frodovdr/node-red
1
0
Fork 0
mirror of https://github.com/node-red/node-red.git synced 2025-03-01 10:36:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

PR changes

Browse Source
This commit is contained in:
Steve Walsh 2021-07-07 16:18:02 +01:00
parent 5531361da5
commit 6668e0d182
5 changed files with 7 additions and 134 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
nodes/StopTheBleed.js
View File

@ -1,52 +0,0 @@
const clone = require('clone');
const variablesToCheck = [
'logger.metadata.organization',
'payload.system.organization',
'event.event.organization',
'event.event.token.contents.organization'
];
module.exports = class StopTheBleed {
constructor(_before) {
const before = clone(_before);
const {
logger,
payload: {
system: {
bot, conversationId, organization, region
}
}
} = before;
this.before = before;
this.logger = logger;
this.bot = bot;
this.conversationId = conversationId;
this.organization = organization;
this.region = region;
}
verify(after) {
try {
variablesToCheck.forEach((location) => {
const getValue = (object) => location.split('.').reduce((p, c) => (p && p[c]) || null, object);
if (getValue(this.before) !== getValue(after)) {
const details = {
message: `msg.${location} changed from "${getValue(this.before)}" to "${getValue(after)}" for bot "${this.bot}"`
};
this.logger.error(details.message);
this.logger.app.platform.organization({
srn: `srn:botnet:${this.region}:${this.organization}:bot:${this.bot}`,
action: 'exception',
actionType: 'invalid-payload-modification',
details,
conversationId: this.conversationId
});
}
});
} catch (e) {
console.log('Error while trying to verify variable changes');
console.log(e);
}
}
};

7
nodes/core/core/80-function.js
View File

@ -14,7 +14,7 @@
* limitations under the License.
**/
const StopTheBleed = require('../../StopTheBleed')
const PayloadValidator = require('../../PayloadValidator')
module.exports = function(RED) {
"use strict";
@ -209,13 +209,12 @@ module.exports = function(RED) {
try {
this.on("input", function(msg) {
try {
const stopTheBleed = new StopTheBleed(msg)
const payloadValidator = new PayloadValidator(msg)
var start = process.hrtime();
sandbox.msg = msg;
const vm2Instance = new vm2.VM({ sandbox, timeout: 5000 });
const result = vm2Instance.run(functionText);
console.log('before the bleed check')
stopTheBleed.verify(result)
payloadValidator.verify(result)
sendResults(this,msg._msgid, result);
var duration = process.hrtime(start);

6
nodes/core/logic/15-change.js
View File

@ -13,7 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
**/
const StopTheBleed = require('../../StopTheBleed')
const PayloadValidator = require('../../PayloadValidator')
module.exports = function(RED) {
"use strict";
@ -229,7 +229,7 @@ module.exports = function(RED) {
}
if (valid) {
this.on('input', function(msg) {
const stopTheBleed = new StopTheBleed(msg)
const payloadValidator = new PayloadValidator(msg)
for (var i=0; i<this.rules.length; i++) {
if (this.rules[i].t === "move") {
var r = this.rules[i];
@ -250,7 +250,7 @@ module.exports = function(RED) {
return;
}
}
stopTheBleed.verify(msg)
payloadValidator.verify(msg)
node.send(msg);
});
}

2
package.json
View File

@ -38,7 +38,7 @@
"bcryptjs": "2.4.3",
"body-parser": "1.18.3",
"cheerio": "0.22.0",
"clone": "^2.1.1",
"clone": "2.1.1",
"cookie": "0.3.1",
"cookie-parser": "1.4.3",
"cors": "2.8.4",

74
test/unit/test-stopTheBleed.js
View File

@ -1,74 +0,0 @@
const StopTheBleed = require('../../nodes/StopTheBleed')
const orgEvent = require('./fixtures/data/orgEvent')
const sinon = require('sinon');
const assert = require('assert');
describe.only('Unit: StopTheBleed', () => {
it('Should not log when no changes', () => {
const beforeEvent = orgEvent('before');
const stopTheBleed = new StopTheBleed(beforeEvent);
stopTheBleed.verify(beforeEvent);
});
it('Should warn when org is overwritten', () => {
const beforeEvent = orgEvent('before');
errorLogStub = sinon.stub();
appLogStub = sinon.stub();
beforeEvent.logger.error = errorLogStub;
beforeEvent.logger.app = {
platform:{
organization: appLogStub
}
};
const stopTheBleed = new StopTheBleed(beforeEvent);
const modifiedEvent = orgEvent('after');
stopTheBleed.verify(modifiedEvent);
assert(errorLogStub.callCount === 4)
assert(appLogStub.callCount === 4)
const [[log1], [log2], [log3], [log4]] = appLogStub.args
assert(log1.details.message.includes('logger.metadata.organization'))
assert(log2.details.message.includes('payload.system.organization'))
assert(log3.details.message.includes('event.event.organization'))
assert(log4.details.message.includes('event.event.token.contents.organization'))
});
it('Should warn when org is deleted', () => {
const beforeEvent = orgEvent('before');
errorLogStub = sinon.stub();
appLogStub = sinon.stub();
beforeEvent.logger.error = errorLogStub;
beforeEvent.logger.app = {
platform:{
organization: appLogStub
}
};
const stopTheBleed = new StopTheBleed(beforeEvent);
delete beforeEvent.logger.metadata.organization;
delete beforeEvent.payload.system.organization;
delete beforeEvent.event.event.organization;
delete beforeEvent.event.event.token.contents.organization;
stopTheBleed.verify(beforeEvent);
assert(errorLogStub.callCount === 4)
assert(appLogStub.callCount === 4)
const [[log1], [log2], [log3], [log4]] = appLogStub.args
assert(log1.details.message.includes('logger.metadata.organization'))
assert(log2.details.message.includes('payload.system.organization'))
assert(log3.details.message.includes('event.event.organization'))
assert(log4.details.message.includes('event.event.token.contents.organization'))
});
it('Should not die when error', () => {
const beforeEvent = orgEvent('before');
const stopTheBleed = new StopTheBleed(beforeEvent);
const modifiedEvent = orgEvent('after');
stopTheBleed.verify(modifiedEvent);
});
});