Fix specs after libddwaf update to 1.18.0.0.0

DataDog · Nov 26, 2024 · e21459e · e21459e
1 parent df34518
commit e21459e
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 9 deletions.
diff --git a/lib/datadog/appsec/event.rb b/lib/datadog/appsec/event.rb
@@ -142,7 +142,7 @@ def tag_and_keep!(scope, waf_result)
           scope.trace.keep! if scope.trace
 
           if scope.service_entry_span
-            scope.service_entry_span.set_tag('appsec.blocked', 'true') if waf_result.actions.include?('block_request')
+            scope.service_entry_span.set_tag('appsec.blocked', 'true') if waf_result.actions.key?('block_request')
             scope.service_entry_span.set_tag('appsec.event', 'true')
           end
 

diff --git a/spec/datadog/appsec/event_spec.rb b/spec/datadog/appsec/event_spec.rb
@@ -366,7 +366,7 @@
     let(:with_trace) { true }
     let(:with_span) { true }
 
-    let(:waf_actions) { [] }
+    let(:waf_actions) { {} }
     let(:waf_result) do
       dbl = double
 
@@ -410,7 +410,9 @@
     end
 
     context 'with block action' do
-      let(:waf_actions) { ['block'] }
+      let(:waf_actions) do
+        { 'block_request' => { 'grpc_status_code' => '10', 'status_core' => '403', 'type' => 'auto' } }
+      end
 
       it 'adds appsec.blocked tag to span' do
         expect(scope.service_entry_span.send(:meta)['appsec.blocked']).to eq('true')
@@ -442,7 +444,9 @@
       end
 
       context 'with block action' do
-        let(:waf_actions) { ['block'] }
+        let(:waf_actions) do
+          { 'block_request' => { 'grpc_status_code' => '10', 'status_core' => '403', 'type' => 'auto' } }
+        end
 
         it 'does not add distributed tags but still add appsec span tags' do
           expect(scope.trace).to be nil

diff --git a/spec/datadog/appsec/processor/context_spec.rb b/spec/datadog/appsec/processor/context_spec.rb
@@ -173,15 +173,15 @@
       it { expect(telemetry).not_to receive(:error) }
       it { expect(matches).to have_attributes(count: 1) }
       it { expect(events).to have_attributes(count: 1) }
-      it { expect(actions).to eq [[]] }
+      it { expect(actions).to eq [{}] }
     end
 
     context 'multiple attacks per run' do
       let(:input) { input_scanner.merge(input_sqli) }
 
       it { expect(matches).to have_attributes(count: 1) }
       it { expect(events).to have_attributes(count: 2) }
-      it { expect(actions).to eq [[]] }
+      it { expect(actions).to eq [{}] }
     end
 
     context 'multiple runs' do
@@ -199,7 +199,7 @@
 
         it { expect(matches).to have_attributes(count: 1) }
         it { expect(events).to have_attributes(count: 1) }
-        it { expect(actions).to eq [[]] }
+        it { expect(actions).to eq [{}] }
       end
 
       context 'different attacks' do
@@ -215,7 +215,7 @@
 
         it { expect(matches).to have_attributes(count: 2) }
         it { expect(events).to have_attributes(count: 2) }
-        it { expect(actions).to eq [[], []] }
+        it { expect(actions).to eq [{}, {}] }
       end
     end
 
@@ -235,7 +235,12 @@
 
       it { expect(matches).to have_attributes(count: 1) }
       it { expect(events).to have_attributes(count: 1) }
-      it { expect(actions).to eq [['block']] }
+
+      it do
+        expect(actions).to(
+          eq([{ 'block_request' => { 'grpc_status_code' => '10', 'status_code' => '403', 'type' => 'auto' } }])
+        )
+      end
     end
 
     context 'run failed with libddwaf error result' do