From 3b57b72f54897041da7c11b15d58b7bc485cefe0 Mon Sep 17 00:00:00 2001 From: Steve Walsh Date: Wed, 7 Jul 2021 17:01:28 +0100 Subject: [PATCH] PR changes --- .../b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json | 1 + .../c0adff3f-c97a-438c-9724-7f45d0d1fe66.json | 1 + .../b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json | 1 + .../c0adff3f-c97a-438c-9724-7f45d0d1fe66.json | 1 + .nyc_output/processinfo/index.json | 1 + nodes/PayloadValidator.js | 52 +++++++++++++ test/unit/test-payloadValidator.js | 74 +++++++++++++++++++ 7 files changed, 131 insertions(+) create mode 100644 .nyc_output/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json create mode 100644 .nyc_output/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json create mode 100644 .nyc_output/processinfo/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json create mode 100644 .nyc_output/processinfo/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json create mode 100644 .nyc_output/processinfo/index.json create mode 100644 nodes/PayloadValidator.js create mode 100644 test/unit/test-payloadValidator.js diff --git a/.nyc_output/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json b/.nyc_output/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json new file mode 100644 index 000000000..0aa839003 --- /dev/null +++ b/.nyc_output/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json @@ -0,0 +1 @@ +{"/Users/steve/Documents/GitHub/node-red/nodes/PayloadValidator.js":{"path":"/Users/steve/Documents/GitHub/node-red/nodes/PayloadValidator.js","statementMap":{"0":{"start":{"line":1,"column":14},"end":{"line":1,"column":30}},"1":{"start":{"line":3,"column":25},"end":{"line":8,"column":1}},"2":{"start":{"line":10,"column":0},"end":{"line":52,"column":2}},"3":{"start":{"line":12,"column":19},"end":{"line":12,"column":33}},"4":{"start":{"line":20,"column":8},"end":{"line":20,"column":14}},"5":{"start":{"line":21,"column":4},"end":{"line":21,"column":25}},"6":{"start":{"line":22,"column":4},"end":{"line":22,"column":25}},"7":{"start":{"line":23,"column":4},"end":{"line":23,"column":19}},"8":{"start":{"line":24,"column":4},"end":{"line":24,"column":41}},"9":{"start":{"line":25,"column":4},"end":{"line":25,"column":37}},"10":{"start":{"line":26,"column":4},"end":{"line":26,"column":25}},"11":{"start":{"line":30,"column":4},"end":{"line":50,"column":5}},"12":{"start":{"line":31,"column":6},"end":{"line":46,"column":9}},"13":{"start":{"line":32,"column":25},"end":{"line":32,"column":102}},"14":{"start":{"line":32,"column":37},"end":{"line":32,"column":102}},"15":{"start":{"line":32,"column":74},"end":{"line":32,"column":93}},"16":{"start":{"line":33,"column":8},"end":{"line":45,"column":9}},"17":{"start":{"line":34,"column":26},"end":{"line":36,"column":11}},"18":{"start":{"line":37,"column":10},"end":{"line":37,"column":45}},"19":{"start":{"line":38,"column":10},"end":{"line":44,"column":13}},"20":{"start":{"line":48,"column":6},"end":{"line":48,"column":67}},"21":{"start":{"line":49,"column":6},"end":{"line":49,"column":21}}},"fnMap":{"0":{"name":"(anonymous_0)","decl":{"start":{"line":11,"column":2},"end":{"line":11,"column":3}},"loc":{"start":{"line":11,"column":23},"end":{"line":27,"column":3}},"line":11},"1":{"name":"(anonymous_1)","decl":{"start":{"line":29,"column":2},"end":{"line":29,"column":3}},"loc":{"start":{"line":29,"column":16},"end":{"line":51,"column":3}},"line":29},"2":{"name":"(anonymous_2)","decl":{"start":{"line":31,"column":31},"end":{"line":31,"column":32}},"loc":{"start":{"line":31,"column":45},"end":{"line":46,"column":7}},"line":31},"3":{"name":"(anonymous_3)","decl":{"start":{"line":32,"column":25},"end":{"line":32,"column":26}},"loc":{"start":{"line":32,"column":37},"end":{"line":32,"column":102}},"line":32},"4":{"name":"(anonymous_4)","decl":{"start":{"line":32,"column":64},"end":{"line":32,"column":65}},"loc":{"start":{"line":32,"column":74},"end":{"line":32,"column":93}},"line":32}},"branchMap":{"0":{"loc":{"start":{"line":32,"column":74},"end":{"line":32,"column":93}},"type":"binary-expr","locations":[{"start":{"line":32,"column":75},"end":{"line":32,"column":76}},{"start":{"line":32,"column":80},"end":{"line":32,"column":84}},{"start":{"line":32,"column":89},"end":{"line":32,"column":93}}],"line":32},"1":{"loc":{"start":{"line":33,"column":8},"end":{"line":45,"column":9}},"type":"if","locations":[{"start":{"line":33,"column":8},"end":{"line":45,"column":9}},{"start":{"line":33,"column":8},"end":{"line":45,"column":9}}],"line":33}},"s":{"0":1,"1":1,"2":1,"3":4,"4":4,"5":4,"6":4,"7":4,"8":4,"9":4,"10":4,"11":4,"12":4,"13":13,"14":44,"15":152,"16":13,"17":9,"18":9,"19":8,"20":1,"21":1},"f":{"0":4,"1":4,"2":13,"3":44,"4":152},"b":{"0":[152,152,8],"1":[9,4]},"_coverageSchema":"1a1c01bbd47fc00a2c39e90264f33305004495a9","hash":"bc5dc043abe7596728e874b7a412a10445f8a47c","contentHash":"0a195350a2e88d579527d32956fca793e55e4e7e99fe26caaab0939cf5aa1989"}} \ No newline at end of file diff --git a/.nyc_output/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json b/.nyc_output/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json new file mode 100644 index 000000000..9e26dfeeb --- /dev/null +++ b/.nyc_output/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json @@ -0,0 +1 @@ +{} \ No newline at end of file diff --git a/.nyc_output/processinfo/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json b/.nyc_output/processinfo/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json new file mode 100644 index 000000000..64fcf6110 --- /dev/null +++ b/.nyc_output/processinfo/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json @@ -0,0 +1 @@ +{"parent":"c0adff3f-c97a-438c-9724-7f45d0d1fe66","pid":72551,"argv":["/Users/steve/.nvm/versions/node/v8.17.0/bin/node","/Users/steve/Documents/GitHub/node-red/node_modules/mocha/bin/_mocha","--recursive","test/unit/fixtures","test/unit/test-payloadValidator.js"],"execArgv":[],"cwd":"/Users/steve/Documents/GitHub/node-red","time":1625671066231,"ppid":72550,"coverageFilename":"/Users/steve/Documents/GitHub/node-red/.nyc_output/b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1.json","externalId":"","uuid":"b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1","files":["/Users/steve/Documents/GitHub/node-red/nodes/PayloadValidator.js"]} \ No newline at end of file diff --git a/.nyc_output/processinfo/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json b/.nyc_output/processinfo/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json new file mode 100644 index 000000000..d2aed5674 --- /dev/null +++ b/.nyc_output/processinfo/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json @@ -0,0 +1 @@ +{"parent":null,"pid":72550,"argv":["/Users/steve/.nvm/versions/node/v8.17.0/bin/node","/Users/steve/Documents/GitHub/node-red/node_modules/.bin/mocha","--recursive","test/unit/fixtures","test/unit/test-payloadValidator.js"],"execArgv":[],"cwd":"/Users/steve/Documents/GitHub/node-red","time":1625671065942,"ppid":72549,"coverageFilename":"/Users/steve/Documents/GitHub/node-red/.nyc_output/c0adff3f-c97a-438c-9724-7f45d0d1fe66.json","externalId":"","uuid":"c0adff3f-c97a-438c-9724-7f45d0d1fe66","files":[]} \ No newline at end of file diff --git a/.nyc_output/processinfo/index.json b/.nyc_output/processinfo/index.json new file mode 100644 index 000000000..3f4124ef5 --- /dev/null +++ b/.nyc_output/processinfo/index.json @@ -0,0 +1 @@ +{"processes":{"b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1":{"parent":"c0adff3f-c97a-438c-9724-7f45d0d1fe66","children":[]},"c0adff3f-c97a-438c-9724-7f45d0d1fe66":{"parent":null,"children":["b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1"]}},"files":{"/Users/steve/Documents/GitHub/node-red/nodes/PayloadValidator.js":["b653d3d4-4da6-4a99-8fbf-dd8c9e0790f1"]},"externalIds":{}} \ No newline at end of file diff --git a/nodes/PayloadValidator.js b/nodes/PayloadValidator.js new file mode 100644 index 000000000..4c0b6134e --- /dev/null +++ b/nodes/PayloadValidator.js @@ -0,0 +1,52 @@ +const clone = require('clone'); + +const variablesToCheck = [ + 'logger.metadata.organization', + 'payload.system.organization', + 'event.event.organization', + 'event.event.token.contents.organization' +]; + +module.exports = class PayloadValidator { + constructor(_before) { + const before = clone(_before); + const { + logger, + payload: { + system: { + bot, conversationId, organization, region + } + } + } = before; + this.before = before; + this.logger = logger; + this.bot = bot; + this.conversationId = conversationId; + this.organization = organization; + this.region = region; + } + + verify(after) { + try { + variablesToCheck.forEach((location) => { + const getValue = (object) => location.split('.').reduce((p, c) => (p && p[c]) || null, object); + if (getValue(this.before) !== getValue(after)) { + const details = { + message: `msg.${location} changed from "${getValue(this.before)}" to "${getValue(after)}" for bot "${this.bot}"` + }; + this.logger.error(details.message); + this.logger.app.platform.organization({ + srn: `srn:botnet:${this.region}:${this.organization}:bot:${this.bot}`, + action: 'exception', + actionType: 'invalid-payload-modification', + details, + conversationId: this.conversationId + }); + } + }); + } catch (e) { + console.log('Error while trying to verify variable changes'); + console.log(e); + } + } +}; diff --git a/test/unit/test-payloadValidator.js b/test/unit/test-payloadValidator.js new file mode 100644 index 000000000..c903f956e --- /dev/null +++ b/test/unit/test-payloadValidator.js @@ -0,0 +1,74 @@ +const PayloadValidator = require('../../nodes/PayloadValidator') +const orgEvent = require('./fixtures/data/orgEvent') +const sinon = require('sinon'); +const assert = require('assert'); + +describe.only('Unit: PayloadValidator', () => { + it('Should not log when no changes', () => { + const beforeEvent = orgEvent('before'); + const payloadValidator = new PayloadValidator(beforeEvent); + payloadValidator.verify(beforeEvent); + }); + + it('Should warn when org is overwritten', () => { + const beforeEvent = orgEvent('before'); + errorLogStub = sinon.stub(); + appLogStub = sinon.stub(); + beforeEvent.logger.error = errorLogStub; + beforeEvent.logger.app = { + platform:{ + organization: appLogStub + } + }; + + const payloadValidator = new PayloadValidator(beforeEvent); + + const modifiedEvent = orgEvent('after'); + + payloadValidator.verify(modifiedEvent); + assert(errorLogStub.callCount === 4) + assert(appLogStub.callCount === 4) + const [[log1], [log2], [log3], [log4]] = appLogStub.args + assert(log1.details.message.includes('logger.metadata.organization')) + assert(log2.details.message.includes('payload.system.organization')) + assert(log3.details.message.includes('event.event.organization')) + assert(log4.details.message.includes('event.event.token.contents.organization')) + }); + + + it('Should warn when org is deleted', () => { + const beforeEvent = orgEvent('before'); + errorLogStub = sinon.stub(); + appLogStub = sinon.stub(); + beforeEvent.logger.error = errorLogStub; + beforeEvent.logger.app = { + platform:{ + organization: appLogStub + } + }; + + const payloadValidator = new PayloadValidator(beforeEvent); + + delete beforeEvent.logger.metadata.organization; + delete beforeEvent.payload.system.organization; + delete beforeEvent.event.event.organization; + delete beforeEvent.event.event.token.contents.organization; + payloadValidator.verify(beforeEvent); + assert(errorLogStub.callCount === 4) + assert(appLogStub.callCount === 4) + const [[log1], [log2], [log3], [log4]] = appLogStub.args + assert(log1.details.message.includes('logger.metadata.organization')) + assert(log2.details.message.includes('payload.system.organization')) + assert(log3.details.message.includes('event.event.organization')) + assert(log4.details.message.includes('event.event.token.contents.organization')) + }); + + it('Should not die when error', () => { + const beforeEvent = orgEvent('before'); + const payloadValidator = new PayloadValidator(beforeEvent); + + const modifiedEvent = orgEvent('after'); + + payloadValidator.verify(modifiedEvent); + }); +}); \ No newline at end of file