lukas.pupkalipinski/BanGUI
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
42d5c2a01ffa01251f5918d82fa38801a8761153
BanGUI/e2e/tests/02_ban_records.robot
Lukas 42d5c2a01f
Some checks are pending
CI / Backend Tests (push) Waiting to run
Details
CI / Lint (push) Waiting to run
Details
CI / Type Check (push) Waiting to run
Details
CI / Import Boundary (push) Waiting to run
Details
CI / OpenAPI Breaking Changes (push) Waiting to run
Details
CI / OpenAPI Baseline Commit (push) Waiting to run
Details
fix e2e: update selectors and fail2ban check 
- 01_setup_and_auth: use xpath alert locator instead of css
- 02_ban_records: check fail2ban-client status instead of custom script
- Docs/Tasks.md: remove resolved task entries
2026-06-21 20:30:52 +02:00

70 lines
3.1 KiB
Plaintext
Raw Blame History

*** Settings ***
Library Process
Resource ${CURDIR}/../resources/common.resource
Resource ${CURDIR}/../resources/auth.resource
# Test IP — stable across runs so teardown can reliably unban it.
# Chosen from a non-routable test subnet (RFC 3927).
# Must NOT overlap with any ignoreip rule in the fail2ban jail config.
Suite Setup Login As Admin
*** Test Cases ***
Simulated Failed Logins Appear As Ban Records
[Documentation] Verifies the full ban pipeline:
... fail2ban log parsing → fail2ban ban → backend socket poll → UI rendering.
...
... Key timing facts:
... - simulate_failed_logins.sh writes 5 lines (COUNT=5).
... - manual-Jail maxretry=3 → ban triggers after 3rd matching line.
... - fail2ban backend=polling → fail2ban re-reads auth.log on its own schedule.
... - Backend has no push mechanism; /api/bans/active queries fail2ban on demand.
... - history_sync runs every 300 s; history page reads from the archive DB.
... - A direct API assertion (Step 3) isolates backend from UI rendering issues.
[Teardown] Run Process bash -c ${CURDIR}/../../Docker/check_ban_status.sh --unban 192.168.100.99; truncate -s 0 ${CURDIR}/../../Docker/logs/auth.log timeout=30s
# Step 1 — write authentication-failure lines
${result}= Run Process
... bash
... ${CURDIR}/../../Docker/simulate_failed_logins.sh
... 5
... 192.168.100.99
... timeout=15s
Should Be Equal As Integers ${result.rc} 0
# Step 2 — wait for fail2ban to process the ban
# polling backend; no fixed interval but the ban is near-instant once detected.
Sleep 20s
# Step 3 — fail2ban: confirm IP is banned in manual-Jail
${resp}= Run Process
... bash
... -c
... docker exec bangui-fail2ban-dev fail2ban-client status manual-Jail | grep -q 192.168.100.99 && echo "192.168.100.99 banned" || echo "192.168.100.99 not banned"
... timeout=15s
${resp_text}= Set Variable ${resp.stdout}
Log fail2ban status: ${resp_text}
Should Contain ${resp_text} 192.168.100.99
# Step 4 — History page: confirm UI surfaces the ban record
# Use source=fail2ban to bypass archive endpoint (rate-limited at 200 req/min per IP).
# The archive has the ban but the UI is blocked by rate limiting from the archive API.
Go To ${FRONTEND_URL}/history?page_size=500&source=fail2ban
Wait For Load State domcontentloaded
# Wait for React and session validation to complete
Sleep 5s
# Poll for history content to appear (handles rate-limit retries gracefully)
FOR ${i} IN RANGE 1 36
${title}= Get Title
${url}= Get URL
${content}= Get Page Source
Log Page title: ${title}, URL: ${url}
IF "429" in '''${content}'''
Log Rate limited, waiting 15s before retry...
Sleep 15s
ELSE IF "192.168.100.99" in '''${content}'''
BREAK
END
Sleep 2s
END
Should Contain ${content} 192.168.100.99
Should Contain ${content} manual-Jail
Reference in New Issue View Git Blame Copy Permalink