[FIX] Disable regulation when max_retries set to 0 (#584)

- Only set regulator to enabled if max_retries is not set to 0, default is false (zero value).
- Added test for the scenario.
- Fixes #584
pull/591/head
James Elliott 2020-01-27 08:42:05 +11:00 committed by Amir Zarrinkafsh
parent 25c0b60540
commit 31ca4f891f
2 changed files with 51 additions and 3 deletions

View File

@ -18,7 +18,8 @@ func NewRegulator(configuration *schema.RegulationConfiguration, provider storag
if configuration.FindTime > configuration.BanTime { if configuration.FindTime > configuration.BanTime {
panic(fmt.Errorf("find_time cannot be greater than ban_time")) panic(fmt.Errorf("find_time cannot be greater than ban_time"))
} }
regulator.enabled = true // Set regulator enabled only if MaxRetries is not 0.
regulator.enabled = configuration.MaxRetries > 0
regulator.maxRetries = configuration.MaxRetries regulator.maxRetries = configuration.MaxRetries
regulator.findTime = time.Duration(configuration.FindTime) * time.Second regulator.findTime = time.Duration(configuration.FindTime) * time.Second
regulator.banTime = time.Duration(configuration.BanTime) * time.Second regulator.banTime = time.Duration(configuration.BanTime) * time.Second

View File

@ -40,7 +40,7 @@ func (s *RegulatorSuite) TearDownTest() {
} }
func (s *RegulatorSuite) TestShouldNotThrowWhenUserIsLegitimate() { func (s *RegulatorSuite) TestShouldNotThrowWhenUserIsLegitimate() {
attempts := []models.AuthenticationAttempt{ attemptsInDB := []models.AuthenticationAttempt{
models.AuthenticationAttempt{ models.AuthenticationAttempt{
Username: "john", Username: "john",
Successful: true, Successful: true,
@ -50,7 +50,7 @@ func (s *RegulatorSuite) TestShouldNotThrowWhenUserIsLegitimate() {
s.storageMock.EXPECT(). s.storageMock.EXPECT().
LoadLatestAuthenticationLogs(gomock.Eq("john"), gomock.Any()). LoadLatestAuthenticationLogs(gomock.Eq("john"), gomock.Any()).
Return(attempts, nil) Return(attemptsInDB, nil)
regulator := regulation.NewRegulator(&s.configuration, s.storageMock, &s.clock) regulator := regulation.NewRegulator(&s.configuration, s.storageMock, &s.clock)
@ -254,3 +254,50 @@ func TestRunRegulatorSuite(t *testing.T) {
s := new(RegulatorSuite) s := new(RegulatorSuite)
suite.Run(t, s) suite.Run(t, s)
} }
// This test checks that the regulator is disabled when configuration is set to 0.
func (s *RegulatorSuite) TestShouldHaveRegulatorDisabled() {
attemptsInDB := []models.AuthenticationAttempt{
models.AuthenticationAttempt{
Username: "john",
Successful: false,
Time: s.clock.Now().Add(-31 * time.Second),
},
models.AuthenticationAttempt{
Username: "john",
Successful: false,
Time: s.clock.Now().Add(-34 * time.Second),
},
models.AuthenticationAttempt{
Username: "john",
Successful: false,
Time: s.clock.Now().Add(-36 * time.Second),
},
}
s.storageMock.EXPECT().
LoadLatestAuthenticationLogs(gomock.Eq("john"), gomock.Any()).
Return(attemptsInDB, nil)
// Check Disabled Functionality
configuration := schema.RegulationConfiguration{
MaxRetries: 0,
FindTime: 180,
BanTime: 180,
}
regulator := regulation.NewRegulator(&configuration, s.storageMock, &s.clock)
_, err := regulator.Regulate("john")
assert.NoError(s.T(), err)
// Check Enabled Functionality
configuration = schema.RegulationConfiguration{
MaxRetries: 1,
FindTime: 180,
BanTime: 180,
}
regulator = regulation.NewRegulator(&configuration, s.storageMock, &s.clock)
_, err = regulator.Regulate("john")
assert.Equal(s.T(), regulation.ErrUserIsBanned, err)
}