Merge pull request #25 from crowdsecurity/remediation-types

lint pass
update doc
make crowdsec mentions hidable
add phpcs
fix fallback remediation
add pre-commit to update version in Constants.php

Author: mobula9

.githooks/pre-commit

@@ -0,0 +1,27 @@
+#!/bin/bash
+
+platform='unknown'
+unamestr=`uname`
+if [[ "$unamestr" == 'Linux' ]]; then
+   platform='linux'
+elif [[ "$unamestr" == 'FreeBSD' ]]; then
+   platform='freebsd'
+elif [[ "$unamestr" == 'Darwin' ]]; then
+   platform='osx'
+fi
+
+
+function get_git_tag {
+    git describe --tags `git rev-list --tags --max-count=1`
+}
+
+git_tag=$(get_git_tag)
+
+if [[ $platform == 'linux' ]]; then
+   sed -i -E "s/v[0-9]+\.[0-9]+\.[0-9]/$git_tag/" `git rev-parse --show-toplevel`/src/Constants.php
+else
+   sed -i "" -E "s/v[0-9]+\.[0-9]+\.[0-9]/$git_tag/" `git rev-parse --show-toplevel`/src/Constants.php
+fi
+git add `git rev-parse --show-toplevel`/src/Constants.php
+
+echo 'Note: version number updated in src/Constants.php'

composer.json

@@ -40,5 +40,13 @@
         "symfony/var-dumper": "^5.2",
         "phpunit/phpunit": "8.5.13",
         "clean/phpdoc-md": "^0.19.1"
+    },
+    "scripts": {
+        "post-install-cmd": [
+            "./post-install.sh"
+        ],
+        "post-update-cmd": [
+            "./post-install.sh"
+        ]
     }
-}
+}

docs/api/RestClient.md

@@ -90,9 +90,7 @@ Send an HTTP request using the file_get_contents and parse its JSON result if an
 
 
 `\BouncerException`
-> when the reponse status is not 2xx.  
-  
-TODO P3 test the request method
+> when the reponse status is not 2xx.
 
 <hr />
 

docs/contribute.md

@@ -86,6 +86,7 @@ After the merge, don't forget to delete to branch.
 #### New release
 
 ```bash
-git describe --tags # to verify what is the current tag
+git checkout main && git pull
+git describe --tags `git rev-list --tags --max-count=1` # to verify what is the current tag
 gh release create --draft vx.x.x --title vx.x.x
 ```

post-install.sh

@@ -0,0 +1,2 @@
+git config core.hooksPath `git rev-parse --show-toplevel`/.githooks
+echo "Git pre-commit hook is installed. This hook fixes the src/Constants.php version for each commits."

src/ApiCache.php

@@ -280,11 +280,9 @@ private function saveRemediationsForIp(array $decisions, string $ip): string
         if (\count($decisions)) {
             foreach ($decisions as $decision) {
                 if (!\in_array($decision['type'], Constants::ORDERED_REMEDIATIONS)) {
-                    $highestRemediationLevel = Constants::ORDERED_REMEDIATIONS[0];
-                    // TODO P1 test the case of unknown remediation type
-                    $this->logger->warning('', ['type' => 'UNKNOWN_REMEDIATION', 'remediation' => $decision['type']]);
-                    // TODO P2 use the fallback parameter instead.
-                    $decision['type'] = $highestRemediationLevel;
+                    $fallback = $this->config['fallback_remediation'];
+                    $this->logger->warning('', ['type' => 'UNKNOWN_REMEDIATION', 'unknown' => $decision['type'], 'fallback' => $fallback]);
+                    $decision['type'] = $fallback;
                 }
                 $remediation = $this->formatRemediationFromDecision($decision);
                 $remediationResult = $this->addRemediationToCacheItem($ip, $remediation[0], $remediation[1], $remediation[2]);

src/Bouncer.php

@@ -89,19 +89,6 @@ private function capRemediationLevel(string $remediation): string
         return $remediation;
     }
 
-    /**
-     * If the CrowdSec remediation is not handled by this library,
-     * replace it with the value of the configuration "fallback_remediation".
-     */
-    private function handleUnknownRemediation(string $remediation): string
-    {
-        if (!\in_array($remediation, Constants::ORDERED_REMEDIATIONS)) {
-            return $this->config['fallback_remediation'];
-        }
-
-        return $remediation;
-    }
-
     /**
      * Get the remediation for the specified IP. This method use the cache layer.
      * In live mode, when no remediation was found in cache,
@@ -116,7 +103,6 @@ public function getRemediationForIp(string $ip): string
             throw new BouncerException("IP $ip should looks like x.x.x.x, with x in 0-255. Ex: 1.2.3.4");
         }
         $remediation = $this->apiCache->get(long2ip($intIp));
-        $remediation = $this->handleUnknownRemediation($remediation);
 
         return $this->capRemediationLevel($remediation);
     }

src/Constants.php

@@ -17,8 +17,11 @@ class Constants
     /** @var string The URL of the CrowdSec Central API */
     public const CAPI_URL = 'https://api.crowdsec.net/v2/';
 
+    /** @var string The last version of this library */
+    public const VERSION = 'v0.6.0';
+
     /** @var string The user agent used to send request to LAPI or CAPI */
-    public const BASE_USER_AGENT = 'PHP CrowdSec Bouncer/1.0.0';
+    public const BASE_USER_AGENT = 'PHP CrowdSec Bouncer/'.self::VERSION;
 
     /** @var int The timeout when calling LAPI or CAPI */
     public const API_TIMEOUT = 1;

src/RestClient.php

@@ -68,8 +68,6 @@ private function convertHeadersToString(array $headers): string
      * Send an HTTP request using the file_get_contents and parse its JSON result if any.
      *
      * @throws BouncerException when the reponse status is not 2xx.
-     *
-     * TODO P3 test the request method
      */
     public function request(
         string $endpoint,

tests/LoadPaginatedDecisionsTest.php

@@ -3,11 +3,6 @@
 declare(strict_types=1);
 use PHPUnit\Framework\TestCase;
 
-/*
-TODO P3 Implement decisions pagination tests
-cf https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Array/slice
-*/
-
 final class LoadPaginatedDecisionsTest extends TestCase
 {
     /**

tests/LoadPaginatedLogsTest.php

@@ -3,10 +3,6 @@
 declare(strict_types=1);
 use PHPUnit\Framework\TestCase;
 
-/*
-TODO P3 Implement decisions pagination tests
-*/
-
 final class LoadPaginatedLogsTest extends TestCase
 {
     /**

tests/Template403Test.php

@@ -38,10 +38,6 @@ public static function createLogger(): Logger
     public static function cacheAdapterProvider(): array
     {
         // Init all adapters
-        /*
-        TODO P3 Failed on CI but some fixes may fix this bug. Just retry it could work! Else investigates.
-        $fileSystemAdapter = new FilesystemAdapter('fs_adapter_cache', 0, self::FS_CACHE_ADAPTER_DIR);
-        */
 
         $phpFilesAdapter = new PhpFilesAdapter('php_array_adapter_backup_cache', 0, self::PHP_FILES_CACHE_ADAPTER_DIR);