From 587906e8b0b646c45a30c89e4b72cd1f1e808fd1 Mon Sep 17 00:00:00 2001 From: simon-id Date: Mon, 6 Jan 2025 09:32:19 +0100 Subject: [PATCH] use ASM_DATA instead of ASM_DD for blacklists (#3748) --- ...est_automated_user_and_session_tracking.py | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/tests/appsec/test_automated_user_and_session_tracking.py b/tests/appsec/test_automated_user_and_session_tracking.py index fe9a27ab3c..e2b5eb4450 100644 --- a/tests/appsec/test_automated_user_and_session_tracking.py +++ b/tests/appsec/test_automated_user_and_session_tracking.py @@ -98,6 +98,12 @@ def test_user_tracking_sdk_overwrite(self): "on_match": ["block"], } ], + }, +) + +BLOCK_USER_DATA = ( + "datadog/2/ASM_DATA/blocked_users/config", + { "rules_data": [ { "id": "blocked_users", @@ -120,6 +126,7 @@ def setup_user_blocking_auto(self): self.r_login = weblog.post("/login?auth=local", data=login_data(context, USER, PASSWORD)) self.config_state_2 = rc.rc_state.set_config(*BLOCK_USER).apply() + self.config_state_3 = rc.rc_state.set_config(*BLOCK_USER_DATA).apply() self.r_home_blocked = weblog.get( "/", cookies=self.r_login.cookies, @@ -130,6 +137,7 @@ def test_user_blocking_auto(self): assert self.r_login.status_code == 200 assert self.config_state_2[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED + assert self.config_state_3[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED interfaces.library.assert_waf_attack(self.r_home_blocked, rule="block-users") assert self.r_home_blocked.status_code == 403 @@ -138,6 +146,7 @@ def setup_user_blocking_sdk(self): self.config_state_1 = rc.rc_state.set_config(*CONFIG_ENABLED).apply() self.config_state_2 = rc.rc_state.set_config(*BLOCK_USER).apply() + self.config_state_3 = rc.rc_state.set_config(*BLOCK_USER_DATA).apply() self.r_login = weblog.post("/login?auth=local", data=login_data(context, UUID_USER, PASSWORD)) self.r_login_blocked = weblog.post( "/login?auth=local&sdk_event=success&sdk_user=sdkUser", data=login_data(context, UUID_USER, PASSWORD) @@ -146,6 +155,7 @@ def setup_user_blocking_sdk(self): def test_user_blocking_sdk(self): assert self.config_state_1[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED assert self.config_state_2[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED + assert self.config_state_3[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED assert self.r_login.status_code == 200 @@ -173,6 +183,12 @@ def test_user_blocking_sdk(self): "on_match": ["block"], } ], + }, +) + +BLOCK_SESSION_DATA = ( + "datadog/2/ASM_DATA/blocked_sessions/config", + { "rules_data": [ {"id": "blocked_sessions", "type": "data_with_expiration", "data": []}, ], @@ -191,8 +207,9 @@ def setup_session_blocking(self): self.r_create_session = weblog.get("/session/new") self.session_id = self.r_create_session.text - BLOCK_SESSION[1]["rules_data"][0]["data"].append({"value": self.session_id, "expiration": 0}) + BLOCK_SESSION_DATA[1]["rules_data"][0]["data"].append({"value": self.session_id, "expiration": 0}) self.config_state_2 = rc.rc_state.set_config(*BLOCK_SESSION).apply() + self.config_state_3 = rc.rc_state.set_config(*BLOCK_SESSION_DATA).apply() self.r_home_blocked = weblog.get( "/", cookies=self.r_create_session.cookies, @@ -203,5 +220,6 @@ def test_session_blocking(self): assert self.r_create_session.status_code == 200 assert self.config_state_2[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED + assert self.config_state_3[rc.RC_STATE] == rc.ApplyState.ACKNOWLEDGED interfaces.library.assert_waf_attack(self.r_home_blocked, pattern=self.session_id, rule="block-sessions") assert self.r_home_blocked.status_code == 403