Skip to content

Commit 8e236ac

Browse files
authored
Merge pull request #20 from ByteInternet/add-method-for-blocking-bots
add method for blocking various attacks
2 parents 3e2ca6b + 33e4597 commit 8e236ac

2 files changed

Lines changed: 62 additions & 1 deletion

File tree

hypernode_api_python/client.py

Lines changed: 23 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616
HYPERNODE_API_APP_XGRADE_CHECK_ENDPOINT = "/v2/app/xgrade/{}/check/{}/"
1717
HYPERNODE_API_APP_XGRADE_ENDPOINT = "/v2/app/xgrade/{}/"
1818
HYPERNODE_API_BACKUPS_ENDPOINT = "/v2/app/{}/backup/"
19+
HYPERNODE_API_BLOCK_ATTACK_ENDPOINT = "/v2/app/{}/block_attack/"
1920
HYPERNODE_API_BLOCK_ATTACK_DESCRIPTION_ENDPOINT = "/v2/app/block_attack_descriptions/"
2021
HYPERNODE_API_BRANCHER_APP_ENDPOINT = "/v2/brancher/app/{}/"
2122
HYPERNODE_API_BRANCHER_ENDPOINT = "/v2/brancher/{}/"
@@ -411,7 +412,7 @@ def get_block_attack_descriptions(self):
411412
by automatically placing an NGINX snippet in /data/web/nginx if the
412413
specified block is compatible with the current NGINX configuration.
413414
Example:
414-
> client.requests("GET", "/v2/app/block_attack_descriptions/").json()
415+
> client.get_block_attack_descriptions().json()
415416
> {
416417
> 'BlockSqliBruteForce': 'Attempts to deploy NGINX rules to block suspected (blind) SQL injection attack',
417418
> ...
@@ -421,6 +422,27 @@ def get_block_attack_descriptions(self):
421422
"""
422423
return self.requests("GET", HYPERNODE_API_BLOCK_ATTACK_DESCRIPTION_ENDPOINT)
423424

425+
def block_attack(self, app_name, attack_name):
426+
"""
427+
Attempts to deploy one of the block attack rules. The list of rules can be retrieved with the
428+
get_block_attack_descriptions method. This will place an NGINX snippet to block the specified attack
429+
in /data/web/nginx. If the nginx-config-validator detects that the new config is valid, it will leave
430+
the newly placed config. Otherwise it will be removed again.
431+
432+
Example:
433+
> client.block_attack('yourhypernodeappname', 'BlockSqliBruteForce').ok
434+
> True
435+
436+
:param str app_name: The name of the Hypernode you want to deploy the block attack nginx configuration on
437+
:param str attack_name: The specific attack you want to block. See get_block_attack_descriptions for options.
438+
:return obj response: The request response object
439+
"""
440+
return self.requests(
441+
"POST",
442+
HYPERNODE_API_BLOCK_ATTACK_ENDPOINT.format(app_name),
443+
data={"attack_name": attack_name},
444+
)
445+
424446
def get_whitelist_options(self, app_name):
425447
"""
426448
Get whitelist options for app. Retrieve the options for specifying

tests/client/test_block_attack.py

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
from unittest import TestCase
2+
from unittest.mock import Mock
3+
4+
from hypernode_api_python.client import (
5+
HYPERNODE_API_BLOCK_ATTACK_ENDPOINT,
6+
HypernodeAPIPython,
7+
)
8+
9+
10+
class TestBlockAttack(TestCase):
11+
def setUp(self):
12+
self.client = HypernodeAPIPython(token="my_token")
13+
self.mock_request = Mock()
14+
self.client.requests = self.mock_request
15+
self.app_name = "my_app"
16+
17+
def test_block_attack_endpoint_is_correct(self):
18+
self.assertEqual(
19+
"/v2/app/{}/block_attack/", HYPERNODE_API_BLOCK_ATTACK_ENDPOINT
20+
)
21+
22+
def test_calls_block_attack_endpoint_correctly(self):
23+
self.client.block_attack(self.app_name, "BlockSqliBruteForce")
24+
25+
self.mock_request.assert_called_once_with(
26+
"POST",
27+
f"/v2/app/{self.app_name}/block_attack/",
28+
data={"attack_name": "BlockSqliBruteForce"},
29+
)
30+
31+
def test_returns_block_attack_data(self):
32+
response = Mock()
33+
response.status_code = 202
34+
self.mock_request.return_value = response
35+
36+
self.assertEqual(
37+
self.client.block_attack(self.app_name, "BlockSqliBruteForce"),
38+
self.mock_request.return_value,
39+
)

0 commit comments

Comments
 (0)