Skip to content

Commit

Permalink
actually make parallelism work
Browse files Browse the repository at this point in the history
  • Loading branch information
@unglaublicherdude
unglaublicherdude committed Jun 11, 2024
1 parent 61d1f43 commit 445d4f2
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 20 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/release-app.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
env:
CLIENT_ID: ${{ secrets.VAAS_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.VAAS_CLIENT_SECRET }}
run: bats --jobs 3 ./tests
run: bats --no-parallelize-across-files --jobs 3 ./tests

- uses: actions/upload-artifact@master
with:
Expand Down
29 changes: 16 additions & 13 deletions tests/functionality-parallel.bats
View file
Original file line number Diff line number Diff line change
@@ -1,58 +1,61 @@
#!/usr/bin/env bats

FOLDER_PREFIX=./tmp/functionality-parallel/

setup_file() {
mkdir -p ./tmp/functionality-parallel/
echo 'nothingwronghere' > ./tmp/functionality-parallel//clean.txt
echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > ./tmp/functionality-parallel/eicar.com.txt
curl --output ./tmp/functionality-parallel/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe
mkdir -p $FOLDER_PREFIX
echo 'nothingwronghere' > $FOLDER_PREFIX/clean.txt
echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > $FOLDER_PREFIX/eicar.com.txt
curl --output $FOLDER_PREFIX/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe
docker exec --env OC_PASS=myfancysecurepassword234 --user www-data nextcloud-container php occ user:add testuser --password-from-env || echo "already exists"
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET"
sleep 2
}

@test "test admin eicar Upload" {
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T ./tmp/functionality-parallel/eicar.com.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.eicar.com.txt)
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/eicar.com.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.eicar.com.txt)
echo "Actual: $RESULT"
curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.eicar.com.txt
[[ "$RESULT" =~ "Virus EICAR-Test-File is detected in the file. Upload cannot be completed." ]]
[[ "$RESULT" =~ "Upload cannot be completed." ]]
}

@test "test admin clean Upload" {
RESULT=$(curl -w "%{http_code}" -u admin:admin -T ./tmp/functionality-parallel/clean.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.clean.txt)
RESULT=$(curl -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/clean.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.clean.txt)
echo "Actual: $RESULT"
curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.clean.txt
[[ $RESULT -ge 200 && $RESULT -lt 300 ]]
}

@test "test admin pup Upload" {
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T ./tmp/functionality-parallel/pup.exe http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.pup.exe)
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/pup.exe http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.pup.exe)
echo "Actual: $RESULT"
curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/functionality-parallel.pup.exe
[[ $RESULT -ge 200 && $RESULT -lt 300 ]]
}

@test "test testuser eicar Upload" {
RESULT=$(curl --silent -w "%{http_code}" -u testuser:myfancysecurepassword234 -T ./tmp/functionality-parallel/eicar.com.txt http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.eicar.com.txt)
RESULT=$(curl --silent -w "%{http_code}" -u testuser:myfancysecurepassword234 -T ./tmp/functionality-sequential//eicar.com.txt http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.eicar.com.txt)
echo "Actual: $RESULT"
docker exec --user www-data -i nextcloud-container php occ config:app:get gdatavaas clientSecret
curl --silent -q -u testuser:myfancysecurepassword234 -X DELETE http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.eicar.com.txt
[[ "$RESULT" =~ "Virus EICAR-Test-File is detected in the file. Upload cannot be completed." ]]
[[ "$RESULT" =~ "Upload cannot be completed." ]]
}

@test "test testuser clean Upload" {
STATUS_CODE=$(curl --silent -w "%{http_code}" -w "%{http_code}" -u testuser:myfancysecurepassword234 -T ./tmp/functionality-parallel/clean.txt http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.clean.txt)
STATUS_CODE=$(curl --silent -w "%{http_code}" -w "%{http_code}" -u testuser:myfancysecurepassword234 -T $FOLDER_PREFIX/clean.txt http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.clean.txt)
echo "Actual: $RESULT"
curl --silent -q -u testuser:myfancysecurepassword234 -X DELETE http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.clean.txt
[[ $STATUS_CODE -ge 200 && $STATUS_CODE -lt 300 ]] || exit 1
}

@test "test testuser pup Upload" {
RESULT=$(curl --silent -w "%{http_code}" -w "%{http_code}" -u testuser:myfancysecurepassword234 -T ./tmp/functionality-parallel/pup.exe http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.pup.exe)
RESULT=$(curl --silent -w "%{http_code}" -w "%{http_code}" -u testuser:myfancysecurepassword234 -T $FOLDER_PREFIX/pup.exe http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.pup.exe)
echo "Actual: $RESULT"
curl --silent -q -u testuser:myfancysecurepassword234 -X DELETE http://127.0.0.1/remote.php/dav/files/testuser/functionality-parallel.pup.exe
[[ $RESULT -ge 200 && $RESULT -lt 300 ]] || exit 1
}

@tearddown_file() {
rm -rf ./tmp/functionality-parallel/
rm -rf $FOLDER_PREFIX
}

43 changes: 37 additions & 6 deletions tests/functionality-sequential.bats
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,56 @@
#!/usr/bin/env bats

FOLDER_PREFIX=./tmp/functionality-sequential/

setup_file() {
mkdir -p ./tmp/functionality-sequential/
echo 'nothingwronghere' > ./tmp/functionality-sequential/clean.txt
echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > ./tmp/functionality-sequential//eicar.com.txt
curl --output ./tmp/functionality-sequential/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe
mkdir -p $FOLDER_PREFIX/
echo 'nothingwronghere' > $FOLDER_PREFIX/clean.txt
echo 'X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*' > $FOLDER_PREFIX/eicar.com.txt
curl --output $FOLDER_PREFIX/pup.exe http://amtso.eicar.org/PotentiallyUnwanted.exe
BATS_NO_PARALLELIZE_WITHIN_FILE=true
}


@test "test upload when vaas does not function" {
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="WRONG_PASSWORD"
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T ./tmp/functionality-sequential/eicar.com.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-sequential.eicar.com.txt)
RESULT=$(curl --silent -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/eicar.com.txt http://127.0.0.1/remote.php/dav/files/admin/functionality-sequential.eicar.com.txt)
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET"
curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/functionality-sequential.eicar.com.txt

echo "Actual: $RESULT"
[[ $RESULT -ge 200 && $RESULT -lt 300 ]]
}

@test "test croned scan for admin files" {
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="WRONG_PASSWORD"
curl --silent -w "%{http_code}" -u admin:admin -T $FOLDER_PREFIX/eicar.com.txt http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.eicar.com.txt
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET"
docker exec --user www-data -i nextcloud-container php ./cron.php # tag unscanned
docker exec --user www-data -i nextcloud-container php ./cron.php # actual scan

LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "admin.functionality-sequential.eicar.com.txt|Readme.md" )

curl --silent -q -u admin:admin -X DELETE http://127.0.0.1/remote.php/dav/files/admin/admin.functionality-sequential.eicar.com.txt

[[ $LOGS =~ ^.*admin.functionality-sequential.eicar.com.txt.*Verdict:.*Malicious ]]
[[ $LOGS =~ ^.*Readme.md.*Verdict:.*Clean ]]
}

@test "test croned scan for testuser files" {
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="WRONG_PASSWORD"
curl --silent -w "%{http_code}" -u testuser:myfancysecurepassword234 -T $FOLDER_PREFIX/eicar.com.txt http://127.0.0.1/remote.php/dav/files/testuser/testuser.functionality-sequential.eicar.com.txt
docker exec --user www-data -i nextcloud-container php occ config:app:set gdatavaas clientSecret --value="$CLIENT_SECRET"
docker exec --user www-data -i nextcloud-container php ./cron.php # tag unscanned
docker exec --user www-data -i nextcloud-container php ./cron.php # actual scan

LOGS=$(docker exec --user www-data -i nextcloud-container cat data/nextcloud.log | egrep "testuser.functionality-sequential.eicar.com.txt")

curl --silent -q -u testuser:myfancysecurepassword234 -X DELETE http://127.0.0.1/remote.php/dav/files/testuser/testuser.functionality-sequential.eicar.com.txt

[[ $LOGS =~ ^.*testuser.functionality-sequential.eicar.com.txt.*Verdict:.*Malicious ]]
}

tearddown_file() {
sleep 2
rm -rf ./tmp/functionality-sequential/
rm -rf $FOLDER_PREFIX
}

0 comments on commit 445d4f2

Please sign in to comment.