diff options
Diffstat (limited to 'lib/policy')
| -rw-r--r-- | lib/policy/config/config_test.go | 7 | ||||
| -rw-r--r-- | lib/policy/config/testdata/bad/badregexes.yaml | 7 | ||||
| -rw-r--r-- | lib/policy/config/testdata/bad/invalid.yaml | 1 | ||||
| -rw-r--r-- | lib/policy/config/testdata/bad/nobots.yaml | 1 | ||||
| -rw-r--r-- | lib/policy/config/testdata/good/allow_everyone.yaml | 6 | ||||
| -rw-r--r-- | lib/policy/config/testdata/good/block_cf_workers.yaml | 5 | ||||
| -rw-r--r-- | lib/policy/config/testdata/good/challengemozilla.yaml | 4 | ||||
| -rw-r--r-- | lib/policy/config/testdata/good/everything_blocked.yaml | 4 | ||||
| -rw-r--r-- | lib/policy/policy.go | 6 |
9 files changed, 35 insertions, 6 deletions
diff --git a/lib/policy/config/config_test.go b/lib/policy/config/config_test.go index 0fabbb7..4176126 100644 --- a/lib/policy/config/config_test.go +++ b/lib/policy/config/config_test.go @@ -1,11 +1,12 @@ package config import ( - "encoding/json" "errors" "os" "path/filepath" "testing" + + "k8s.io/apimachinery/pkg/util/yaml" ) func p[V any](v V) *V { return &v } @@ -219,7 +220,7 @@ func TestConfigValidKnownGood(t *testing.T) { defer fin.Close() var c Config - if err := json.NewDecoder(fin).Decode(&c); err != nil { + if err := yaml.NewYAMLToJSONDecoder(fin).Decode(&c); err != nil { t.Fatalf("can't decode file: %v", err) } @@ -246,7 +247,7 @@ func TestConfigValidBad(t *testing.T) { defer fin.Close() var c Config - if err := json.NewDecoder(fin).Decode(&c); err != nil { + if err := yaml.NewYAMLToJSONDecoder(fin).Decode(&c); err != nil { t.Fatalf("can't decode file: %v", err) } diff --git a/lib/policy/config/testdata/bad/badregexes.yaml b/lib/policy/config/testdata/bad/badregexes.yaml new file mode 100644 index 0000000..3880e40 --- /dev/null +++ b/lib/policy/config/testdata/bad/badregexes.yaml @@ -0,0 +1,7 @@ +bots: +- name: path-bad + path_regex: "a(b" + action: DENY +- name: user-agent-bad + user_agent_regex: "a(b" + action: DENY
\ No newline at end of file diff --git a/lib/policy/config/testdata/bad/invalid.yaml b/lib/policy/config/testdata/bad/invalid.yaml new file mode 100644 index 0000000..18625b6 --- /dev/null +++ b/lib/policy/config/testdata/bad/invalid.yaml @@ -0,0 +1 @@ +bots: []
\ No newline at end of file diff --git a/lib/policy/config/testdata/bad/nobots.yaml b/lib/policy/config/testdata/bad/nobots.yaml new file mode 100644 index 0000000..9e26dfe --- /dev/null +++ b/lib/policy/config/testdata/bad/nobots.yaml @@ -0,0 +1 @@ +{}
\ No newline at end of file diff --git a/lib/policy/config/testdata/good/allow_everyone.yaml b/lib/policy/config/testdata/good/allow_everyone.yaml new file mode 100644 index 0000000..5c49534 --- /dev/null +++ b/lib/policy/config/testdata/good/allow_everyone.yaml @@ -0,0 +1,6 @@ +bots: +- name: everyones-invited + remote_addresses: + - "0.0.0.0/0" + - "::/0" + action: ALLOW
\ No newline at end of file diff --git a/lib/policy/config/testdata/good/block_cf_workers.yaml b/lib/policy/config/testdata/good/block_cf_workers.yaml new file mode 100644 index 0000000..c66bade --- /dev/null +++ b/lib/policy/config/testdata/good/block_cf_workers.yaml @@ -0,0 +1,5 @@ +bots: + - name: cloudflare-workers + headers_regex: + CF-Worker: .* + action: DENY
\ No newline at end of file diff --git a/lib/policy/config/testdata/good/challengemozilla.yaml b/lib/policy/config/testdata/good/challengemozilla.yaml new file mode 100644 index 0000000..15922b0 --- /dev/null +++ b/lib/policy/config/testdata/good/challengemozilla.yaml @@ -0,0 +1,4 @@ +bots: +- name: generic-browser + user_agent_regex: Mozilla + action: CHALLENGE
\ No newline at end of file diff --git a/lib/policy/config/testdata/good/everything_blocked.yaml b/lib/policy/config/testdata/good/everything_blocked.yaml new file mode 100644 index 0000000..323c596 --- /dev/null +++ b/lib/policy/config/testdata/good/everything_blocked.yaml @@ -0,0 +1,4 @@ +bots: +- name: everything + user_agent_regex: .* + action: DENY diff --git a/lib/policy/policy.go b/lib/policy/policy.go index 4451b08..2d610c8 100644 --- a/lib/policy/policy.go +++ b/lib/policy/policy.go @@ -1,7 +1,6 @@ package policy import ( - "encoding/json" "errors" "fmt" "io" @@ -11,6 +10,7 @@ import ( "github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus/promauto" "github.com/yl2chen/cidranger" + "k8s.io/apimachinery/pkg/util/yaml" "github.com/TecharoHQ/anubis/lib/policy/config" ) @@ -38,8 +38,8 @@ func NewParsedConfig(orig config.Config) *ParsedConfig { func ParseConfig(fin io.Reader, fname string, defaultDifficulty int) (*ParsedConfig, error) { var c config.Config - if err := json.NewDecoder(fin).Decode(&c); err != nil { - return nil, fmt.Errorf("can't parse policy config JSON %s: %w", fname, err) + if err := yaml.NewYAMLToJSONDecoder(fin).Decode(&c); err != nil { + return nil, fmt.Errorf("can't parse policy config YAML %s: %w", fname, err) } if err := c.Valid(); err != nil { |