Skip to content

Commit

Permalink
[Security Solution] Validate ipv4/CIDR with format x.x.x.x/xx (elasti…
Browse files Browse the repository at this point in the history
  • Loading branch information
academo authored Oct 26, 2021
1 parent 73dd334 commit d7f2029
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 17 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,20 @@ export function createEmptyHostIsolationException(): CreateExceptionListItemSche
};
}

/**
* Validates that an IP is a valid ipv4 or CIDR.
* The initial regex validates the format for x.x.x.x/xx
* Then ipaddr is used for a deeper ipv4 validation
*/
export function isValidIPv4OrCIDR(maybeIp: string): boolean {
try {
ipaddr.IPv4.parseCIDR(maybeIp);
return true;
} catch (e) {
return ipaddr.IPv4.isValid(maybeIp);
const ipv4re = /^([0-9]{1,3}\.){3}[0-9]{1,3}(\/([0-9]|[1-2][0-9]|3[0-2]))?$/;
if (ipv4re.test(maybeIp)) {
try {
ipaddr.IPv4.parseCIDR(maybeIp);
return true;
} catch (e) {
return ipaddr.IPv4.isValid(maybeIp);
}
}
return false;
}
Original file line number Diff line number Diff line change
Expand Up @@ -44,27 +44,39 @@ describe('When on the host isolation exceptions add entry form', () => {
newException = createEmptyHostIsolationException();
renderResult = render(newException);
});

it('should render the form with empty inputs', () => {
expect(renderResult.getByTestId('hostIsolationExceptions-form-name-input')).toHaveValue('');
expect(renderResult.getByTestId('hostIsolationExceptions-form-ip-input')).toHaveValue('');
expect(
renderResult.getByTestId('hostIsolationExceptions-form-description-input')
).toHaveValue('');
});
it('should call onError with true when a wrong ip value is introduced', () => {
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
userEvent.type(ipInput, 'not an ip');
expect(onError).toHaveBeenCalledWith(true);
});
it('should call onError with false when a correct values are introduced', () => {
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
const nameInput = renderResult.getByTestId('hostIsolationExceptions-form-name-input');

userEvent.type(nameInput, 'test name');
userEvent.type(ipInput, '10.0.0.1');
it.each(['not an ip', '100', '900.0.0.1', 'x.x.x.x', '10.0.0'])(
'should call onError with true when a wrong ip value is introduced. Case: "%s"',
(value: string) => {
const nameInput = renderResult.getByTestId('hostIsolationExceptions-form-name-input');
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
userEvent.type(nameInput, 'test name');
userEvent.type(ipInput, value);
expect(onError).toHaveBeenCalledWith(true);
}
);

it.each(['192.168.0.1', '10.0.0.1', '100.90.1.1/24', '192.168.200.6/30'])(
'should call onError with false when a correct ip value is introduced. Case: "%s"',
(value: string) => {
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
const nameInput = renderResult.getByTestId('hostIsolationExceptions-form-name-input');

userEvent.type(nameInput, 'test name');
userEvent.type(ipInput, value);

expect(onError).toHaveBeenLastCalledWith(false);
}
);

expect(onError).toHaveBeenLastCalledWith(false);
});
it('should call onChange when a value is introduced in a field', () => {
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
userEvent.type(ipInput, '10.0.0.1');
Expand All @@ -76,6 +88,7 @@ describe('When on the host isolation exceptions add entry form', () => {
});
});
});

describe('When editing an existing exception', () => {
let existingException: UpdateExceptionListItemSchema;
beforeEach(() => {
Expand All @@ -96,6 +109,7 @@ describe('When on the host isolation exceptions add entry form', () => {
};
renderResult = render(existingException);
});

it('should render the form with pre-filled inputs', () => {
expect(renderResult.getByTestId('hostIsolationExceptions-form-name-input')).toHaveValue(
'name edit me'
Expand All @@ -107,6 +121,7 @@ describe('When on the host isolation exceptions add entry form', () => {
renderResult.getByTestId('hostIsolationExceptions-form-description-input')
).toHaveValue('initial description');
});

it('should call onChange when a value is introduced in a field', () => {
const ipInput = renderResult.getByTestId('hostIsolationExceptions-form-ip-input');
userEvent.clear(ipInput);
Expand Down

0 comments on commit d7f2029

Please sign in to comment.