Sākums Izpētīt Palīdzība
Pierakstīties
chiappa
/
irdb
spogulis no https://git.snix.ch/chiappa/irdb.git
1
0
Atdalīts 0
Faili Problēmas 0
Koks: 2e26a686e8
Atzari Tagi
irdb
/
api
/
tests
/
Unit
/
Reputation
/
EffectiveStatusServiceTest.php

EffectiveStatusServiceTest.php 3.1 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace App\Tests\Unit\Reputation;
    6. 

  6. 

  7. use App\Domain\Ip\Cidr;
    8. 

  8. use App\Domain\Ip\IpAddress;
    9. 

  9. use App\Domain\Reputation\CidrEvaluator;
    10. 

  10. use App\Domain\Reputation\EffectiveStatus;
    11. 

  11. use App\Domain\Reputation\EffectiveStatusService;
    12. 

  12. use App\Infrastructure\Reputation\CidrEvaluatorFactory;
    13. 

  13. use PHPUnit\Framework\TestCase;
    14. 

  14. 

  15. /**
    16. 

  16.  * Locks the SPEC §5 precedence: allowlist > manual block > scored > clean.
    17. 

  17.  * Score-vs-policy lands in M07; until then, anything not on a list is
    18. 

  18.  * `Clean`.
    19. 

  19.  */
    20. 

  20. final class EffectiveStatusServiceTest extends TestCase
    21. 

  21. {
    22. 

  22.     public function testAllowlistWinsOverManualBlock(): void
    23. 

  23.     {
    24. 

  24.         $bin = IpAddress::fromString('198.51.100.5')->binary();
    25. 

  25.         $factory = $this->factoryReturning(new CidrEvaluator(
    26. 

  26.             manualIpBins: [$bin],
    27. 

  27.             manualSubnets: [],
    28. 

  28.             allowlistIpBins: [$bin],
    29. 

  29.             allowlistSubnets: [],
    30. 

  30.         ));
    31. 

  31. 

  32.         $service = new EffectiveStatusService($factory);
    33. 

  33.         self::assertSame(
    34. 

  34.             EffectiveStatus::Allowlisted,
    35. 

  35.             $service->forIp(IpAddress::fromString('198.51.100.5'))
    36. 

  36.         );
    37. 

  37.     }
    38. 

  38. 

  39.     public function testManualBlockReturnedWhenNotAllowlisted(): void
    40. 

  40.     {
    41. 

  41.         $bin = IpAddress::fromString('203.0.113.42')->binary();
    42. 

  42.         $factory = $this->factoryReturning(new CidrEvaluator([$bin], [], [], []));
    43. 

  43. 

  44.         $service = new EffectiveStatusService($factory);
    45. 

  45.         self::assertSame(
    46. 

  46.             EffectiveStatus::ManuallyBlocked,
    47. 

  47.             $service->forIp(IpAddress::fromString('203.0.113.42'))
    48. 

  48.         );
    49. 

  49.     }
    50. 

  50. 

  51.     public function testIpInsideAllowlistedSubnetEvenWithSeparateManualBlockIsAllowlisted(): void
    52. 

  52.     {
    53. 

  53.         $allow = Cidr::fromString('203.0.113.0/24');
    54. 

  54.         $factory = $this->factoryReturning(new CidrEvaluator(
    55. 

  55.             manualIpBins: [IpAddress::fromString('203.0.113.42')->binary()],
    56. 

  56.             manualSubnets: [],
    57. 

  57.             allowlistIpBins: [],
    58. 

  58.             allowlistSubnets: [$allow],
    59. 

  59.         ));
    60. 

  60. 

  61.         $service = new EffectiveStatusService($factory);
    62. 

  62.         self::assertSame(
    63. 

  63.             EffectiveStatus::Allowlisted,
    64. 

  64.             $service->forIp(IpAddress::fromString('203.0.113.42'))
    65. 

  65.         );
    66. 

  66.     }
    67. 

  67. 

  68.     public function testCleanWhenNothingMatches(): void
    69. 

  69.     {
    70. 

  70.         $factory = $this->factoryReturning(new CidrEvaluator([], [], [], []));
    71. 

  71.         $service = new EffectiveStatusService($factory);
    72. 

  72. 

  73.         self::assertSame(
    74. 

  74.             EffectiveStatus::Clean,
    75. 

  75.             $service->forIp(IpAddress::fromString('203.0.113.99'))
    76. 

  76.         );
    77. 

  77.     }
    78. 

  78. 

  79.     private function factoryReturning(CidrEvaluator $evaluator): CidrEvaluatorFactory
    80. 

  80.     {
    81. 

  81.         return new class ($evaluator) extends CidrEvaluatorFactory {
    82. 

  82.             public function __construct(private readonly CidrEvaluator $fixed)
    83. 

  83.             {
    84. 

  84.                 // Deliberately not calling parent::__construct — this stub
    85. 

  85.                 // never queries the DB.
    86. 

  86.             }
    87. 

  87. 

  88.             public function get(): CidrEvaluator
    89. 

  89.             {
    90. 

  90.                 return $this->fixed;
    91. 

  91.             }
    92. 

  92. 

  93.             public function invalidate(): void
    94. 

  94.             {
    95. 

  95.                 // no-op
    96. 

  96.             }
    97. 

  97.         };
    98. 

  98.     }
    99. 

  99. }
    100.