Home Explore Help
Sign In
chiappa
/
irdb
mirror of https://git.snix.ch/chiappa/irdb.git
1
0
Fork 0
Files Issues 0
Tree: 33e9198800
Branches Tags
irdb
/
api
/
tests
/
Integration
/
Admin
/
StatsControllerTest.php

StatsControllerTest.php 6.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. namespace App\Tests\Integration\Admin;
    6. 

  6. 

  7. use App\Domain\Auth\Role;
    8. 

  8. use App\Domain\Auth\TokenKind;
    9. 

  9. use App\Domain\Ip\IpAddress;
    10. 

  10. use App\Tests\Integration\Support\AppTestCase;
    11. 

  11. use Doctrine\DBAL\ParameterType;
    12. 

  12. 

  13. /**
    14. 

  14.  * Covers the dashboard endpoint shape: scalar counters, by-hour
    15. 

  15.  * histogram, top reporters/categories, jobs status. Cache TTL is 30s
    16. 

  16.  * but the test issues each request with fresh state — we don't
    17. 

  17.  * exercise the cache window directly here.
    18. 

  18.  */
    19. 

  19. final class StatsControllerTest extends AppTestCase
    20. 

  20. {
    21. 

  21.     public function testDashboardEmptyShape(): void
    22. 

  22.     {
    23. 

  23.         $token = $this->createToken(TokenKind::Admin, role: Role::Viewer);
    24. 

  24.         $response = $this->request('GET', '/api/v1/admin/stats/dashboard', [
    25. 

  25.             'Authorization' => 'Bearer ' . $token,
    26. 

  26.         ]);
    27. 

  27.         self::assertSame(200, $response->getStatusCode());
    28. 

  28.         $body = $this->decode($response);
    29. 

  29. 

  30.         foreach (['active_blocks', 'manual_blocks_count', 'allowlist_count', 'reports_24h'] as $k) {
    31. 

  31.             self::assertArrayHasKey($k, $body);
    32. 

  32.             self::assertSame(0, $body[$k]);
    33. 

  33.         }
    34. 

  34.         self::assertSame([], $body['reports_24h_by_hour']);
    35. 

  35.         self::assertSame([], $body['top_reporters_24h']);
    36. 

  36.         self::assertSame([], $body['top_categories_24h']);
    37. 

  37.         // blocked_ips_by_day_7d always emits 8 days (today + the 7 prior, zero-filled).
    38. 

  38.         self::assertArrayHasKey('blocked_ips_by_day_7d', $body);
    39. 

  39.         $blocked = $body['blocked_ips_by_day_7d'];
    40. 

  40.         self::assertArrayHasKey('days', $blocked);
    41. 

  41.         self::assertArrayHasKey('series', $blocked);
    42. 

  42.         self::assertCount(8, $blocked['days']);
    43. 

  43.         // Seeders create the default categories — every active one should
    44. 

  44.         // appear as a flat-zero series even with no reports yet.
    45. 

  45.         self::assertNotEmpty($blocked['series']);
    46. 

  46.         foreach ($blocked['series'] as $row) {
    47. 

  47.             self::assertArrayHasKey('category', $row);
    48. 

  48.             self::assertArrayHasKey('counts', $row);
    49. 

  49.             self::assertCount(8, $row['counts']);
    50. 

  50.             self::assertSame(0, array_sum(array_map('intval', $row['counts'])));
    51. 

  51.         }
    52. 

  52.         self::assertSame('moderate', $body['reference_policy']);
    53. 

  53.     }
    54. 

  54. 

  55.     public function testDashboardCountsFromSeededReports(): void
    56. 

  56.     {
    57. 

  57.         // Use a fresh class-level container/session per test (setUp does this).
    58. 

  58.         $token = $this->createToken(TokenKind::Admin, role: Role::Viewer);
    59. 

  59.         $reporterId = $this->createReporter('rep-stats');
    60. 

  60. 

  61.         for ($i = 0; $i < 3; ++$i) {
    62. 

  62.             $this->seedReport(sprintf('203.0.113.%d', 10 + $i), 'brute_force', $reporterId);
    63. 

  63.         }
    64. 

  64.         $this->seedReport('203.0.113.20', 'spam', $reporterId);
    65. 

  65. 

  66.         $body = $this->decode($this->request('GET', '/api/v1/admin/stats/dashboard', [
    67. 

  67.             'Authorization' => 'Bearer ' . $token,
    68. 

  68.         ]));
    69. 

  69. 

  70.         self::assertSame(4, $body['reports_24h']);
    71. 

  71.         self::assertNotEmpty($body['reports_24h_by_hour']);
    72. 

  72.         self::assertSame('rep-stats', $body['top_reporters_24h'][0]['name']);
    73. 

  73.         self::assertSame(4, $body['top_reporters_24h'][0]['count']);
    74. 

  74.         $catSlugs = array_map(static fn (array $r): string => $r['slug'], $body['top_categories_24h']);
    75. 

  75.         self::assertContains('brute_force', $catSlugs);
    76. 

  76.         self::assertContains('spam', $catSlugs);
    77. 

  77.     }
    78. 

  78. 

  79.     public function testManualBlocksAndAllowlistCounters(): void
    80. 

  80.     {
    81. 

  81.         $token = $this->createToken(TokenKind::Admin, role: Role::Viewer);
    82. 

  82.         $this->db->insert('manual_blocks', [
    83. 

  83.             'kind' => 'ip',
    84. 

  84.             'ip_bin' => IpAddress::fromString('203.0.113.5')->binary(),
    85. 

  85.             'reason' => 'x',
    86. 

  86.         ], ['ip_bin' => ParameterType::LARGE_OBJECT]);
    87. 

  87.         $this->db->insert('allowlist', [
    88. 

  88.             'kind' => 'ip',
    89. 

  89.             'ip_bin' => IpAddress::fromString('203.0.113.6')->binary(),
    90. 

  90.             'reason' => 'y',
    91. 

  91.         ], ['ip_bin' => ParameterType::LARGE_OBJECT]);
    92. 

  92. 

  93.         $body = $this->decode($this->request('GET', '/api/v1/admin/stats/dashboard', [
    94. 

  94.             'Authorization' => 'Bearer ' . $token,
    95. 

  95.         ]));
    96. 

  96. 

  97.         self::assertSame(1, $body['manual_blocks_count']);
    98. 

  98.         self::assertSame(1, $body['allowlist_count']);
    99. 

  99.     }
    100. 

  100. 

  101.     public function testBlockedIpsByDayBucketsByCategory(): void
    102. 

  102.     {
    103. 

  103.         $token = $this->createToken(TokenKind::Admin, role: Role::Viewer);
    104. 

  104.         $reporterId = $this->createReporter('rep-cat-bucket');
    105. 

  105. 

  106.         // Two distinct IPs in `brute_force`, one in `spam`. The same IP
    107. 

  107.         // reported twice in `brute_force` must still count as one (the
    108. 

  108.         // sum is COUNT DISTINCT ip_bin per category per day).
    109. 

  109.         $this->seedReport('203.0.113.10', 'brute_force', $reporterId);
    110. 

  110.         $this->seedReport('203.0.113.10', 'brute_force', $reporterId);
    111. 

  111.         $this->seedReport('203.0.113.11', 'brute_force', $reporterId);
    112. 

  112.         $this->seedReport('203.0.113.20', 'spam', $reporterId);
    113. 

  113. 

  114.         $body = $this->decode($this->request('GET', '/api/v1/admin/stats/dashboard', [
    115. 

  115.             'Authorization' => 'Bearer ' . $token,
    116. 

  116.         ]));
    117. 

  117. 

  118.         $blocked = $body['blocked_ips_by_day_7d'];
    119. 

  119.         self::assertCount(8, $blocked['days']);
    120. 

  120. 

  121.         $byCategory = [];
    122. 

  122.         foreach ($blocked['series'] as $row) {
    123. 

  123.             $byCategory[$row['category']] = array_sum(array_map('intval', $row['counts']));
    124. 

  124.         }
    125. 

  125.         self::assertArrayHasKey('brute_force', $byCategory);
    126. 

  126.         self::assertArrayHasKey('spam', $byCategory);
    127. 

  127.         self::assertSame(2, $byCategory['brute_force']);
    128. 

  128.         self::assertSame(1, $byCategory['spam']);
    129. 

  129.     }
    130. 

  130. 

  131.     private function seedReport(string $ip, string $categorySlug, int $reporterId): void
    132. 

  132.     {
    133. 

  133.         $catId = (int) $this->db->fetchOne('SELECT id FROM categories WHERE slug = :s', ['s' => $categorySlug]);
    134. 

  134.         $ipObj = IpAddress::fromString($ip);
    135. 

  135.         $stmt = $this->db->prepare(
    136. 

  136.             'INSERT INTO reports (ip_bin, ip_text, category_id, reporter_id, weight_at_report, received_at, metadata_json) '
    137. 

  137.             . 'VALUES (:b, :t, :c, :r, :w, :now, NULL)'
    138. 

  138.         );
    139. 

  139.         $stmt->bindValue('b', $ipObj->binary(), ParameterType::LARGE_OBJECT);
    140. 

  140.         $stmt->bindValue('t', $ipObj->text());
    141. 

  141.         $stmt->bindValue('c', $catId, ParameterType::INTEGER);
    142. 

  142.         $stmt->bindValue('r', $reporterId, ParameterType::INTEGER);
    143. 

  143.         $stmt->bindValue('w', '1.00');
    144. 

  144.         $stmt->bindValue('now', (new \DateTimeImmutable('now'))->format('Y-m-d H:i:s'));
    145. 

  145.         $stmt->executeStatement();
    146. 

  146.     }
    147. 

  147. }
    148.