jilo-web/tests/framework/Unit/Classes/RateLimiterTest.php

<?php

require_once dirname(__DIR__, 4) . '/app/classes/database.php';
require_once dirname(__DIR__, 4) . '/app/classes/ratelimiter.php';
require_once dirname(__DIR__, 4) . '/app/classes/log.php';

use PHPUnit\Framework\TestCase;

class RateLimiterTest extends TestCase
{
    private $rateLimiter;
    private $db;

    protected function setUp(): void
    {
        parent::setUp();

        // Set up in-memory SQLite database
        $this->db = new Database([
            'type' => 'sqlite',
            'dbFile' => ':memory:'
        ]);

        $this->rateLimiter = new RateLimiter($this->db);
    }

    public function testGetRecentAttempts()
    {
        $ip = '127.0.0.1';
        $username = 'testuser';

        // Clean up any existing attempts first
        $stmt = $this->db->getConnection()->prepare("DELETE FROM {$this->rateLimiter->authRatelimitTable} WHERE ip_address = ?");
        $stmt->execute([$ip]);

        // Initially should have no attempts
        $attempts = $this->rateLimiter->getRecentAttempts($ip);
        $this->assertEquals(0, $attempts);

        // Add a login attempt
        $stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->authRatelimitTable} (ip_address, username) VALUES (?, ?)");
        $stmt->execute([$ip, $username]);

        // Should now have 1 attempt
        $attempts = $this->rateLimiter->getRecentAttempts($ip);
        $this->assertEquals(1, $attempts);
    }

    public function testIpBlacklisting()
    {
        $ip = '192.0.2.1'; // Using TEST-NET-1 range

        // Should be blacklisted by default (TEST-NET-1 range)
        $this->assertTrue($this->rateLimiter->isIpBlacklisted($ip));

        // Test with non-blacklisted IP
        $nonBlacklistedIp = '8.8.8.8'; // Google DNS
        $this->assertFalse($this->rateLimiter->isIpBlacklisted($nonBlacklistedIp));

        // Add IP to blacklist
        $stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->blacklistTable} (ip_address, reason) VALUES (?, ?)");
        $stmt->execute([$nonBlacklistedIp, 'Test blacklist']);

        // IP should now be blacklisted
        $this->assertTrue($this->rateLimiter->isIpBlacklisted($nonBlacklistedIp));
    }

    public function testIpWhitelisting()
    {
        $ip = '127.0.0.1'; // Localhost

        // Clean up any existing whitelist entries
        $stmt = $this->db->getConnection()->prepare("DELETE FROM {$this->rateLimiter->whitelistTable} WHERE ip_address = ?");
        $stmt->execute([$ip]);

        // Add to whitelist
        $stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->whitelistTable} (ip_address, description) VALUES (?, ?)");
        $stmt->execute([$ip, 'Test whitelist']);

        // Should be whitelisted
        $this->assertTrue($this->rateLimiter->isIpWhitelisted($ip));

        // Test with non-whitelisted IP
        $nonWhitelistedIp = '8.8.8.8'; // Google DNS
        $this->assertFalse($this->rateLimiter->isIpWhitelisted($nonWhitelistedIp));

        // Add to whitelist
        $stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->whitelistTable} (ip_address, description) VALUES (?, ?)");
        $stmt->execute([$nonWhitelistedIp, 'Test whitelist']);

        // Should now be whitelisted
        $this->assertTrue($this->rateLimiter->isIpWhitelisted($nonWhitelistedIp));
    }

    public function testIpRangeBlacklisting()
    {
        $ip = '8.8.8.8'; // Google DNS
        $networkIp = '8.8.8.0/24'; // Network containing Google DNS

        // Initially IP should not be blacklisted
        $this->assertFalse($this->rateLimiter->isIpBlacklisted($ip));

        // Add network to blacklist
        $stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->blacklistTable} (ip_address, is_network, reason) VALUES (?, 1, ?)");
        $stmt->execute([$networkIp, 'Test network blacklist']);

        // IP in range should now be blacklisted
        $this->assertTrue($this->rateLimiter->isIpBlacklisted($ip));
    }
}
Adds initial unit tests 2025-02-18 14:36:31 +00:00			`<?php`

			`require_once dirname(__DIR__, 4) . '/app/classes/database.php';`
			`require_once dirname(__DIR__, 4) . '/app/classes/ratelimiter.php';`
			`require_once dirname(__DIR__, 4) . '/app/classes/log.php';`

			`use PHPUnit\Framework\TestCase;`

			`class RateLimiterTest extends TestCase`
			`{`
			`private $rateLimiter;`
			`private $db;`

			`protected function setUp(): void`
			`{`
			`parent::setUp();`

			`// Set up in-memory SQLite database`
			`$this->db = new Database([`
			`'type' => 'sqlite',`
			`'dbFile' => ':memory:'`
			`]);`

			`$this->rateLimiter = new RateLimiter($this->db);`
			`}`

			`public function testGetRecentAttempts()`
			`{`
			`$ip = '127.0.0.1';`
			`$username = 'testuser';`

			`// Clean up any existing attempts first`
			`$stmt = $this->db->getConnection()->prepare("DELETE FROM {$this->rateLimiter->authRatelimitTable} WHERE ip_address = ?");`
			`$stmt->execute([$ip]);`

			`// Initially should have no attempts`
			`$attempts = $this->rateLimiter->getRecentAttempts($ip);`
			`$this->assertEquals(0, $attempts);`

			`// Add a login attempt`
			`$stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->authRatelimitTable} (ip_address, username) VALUES (?, ?)");`
			`$stmt->execute([$ip, $username]);`

			`// Should now have 1 attempt`
			`$attempts = $this->rateLimiter->getRecentAttempts($ip);`
			`$this->assertEquals(1, $attempts);`
			`}`

			`public function testIpBlacklisting()`
			`{`
			`$ip = '192.0.2.1'; // Using TEST-NET-1 range`

			`// Should be blacklisted by default (TEST-NET-1 range)`
			`$this->assertTrue($this->rateLimiter->isIpBlacklisted($ip));`

			`// Test with non-blacklisted IP`
			`$nonBlacklistedIp = '8.8.8.8'; // Google DNS`
			`$this->assertFalse($this->rateLimiter->isIpBlacklisted($nonBlacklistedIp));`

			`// Add IP to blacklist`
			`$stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->blacklistTable} (ip_address, reason) VALUES (?, ?)");`
			`$stmt->execute([$nonBlacklistedIp, 'Test blacklist']);`

			`// IP should now be blacklisted`
			`$this->assertTrue($this->rateLimiter->isIpBlacklisted($nonBlacklistedIp));`
			`}`

			`public function testIpWhitelisting()`
			`{`
			`$ip = '127.0.0.1'; // Localhost`

			`// Clean up any existing whitelist entries`
			`$stmt = $this->db->getConnection()->prepare("DELETE FROM {$this->rateLimiter->whitelistTable} WHERE ip_address = ?");`
			`$stmt->execute([$ip]);`

			`// Add to whitelist`
			`$stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->whitelistTable} (ip_address, description) VALUES (?, ?)");`
			`$stmt->execute([$ip, 'Test whitelist']);`

			`// Should be whitelisted`
			`$this->assertTrue($this->rateLimiter->isIpWhitelisted($ip));`

			`// Test with non-whitelisted IP`
			`$nonWhitelistedIp = '8.8.8.8'; // Google DNS`
			`$this->assertFalse($this->rateLimiter->isIpWhitelisted($nonWhitelistedIp));`

			`// Add to whitelist`
			`$stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->whitelistTable} (ip_address, description) VALUES (?, ?)");`
			`$stmt->execute([$nonWhitelistedIp, 'Test whitelist']);`

			`// Should now be whitelisted`
			`$this->assertTrue($this->rateLimiter->isIpWhitelisted($nonWhitelistedIp));`
			`}`

			`public function testIpRangeBlacklisting()`
			`{`
			`$ip = '8.8.8.8'; // Google DNS`
			`$networkIp = '8.8.8.0/24'; // Network containing Google DNS`

			`// Initially IP should not be blacklisted`
			`$this->assertFalse($this->rateLimiter->isIpBlacklisted($ip));`

			`// Add network to blacklist`
			`$stmt = $this->db->getConnection()->prepare("INSERT INTO {$this->rateLimiter->blacklistTable} (ip_address, is_network, reason) VALUES (?, 1, ?)");`
			`$stmt->execute([$networkIp, 'Test network blacklist']);`

			`// IP in range should now be blacklisted`
			`$this->assertTrue($this->rateLimiter->isIpBlacklisted($ip));`
			`}`
			`}`