From 217f0c3c1650622ca029ecbf0be5632149d65e18 Mon Sep 17 00:00:00 2001 From: Christophe Papazian <114495376+christophe-papazian@users.noreply.github.com> Date: Fri, 11 Oct 2024 14:44:45 +0200 Subject: [PATCH] test(asm): add priority test (#11005) Add priority test in the threat tests to ensure we don't mark as manual keep all traces. ## Checklist - [x] PR author has checked that all the criteria below are met - The PR description includes an overview of the change - The PR description articulates the motivation for the change - The change includes tests OR the PR description describes a testing strategy - The PR description notes risks associated with the change, if any - Newly-added code is easy to change - The change follows the [library release note guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html) - The change includes or references documentation updates if necessary - Backport labels are set (if [applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)) ## Reviewer Checklist - [x] Reviewer has checked that all the criteria below are met - Title is accurate - All changes are related to the pull request's stated goal - Avoids breaking [API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces) changes - Testing strategy adequately addresses listed risks - Newly-added code is easy to change - Release note makes sense to a user of the library - If necessary, author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment - Backport labels are set in a manner that is consistent with the [release branch maintenance policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting) --- tests/appsec/contrib_appsec/utils.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/tests/appsec/contrib_appsec/utils.py b/tests/appsec/contrib_appsec/utils.py index e1f5e31d9d..4b792cc3de 100644 --- a/tests/appsec/contrib_appsec/utils.py +++ b/tests/appsec/contrib_appsec/utils.py @@ -128,6 +128,20 @@ def test_simple_attack(self, interface: Interface, root_span, get_tag): query = dict(root_span()._get_ctx_item("http.request.query")) assert query == {"q": "1"} or query == {"q": ["1"]} + @pytest.mark.parametrize("asm_enabled", [True, False]) + @pytest.mark.parametrize( + ("user_agent", "priority"), + [("Mozilla/5.0", False), ("Arachni/v1.5.1", True), ("dd-test-scanner-log-block", True)], + ) + def test_priority(self, interface: Interface, root_span, get_tag, asm_enabled, user_agent, priority): + """Check that we only set manual keep for traces with appsec events.""" + with override_global_config(dict(_asm_enabled=asm_enabled)): + self.update_tracer(interface) + response = interface.client.get("/", headers={"User-Agent": user_agent}) + assert response.status_code == (403 if user_agent == "dd-test-scanner-log-block" and asm_enabled else 200) + span_priority = root_span()._span.context.sampling_priority + assert (span_priority == 2) if asm_enabled and priority else (span_priority < 2) + def test_querystrings(self, interface: Interface, root_span): with override_global_config(dict(_asm_enabled=True)): self.update_tracer(interface)