crowdsecurity
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docker-compose.yml‎
Lines changed: 10 additions & 8 deletions b/‎docker-compose.yml‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎docs/contribute.md‎
Lines changed: 9 additions & 0 deletions b/‎docs/contribute.md‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎tests-local.sh‎
Lines changed: 26 additions & 0 deletions b/‎tests-local.sh‎
Lines changed: 26 additions & 0 deletions
diff --git a/‎tests/functional/__tests__/functional.js‎
Lines changed: 254 additions & 0 deletions b/‎tests/functional/__tests__/functional.js‎
Lines changed: 254 additions & 0 deletions
diff --git a/‎tests/functional/icon.png‎
53.1 KB b/‎tests/functional/icon.png‎
53.1 KB
@@ -5,6 +5,7 @@ vendor/
 .DS_Store
 
 #Tools
+node_modules/
 
 # App
 .bouncer-key
 
@@ -4,7 +4,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -24,7 +24,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.5/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -44,7 +44,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.4/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -64,7 +64,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.3/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -84,7 +84,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.2/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -104,7 +104,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.1/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -124,7 +124,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp5.0/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -144,7 +144,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/wp4.9/php-${CS_WORDPRESS_BOUNCER_PHP_VERSION}.Dockerfile
-        links:
+        depends_on:
             - crowdsec
             - mysql
             - redis
@@ -164,6 +164,8 @@ services:
         image: crowdsecurity/crowdsec:latest
         environment:
             - DISABLE_AGENT=true
+        ports:
+            - "8080:8080"
     mysql:
         image: mysql:5.7
         environment:
 
@@ -6,6 +6,15 @@
 ```bash
 export CS_WORDPRESS_BOUNCER_PHP_VERSION=7.2
 ```
+## Run tests
+
+```bash
+./tests-local.sh # headless mode for speed up
+
+DEBUG ./tests-local.sh
+```
+
+> Note: you can add `await jestPlaywright.debug();` at the moment you want to pause the process.
 
 Run containers:
 
 
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+# Context
+WORDPRESS_VERSION=5.5
+
+# Default variables
+WATCHER_LOGIN='watcherLogin'
+WATCHER_PASSWORD='watcherPassword'
+
+# Run stack
+docker-compose down --remove-orphans --timeout 0
+docker-compose up -d wordpress$WORDPRESS_VERSION crowdsec mysql redis memcached
+
+# Setup CrowdSec
+export BOUNCER_KEY=`docker-compose exec crowdsec cscli bouncers add functional-tests -o raw`
+export CS_WP_HOST=`docker-compose exec crowdsec /sbin/ip route|awk '/default/ { printf $3 }'`
+docker-compose exec crowdsec cscli machines add $WATCHER_LOGIN --password $WATCHER_PASSWORD
+echo "Waiting for WordPress container to initialize..."
+until $(curl --output /dev/null --silent --head --fail http://localhost); do
+    printf '.'
+    sleep 0.1
+done
+
+
+# Run tests
+WORDPRESS_VERSION=$WORDPRESS_VERSION WATCHER_LOGIN=$WATCHER_LOGIN WATCHER_PASSWORD=$WATCHER_PASSWORD LAPI_URL_FROM_CONTAINERS='http://crowdsec:8080' LAPI_URL_FROM_HOST='http://localhost:8080' yarn --cwd ./tests/functional test --detectOpenHandles --runInBand
@@ -0,0 +1,254 @@
+const notifier = require("node-notifier");
+const path = require("path");
+
+const BASE_URL = "http://localhost";
+const BOUNCER_KEY = process.env.BOUNCER_KEY;
+const CLIENT_IP = process.env.CS_WP_HOST;
+const WORDPRESS_VERSION = process.env.WORDPRESS_VERSION;
+const ADMIN_LOGIN = "admin";
+const ADMIN_PASSWORD = "my_very_very_secret_admin_password";
+const LAPI_URL = process.env.LAPI_URL_FROM_CONTAINERS;
+const NOTIFY = !!process.env.DEBUG;
+const TIMEOUT = (!!process.env.DEBUG ? 5 * 60 : 5) * 1000;
+
+const notify = (message) => {
+	if (NOTIFY) {
+		notifier.notify({
+			title: "CrowdSec automation",
+			message: message,
+			icon: path.join(__dirname, "../icon.png"),
+		});
+	}
+};
+
+const { addDecision, deleteAllDecisions } = require("../utils/watcherClient");
+
+const wait = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+
+jest.setTimeout(TIMEOUT);
+
+describe(`Install Stack: WordPress ${WORDPRESS_VERSION} + the CrowdSec plugin`, () => {
+	beforeAll(async () => {});
+
+	afterAll(async () => {
+		return await browser.close();
+	});
+
+	const waitForNavigation = page.waitForNavigation();
+
+	it('Should install wordpress"', async () => {
+		notify("Install wordpress");
+
+		// Go to home
+		await page.goto(`${BASE_URL}`);
+
+		// "Language selection" page
+
+		await page.click('option[lang="en"]');
+		await page.click("#language-continue");
+		await waitForNavigation;
+
+		// "Account creation" page
+
+		await page.fill("#weblog_title", "My website");
+		await page.fill("#user_login", ADMIN_LOGIN);
+		await page.fill("#pass1", ADMIN_PASSWORD);
+		await page.fill("#admin_email", "admin@admin.admin");
+		await page.click("#submit");
+		await waitForNavigation;
+
+		// "Success" page
+
+		await expect(page).toHaveText("h1", "Success!");
+		await page.click(".wp-core-ui > .step > .button");
+		await waitForNavigation;
+	});
+
+	it('Should login to wp-admin"', async () => {
+		notify("Login to wp-admin");
+		// "Login" page
+		await page.fill("#user_login", ADMIN_LOGIN);
+		await page.fill("#user_pass", ADMIN_PASSWORD);
+		await page.waitForSelector("#wp-submit");
+		await page.click("#wp-submit");
+		await waitForNavigation;
+	});
+
+	it('Should install CrowdSec plugin"', async () => {
+		notify("Install CrowdSec plugin");
+		// "Plugins" page
+		await page.goto(`${BASE_URL}/wp-admin/plugins.php'`);
+		await page.click("#activate-crowdsec");
+		await waitForNavigation;
+		await expect(page).toHaveText("#message", "Plugin activated.");
+	});
+
+	it('Should configure the connection details"', async () => {
+		notify("Configure the connection details");
+		// CrowdSec Menu
+		await page.click(
+			"#adminmenuwrap > #adminmenu > #toplevel_page_crowdsec_plugin > .wp-has-submenu > .wp-menu-name"
+		);
+		await waitForNavigation;
+
+		// CrowdSec Settings page: set connection details
+
+		await page.fill("[name=crowdsec_api_url]", LAPI_URL);
+		await page.fill("[name=crowdsec_api_key]", BOUNCER_KEY);
+		await page.click("[type=submit]");
+		await waitForNavigation;
+
+		await expect(page).toHaveText(
+			"#setting-error-settings_updated",
+			"Settings saved."
+		);
+	});
+
+	it('Should reduce the cache durations"', async () => {
+		notify("Reduce the cache durations");
+		// CrowdSec Menu
+		await page.click(
+			"#toplevel_page_crowdsec_plugin > ul > li:nth-child(3) > a"
+		);
+		await waitForNavigation;
+
+		// CrowdSec Settings page: set connection details
+
+		await page.fill("[name=crowdsec_clean_ip_cache_duration]", "1");
+		await page.fill("[name=crowdsec_bad_ip_cache_duration]", "1");
+		await page.click("[type=submit]");
+		await waitForNavigation;
+
+		await expect(page).toHaveText(
+			"#setting-error-settings_updated",
+			"Settings saved."
+		);
+	});
+
+	it('Should display the homepage with no remediation"', async () => {
+		notify("Display the homepage with no remediation");
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Just another WordPress site");
+	});
+
+	it('Should display a captcha wall"', async () => {
+		notify("Display a captcha wall");
+
+		// add a captcha remediation
+		await addDecision(CLIENT_IP, "captcha", "15m");
+		await wait(1000);
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Oops..");
+		await expect(page).toHaveText(
+			".desc",
+			"Please complete the security check."
+		);
+
+		// Refresh the captcha 2 times
+		await page.click("#refresh_link");
+		await waitForNavigation;
+
+		await page.click("#refresh_link");
+		await waitForNavigation;
+	});
+
+	it('Should display a ban wall"', async () => {
+		notify("Display a ban wall");
+
+		// add a ban remediation
+		await addDecision(CLIENT_IP, "ban", "15m");
+		await wait(1000);
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Oops..");
+		await expect(page).toHaveText(
+			".desc",
+			"This page is protected against cyber attacks and your IP has been banned by our system."
+		);
+	});
+
+	it('Should display back the homepage with no remediation"', async () => {
+		notify("Display back the homepage with no remediation");
+
+		// delete a ban remediation
+		await deleteAllDecisions();
+		await wait(1000);
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Just another WordPress site");
+	});
+
+	it('Should enable the stream mode"', async () => {
+		notify("Enable the stream mode");
+
+		await page.goto(
+			`${BASE_URL}/wp-admin/admin.php?page=crowdsec_advanced_settings`
+		);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Advanced");
+
+		await page.click("[for=crowdsec_stream_mode]");
+
+		await page.fill("[name=crowdsec_stream_mode_refresh_frequency]", "1");
+		await page.click("[type=submit]");
+		await waitForNavigation;
+
+		await expect(page).toHaveText(
+			"#setting-error-settings_updated",
+			"Settings saved."
+		);
+	});
+
+	it('Should display a ban wall via stream mode"', async () => {
+		notify("Display a ban wall via stream mode");
+
+		// add a ban remediation
+		await addDecision(CLIENT_IP, "ban", "15m");
+		await wait(2000);
+		// force WP Cron to run cache update as bouncing is done before cache updating
+		// This could be fixed by running homemade call to cache update
+		// if it's the time to update cache
+		await page.goto(`${BASE_URL}/wp-cron.php`);
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Oops..");
+		await expect(page).toHaveText(
+			".desc",
+			"This page is protected against cyber attacks and your IP has been banned by our system."
+		);
+	});
+
+	it('Should display back the homepage with no remediation via stream mode"', async () => {
+		notify("Display back the homepage with no remediation via stream mode");
+
+		// delete a ban remediation
+		await deleteAllDecisions();
+		await wait(2000);
+		await page.goto(`${BASE_URL}/wp-cron.php`);
+
+		await page.goto(`${BASE_URL}`);
+		await waitForNavigation;
+
+		const title = await page.title();
+		await expect(title).toContain("Just another WordPress site");
+	});
+});