dohertj2/ScadaBridge
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
6ae0fea558bb905b27e733c2a2fc6d1a8e67dea7
ScadaBridge/tests/ScadaLink.TemplateEngine.Tests/LockEnforcerTests.cs
T
Joseph Doherty 819f1b4665 fix(validation): close Theme 3 — 11 input-validation / unbounded-input findings 
Each finding is a focused validation guard or upper bound at a trust boundary.
Highlights:
- Commons-015: EncryptionMetadata ctor now validates Algorithm (AES-256-GCM
  only), Kdf (PBKDF2-SHA256 only), Iterations ([100k, 10M]), non-null Salt/IV.
- Transport-004: new BundleUnlockRateLimiter (sliding-window, per-key,
  singleton) wired into BundleImporter.LoadAsync; over-budget callers see
  BundleUnlockRateLimitedException. Per-bundle 3-strike + per-window cap.
- ESG-022: ExternalSystemClient.InvokeHttpAsync allow-lists the documented
  GET/POST/PUT/PATCH/DELETE set (case-insensitive); unknown verbs throw.
- SEL-015: SiteEventLogger queue now bounded (10k cap, DropOldest); dropped
  events fault their Task and increment FailedWriteCount so the drop is
  observable instead of an unbounded memory growth.
- SEL-017: EventLogQueryService clamps caller-supplied PageSize to a new
  MaxQueryPageSize cap (default 500) so int.MaxValue can't OOM the host.
- SEL-020: LogEventAsync rejects severities outside {Info, Warning, Error}
  (matches SQLite BINARY-collation query filter).
- InboundAPI-020: ContentType "json" check now case-insensitive
  (application/JSON no longer slips through as not-json).
- InboundAPI-024: _knownBadMethods capped at 1000 entries (drops new entries
  once full); per-request DB lookup remains the correctness path.
- SR-025: HandleSetStaticAttribute validates the attribute name against the
  deployed config; unknown names now return Success=false instead of
  leaking orphan override rows into the SQLite store.
- TE-021: MoveTemplateAsync runs the sibling-name-collision check at the
  destination, mirroring TemplateFolderService.MoveFolderAsync.
- TE-022: LockEnforcer's once-locked-stays-locked rule now also covers
  LockedInDerived (was previously only IsLocked).

New regression tests across 8 test projects (EncryptionMetadata, rate
limiter, ESG client allow-list, SEL bounded channel / PageSize clamp /
severity validation, InboundAPI ContentType + bad-methods cap, SiteRT
unknown-attribute, TemplateEngine MoveTemplate + LockedInDerived).
Build clean; affected suites all green. README regenerated: 93 open (was 104).

Note: a separate manual re-run was needed for the SiteEventLogging hunk
because its initial subagent's source edits never landed on disk despite
reporting success (file-collision-style failure mode).
2026-05-28 06:58:25 -04:00

257 lines
8.0 KiB
C#
Raw Blame History

using ScadaLink.Commons.Entities.Templates;
using ScadaLink.Commons.Types.Enums;
namespace ScadaLink.TemplateEngine.Tests;
public class LockEnforcerTests
{
// ========================================================================
// WP-8: Override Granularity
// ========================================================================
[Fact]
public void ValidateAttributeOverride_LockedAttribute_ReturnsError()
{
var original = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = true, Value = "0"
};
var proposed = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = true, Value = "100"
};
var result = LockEnforcer.ValidateAttributeOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("locked", result);
}
[Fact]
public void ValidateAttributeOverride_DataTypeChanged_ReturnsError()
{
var original = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = false
};
var proposed = new TemplateAttribute("Speed")
{
DataType = DataType.String, IsLocked = false // DataType changed!
};
var result = LockEnforcer.ValidateAttributeOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("DataType", result);
}
[Fact]
public void ValidateAttributeOverride_DataSourceReferenceChanged_ReturnsError()
{
var original = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = false, DataSourceReference = "tag1"
};
var proposed = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = false, DataSourceReference = "tag2" // Changed!
};
var result = LockEnforcer.ValidateAttributeOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("DataSourceReference", result);
}
[Fact]
public void ValidateAttributeOverride_ValueAndDescriptionChanged_ReturnsNull()
{
var original = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = false, Value = "0", Description = "old"
};
var proposed = new TemplateAttribute("Speed")
{
DataType = DataType.Float, IsLocked = false, Value = "100", Description = "new"
};
var result = LockEnforcer.ValidateAttributeOverride(original, proposed);
Assert.Null(result);
}
[Fact]
public void ValidateAlarmOverride_LockedAlarm_ReturnsError()
{
var original = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.ValueMatch, IsLocked = true, PriorityLevel = 500
};
var proposed = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.ValueMatch, IsLocked = true, PriorityLevel = 600
};
var result = LockEnforcer.ValidateAlarmOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("locked", result);
}
[Fact]
public void ValidateAlarmOverride_TriggerTypeChanged_ReturnsError()
{
var original = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.ValueMatch, IsLocked = false
};
var proposed = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.RangeViolation, IsLocked = false // Changed!
};
var result = LockEnforcer.ValidateAlarmOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("TriggerType", result);
}
[Fact]
public void ValidateAlarmOverride_OverridableFieldsChanged_ReturnsNull()
{
var original = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.ValueMatch, IsLocked = false,
PriorityLevel = 500, Description = "old"
};
var proposed = new TemplateAlarm("HighTemp")
{
TriggerType = AlarmTriggerType.ValueMatch, IsLocked = false,
PriorityLevel = 700, Description = "new", TriggerConfiguration = """{"value": 100}"""
};
var result = LockEnforcer.ValidateAlarmOverride(original, proposed);
Assert.Null(result);
}
[Fact]
public void ValidateScriptOverride_LockedScript_ReturnsError()
{
var original = new TemplateScript("OnStart", "code") { IsLocked = true };
var proposed = new TemplateScript("OnStart", "new code") { IsLocked = true };
var result = LockEnforcer.ValidateScriptOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("locked", result);
}
[Fact]
public void ValidateScriptOverride_NameChanged_ReturnsError()
{
var original = new TemplateScript("OnStart", "code") { IsLocked = false };
var proposed = new TemplateScript("OnStop", "code") { IsLocked = false }; // Name changed!
var result = LockEnforcer.ValidateScriptOverride(original, proposed);
Assert.NotNull(result);
Assert.Contains("Name", result);
}
[Fact]
public void ValidateScriptOverride_OverridableFieldsChanged_ReturnsNull()
{
var original = new TemplateScript("OnStart", "old code") { IsLocked = false };
var proposed = new TemplateScript("OnStart", "new code")
{
IsLocked = false,
TriggerType = "Timer",
MinTimeBetweenRuns = TimeSpan.FromSeconds(30)
};
var result = LockEnforcer.ValidateScriptOverride(original, proposed);
Assert.Null(result);
}
// ========================================================================
// WP-9: Locking Rules
// ========================================================================
[Fact]
public void ValidateLockChange_UnlockLocked_ReturnsError()
{
var result = LockEnforcer.ValidateLockChange(true, false, "Speed");
Assert.NotNull(result);
Assert.Contains("cannot be unlocked", result);
}
[Fact]
public void ValidateLockChange_LockUnlocked_ReturnsNull()
{
var result = LockEnforcer.ValidateLockChange(false, true, "Speed");
Assert.Null(result);
}
[Fact]
public void ValidateLockChange_KeepLocked_ReturnsNull()
{
var result = LockEnforcer.ValidateLockChange(true, true, "Speed");
Assert.Null(result);
}
[Fact]
public void ValidateLockChange_KeepUnlocked_ReturnsNull()
{
var result = LockEnforcer.ValidateLockChange(false, false, "Speed");
Assert.Null(result);
}
// ========================================================================
// TemplateEngine-022: LockedInDerived one-way ratchet
// ========================================================================
[Fact]
public void ValidateLockedInDerivedChange_ClearLocked_ReturnsError()
{
// Once a base template marks a member LockedInDerived, the flag may
// not be cleared — derived overrides previously blocked would
// otherwise become retroactively legal.
var result = LockEnforcer.ValidateLockedInDerivedChange(true, false, "Speed");
Assert.NotNull(result);
Assert.Contains("locked-in-derived", result);
Assert.Contains("cannot be cleared", result);
}
[Fact]
public void ValidateLockedInDerivedChange_LockUnlocked_ReturnsNull()
{
// Setting the flag from false→true is the normal direction.
var result = LockEnforcer.ValidateLockedInDerivedChange(false, true, "Speed");
Assert.Null(result);
}
[Fact]
public void ValidateLockedInDerivedChange_KeepLocked_ReturnsNull()
{
var result = LockEnforcer.ValidateLockedInDerivedChange(true, true, "Speed");
Assert.Null(result);
}
[Fact]
public void ValidateLockedInDerivedChange_KeepUnlocked_ReturnsNull()
{
var result = LockEnforcer.ValidateLockedInDerivedChange(false, false, "Speed");
Assert.Null(result);
}
}
Reference in New Issue View Git Blame Copy Permalink