JAMES-2430 Write an integration test for DLP matcher
Project: http://git-wip-us.apache.org/repos/asf/james-project/repo Commit: http://git-wip-us.apache.org/repos/asf/james-project/commit/536f3caa Tree: http://git-wip-us.apache.org/repos/asf/james-project/tree/536f3caa Diff: http://git-wip-us.apache.org/repos/asf/james-project/diff/536f3caa Branch: refs/heads/master Commit: 536f3caab4744f777cd449a0c94ce08476bae4d3 Parents: 55cd111 Author: benwa <[email protected]> Authored: Fri Jun 15 15:48:25 2018 +0700 Committer: benwa <[email protected]> Committed: Wed Jun 20 09:08:10 2018 +0700 ---------------------------------------------------------------------- .../james/modules/data/MemoryDataModule.java | 3 + .../transport/mailets/DlpIntegrationTest.java | 265 +++++++++++++++++++ .../mailets/ToSenderDomainRepository.java | 9 +- .../james/transport/matchers/dlp/Dlp.java | 7 +- 4 files changed, 280 insertions(+), 4 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/james-project/blob/536f3caa/server/container/guice/memory-guice/src/main/java/org/apache/james/modules/data/MemoryDataModule.java ---------------------------------------------------------------------- diff --git a/server/container/guice/memory-guice/src/main/java/org/apache/james/modules/data/MemoryDataModule.java b/server/container/guice/memory-guice/src/main/java/org/apache/james/modules/data/MemoryDataModule.java index 90fdd43..44e7496 100644 --- a/server/container/guice/memory-guice/src/main/java/org/apache/james/modules/data/MemoryDataModule.java +++ b/server/container/guice/memory-guice/src/main/java/org/apache/james/modules/data/MemoryDataModule.java @@ -64,6 +64,9 @@ public class MemoryDataModule extends AbstractModule { bind(MemoryUsersRepository.class).toInstance(MemoryUsersRepository.withVirtualHosting()); bind(UsersRepository.class).to(MemoryUsersRepository.class); + bind(EventSourcingDLPConfigurationStore.class).in(Scopes.SINGLETON); + bind(DLPConfigurationStore.class).to(EventSourcingDLPConfigurationStore.class); + Multibinder.newSetBinder(binder(), ConfigurationPerformer.class).addBinding().to(MemoryDataConfigurationPerformer.class); } http://git-wip-us.apache.org/repos/asf/james-project/blob/536f3caa/server/mailet/integration-testing/src/test/java/org/apache/james/transport/mailets/DlpIntegrationTest.java ---------------------------------------------------------------------- diff --git a/server/mailet/integration-testing/src/test/java/org/apache/james/transport/mailets/DlpIntegrationTest.java b/server/mailet/integration-testing/src/test/java/org/apache/james/transport/mailets/DlpIntegrationTest.java new file mode 100644 index 0000000..0762995 --- /dev/null +++ b/server/mailet/integration-testing/src/test/java/org/apache/james/transport/mailets/DlpIntegrationTest.java @@ -0,0 +1,265 @@ +/**************************************************************** + * Licensed to the Apache Software Foundation (ASF) under one * + * or more contributor license agreements. See the NOTICE file * + * distributed with this work for additional information * + * regarding copyright ownership. The ASF licenses this file * + * to you under the Apache License, Version 2.0 (the * + * "License"); you may not use this file except in compliance * + * with the License. You may obtain a copy of the License at * + * * + * http://www.apache.org/licenses/LICENSE-2.0 * + * * + * Unless required by applicable law or agreed to in writing, * + * software distributed under the License is distributed on an * + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * + * KIND, either express or implied. See the License for the * + * specific language governing permissions and limitations * + * under the License. * + ****************************************************************/ + +package org.apache.james.transport.mailets; + +import static com.jayway.restassured.RestAssured.given; +import static org.apache.james.mailets.configuration.Constants.DEFAULT_DOMAIN; +import static org.apache.james.mailets.configuration.Constants.FROM; +import static org.apache.james.mailets.configuration.Constants.LOCALHOST_IP; +import static org.apache.james.mailets.configuration.Constants.PASSWORD; +import static org.apache.james.mailets.configuration.Constants.RECIPIENT; +import static org.apache.james.mailets.configuration.Constants.RECIPIENT2; +import static org.apache.james.mailets.configuration.Constants.SMTP_PORT; +import static org.apache.james.mailets.configuration.Constants.awaitAtMostOneMinute; + +import java.util.Optional; + +import org.apache.james.MemoryJamesServerMain; +import org.apache.james.core.builder.MimeMessageBuilder; +import org.apache.james.jwt.JwtConfiguration; +import org.apache.james.mailets.TemporaryJamesServer; +import org.apache.james.mailets.configuration.MailetConfiguration; +import org.apache.james.mailets.configuration.MailetContainer; +import org.apache.james.mailets.configuration.ProcessorConfiguration; +import org.apache.james.mailrepository.api.MailRepositoryUrl; +import org.apache.james.transport.matchers.All; +import org.apache.james.transport.matchers.dlp.Dlp; +import org.apache.james.utils.DataProbeImpl; +import org.apache.james.utils.IMAPMessageReader; +import org.apache.james.utils.SMTPMessageSender; +import org.apache.james.utils.WebAdminGuiceProbe; +import org.apache.james.webadmin.WebAdminConfiguration; +import org.apache.james.webadmin.WebAdminUtils; +import org.apache.james.webadmin.authentication.AuthenticationFilter; +import org.apache.james.webadmin.authentication.NoAuthenticationFilter; +import org.apache.mailet.base.test.FakeMail; +import org.eclipse.jetty.http.HttpStatus; +import org.junit.After; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.TemporaryFolder; + +import com.google.inject.util.Modules; +import com.jayway.restassured.specification.RequestSpecification; + +public class DlpIntegrationTest { + public static final String REPOSITORY_PREFIX = "file://var/mail/dlp/quarantine/"; + public static final JwtConfiguration NO_JWT_CONFIGURATION = new JwtConfiguration(Optional.empty()); + + @Rule + public TemporaryFolder folder = new TemporaryFolder(); + + @Rule + public IMAPMessageReader imapMessageReader = new IMAPMessageReader(); + @Rule + public SMTPMessageSender messageSender = new SMTPMessageSender(DEFAULT_DOMAIN); + + private TemporaryJamesServer jamesServer; + private RequestSpecification specification; + + private void createJamesServer(MailetConfiguration.Builder dlpMailet) throws Exception { + MailetContainer.Builder mailets = TemporaryJamesServer.DEFAULT_MAILET_CONTAINER_CONFIGURATION + .putProcessor( + ProcessorConfiguration.transport() + .addMailet(MailetConfiguration.BCC_STRIPPER) + .addMailet(dlpMailet) + .addMailet(MailetConfiguration.builder() + .matcher(All.class) + .mailet(Null.class))); + + jamesServer = TemporaryJamesServer.builder() + .withBase(Modules.override( + MemoryJamesServerMain.SMTP_AND_IMAP_MODULE, + MemoryJamesServerMain.WEBADMIN) + .with( + binder -> binder.bind(JwtConfiguration.class).toInstance(NO_JWT_CONFIGURATION), + binder -> binder.bind(AuthenticationFilter.class).to(NoAuthenticationFilter.class), + binder -> binder.bind(WebAdminConfiguration.class).toInstance(WebAdminConfiguration.TEST_CONFIGURATION))) + .withMailetContainer(mailets) + .build(folder); + + jamesServer.getProbe(DataProbeImpl.class) + .fluent() + .addDomain(DEFAULT_DOMAIN) + .addUser(FROM, PASSWORD) + .addUser(RECIPIENT, PASSWORD) + .addUser(RECIPIENT2, PASSWORD); + WebAdminGuiceProbe webAdminGuiceProbe = jamesServer.getProbe(WebAdminGuiceProbe.class); + webAdminGuiceProbe.await(); + specification = WebAdminUtils.buildRequestSpecification(webAdminGuiceProbe.getWebAdminPort()).build(); + } + + @After + public void tearDown() { + jamesServer.shutdown(); + } + + @Test + public void dlpShouldStoreMatchingEmails() throws Exception { + createJamesServer(MailetConfiguration.builder() + .matcher(Dlp.class) + .mailet(ToSenderDomainRepository.class) + .addProperty(ToSenderDomainRepository.URL_PREFIX, REPOSITORY_PREFIX)); + + given() + .spec(specification) + .body("{\"rules\":[{" + + " \"id\": \"1\"," + + " \"expression\": \"match me\"," + + " \"explanation\": \"A simple DLP rule.\"," + + " \"targetsSender\": false," + + " \"targetsRecipients\": false," + + " \"targetsContent\": true" + + "}]}") + .put("/dlp/rules/" + DEFAULT_DOMAIN); + + messageSender.connect(LOCALHOST_IP, SMTP_PORT) + .sendMessage(FakeMail.builder() + .mimeMessage(MimeMessageBuilder.mimeMessageBuilder() + .addToRecipient(RECIPIENT) + .setSender(FROM) + .setText("match me")) + .sender(FROM) + .recipient(RECIPIENT)); + + awaitAtMostOneMinute.until(() -> containsExactlyOneMail(MailRepositoryUrl.from(REPOSITORY_PREFIX + DEFAULT_DOMAIN))); + } + + @Test + public void dlpShouldNotCreateRepositoryWhenNotAllowed() throws Exception { + createJamesServer(MailetConfiguration.builder() + .matcher(Dlp.class) + .mailet(ToSenderDomainRepository.class) + .addProperty(ToSenderDomainRepository.URL_PREFIX, REPOSITORY_PREFIX) + .addProperty(ToSenderDomainRepository.ALLOW_REPOSITORY_CREATION, "false")); + + given() + .spec(specification) + .body("{\"rules\":[[{" + + " \"id\": \"1\"," + + " \"expression\": \"match me\"," + + " \"explanation\": \"A simple DLP rule.\"," + + " \"targetsSender\": false," + + " \"targetsRecipients\": false," + + " \"targetsContent\": true" + + "}]}") + .put("/dlp/rules/" + DEFAULT_DOMAIN); + + messageSender.connect(LOCALHOST_IP, SMTP_PORT) + .sendMessage(FakeMail.builder() + .mimeMessage(MimeMessageBuilder.mimeMessageBuilder() + .addToRecipient(RECIPIENT) + .setSender(FROM) + .setText("match me")) + .sender(FROM) + .recipient(RECIPIENT)); + + MailRepositoryUrl repositoryUrl = MailRepositoryUrl.from(REPOSITORY_PREFIX + DEFAULT_DOMAIN); + given() + .spec(specification) + .get("/mailRepositories/" + repositoryUrl.urlEncoded() + "/mails") + .then() + .statusCode(HttpStatus.NOT_FOUND_404); + } + + @Test + public void dlpShouldCreateRepositoryWhenAllowed() throws Exception { + createJamesServer(MailetConfiguration.builder() + .matcher(Dlp.class) + .mailet(ToSenderDomainRepository.class) + .addProperty(ToSenderDomainRepository.URL_PREFIX, REPOSITORY_PREFIX) + .addProperty(ToSenderDomainRepository.ALLOW_REPOSITORY_CREATION, "true")); + MailRepositoryUrl repositoryUrl = MailRepositoryUrl.from(REPOSITORY_PREFIX + DEFAULT_DOMAIN); + + given() + .spec(specification) + .body("{\"rules\":[{" + + " \"id\": \"1\"," + + " \"expression\": \"match me\"," + + " \"explanation\": \"A simple DLP rule.\"," + + " \"targetsSender\": false," + + " \"targetsRecipients\": false," + + " \"targetsContent\": true" + + "}]}") + .put("/dlp/rules/" + DEFAULT_DOMAIN); + + messageSender.connect(LOCALHOST_IP, SMTP_PORT) + .sendMessage(FakeMail.builder() + .mimeMessage(MimeMessageBuilder.mimeMessageBuilder() + .addToRecipient(RECIPIENT) + .setSender(FROM) + .setText("match me")) + .sender(FROM) + .recipient(RECIPIENT)); + + awaitAtMostOneMinute.until(() -> containsExactlyOneMail(repositoryUrl)); + } + + @Test + public void dlpShouldStoreMailWhenNotAllowedButRepositoryExists() throws Exception { + createJamesServer(MailetConfiguration.builder() + .matcher(Dlp.class) + .mailet(ToSenderDomainRepository.class) + .addProperty(ToSenderDomainRepository.URL_PREFIX, REPOSITORY_PREFIX) + .addProperty(ToSenderDomainRepository.ALLOW_REPOSITORY_CREATION, "false")); + + MailRepositoryUrl repositoryUrl = MailRepositoryUrl.from(REPOSITORY_PREFIX + DEFAULT_DOMAIN); + given() + .spec(specification) + .put("/mailRepositories/" + repositoryUrl.urlEncoded()); + + given() + .spec(specification) + .body("{\"rules\":[{" + + " \"id\": \"1\"," + + " \"expression\": \"match me\"," + + " \"explanation\": \"A simple DLP rule.\"," + + " \"targetsSender\": false," + + " \"targetsRecipients\": false," + + " \"targetsContent\": true" + + "}]}") + .put("/dlp/rules/" + DEFAULT_DOMAIN); + + messageSender.connect(LOCALHOST_IP, SMTP_PORT) + .sendMessage(FakeMail.builder() + .mimeMessage(MimeMessageBuilder.mimeMessageBuilder() + .addToRecipient(RECIPIENT) + .setSender(FROM) + .setText("match me")) + .sender(FROM) + .recipient(RECIPIENT)); + + awaitAtMostOneMinute.until(() -> containsExactlyOneMail(repositoryUrl)); + } + + private boolean containsExactlyOneMail(MailRepositoryUrl repositoryUrl) { + try { + return given() + .spec(specification) + .get("/mailRepositories/" + repositoryUrl.urlEncoded() + "/mails") + .prettyPeek() + .jsonPath() + .getList(".") + .size() == 1; + } catch (Exception e) { + return false; + } + } +} http://git-wip-us.apache.org/repos/asf/james-project/blob/536f3caa/server/mailet/mailets/src/main/java/org/apache/james/transport/mailets/ToSenderDomainRepository.java ---------------------------------------------------------------------- diff --git a/server/mailet/mailets/src/main/java/org/apache/james/transport/mailets/ToSenderDomainRepository.java b/server/mailet/mailets/src/main/java/org/apache/james/transport/mailets/ToSenderDomainRepository.java index 5992f85..2dce4e6 100644 --- a/server/mailet/mailets/src/main/java/org/apache/james/transport/mailets/ToSenderDomainRepository.java +++ b/server/mailet/mailets/src/main/java/org/apache/james/transport/mailets/ToSenderDomainRepository.java @@ -61,6 +61,9 @@ import com.github.fge.lambdas.consumers.ThrowingConsumer; * </mailet> */ public class ToSenderDomainRepository extends GenericMailet { + public static final String URL_PREFIX = "urlPrefix"; + public static final String PASS_THROUGH = "passThrough"; + public static final String ALLOW_REPOSITORY_CREATION = "allowRepositoryCreation"; private static final Logger LOGGER = LoggerFactory.getLogger(ToSenderDomainRepository.class); private static final boolean DEFAULT_CONSUME = false; @@ -78,10 +81,10 @@ public class ToSenderDomainRepository extends GenericMailet { @Override public void init() throws MessagingException { - urlPrefix = Optional.ofNullable(getInitParameter("urlPrefix")) + urlPrefix = Optional.ofNullable(getInitParameter(URL_PREFIX)) .orElseThrow(() -> new MessagingException("'urlPrefix' is a mandatory configuration property")); - passThrough = getInitParameter("passThrough", DEFAULT_CONSUME); - allowRepositoryCreation = getInitParameter("allowRepositoryCreation", DEFAULT_ALLOW_REPOSITORY_CREATION); + passThrough = getInitParameter(PASS_THROUGH, DEFAULT_CONSUME); + allowRepositoryCreation = getInitParameter(ALLOW_REPOSITORY_CREATION, DEFAULT_ALLOW_REPOSITORY_CREATION); } @Override http://git-wip-us.apache.org/repos/asf/james-project/blob/536f3caa/server/mailet/mailets/src/main/java/org/apache/james/transport/matchers/dlp/Dlp.java ---------------------------------------------------------------------- diff --git a/server/mailet/mailets/src/main/java/org/apache/james/transport/matchers/dlp/Dlp.java b/server/mailet/mailets/src/main/java/org/apache/james/transport/matchers/dlp/Dlp.java index cb7fc72..1f65082 100644 --- a/server/mailet/mailets/src/main/java/org/apache/james/transport/matchers/dlp/Dlp.java +++ b/server/mailet/mailets/src/main/java/org/apache/james/transport/matchers/dlp/Dlp.java @@ -27,6 +27,7 @@ import javax.mail.MessagingException; import org.apache.james.core.MailAddress; import org.apache.james.dlp.api.DLPConfigurationItem; +import org.apache.james.dlp.api.DLPConfigurationStore; import org.apache.mailet.Mail; import org.apache.mailet.base.GenericMatcher; @@ -39,12 +40,16 @@ public class Dlp extends GenericMatcher { private final DlpRulesLoader rulesLoader; - @Inject @VisibleForTesting Dlp(DlpRulesLoader rulesLoader) { this.rulesLoader = rulesLoader; } + @Inject + public Dlp(DLPConfigurationStore configurationStore) { + this(new DlpRulesLoader.Impl(configurationStore)); + } + @Override public Collection<MailAddress> match(Mail mail) throws MessagingException { Optional<DLPConfigurationItem.Id> firstMatchingRuleId = findFirstMatchingRule(mail); --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
