@@ -93,12 +93,30 @@ def test_lifecycle_cache_bypassed_ip(caplog, get_context):
9393def test_sql_injection (caplog , get_context , monkeypatch ):
9494 get_context .set_as_current_context ()
9595 monkeypatch .setenv ("AIKIDO_BLOCK" , "1" )
96+
97+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
9698 with pytest .raises (AikidoSQLInjection ):
9799 run_vulnerability_scan (
98100 kind = "sql_injection" ,
99101 op = "test_op" ,
100102 args = ("INSERT * INTO VALUES ('doggoss2', TRUE);" , "mysql" ),
101103 )
104+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 1
105+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["blocked" ] == 1
106+
107+
108+ def test_sql_injection_but_blocking_off (caplog , get_context , monkeypatch ):
109+ get_context .set_as_current_context ()
110+ monkeypatch .setenv ("AIKIDO_BLOCK" , "0" )
111+
112+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
113+ run_vulnerability_scan (
114+ kind = "sql_injection" ,
115+ op = "test_op" ,
116+ args = ("INSERT * INTO VALUES ('doggoss2', TRUE);" , "mysql" ),
117+ )
118+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 1
119+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["blocked" ] == 0
102120
103121
104122def test_sql_injection_with_route_params (caplog , get_context , monkeypatch ):
@@ -162,7 +180,9 @@ def test_ssrf_vulnerability_scan_no_port(get_context):
162180 hostname = "example.com"
163181 port = 0 # Port is zero, should not add to hostnames
164182
183+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
165184 run_vulnerability_scan (kind = "ssrf" , op = "test" , args = (dns_results , hostname , port ))
185+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
166186
167187 assert get_cache ().hostnames .as_array () == []
168188
@@ -176,7 +196,9 @@ def test_ssrf_vulnerability_scan_bypassed_ip(get_context):
176196 hostname = "example.com"
177197 port = 80
178198
199+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
179200 run_vulnerability_scan (kind = "ssrf" , op = "test" , args = (dns_results , hostname , port ))
201+ assert get_cache ().stats .get_record ()["requests" ]["attacksDetected" ]["total" ] == 0
180202
181203 # Verify that hostnames.add was not called due to bypassed IP
182204 assert get_cache ().hostnames .as_array () == []
0 commit comments