true + [appsec.events.users.login.success] => null +) diff --git a/appsec/tests/extension/track_user_login_success_event_automated_no_root_span.phpt b/appsec/tests/extension/track_user_login_success_event_automated_no_root_span.phpt new file mode 100644 index 0000000000..89239d97fc --- /dev/null +++ b/appsec/tests/extension/track_user_login_success_event_automated_no_root_span.phpt @@ -0,0 +1,32 @@ +--TEST-- +Track an automated user login success event when no root span is available and verify the logs +--INI-- +extension=ddtrace.so +datadog.appsec.log_file=/tmp/php_appsec_test.log +datadog.appsec.log_level=debug +--ENV-- +DD_TRACE_GENERATE_ROOT_SPAN=0 +DD_APPSEC_ENABLED=1 +--FILE-- + "something", + "metadata" => "some other metadata", + "email" => "noneofyour@business.com" + ] +); + + +require __DIR__ . '/inc/logging.php'; +match_log("/No root span available on request init/"); +?> +--EXPECTF-- +found message in log matching /No root span available on request init/ diff --git a/appsec/tests/extension/track_user_signup_event_empty_login.phpt b/appsec/tests/extension/track_user_signup_event_automated_empty_login.phpt similarity index 100% rename from appsec/tests/extension/track_user_signup_event_empty_login.phpt rename to appsec/tests/extension/track_user_signup_event_automated_empty_login.phpt diff --git a/appsec/tests/extension/track_user_signup_event_automated_empty_user.phpt b/appsec/tests/extension/track_user_signup_event_automated_empty_user.phpt new file mode 100644 index 0000000000..9f3df77d9f --- /dev/null +++ b/appsec/tests/extension/track_user_signup_event_automated_empty_user.phpt @@ -0,0 +1,37 @@ +--TEST-- +Track an automated user login success event with an empty user and verify the logs +--INI-- +extension=ddtrace.so +datadog.appsec.log_file=/tmp/php_appsec_test.log +datadog.appsec.log_level=debug +--ENV-- +DD_APPSEC_ENABLED=1 +--FILE-- + "something", + "metadata" => "some other metadata", + "email" => "noneofyour@business.com" +]); + +echo "root_span_get_meta():\n"; +print_r(root_span_get_meta()); +?> +--EXPECTF-- +root_span_get_meta(): +Array +( + [runtime-id] => %s + [_dd.appsec.events.users.signup.auto.mode] => identification + [appsec.events.users.signup.usr.login] => login + [_dd.appsec.usr.login] => login + [appsec.events.users.signup.track] => true + [appsec.events.users.signup] => null +)