128 lines
5.6 KiB
TypeScript
128 lines
5.6 KiB
TypeScript
import { expect, tap } from '@git.zone/tstest/tapbundle';
|
|
import { OpnsenseMapper, type IOpnsenseSnapshot } from '../../ts/integrations/opnsense/index.js';
|
|
|
|
const snapshot: IOpnsenseSnapshot = {
|
|
connected: true,
|
|
updatedAt: '2026-01-01T00:00:00.000Z',
|
|
router: {
|
|
host: '192.168.1.1',
|
|
name: 'Edge Firewall',
|
|
macAddress: 'AA:BB:CC:DD:EE:FF',
|
|
firmware: '25.7',
|
|
latestFirmware: '26.1',
|
|
updateAvailable: true,
|
|
actions: ['reboot', 'firmware_update'],
|
|
},
|
|
devices: [],
|
|
interfaces: [
|
|
{
|
|
name: 'wan',
|
|
label: 'WAN',
|
|
status: 'up',
|
|
inbytes: 2_000_000_000,
|
|
outbytes: 1_000_000_000,
|
|
inpkts: 100,
|
|
outpkts: 50,
|
|
actions: ['reload'],
|
|
},
|
|
],
|
|
gateways: [
|
|
{ name: 'WAN_DHCP', status: 'online', latency: '4.1 ms', loss: '0.0 %', interface: 'wan' },
|
|
],
|
|
firewall: {
|
|
rules: [{ uuid: 'rule-1', description: 'Allow LAN', enabled: true, interface: 'lan', protocol: 'tcp' }],
|
|
nat: { d_nat: [{ uuid: 'nat-1', description: 'HTTPS', disabled: '0', protocol: 'tcp' }] },
|
|
aliases: [{ uuid: 'alias-1', name: 'BlockedHosts', enabled: false, type: 'host' }],
|
|
state: { used: 42, total: 100, usedPercent: 42 },
|
|
},
|
|
system: {
|
|
firmwareVersion: '25.7',
|
|
productLatest: '26.1',
|
|
updateAvailable: true,
|
|
pendingNoticesPresent: true,
|
|
pendingNotices: [{ id: 'notice1', notice: 'Reboot required' }],
|
|
},
|
|
telemetry: {
|
|
cpu: { usage_total: 12 },
|
|
memory: { used_percent: 34 },
|
|
mbuf: { used_percent: 5 },
|
|
},
|
|
services: [
|
|
{ name: 'unbound', displayName: 'Unbound DNS', running: 1 },
|
|
],
|
|
vpn: {
|
|
openvpn: { servers: [{ uuid: 'ovpn1', name: 'Remote Access', enabled: true, connected_clients: 2 }] },
|
|
wireguard: { clients: [{ uuid: 'wgclient1', name: 'Mullvad', enabled: false, connected_servers: 0 }] },
|
|
},
|
|
sensors: {},
|
|
switches: [
|
|
{ id: 'dnsbl', name: 'Unbound DNSBL', enabled: true, nativeType: 'unbound_blocklist', uuid: 'dnsbl-1' },
|
|
],
|
|
actions: [],
|
|
};
|
|
|
|
tap.test('maps OPNsense snapshot sections and HA ARP tracker filtering', async () => {
|
|
const normalized = OpnsenseMapper.toSnapshot({
|
|
snapshot,
|
|
trackerInterfaces: ['LAN'],
|
|
arpTable: [
|
|
{ 'mac-address': '11:22:33:44:55:66', 'ip-address': '192.168.1.20', hostname: 'Kitchen Phone', intf_description: 'LAN', manufacturer: 'PhoneCo' },
|
|
{ 'mac-address': '22:33:44:55:66:77', 'ip-address': '192.168.1.21', hostname: 'WAN Host', intf_description: 'WAN' },
|
|
],
|
|
});
|
|
const devices = OpnsenseMapper.toDevices(normalized);
|
|
const entities = OpnsenseMapper.toEntities(normalized);
|
|
|
|
expect(devices.some((deviceArg) => deviceArg.id === 'opnsense.router.aa_bb_cc_dd_ee_ff')).toBeTrue();
|
|
expect(devices.some((deviceArg) => deviceArg.id === 'opnsense.client.11_22_33_44_55_66')).toBeTrue();
|
|
expect(devices.some((deviceArg) => deviceArg.id === 'opnsense.client.22_33_44_55_66_77')).toBeFalse();
|
|
expect(entities.find((entityArg) => entityArg.id === 'sensor.edge_firewall_cpu_usage')?.state).toEqual(12);
|
|
expect(entities.find((entityArg) => entityArg.id === 'sensor.edge_firewall_memory_usage')?.state).toEqual(34);
|
|
expect(entities.find((entityArg) => entityArg.id === 'sensor.edge_firewall_firewall_state_table_used')?.state).toEqual(42);
|
|
expect(entities.find((entityArg) => entityArg.id === 'sensor.edge_firewall_wan_download')?.state).toEqual(2);
|
|
expect(entities.find((entityArg) => entityArg.id === 'binary_sensor.edge_firewall_gateway_wan_dhcp')?.state).toEqual('on');
|
|
expect(entities.find((entityArg) => entityArg.id === 'binary_sensor.kitchen_phone_connected')?.attributes?.nativePlatform).toEqual('device_tracker');
|
|
expect(entities.find((entityArg) => entityArg.id === 'switch.edge_firewall_firewall_allow_lan')?.state).toEqual('on');
|
|
expect(entities.find((entityArg) => entityArg.id === 'switch.unbound_dns_service')?.state).toEqual('on');
|
|
expect(entities.find((entityArg) => entityArg.id === 'switch.edge_firewall_openvpn_remote_access')?.state).toEqual('on');
|
|
expect(entities.find((entityArg) => entityArg.id === 'update.edge_firewall_firmware')?.attributes?.latestVersion).toEqual('26.1');
|
|
});
|
|
|
|
tap.test('models safe OPNsense commands only for represented resources', async () => {
|
|
const normalized = OpnsenseMapper.toSnapshot({ snapshot });
|
|
const serviceCommand = OpnsenseMapper.commandForService(normalized, {
|
|
domain: 'switch',
|
|
service: 'turn_off',
|
|
target: { entityId: 'switch.unbound_dns_service' },
|
|
});
|
|
const firewallCommand = OpnsenseMapper.commandForService(normalized, {
|
|
domain: 'switch',
|
|
service: 'turn_off',
|
|
target: { entityId: 'switch.edge_firewall_firewall_allow_lan' },
|
|
});
|
|
const natCommand = OpnsenseMapper.commandForService(normalized, {
|
|
domain: 'switch',
|
|
service: 'turn_off',
|
|
target: { entityId: 'switch.edge_firewall_nat_https' },
|
|
});
|
|
const rebootCommand = OpnsenseMapper.commandForService(normalized, {
|
|
domain: 'opnsense',
|
|
service: 'reboot',
|
|
target: {},
|
|
});
|
|
const missingServiceCommand = OpnsenseMapper.commandForService(normalized, {
|
|
domain: 'opnsense',
|
|
service: 'stop_service',
|
|
target: {},
|
|
data: { service: 'missing' },
|
|
});
|
|
|
|
expect(serviceCommand && !('error' in serviceCommand) ? serviceCommand.path : '').toEqual('/api/core/service/stop/unbound');
|
|
expect(firewallCommand && !('error' in firewallCommand) ? firewallCommand.path : '').toEqual('/api/firewall/filter/toggle_rule/rule-1/0');
|
|
expect(natCommand && !('error' in natCommand) ? natCommand.path : '').toEqual('/api/firewall/d_nat/toggle_rule/nat-1/1');
|
|
expect(rebootCommand && !('error' in rebootCommand) ? rebootCommand.type : '').toEqual('router.action');
|
|
expect(missingServiceCommand).toBeUndefined();
|
|
});
|
|
|
|
export default tap.start();
|