Move test rules to separate files

To improve the readability of the tests.

Signed-off-by: Simon Rüegg <simon@rueggs.ch>

pkg/rules/rules_test.go

@@ -1,38 +1,32 @@
 package rules
 
 import (
+	"io/ioutil"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"github.com/vshn/waf-tool/pkg/model"
 )
 
 const (
-	ruleID = 10101010
+	ruleID   = 10101010
+	testdata = "testdata/"
 )
 
 var ruleTests = []struct {
 	testName string
 	alerts   []model.ModsecAlert
-	rule     string
+	ruleFile string
 }{
 	{
 		"Some path",
 		[]model.ModsecAlert{{URI: "/some/path", ID: 10}},
-		`
-SecRule REQUEST_URI "@strmatch /some/path" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveById=10"
-`,
+		"rule1.conf",
 	},
 	{
 		"Root path",
 		[]model.ModsecAlert{{URI: "/", ID: 9010}},
-		`
-SecRule REQUEST_URI "@strmatch /" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveById=9010"
-`,
+		"rule2.conf",
 	},
 	{
 		"Combine multiple alerts by path",
@@ -42,17 +36,7 @@ SecRule REQUEST_URI "@strmatch /" \
 			{URI: "/path", ID: 9012},
 			{URI: "/path", ID: 942430, Description: `ModSecurity: Warning. Pattern match "((?:[~!@#\\$%\\^&\\*\\(\\)\\-\\+=\\{\\}\\[\\]\\|:;\"'\xc2\xb4\xe2\x80\x99\xe2\x80\x98<>][^~!@#\\$%\\^&\\*\\(\\)\\-\\+=\\{\\}\\[\\]\\|:;\"'\xc2\xb4\xe2\x80\x99\xe2\x80\x98<>]*?){6})" at ARGS:variables.`},
 		},
-		`
-# Path /path
-# This is the default template
-# Some other template
-SecRule REQUEST_URI "@strmatch /path" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveById=9010,\
-  ctl:ruleRemoveById=9011,\
-  ctl:ruleRemoveById=9012,\
-  ctl:ruleRemoveTargetById=942430;ARGS:variables"
-`,
+		"rule3.conf",
 	},
 	{
 		"Multiple paths",
@@ -62,51 +46,22 @@ SecRule REQUEST_URI "@strmatch /path" \
 			{URI: "/path/three", ID: 9012},
 			{URI: "/some/path", ID: 942430, Description: "ModSecurity: Warning. Pattern match W{4} at ARGS:query.", RuleTemplate: "# ModSec Rule Exclusion: 942430 : Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12) (severity:  WARNING) PL2"},
 		},
-		`
-# This is the default template
-SecRule REQUEST_URI "@strmatch /path/one" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveById=9010"
-
-SecRule REQUEST_URI "@strmatch /path/three" \
-  "phase:2,nolog,id:10101011,\
-  ctl:ruleRemoveById=9012"
-
-# Some other template
-SecRule REQUEST_URI "@strmatch /path/two" \
-  "phase:2,nolog,id:10101012,\
-  ctl:ruleRemoveById=9011"
-
-# ModSec Rule Exclusion: 942430 : Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12) (severity:  WARNING) PL2
-SecRule REQUEST_URI "@strmatch /some/path" \
-  "phase:2,nolog,id:10101013,\
-  ctl:ruleRemoveTargetById=942430;ARGS:query"
-`,
+		"rule4.conf",
 	},
 	{
 		"With parameter",
 		[]model.ModsecAlert{
 			{URI: "/some/path", ID: 942430, Description: "ModSecurity: Warning. Pattern match W{4} at ARGS:query."},
 			{URI: "/some/path", ID: 942431, Description: `ModSecurity: Warning. Pattern match "((?:[~!@#\\$%\\^&\\*\\(\\)\\-\\+=\\{\\}\\[\\]\\|:;\"'\xc2\xb4\xe2\x80\x99\xe2\x80\x98<>][^~!@#\\$%\\^&\\*\\(\\)\\-\\+=\\{\\}\\[\\]\\|:;\"'\xc2\xb4\xe2\x80\x99\xe2\x80\x98<>]*?){6})" at ARGS:identificationRedirectURL.`},
 		},
-		`
-# Path /some/path
-SecRule REQUEST_URI "@strmatch /some/path" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveTargetById=942430;ARGS:query,\
-  ctl:ruleRemoveTargetById=942431;ARGS:identificationRedirectURL"
-`,
+		"rule5.conf",
 	},
 	{
 		"Non matched parameter",
 		[]model.ModsecAlert{
 			{URI: "/", ID: 921180, Description: `ModSecurity: Warning. Pattern match "TX:paramcounter_(.*)" at TX:paramcounter_ARGS_NAMES:prospectSingle.contactMethods.contactMethods.value.`},
 		},
-		`
-SecRule REQUEST_URI "@strmatch /" \
-  "phase:2,nolog,id:10101010,\
-  ctl:ruleRemoveById=921180"
-`,
+		"rule6.conf",
 	},
 }
 
@@ -115,7 +70,10 @@ func TestCreateByIDExclusion(t *testing.T) {
 		t.Run(test.testName, func(t *testing.T) {
 			rule, err := CreateByIDExclusion(test.alerts, ruleID)
 			assert.NoError(t, err)
-			assert.Equal(t, test.rule, rule)
+			ruleBytes, err := ioutil.ReadFile(testdata + test.ruleFile)
+			assert.NoError(t, err)
+			ruleString := string(ruleBytes)
+			assert.Equal(t, ruleString, rule)
 		})
 	}
 }

pkg/rules/testdata/rule1.conf

@@ -0,0 +1,4 @@
+
+SecRule REQUEST_URI "@strmatch /some/path" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveById=10"

pkg/rules/testdata/rule2.conf

@@ -0,0 +1,4 @@
+
+SecRule REQUEST_URI "@strmatch /" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveById=9010"

pkg/rules/testdata/rule3.conf

@@ -0,0 +1,10 @@
+
+# Path /path
+# This is the default template
+# Some other template
+SecRule REQUEST_URI "@strmatch /path" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveById=9010,\
+  ctl:ruleRemoveById=9011,\
+  ctl:ruleRemoveById=9012,\
+  ctl:ruleRemoveTargetById=942430;ARGS:variables"

pkg/rules/testdata/rule4.conf

@@ -0,0 +1,19 @@
+
+# This is the default template
+SecRule REQUEST_URI "@strmatch /path/one" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveById=9010"
+
+SecRule REQUEST_URI "@strmatch /path/three" \
+  "phase:2,nolog,id:10101011,\
+  ctl:ruleRemoveById=9012"
+
+# Some other template
+SecRule REQUEST_URI "@strmatch /path/two" \
+  "phase:2,nolog,id:10101012,\
+  ctl:ruleRemoveById=9011"
+
+# ModSec Rule Exclusion: 942430 : Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12) (severity:  WARNING) PL2
+SecRule REQUEST_URI "@strmatch /some/path" \
+  "phase:2,nolog,id:10101013,\
+  ctl:ruleRemoveTargetById=942430;ARGS:query"

pkg/rules/testdata/rule5.conf

@@ -0,0 +1,6 @@
+
+# Path /some/path
+SecRule REQUEST_URI "@strmatch /some/path" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveTargetById=942430;ARGS:query,\
+  ctl:ruleRemoveTargetById=942431;ARGS:identificationRedirectURL"

pkg/rules/testdata/rule6.conf

@@ -0,0 +1,4 @@
+
+SecRule REQUEST_URI "@strmatch /" \
+  "phase:2,nolog,id:10101010,\
+  ctl:ruleRemoveById=921180"