def test_match_route_inbound(monkeypatch):
filters = RuleEntryFactory.build_batch(2)
filters[1].expression_snapshot['rules'][0]['expression']['values'] = [
'/put'
]
route = RouteFactory(rule_entries_list=filters)
monkeypatch.setattr('satellite.vault.route_matcher.route_manager',
Mock(get_all_by_type=Mock(return_value=[route])))
emit_audit_log = Mock()
monkeypatch.setattr(
'satellite.vault.route_matcher.audit_logs.emit',
emit_audit_log,
)
flow = load_flow('http_raw')
matched_route, matched_filters = match_route(
proxy_mode=ProxyMode.REVERSE,
phase=Phase.REQUEST,
flow=flow,
)
assert matched_route is route
assert matched_filters == [filters[0]]
emit_audit_log.assert_called_once_with(
audit_logs.RuleChainEvaluationLogRecord(
flow_id=flow.id,
matched=True,
phase=Phase.REQUEST,
proxy_mode=ProxyMode.REVERSE,
route_id=route.id,
))
def _process(self, flow: HTTPFlow, phase: Phase):
route, filters = match_route(
proxy_mode=ctx.get_proxy_context().mode,
phase=phase,
flow=flow,
)
if not route:
return
match_details = {'filters': [], 'route_id': route.id}
matched_filters = match_details['filters']
for fltr in filters:
if fltr.has_operations:
pipeline = build_pipeline(fltr)
pipeline.evaluate(flow, phase)
operation_applied = True
else:
operation_applied = transform(flow, phase, fltr)
matched_filters.append({
'id': fltr.id,
'operation_applied': operation_applied,
})
phase_obj = getattr(flow, phase.value.lower())
phase_obj.match_details = match_details
def test_match_route_no_match(monkeypatch):
monkeypatch.setattr('satellite.vault.route_matcher.route_manager',
Mock(get_all_by_type=Mock(return_value=[])))
emit_audit_log = Mock()
monkeypatch.setattr(
'satellite.vault.route_matcher.audit_logs.emit',
emit_audit_log,
)
flow = load_flow('http_raw')
matched_route, matched_filters = match_route(
proxy_mode=ProxyMode.REVERSE,
phase=Phase.REQUEST,
flow=flow,
)
assert matched_route is None
assert matched_filters == []
emit_audit_log.assert_not_called()
def _process(self, flow: HTTPFlow, phase: Phase,
content: bytes) -> Tuple[str, dict]:
route, route_filters = match_route(
proxy_mode=ctx.get_proxy_context().mode,
phase=phase,
flow=flow,
)
if not route_filters:
return content, None
with ctx.use_context(ctx.FlowContext(
flow=flow,
phase=phase)), ctx.use_context(ctx.RouteContext(route=route)):
# TODO: Encapsulate flow transformation somewere else
content, ops_applications = transform_body(route_filters, content)
matched_filters = [{
'id': rule.id,
'operation_applied': op_applied
} for rule, op_applied in zip(route_filters, ops_applications)]
return content, {'route_id': route.id, 'filters': matched_filters}
def test_match_route_outbound(monkeypatch):
filters = RuleEntryFactory.build_batch(2)
filters[1].expression_snapshot['rules'][0]['expression']['values'] = [
'/put'
]
route1 = RouteFactory(rule_entries_list=filters)
route2 = RouteFactory(rule_entries_list=[RuleEntryFactory()])
route2.host_endpoint = 'https://unknown-upstream.io'
monkeypatch.setattr(
'satellite.vault.route_matcher.route_manager',
Mock(get_all_by_type=Mock(return_value=[route1, route2])))
flow = load_flow('http_raw')
matched_route, matched_filters = match_route(
proxy_mode=ProxyMode.FORWARD,
phase=Phase.REQUEST,
flow=flow,
)
assert matched_route is route1
assert matched_filters == [filters[0]]