ut

Author: sezen-datadog

dd-java-agent/appsec/src/test/groovy/com/datadog/appsec/gateway/AppSecRequestContextSpecification.groovy

@@ -303,4 +303,17 @@ class AppSecRequestContextSpecification extends DDSpecification {
     ctx.getRaspError(AppSecRequestContext.DD_WAF_RUN_INVALID_ARGUMENT_ERROR) == 0
     ctx.getRaspError(0) == 0
   }
+
+  def "test increase and get WafErrors"() {
+    when:
+    ctx.increaseWafErrorCode(-3)
+    ctx.increaseWafErrorCode(-3)
+    ctx.increaseWafErrorCode(-2)
+
+    then:
+    ctx.getWafError(-3) == 2
+    ctx.getWafError(-2) == 1
+    ctx.getWafError(-1) == 0
+    ctx.getWafError(0) == 0
+  }
 }

internal-api/src/test/groovy/datadog/trace/api/telemetry/WafMetricCollectorTest.groovy

@@ -36,7 +36,9 @@ class WafMetricCollectorTest extends DDSpecification {
     WafMetricCollector.get().raspRuleEval(RuleType.SQL_INJECTION)
     WafMetricCollector.get().raspTimeout(RuleType.SQL_INJECTION)
     WafMetricCollector.get().raspErrorCode(RuleType.SHELL_INJECTION, DD_WAF_RUN_INTERNAL_ERROR)
+    WafMetricCollector.get().wafErrorCode(RuleType.SHELL_INJECTION, DD_WAF_RUN_INTERNAL_ERROR)
     WafMetricCollector.get().raspErrorCode(RuleType.SQL_INJECTION, DD_WAF_RUN_INVALID_OBJECT_ERROR)
+    WafMetricCollector.get().wafErrorCode(RuleType.SQL_INJECTION, DD_WAF_RUN_INVALID_OBJECT_ERROR)
 
     WafMetricCollector.get().prepareMetrics()
 
@@ -150,7 +152,20 @@ class WafMetricCollectorTest extends DDSpecification {
       'waf_error:' + DD_WAF_RUN_INTERNAL_ERROR
     ].toSet()
 
-    def raspInvalidObjectCode = (WafMetricCollector.RaspError)metrics[11]
+    def wafInvalidCode = (WafMetricCollector.WafError)metrics[11]
+    wafInvalidCode.type == 'count'
+    wafInvalidCode.value == 1
+    wafInvalidCode.namespace == 'appsec'
+    wafInvalidCode.metricName == 'waf.error'
+    wafInvalidCode.tags.toSet() == [
+      'waf_version:waf_ver1',
+      'rule_type:command_injection',
+      'rule_variant:shell',
+      'event_rules_version:rules.3',
+      'waf_error:' +DD_WAF_RUN_INTERNAL_ERROR
+    ].toSet()
+
+    def raspInvalidObjectCode = (WafMetricCollector.RaspError)metrics[12]
     raspInvalidObjectCode.type == 'count'
     raspInvalidObjectCode.value == 1
     raspInvalidObjectCode.namespace == 'appsec'
@@ -161,6 +176,15 @@ class WafMetricCollectorTest extends DDSpecification {
       'waf_error:' + DD_WAF_RUN_INVALID_OBJECT_ERROR
     ]
     .toSet()
+
+    def wafInvalidObjectCode = (WafMetricCollector.WafError)metrics[13]
+    wafInvalidObjectCode.type == 'count'
+    wafInvalidObjectCode.value == 1
+    wafInvalidObjectCode.namespace == 'appsec'
+    wafInvalidObjectCode.metricName == 'waf.error'
+    wafInvalidObjectCode.tags.toSet() == ['rule_type:sql_injection', 'waf_version:waf_ver1',
+                                          'waf_error:'+DD_WAF_RUN_INVALID_OBJECT_ERROR].toSet()
+
   }
 
   def "overflowing WafMetricCollector does not crash"() {
@@ -335,6 +359,7 @@ class WafMetricCollectorTest extends DDSpecification {
     WafMetricCollector.get().raspRuleEval(ruleType)
     WafMetricCollector.get().raspTimeout(ruleType)
     WafMetricCollector.get().raspErrorCode(ruleType, DD_WAF_RUN_INTERNAL_ERROR)
+    WafMetricCollector.get().wafErrorCode(ruleType, DD_WAF_RUN_INTERNAL_ERROR)
     WafMetricCollector.get().prepareMetrics()
 
     then:
@@ -389,6 +414,19 @@ class WafMetricCollectorTest extends DDSpecification {
       'waf_error:' + DD_WAF_RUN_INTERNAL_ERROR
     ].toSet()
 
+    def wafInvalidCode = (WafMetricCollector.WafError)metrics[5]
+    wafInvalidCode.type == 'count'
+    wafInvalidCode.value == 1
+    wafInvalidCode.namespace == 'appsec'
+    wafInvalidCode.metricName == 'waf.error'
+    wafInvalidCode.tags.toSet() == [
+      'waf_version:waf_ver1',
+      'rule_type:command_injection',
+      'rule_variant:' + ruleType.variant,
+      'event_rules_version:rules.1',
+      'waf_error:-3'
+    ].toSet()
+
     where:
     ruleType << [RuleType.COMMAND_INJECTION, RuleType.SHELL_INJECTION]
   }