Michael Schiemer
55a330b223
- Add DISCOVERY_LOG_LEVEL=debug - Add DISCOVERY_SHOW_PROGRESS=true - Temporary changes for debugging InitializerProcessor fixes on production
85 lines
3.1 KiB
PHP
85 lines
3.1 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
use App\Framework\DDoS\ValueObjects\ThreatScore;
|
|
|
|
describe('ThreatScore Value Object', function () {
|
|
|
|
it('creates threat score from float', function () {
|
|
$threatScore = ThreatScore::fromFloat(0.8);
|
|
|
|
expect($threatScore->getScore()->value())->toBe(0.8);
|
|
expect($threatScore->requiresBlocking())->toBeTrue();
|
|
});
|
|
|
|
it('creates safe threat score', function () {
|
|
$safe = ThreatScore::safe();
|
|
|
|
expect($safe->getScore()->value())->toBe(0.0);
|
|
expect($safe->requiresBlocking())->toBeFalse();
|
|
expect($safe->getRecommendedAction())->toBe('allow');
|
|
});
|
|
|
|
it('creates critical threat score', function () {
|
|
$critical = ThreatScore::critical();
|
|
|
|
expect($critical->getScore()->isCritical())->toBeTrue();
|
|
expect($critical->requiresBlocking())->toBeTrue();
|
|
expect($critical->getRecommendedAction())->toBe('block_immediately');
|
|
});
|
|
|
|
it('determines correct actions based on level', function () {
|
|
$low = ThreatScore::fromFloat(0.1);
|
|
$medium = ThreatScore::fromFloat(0.5);
|
|
$high = ThreatScore::fromFloat(0.8);
|
|
$critical = ThreatScore::fromFloat(0.95);
|
|
|
|
expect($low->getRecommendedAction())->toBe('allow');
|
|
expect($medium->getRecommendedAction())->toBe('rate_limit');
|
|
expect($high->getRecommendedAction())->toBe('enhanced_monitoring');
|
|
expect($critical->getRecommendedAction())->toBe('block_immediately');
|
|
});
|
|
|
|
it('creates from multiple analyses', function () {
|
|
$analyses = [
|
|
'traffic_patterns' => ['threat_score' => 0.8, 'indicators' => ['high_volume']],
|
|
'geo_anomalies' => ['threat_score' => 0.6, 'indicators' => ['unusual_location']],
|
|
'waf_analysis' => ['threat_score' => 0.9, 'indicators' => ['malicious_payload']],
|
|
];
|
|
|
|
$threatScore = ThreatScore::fromAnalyses($analyses);
|
|
|
|
expect($threatScore->getScore()->value())->toBeGreaterThan(0.7);
|
|
expect($threatScore->getIndicators())->toContain('high_volume');
|
|
expect($threatScore->getSources())->toContain('traffic_patterns');
|
|
});
|
|
|
|
it('combines threat scores correctly', function () {
|
|
$score1 = ThreatScore::fromFloat(0.8);
|
|
$score2 = ThreatScore::fromFloat(0.6);
|
|
|
|
$combined = $score1->combineWith($score2, 0.7);
|
|
|
|
expect($combined->getScore()->value())->toBe(0.74); // 0.8 * 0.7 + 0.6 * 0.3
|
|
});
|
|
|
|
it('provides detailed description', function () {
|
|
$threatScore = ThreatScore::fromFloat(0.75);
|
|
$description = $threatScore->getDescription();
|
|
|
|
expect($description)->toContain('High threat level');
|
|
expect($description)->toContain('75.0%');
|
|
});
|
|
|
|
it('serializes and deserializes correctly', function () {
|
|
$original = ThreatScore::fromFloat(0.8);
|
|
$array = $original->toArray();
|
|
$restored = ThreatScore::fromArray($array);
|
|
|
|
expect($restored->getScore()->value())->toBe($original->getScore()->value());
|
|
expect($restored->requiresBlocking())->toBe($original->requiresBlocking());
|
|
});
|
|
|
|
});
|