mirror of
https://github.com/jokob-sk/NetAlertX.git
synced 2026-04-03 00:31:35 -07:00
Refactor event and session column names to camelCase
- Updated test cases to reflect new column names (eve_MAC -> eveMac, eve_DateTime -> eveDateTime, etc.) across various test files. - Modified SQL table definitions in the database cleanup and migration tests to use camelCase naming conventions. - Implemented migration tests to ensure legacy column names are correctly renamed to camelCase equivalents. - Ensured that existing data is preserved during the migration process and that views referencing old column names are dropped before renaming. - Verified that the migration function is idempotent, allowing for safe re-execution without data loss.
This commit is contained in:
Jokob @NetAlertX
@@ -20,10 +20,10 @@ class SafeConditionBuilder:
|
||||
|
||||
# Whitelist of allowed column names for filtering
|
||||
ALLOWED_COLUMNS = {
|
||||
"eve_MAC",
|
||||
"eve_DateTime",
|
||||
"eve_IP",
|
||||
"eve_EventType",
|
||||
"eveMac",
|
||||
"eveDateTime",
|
||||
"eveIp",
|
||||
"eveEventType",
|
||||
"devName",
|
||||
"devComments",
|
||||
"devLastIP",
|
||||
@@ -34,15 +34,15 @@ class SafeConditionBuilder:
|
||||
"devPresentLastScan",
|
||||
"devFavorite",
|
||||
"devIsNew",
|
||||
"Plugin",
|
||||
"Object_PrimaryId",
|
||||
"Object_SecondaryId",
|
||||
"DateTimeChanged",
|
||||
"Watched_Value1",
|
||||
"Watched_Value2",
|
||||
"Watched_Value3",
|
||||
"Watched_Value4",
|
||||
"Status",
|
||||
"plugin",
|
||||
"objectPrimaryId",
|
||||
"objectSecondaryId",
|
||||
"dateTimeChanged",
|
||||
"watchedValue1",
|
||||
"watchedValue2",
|
||||
"watchedValue3",
|
||||
"watchedValue4",
|
||||
"status",
|
||||
}
|
||||
|
||||
# Whitelist of allowed comparison operators
|
||||
@@ -403,7 +403,7 @@ class SafeConditionBuilder:
|
||||
This method handles basic patterns like:
|
||||
- devName = 'value' (with optional AND/OR prefix)
|
||||
- devComments LIKE '%value%'
|
||||
- eve_EventType IN ('type1', 'type2')
|
||||
- eveEventType IN ('type1', 'type2')
|
||||
|
||||
Args:
|
||||
condition: Single condition string to parse
|
||||
@@ -633,7 +633,7 @@ class SafeConditionBuilder:
|
||||
self.parameters[param_name] = event_type
|
||||
param_names.append(f":{param_name}")
|
||||
|
||||
sql_snippet = f"AND eve_EventType IN ({', '.join(param_names)})"
|
||||
sql_snippet = f"AND eveEventType IN ({', '.join(param_names)})"
|
||||
return sql_snippet, self.parameters
|
||||
|
||||
def get_safe_condition_legacy(
|
||||
|
||||
@@ -174,7 +174,7 @@ def test_compound_with_like_patterns(builder):
|
||||
|
||||
def test_compound_with_inequality_operators(builder):
|
||||
"""Test compound conditions with various inequality operators."""
|
||||
condition = "AND eve_DateTime > '2024-01-01' AND eve_DateTime < '2024-12-31'"
|
||||
condition = "AND eveDateTime > '2024-01-01' AND eveDateTime < '2024-12-31'"
|
||||
|
||||
sql, params = builder.build_safe_condition(condition)
|
||||
|
||||
|
||||
@@ -32,25 +32,25 @@ def _make_json(section, devices, column_names, title="Test Section"):
|
||||
SAMPLE_NEW_DEVICES = [
|
||||
{
|
||||
"devName": "MyPhone",
|
||||
"eve_MAC": "aa:bb:cc:dd:ee:ff",
|
||||
"eveMac": "aa:bb:cc:dd:ee:ff",
|
||||
"devVendor": "",
|
||||
"eve_IP": "192.168.1.42",
|
||||
"eve_DateTime": "2025-01-15 10:30:00",
|
||||
"eve_EventType": "New Device",
|
||||
"eveIp": "192.168.1.42",
|
||||
"eveDateTime": "2025-01-15 10:30:00",
|
||||
"eveEventType": "New Device",
|
||||
"devComments": "",
|
||||
},
|
||||
{
|
||||
"devName": "Laptop",
|
||||
"eve_MAC": "11:22:33:44:55:66",
|
||||
"eveMac": "11:22:33:44:55:66",
|
||||
"devVendor": "Dell",
|
||||
"eve_IP": "192.168.1.99",
|
||||
"eve_DateTime": "2025-01-15 11:00:00",
|
||||
"eve_EventType": "New Device",
|
||||
"eveIp": "192.168.1.99",
|
||||
"eveDateTime": "2025-01-15 11:00:00",
|
||||
"eveEventType": "New Device",
|
||||
"devComments": "Office",
|
||||
},
|
||||
]
|
||||
|
||||
NEW_DEVICE_COLUMNS = ["devName", "eve_MAC", "devVendor", "eve_IP", "eve_DateTime", "eve_EventType", "devComments"]
|
||||
NEW_DEVICE_COLUMNS = ["devName", "eveMac", "devVendor", "eveIp", "eveDateTime", "eveEventType", "devComments"]
|
||||
|
||||
|
||||
class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
@@ -100,7 +100,7 @@ class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
self.assertIn("---------", text)
|
||||
|
||||
# Legacy format: each header appears as "Header: \tValue"
|
||||
self.assertIn("eve_MAC:", text)
|
||||
self.assertIn("eveMac:", text)
|
||||
self.assertIn("aa:bb:cc:dd:ee:ff", text)
|
||||
self.assertIn("devName:", text)
|
||||
self.assertIn("MyPhone", text)
|
||||
@@ -117,7 +117,7 @@ class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
|
||||
mock_setting.side_effect = self._setting_factory({
|
||||
"NTFPRCS_TEXT_SECTION_HEADERS": True,
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({eve_MAC}) - {eve_IP}",
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({eveMac}) - {eveIp}",
|
||||
})
|
||||
|
||||
json_data = _make_json(
|
||||
@@ -157,7 +157,7 @@ class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
|
||||
mock_setting.side_effect = self._setting_factory({
|
||||
"NTFPRCS_TEXT_SECTION_HEADERS": False,
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({eve_MAC})",
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({eveMac})",
|
||||
})
|
||||
|
||||
json_data = _make_json(
|
||||
@@ -198,7 +198,7 @@ class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
|
||||
mock_setting.side_effect = self._setting_factory({
|
||||
"NTFPRCS_TEXT_SECTION_HEADERS": True,
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({BadField}) - {eve_IP}",
|
||||
"NTFPRCS_TEXT_TEMPLATE_new_devices": "{devName} ({BadField}) - {eveIp}",
|
||||
})
|
||||
|
||||
json_data = _make_json(
|
||||
@@ -217,21 +217,21 @@ class TestConstructNotificationsTemplates(unittest.TestCase):
|
||||
|
||||
mock_setting.side_effect = self._setting_factory({
|
||||
"NTFPRCS_TEXT_SECTION_HEADERS": True,
|
||||
"NTFPRCS_TEXT_TEMPLATE_down_devices": "{devName} ({eve_MAC}) down since {eve_DateTime}",
|
||||
"NTFPRCS_TEXT_TEMPLATE_down_devices": "{devName} ({eveMac}) down since {eveDateTime}",
|
||||
})
|
||||
|
||||
down_devices = [
|
||||
{
|
||||
"devName": "Router",
|
||||
"eve_MAC": "ff:ee:dd:cc:bb:aa",
|
||||
"eveMac": "ff:ee:dd:cc:bb:aa",
|
||||
"devVendor": "Cisco",
|
||||
"eve_IP": "10.0.0.1",
|
||||
"eve_DateTime": "2025-01-15 08:00:00",
|
||||
"eve_EventType": "Device Down",
|
||||
"eveIp": "10.0.0.1",
|
||||
"eveDateTime": "2025-01-15 08:00:00",
|
||||
"eveEventType": "Device Down",
|
||||
"devComments": "",
|
||||
}
|
||||
]
|
||||
columns = ["devName", "eve_MAC", "devVendor", "eve_IP", "eve_DateTime", "eve_EventType", "devComments"]
|
||||
columns = ["devName", "eveMac", "devVendor", "eveIp", "eveDateTime", "eveEventType", "devComments"]
|
||||
|
||||
json_data = _make_json("down_devices", down_devices, columns, "🔴 Down devices")
|
||||
_, text = construct_notifications(json_data, "down_devices")
|
||||
|
||||
@@ -15,7 +15,7 @@ sys.modules['logger'] = Mock()
|
||||
class SafeConditionBuilderForTesting:
|
||||
"""Minimal SafeConditionBuilder implementation for tests."""
|
||||
|
||||
ALLOWED_COLUMNS = {'devName', 'eve_MAC', 'eve_EventType'}
|
||||
ALLOWED_COLUMNS = {'devName', 'eveMac', 'eveEventType'}
|
||||
ALLOWED_OPERATORS = {'=', '!=', '<', '>', '<=', '>=', 'LIKE', 'NOT LIKE'}
|
||||
ALLOWED_LOGICAL_OPERATORS = {'AND', 'OR'}
|
||||
|
||||
|
||||
@@ -174,13 +174,13 @@ def test_null_byte_injection(builder):
|
||||
def test_build_condition_with_allowed_values(builder):
|
||||
"""Test building condition with specific allowed values."""
|
||||
conditions = [
|
||||
{"column": "eve_EventType", "operator": "=", "value": "Connected"},
|
||||
{"column": "eveEventType", "operator": "=", "value": "Connected"},
|
||||
{"column": "devName", "operator": "LIKE", "value": "%test%"}
|
||||
]
|
||||
condition, params = builder.build_condition(conditions, "AND")
|
||||
|
||||
# Should create valid parameterized condition
|
||||
assert "eve_EventType = :" in condition
|
||||
assert "eveEventType = :" in condition
|
||||
assert "devName LIKE :" in condition
|
||||
assert len(params) == 2
|
||||
|
||||
|
||||
@@ -58,9 +58,9 @@ class TestSafeConditionBuilder(unittest.TestCase):
|
||||
def test_validate_column_name(self):
|
||||
"""Test column name validation against whitelist."""
|
||||
# Valid columns
|
||||
self.assertTrue(self.builder._validate_column_name('eve_MAC'))
|
||||
self.assertTrue(self.builder._validate_column_name('eveMac'))
|
||||
self.assertTrue(self.builder._validate_column_name('devName'))
|
||||
self.assertTrue(self.builder._validate_column_name('eve_EventType'))
|
||||
self.assertTrue(self.builder._validate_column_name('eveEventType'))
|
||||
|
||||
# Invalid columns
|
||||
self.assertFalse(self.builder._validate_column_name('malicious_column'))
|
||||
@@ -103,9 +103,9 @@ class TestSafeConditionBuilder(unittest.TestCase):
|
||||
|
||||
def test_build_in_condition_valid(self):
|
||||
"""Test building valid IN conditions."""
|
||||
sql, params = self.builder._build_in_condition('AND', 'eve_EventType', 'IN', "'Connected', 'Disconnected'")
|
||||
sql, params = self.builder._build_in_condition('AND', 'eveEventType', 'IN', "'Connected', 'Disconnected'")
|
||||
|
||||
self.assertIn('AND eve_EventType IN', sql)
|
||||
self.assertIn('AND eveEventType IN', sql)
|
||||
self.assertEqual(len(params), 2)
|
||||
self.assertIn('Connected', params.values())
|
||||
self.assertIn('Disconnected', params.values())
|
||||
@@ -162,7 +162,7 @@ class TestSafeConditionBuilder(unittest.TestCase):
|
||||
event_types = ['Connected', 'Disconnected']
|
||||
sql, params = self.builder.build_event_type_filter(event_types)
|
||||
|
||||
self.assertIn('AND eve_EventType IN', sql)
|
||||
self.assertIn('AND eveEventType IN', sql)
|
||||
self.assertEqual(len(params), 2)
|
||||
self.assertIn('Connected', params.values())
|
||||
self.assertIn('Disconnected', params.values())
|
||||
@@ -354,9 +354,9 @@ class TestSecurityBenchmarks(unittest.TestCase):
|
||||
"""Test coverage of condition patterns."""
|
||||
patterns_tested = [
|
||||
"AND devName = 'value'",
|
||||
"OR eve_EventType LIKE '%test%'",
|
||||
"OR eveEventType LIKE '%test%'",
|
||||
"AND devComments IS NULL",
|
||||
"AND eve_EventType IN ('Connected', 'Disconnected')",
|
||||
"AND eveEventType IN ('Connected', 'Disconnected')",
|
||||
]
|
||||
|
||||
for pattern in patterns_tested:
|
||||
|
||||
Reference in New Issue
Block a user