am-wd/cloudflare-api
1
0
Fork 0
Code Issues Actions Activity

Added DNS firewall configuration

Browse Source
This commit is contained in:
Andreas Müller
2025-11-06 20:49:50 +01:00
parent 591b2f8899
commit df0f60ef29
13 changed files with 1397 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

154
src/Extensions/Cloudflare.Dns/DnsFirewallExtensions.cs Normal file
View File

@@ -0,0 +1,154 @@
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare.Dns.Internals;
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Extensions for the <see href="https://developers.cloudflare.com/api/resources/dns_firewall/">DNS Firewall</see>.
/// </summary>
public static class DnsFirewallExtensions
{
/// <summary>
/// List DNS Firewall clusters for an account.
/// </summary>
/// <param name="client">The <see cref="ICloudflareClient"/> instance.</param>
/// <param name="accountId">The account identifier.</param>
/// <param name="options">Filter options (optional).</param>
/// <param name="cancellationToken">A cancellation token used to propagate notification that this operation should be canceled.</param>
public static Task<CloudflareResponse<IReadOnlyCollection<DnsFirewallCluster>>> ListDNSFirewallClusters(this ICloudflareClient client, string accountId, ListDNSFirewallClustersFilter? options = null, CancellationToken cancellationToken = default)
{
accountId.ValidateCloudflareId();
return client.GetAsync<IReadOnlyCollection<DnsFirewallCluster>>($"/accounts/{accountId}/dns_firewall", options, cancellationToken);
}
/// <summary>
/// Show a single DNS Firewall cluster for an account.
/// </summary>
/// <param name="client">The <see cref="ICloudflareClient"/> instance.</param>
/// <param name="accountId">The account identifier.</param>
/// <param name="dnsFirewallId">The DNS firewall identifier.</param>
/// <param name="cancellationToken">A cancellation token used to propagate notification that this operation should be canceled.</param>
public static Task<CloudflareResponse<DnsFirewallCluster>> DNSFirewallClusterDetails(this ICloudflareClient client, string accountId, string dnsFirewallId, CancellationToken cancellationToken = default)
{
accountId.ValidateCloudflareId();
dnsFirewallId.ValidateCloudflareId();
return client.GetAsync<DnsFirewallCluster>($"/accounts/{accountId}/dns_firewall/{dnsFirewallId}", null, cancellationToken);
}
/// <summary>
/// Create a DNS Firewall cluster.
/// </summary>
/// <param name="client">The <see cref="ICloudflareClient"/> instance.</param>
/// <param name="request">The request.</param>
/// <param name="cancellationToken">A cancellation token used to propagate notification that this operation should be canceled.</param>
public static Task<CloudflareResponse<DnsFirewallCluster>> CreateDNSFirewallCluster(this ICloudflareClient client, CreateDNSFirewallClusterRequest request, CancellationToken cancellationToken = default)
{
request.AccountId.ValidateCloudflareId();
if (string.IsNullOrWhiteSpace(request.Name))
throw new ArgumentException("DNS Firewall cluster name must be provided.", nameof(request.Name));
request.Name = request.Name.Trim();
if (request.Name.Length > 160)
throw new ArgumentException("DNS Firewall cluster name must not exceed 160 characters.", nameof(request.Name));
if (request.MaximumCacheTtl.HasValue && (request.MaximumCacheTtl < 30 || 36000 < request.MaximumCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.MaximumCacheTtl), "Maximum cache TTL must be between 30 and 36000.");
if (request.MinimumCacheTtl.HasValue && (request.MinimumCacheTtl < 30 || 36000 < request.MinimumCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.MinimumCacheTtl), "Minimum cache TTL must be between 30 and 36000.");
if (request.NegativeCacheTtl.HasValue && (request.NegativeCacheTtl < 30 || 36000 < request.NegativeCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.NegativeCacheTtl), "Negative cache TTL must be between 30 and 36000.");
if (request.RateLimit.HasValue && (request.RateLimit < 100 || 1_000_000_000 < request.RateLimit))
throw new ArgumentOutOfRangeException(nameof(request.RateLimit), "Ratelimit must be between 100 and 1,000,000,000 seconds.");
if (request.Retries.HasValue && (request.Retries < 0 || 2 < request.Retries))
throw new ArgumentOutOfRangeException(nameof(request.Retries), "Retries must be between 0 and 2.");
var req = new InternalDNSFirewallClusterRequest
{
Name = request.Name,
UpstreamIps = request.UpstreamIps,
AttackMitigation = request.AttackMitigation,
DeprecateAnyRequests = request.DeprecateAnyRequests,
EcsFallback = request.EcsFallback,
MaximumCacheTtl = request.MaximumCacheTtl,
MinimumCacheTtl = request.MinimumCacheTtl,
NegativeCacheTtl = request.NegativeCacheTtl,
RateLimit = request.RateLimit,
Retries = request.Retries
};
return client.PostAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{request.AccountId}/dns_firewall", req, null, cancellationToken);
}
/// <summary>
/// Modify the configuration of a DNS Firewall cluster.
/// </summary>
/// <param name="client">The <see cref="ICloudflareClient"/> instance.</param>
/// <param name="request">The request.</param>
/// <param name="cancellationToken">A cancellation token used to propagate notification that this operation should be canceled.</param>
public static Task<CloudflareResponse<DnsFirewallCluster>> UpdateDNSFirewallCluster(this ICloudflareClient client, UpdateDNSFirewallClusterRequest request, CancellationToken cancellationToken = default)
{
request.AccountId.ValidateCloudflareId();
request.DnsFirewallId.ValidateCloudflareId();
request.Name = request.Name?.Trim();
if (request.Name?.Length > 160)
throw new ArgumentException("DNS Firewall cluster name must not exceed 160 characters.", nameof(request.Name));
if (request.MaximumCacheTtl.HasValue && (request.MaximumCacheTtl < 30 || 36000 < request.MaximumCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.MaximumCacheTtl), "Maximum cache TTL must be between 30 and 36000.");
if (request.MinimumCacheTtl.HasValue && (request.MinimumCacheTtl < 30 || 36000 < request.MinimumCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.MinimumCacheTtl), "Minimum cache TTL must be between 30 and 36000.");
if (request.NegativeCacheTtl.HasValue && (request.NegativeCacheTtl < 30 || 36000 < request.NegativeCacheTtl))
throw new ArgumentOutOfRangeException(nameof(request.NegativeCacheTtl), "Negative cache TTL must be between 30 and 36000.");
if (request.RateLimit.HasValue && (request.RateLimit < 100 || 1_000_000_000 < request.RateLimit))
throw new ArgumentOutOfRangeException(nameof(request.RateLimit), "Ratelimit must be between 100 and 1,000,000,000 seconds.");
if (request.Retries.HasValue && (request.Retries < 0 || 2 < request.Retries))
throw new ArgumentOutOfRangeException(nameof(request.Retries), "Retries must be between 0 and 2.");
var req = new InternalDNSFirewallClusterRequest
{
Name = request.Name,
UpstreamIps = request.UpstreamIps,
AttackMitigation = request.AttackMitigation,
DeprecateAnyRequests = request.DeprecateAnyRequests,
EcsFallback = request.EcsFallback,
MaximumCacheTtl = request.MaximumCacheTtl,
MinimumCacheTtl = request.MinimumCacheTtl,
NegativeCacheTtl = request.NegativeCacheTtl,
RateLimit = request.RateLimit,
Retries = request.Retries
};
return client.PatchAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{request.AccountId}/dns_firewall", req, cancellationToken);
}
/// <summary>
/// Delete a DNS Firewall cluster.
/// </summary>
/// <param name="client">The <see cref="ICloudflareClient"/> instance.</param>
/// <param name="accountId">The account identifier.</param>
/// <param name="dnsFirewallId">The DNS firewall identifier.</param>
/// <param name="cancellationToken">A cancellation token used to propagate notification that this operation should be canceled.</param>
public static Task<CloudflareResponse<Identifier>> DeleteDNSFirewallCluster(this ICloudflareClient client, string accountId, string dnsFirewallId, CancellationToken cancellationToken = default)
{
accountId.ValidateCloudflareId();
dnsFirewallId.ValidateCloudflareId();
return client.DeleteAsync<Identifier>($"/accounts/{accountId}/dns_firewall/{dnsFirewallId}", null, cancellationToken);
}
}
}

32
src/Extensions/Cloudflare.Dns/Filters/ListDNSFirewallClustersFilter.cs Normal file
View File

@@ -0,0 +1,32 @@
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Represents a filter for querying DNS firewall clusters with optional pagination parameters.
/// </summary>
public class ListDNSFirewallClustersFilter : IQueryParameterFilter
{
/// <summary>
/// Page number of paginated results.
/// </summary>
public int? Page { get; set; }
/// <summary>
/// Number of clusters per page.
/// </summary>
public int? PerPage { get; set; }
/// <inheritdoc/>
public IReadOnlyDictionary<string, string> GetQueryParameters()
{
var dict = new Dictionary<string, string>();
if (Page.HasValue && 1 <= Page.Value)
dict.Add("page", Page.Value.ToString());
if (PerPage.HasValue && 1 <= PerPage.Value && PerPage.Value <= 100)
dict.Add("per_page", PerPage.Value.ToString());
return dict;
}
}
}

35
src/Extensions/Cloudflare.Dns/Internals/InternalDNSFirewallClusterRequest.cs Normal file
View File

@@ -0,0 +1,35 @@
namespace AMWD.Net.Api.Cloudflare.Dns.Internals
{
internal class InternalDNSFirewallClusterRequest
{
[JsonProperty("name")]
public string? Name { get; set; }
[JsonProperty("upstream_ips")]
public IReadOnlyCollection<string>? UpstreamIps { get; set; }
[JsonProperty("attack_mitigation")]
public AttackMitigation? AttackMitigation { get; set; }
[JsonProperty("deprecate_any_requests")]
public bool? DeprecateAnyRequests { get; set; }
[JsonProperty("ecs_fallback")]
public bool? EcsFallback { get; set; }
[JsonProperty("maximum_cache_ttl")]
public int? MaximumCacheTtl { get; set; }
[JsonProperty("minimum_cache_ttl")]
public int? MinimumCacheTtl { get; set; }
[JsonProperty("negative_cache_ttl")]
public int? NegativeCacheTtl { get; set; }
[JsonProperty("ratelimit")]
public int? RateLimit { get; set; }
[JsonProperty("retries")]
public int? Retries { get; set; }
}
}

140
src/Extensions/Cloudflare.Dns/Models/DnsFirewallCluster.cs Normal file
View File

@@ -0,0 +1,140 @@
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Represents the response data for a DNS Firewall configuration on cloudflare.
/// </summary>
public class DnsFirewallCluster
{
/// <summary>
/// The identifier.
/// </summary>
[JsonProperty("id")]
public string? Id { get; set; }
/// <summary>
/// Whether to refuse to answer queries for the ANY type.
/// </summary>
[JsonProperty("deprecate_any_requests")]
public bool? DeprecateAnyRequests { get; set; }
/// <summary>
/// List of IPs used by DNS Firewall cluster.
/// </summary>
[JsonProperty("dns_firewall_ips")]
public IReadOnlyCollection<string>? DnsFirewallIps { get; set; }
/// <summary>
/// Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent.
/// </summary>
[JsonProperty("ecs_fallback")]
public bool? EcsFallback { get; set; }
/// <summary>
/// <para>
/// By default, Cloudflare attempts to cache responses for as long as indicated by
/// the TTL received from upstream nameservers.This setting sets an upper bound on
/// this duration.For caching purposes, higher TTLs will be decreased to the
/// maximum value defined by this setting.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare
/// returns to clients.Cloudflare will always forward the TTL value received from
/// upstream nameservers.
/// </para>
/// </summary>
[JsonProperty("maximum_cache_ttl")]
public int? MaximumCacheTtl { get; set; }
/// <summary>
/// <para>
/// By default, Cloudflare attempts to cache responses for as long as indicated by
/// the TTL received from upstream nameservers.This setting sets a lower bound on
/// this duration.For caching purposes, lower TTLs will be increased to the minimum
/// value defined by this setting.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare
/// returns to clients.Cloudflare will always forward the TTL value received from
/// upstream nameservers.
/// </para>
/// </summary>
/// <remarks>
/// Note that, even with this setting, there is no guarantee that a response will be
/// cached for at least the specified duration.Cached responses may be removed
/// earlier for capacity or other operational reasons.
/// </remarks>
[JsonProperty("minimum_cache_ttl")]
public int? MinimumCacheTtl { get; set; }
/// <summary>
/// Last modification of DNS Firewall cluster
/// </summary>
[JsonProperty("modified_on")]
public DateTime? ModifiedOn { get; set; }
/// <summary>
/// DNS Firewall cluster name.
/// </summary>
[JsonProperty("name")]
public string? Name { get; set; }
/// <summary>
/// <para>
/// This setting controls how long DNS Firewall should cache negative responses
/// (e.g., NXDOMAIN) from the upstream servers.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare
/// returns to clients.Cloudflare will always forward the TTL value received from
/// upstream nameservers.
/// </para>
/// </summary>
[JsonProperty("negative_cache_ttl")]
public int? NegativeCacheTtl { get; set; }
/// <summary>
/// Ratelimit in queries per second per datacenter
/// (applies to DNS queries sent to the upstream nameservers configured on the cluster).
/// </summary>
[JsonProperty("ratelimit")]
public int? RateLimit { get; set; }
/// <summary>
/// Number of retries for fetching DNS responses from upstream nameservers
/// (not counting the initial attempt).
/// </summary>
[JsonProperty("retries")]
public int? Retries { get; set; }
/// <summary>
/// Upstream DNS server IPs.
/// </summary>
[JsonProperty("upstream_ips")]
public IReadOnlyCollection<string>? UpstreamIps { get; set; }
/// <summary>
/// Attack mitigation settings.
/// </summary>
[JsonProperty("attack_mitigation")]
public AttackMitigation? AttackMitigation { get; set; }
}
/// <summary>
/// Attack mitigation settings.
/// <see href="https://github.com/cloudflare/cloudflare-typescript/blob/v4.4.1/src/resources/dns-firewall/dns-firewall.ts#L154">Source</see>
/// </summary>
public class AttackMitigation
{
/// <summary>
/// When enabled, automatically mitigate random-prefix attacks to protect upstream DNS servers.
/// </summary>
[JsonProperty("enabled")]
public bool? Enabled { get; set; }
/// <summary>
/// Only mitigate attacks when upstream servers seem unhealthy.
/// </summary>
[JsonProperty("only_when_upstream_unhealthy")]
public bool? OnlyWhenUpstreamUnhealthy { get; set; }
}
}

10
src/Extensions/Cloudflare.Dns/README.md
View File

@@ -113,6 +113,15 @@ This package contains the feature set of the _DNS_ section of the Cloudflare API
- [Delete TSIG](https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/tsigs/methods/delete/) - [Delete TSIG](https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/tsigs/methods/delete/)
### [DNS Firewall]
- [List DNS Firewall Clusters](https://developers.cloudflare.com/api/resources/dns_firewall/methods/list/)
- [DNS Firewall Cluster Details](https://developers.cloudflare.com/api/resources/dns_firewall/methods/get/)
- [Create DNS Firewall Cluster](https://developers.cloudflare.com/api/resources/dns_firewall/methods/create/)
- [Update DNS Firewall Cluster](https://developers.cloudflare.com/api/resources/dns_firewall/methods/update/)
- [Delete DNS Firewall Cluster](https://developers.cloudflare.com/api/resources/dns_firewall/methods/delete/)
--- ---
Published under MIT License (see [choose a license]) Published under MIT License (see [choose a license])
@@ -136,3 +145,4 @@ Published under MIT License (see [choose a license])
[Outgoing]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/outgoing/ [Outgoing]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/outgoing/
[Peers]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/peers/ [Peers]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/peers/
[TSIGs]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/tsigs/ [TSIGs]: https://developers.cloudflare.com/api/resources/dns/subresources/zone_transfers/subresources/tsigs/
[DNS Firewall]: https://developers.cloudflare.com/api/resources/dns_firewall/

24
src/Extensions/Cloudflare.Dns/Requests/CreateDNSFirewallClusterRequest.cs Normal file
View File

@@ -0,0 +1,24 @@
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Represents a request to create a DNS Firewall cluster with specific configuration settings.
/// </summary>
public class CreateDNSFirewallClusterRequest : DNSFirewallClusterRequestBase
{
/// <summary>
/// Initializes a new instance of the <see cref="CreateDNSFirewallClusterRequest"/> class.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="name">DNS Firewall cluster name.</param>
public CreateDNSFirewallClusterRequest(string accountId, string name)
: base(accountId)
{
Name = name;
}
/// <summary>
/// DNS Firewall cluster name.
/// </summary>
public string Name { get; set; }
}
}

93
src/Extensions/Cloudflare.Dns/Requests/DNSFirewallClusterRequestBase.cs Normal file
View File

@@ -0,0 +1,93 @@
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Represents a request to create a DNS Firewall cluster with specific configuration settings.
/// </summary>
public abstract class DNSFirewallClusterRequestBase
{
/// <summary>
/// Initializes a new instance of the <see cref="CreateDNSFirewallClusterRequest"/> class.
/// </summary>
/// <param name="accountId">The account identifier.</param>
public DNSFirewallClusterRequestBase(string accountId)
{
AccountId = accountId;
}
/// <summary>
/// The account identifier.
/// </summary>
public string AccountId { get; set; }
/// <summary>
/// Upstream DNS server IPs.
/// </summary>
public IReadOnlyCollection<string>? UpstreamIps { get; set; }
/// <summary>
/// Attack mitigation settings.
/// </summary>
public AttackMitigation? AttackMitigation { get; set; }
/// <summary>
/// Whether to refuse to answer queries for the ANY type.
/// </summary>
public bool? DeprecateAnyRequests { get; set; }
/// <summary>
/// Whether to forward client IP (resolver) subnet if no EDNS Client Subnet is sent.
/// </summary>
public bool? EcsFallback { get; set; }
/// <summary>
/// <para>
/// By default, Cloudflare attempts to cache responses for as long as indicated by the TTL received from upstream nameservers.
/// This setting sets an upper bound on this duration.
/// For caching purposes, higher TTLs will be decreased to the maximum value defined by this setting.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare returns to clients.
/// Cloudflare will always forward the TTL value received from upstream nameservers.
/// </para>
/// </summary>
public int? MaximumCacheTtl { get; set; }
/// <summary>
/// <para>
/// By default, Cloudflare attempts to cache responses for as long as indicated by the TTL received from upstream nameservers.
/// This setting sets a lower bound on this duration.
/// For caching purposes, lower TTLs will be increased to the minimum value defined by this setting.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare returns to clients.
/// Cloudflare will always forward the TTL value received from upstream nameservers.
/// </para>
/// </summary>
/// <remarks>
/// Note that, even with this setting, there is no guarantee that a response will be cached for at least the specified duration.
/// Cached responses may be removed earlier for capacity or other operational reasons.
/// </remarks>
public int? MinimumCacheTtl { get; set; }
/// <summary>
/// <para>
/// This setting controls how long DNS Firewall should cache negative responses (e.g., NXDOMAIN) from the upstream servers.
/// </para>
/// <para>
/// This setting does not affect the TTL value in the DNS response Cloudflare returns to clients.
/// Cloudflare will always forward the TTL value received from upstream nameservers.
/// </para>
/// </summary>
public int? NegativeCacheTtl { get; set; }
/// <summary>
/// Ratelimit in queries per second per datacenter (applies to DNS queries sent to the upstream nameservers configured on the cluster).
/// </summary>
public int? RateLimit { get; set; }
/// <summary>
/// Number of retries for fetching DNS responses from upstream nameservers (not counting the initial attempt).
/// </summary>
public int? Retries { get; set; }
}
}

29
src/Extensions/Cloudflare.Dns/Requests/UpdateDNSFirewallClusterRequest.cs Normal file
View File

@@ -0,0 +1,29 @@
namespace AMWD.Net.Api.Cloudflare.Dns
{
/// <summary>
/// Represents a request to create a DNS Firewall cluster with specific configuration settings.
/// </summary>
public class UpdateDNSFirewallClusterRequest : DNSFirewallClusterRequestBase
{
/// <summary>
/// Initializes a new instance of the <see cref="CreateDNSFirewallClusterRequest"/> class.
/// </summary>
/// <param name="accountId">The account identifier.</param>
/// <param name="dnsFirewallId">DNS Firewall cluster name.</param>
public UpdateDNSFirewallClusterRequest(string accountId, string dnsFirewallId)
: base(accountId)
{
DnsFirewallId = dnsFirewallId;
}
/// <summary>
/// The DNS firewall cluster identifier.
/// </summary>
public string DnsFirewallId { get; set; }
/// <summary>
/// DNS Firewall cluster name.
/// </summary>
public string? Name { get; set; }
}
}

250
test/Extensions/Cloudflare.Dns.Tests/DnsFirewallExtensions/CreateDNSFirewallClusterTest.cs Normal file
View File

@@ -0,0 +1,250 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare;
using AMWD.Net.Api.Cloudflare.Dns;
using AMWD.Net.Api.Cloudflare.Dns.Internals;
using Moq;
namespace Cloudflare.Dns.Tests.DnsFirewallExtensions
{
[TestClass]
public class CreateDNSFirewallClusterTest
{
public TestContext TestContext { get; set; }
private const string AccountId = "023e105f4ecef8ad9ca31a8372d0c353";
private const string ClusterId = "023e105f4ecef8ad9ca31a8372d0c355";
private Mock<ICloudflareClient> _clientMock;
private CloudflareResponse<DnsFirewallCluster> _response;
private List<(string RequestPath, InternalDNSFirewallClusterRequest Request)> _callbacks;
private CreateDNSFirewallClusterRequest _request;
[TestInitialize]
public void Initialize()
{
_callbacks = [];
_response = new CloudflareResponse<DnsFirewallCluster>
{
Success = true,
Messages = [new ResponseInfo(1000, "Message 1")],
Errors = [new ResponseInfo(1000, "Error 1")],
Result = new DnsFirewallCluster
{
Id = ClusterId,
Name = "example-cluster"
}
};
_request = new CreateDNSFirewallClusterRequest(AccountId, "example-cluster")
{
UpstreamIps = ["192.0.2.1"],
AttackMitigation = new AttackMitigation { Enabled = true, OnlyWhenUpstreamUnhealthy = false },
DeprecateAnyRequests = true,
EcsFallback = false,
MaximumCacheTtl = 3600,
MinimumCacheTtl = 60,
NegativeCacheTtl = 120,
RateLimit = 1000,
Retries = 1
};
}
[TestMethod]
public async Task ShouldCreateDnsFirewallCluster()
{
// Arrange
var client = GetClient();
// Act
var response = await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.AreEqual(_response.Result, response.Result);
Assert.HasCount(1, _callbacks);
var (requestPath, request) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNotNull(request);
Assert.AreEqual(_request.Name, request.Name);
CollectionAssert.AreEqual(_request.UpstreamIps?.ToList(), request.UpstreamIps?.ToList());
Assert.IsNotNull(request.AttackMitigation);
Assert.AreEqual(_request.AttackMitigation?.Enabled, request.AttackMitigation?.Enabled);
Assert.AreEqual(_request.AttackMitigation?.OnlyWhenUpstreamUnhealthy, request.AttackMitigation?.OnlyWhenUpstreamUnhealthy);
Assert.AreEqual(_request.DeprecateAnyRequests, request.DeprecateAnyRequests);
Assert.AreEqual(_request.EcsFallback, request.EcsFallback);
Assert.AreEqual(_request.MaximumCacheTtl, request.MaximumCacheTtl);
Assert.AreEqual(_request.MinimumCacheTtl, request.MinimumCacheTtl);
Assert.AreEqual(_request.NegativeCacheTtl, request.NegativeCacheTtl);
Assert.AreEqual(_request.RateLimit, request.RateLimit);
Assert.AreEqual(_request.Retries, request.Retries);
_clientMock.Verify(m => m.PostAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{AccountId}/dns_firewall", It.IsAny<InternalDNSFirewallClusterRequest>(), null, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
public async Task ShouldCreateDnsFirewallClusterMinimalSet()
{
// Arrange
_request = new CreateDNSFirewallClusterRequest(AccountId, "example-cluster");
var client = GetClient();
// Act
var response = await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.AreEqual(_response.Result, response.Result);
Assert.HasCount(1, _callbacks);
var (requestPath, request) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNotNull(request);
Assert.AreEqual(_request.Name, request.Name);
Assert.IsNull(request.UpstreamIps);
Assert.IsNull(request.AttackMitigation);
Assert.IsNull(request.DeprecateAnyRequests);
Assert.IsNull(request.EcsFallback);
Assert.IsNull(request.MaximumCacheTtl);
Assert.IsNull(request.MinimumCacheTtl);
Assert.IsNull(request.NegativeCacheTtl);
Assert.IsNull(request.RateLimit);
Assert.IsNull(request.Retries);
_clientMock.Verify(m => m.PostAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{AccountId}/dns_firewall", It.IsAny<InternalDNSFirewallClusterRequest>(), null, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
[DataRow(null)]
[DataRow("")]
[DataRow(" ")]
public async Task ShouldThrowArgumentExceptionWhenNameIsNullOrWhitespace(string name)
{
// Arrange
_request.Name = name;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
public async Task ShouldThrowArgumentExceptionWhenNameTooLong()
{
// Arrange
_request.Name = new string('a', 161);
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForMaximumCacheTtl(int invalid)
{
// Arrange
_request.MaximumCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForMinimumCacheTtl(int invalid)
{
// Arrange
_request.MinimumCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForNegativeCacheTtl(int invalid)
{
// Arrange
_request.NegativeCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(99)]
[DataRow(1_000_000_001)]
public async Task ShouldThrowArgumentOutOfRangeForRateLimit(int invalid)
{
// Arrange
_request.RateLimit = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(-1)]
[DataRow(3)]
public async Task ShouldThrowArgumentOutOfRangeForRetries(int invalid)
{
// Arrange
_request.Retries = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.CreateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
private ICloudflareClient GetClient()
{
_clientMock = new Mock<ICloudflareClient>();
_clientMock
.Setup(m => m.PostAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>(It.IsAny<string>(), It.IsAny<InternalDNSFirewallClusterRequest>(), It.IsAny<IQueryParameterFilter>(), It.IsAny<CancellationToken>()))
.Callback<string, InternalDNSFirewallClusterRequest, IQueryParameterFilter, CancellationToken>((requestPath, request, _, _) => _callbacks.Add((requestPath, request)))
.ReturnsAsync(() => _response);
return _clientMock.Object;
}
}
}

97
test/Extensions/Cloudflare.Dns.Tests/DnsFirewallExtensions/DNSFirewallClusterDetailsTest.cs Normal file
View File

@@ -0,0 +1,97 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare;
using AMWD.Net.Api.Cloudflare.Dns;
using Moq;
namespace Cloudflare.Dns.Tests.DnsFirewallExtensions
{
[TestClass]
public class DNSFirewallClusterDetailsTest
{
public TestContext TestContext { get; set; }
private const string AccountId = "023e105f4ecef8ad9ca31a8372d0c353";
private const string ClusterId = "023e105f4ecef8ad9ca31a8372d0c355";
private Mock<ICloudflareClient> _clientMock;
private CloudflareResponse<DnsFirewallCluster> _response;
private List<(string RequestPath, IQueryParameterFilter QueryFilter)> _callbacks;
[TestInitialize]
public void Initialize()
{
_callbacks = [];
_response = new CloudflareResponse<DnsFirewallCluster>
{
Success = true,
Messages =
[
new ResponseInfo(1000, "Message 1")
],
Errors =
[
new ResponseInfo(1000, "Error 1")
],
Result = new DnsFirewallCluster
{
Id = ClusterId,
Name = "example-cluster",
ModifiedOn = DateTime.Parse("2025-01-01T12:00:00Z"),
DeprecateAnyRequests = true,
EcsFallback = false,
MaximumCacheTtl = 3600,
MinimumCacheTtl = 60,
NegativeCacheTtl = 30,
RateLimit = 1000,
Retries = 2,
DnsFirewallIps = ["10.0.0.1"],
UpstreamIps = ["192.0.2.1"],
AttackMitigation = new AttackMitigation { Enabled = true, OnlyWhenUpstreamUnhealthy = false }
}
};
}
[TestMethod]
public async Task ShouldGetDnsFirewallClusterDetails()
{
// Arrange
var client = GetClient();
// Act
var response = await client.DNSFirewallClusterDetails(AccountId, ClusterId, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.IsNotNull(response.Result);
Assert.AreEqual(ClusterId, response.Result.Id);
Assert.AreEqual("example-cluster", response.Result.Name);
Assert.IsTrue(response.Result.DeprecateAnyRequests ?? false);
Assert.AreEqual(3600, response.Result.MaximumCacheTtl);
Assert.AreEqual(60, response.Result.MinimumCacheTtl);
Assert.HasCount(1, _callbacks);
var (requestPath, queryFilter) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall/{ClusterId}", requestPath);
Assert.IsNull(queryFilter);
_clientMock.Verify(m => m.GetAsync<DnsFirewallCluster>($"/accounts/{AccountId}/dns_firewall/{ClusterId}", null, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
private ICloudflareClient GetClient()
{
_clientMock = new Mock<ICloudflareClient>();
_clientMock
.Setup(m => m.GetAsync<DnsFirewallCluster>(It.IsAny<string>(), It.IsAny<IQueryParameterFilter>(), It.IsAny<CancellationToken>()))
.Callback<string, IQueryParameterFilter, CancellationToken>((requestPath, queryFilter, _) => _callbacks.Add((requestPath, queryFilter)))
.ReturnsAsync(() => _response);
return _clientMock.Object;
}
}
}

72
test/Extensions/Cloudflare.Dns.Tests/DnsFirewallExtensions/DeleteDNSFirewallClusterTest.cs Normal file
View File

@@ -0,0 +1,72 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare;
using AMWD.Net.Api.Cloudflare.Dns;
using Moq;
namespace Cloudflare.Dns.Tests.DnsFirewallExtensions
{
[TestClass]
public class DeleteDNSFirewallClusterTest
{
public TestContext TestContext { get; set; }
private const string AccountId = "023e105f4ecef8ad9ca31a8372d0c353";
private const string ClusterId = "023e105f4ecef8ad9ca31a8372d0c355";
private Mock<ICloudflareClient> _clientMock;
private CloudflareResponse<Identifier> _response;
private List<(string RequestPath, IQueryParameterFilter QueryFilter)> _callbacks;
[TestInitialize]
public void Initialize()
{
_callbacks = [];
_response = new CloudflareResponse<Identifier>
{
Success = true,
Messages = [new ResponseInfo(1000, "Message 1")],
Errors = [new ResponseInfo(1000, "Error 1")],
Result = new Identifier { Id = ClusterId }
};
}
[TestMethod]
public async Task ShouldDeleteDnsFirewallCluster()
{
// Arrange
var client = GetClient();
// Act
var response = await client.DeleteDNSFirewallCluster(AccountId, ClusterId, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.IsNotNull(response.Result);
Assert.AreEqual(ClusterId, response.Result.Id);
Assert.HasCount(1, _callbacks);
var (requestPath, queryFilter) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall/{ClusterId}", requestPath);
Assert.IsNull(queryFilter);
_clientMock.Verify(m => m.DeleteAsync<Identifier>($"/accounts/{AccountId}/dns_firewall/{ClusterId}", null, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
private ICloudflareClient GetClient()
{
_clientMock = new Mock<ICloudflareClient>();
_clientMock
.Setup(m => m.DeleteAsync<Identifier>(It.IsAny<string>(), It.IsAny<IQueryParameterFilter>(), It.IsAny<CancellationToken>()))
.Callback<string, IQueryParameterFilter, CancellationToken>((requestPath, queryFilter, _) => _callbacks.Add((requestPath, queryFilter)))
.ReturnsAsync(() => _response);
return _clientMock.Object;
}
}
}

211
test/Extensions/Cloudflare.Dns.Tests/DnsFirewallExtensions/ListDNSFirewallClustersTest.cs Normal file
View File

@@ -0,0 +1,211 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare;
using AMWD.Net.Api.Cloudflare.Dns;
using Moq;
namespace Cloudflare.Dns.Tests.DnsFirewallExtensions
{
[TestClass]
public class ListDNSFirewallClustersTest
{
public TestContext TestContext { get; set; }
private const string AccountId = "023e105f4ecef8ad9ca31a8372d0c353";
private Mock<ICloudflareClient> _clientMock;
private CloudflareResponse<IReadOnlyCollection<DnsFirewallCluster>> _response;
private List<(string RequestPath, IQueryParameterFilter QueryFilter)> _callbacks;
[TestInitialize]
public void Initialize()
{
_callbacks = new List<(string, IQueryParameterFilter)>();
_response = new CloudflareResponse<IReadOnlyCollection<DnsFirewallCluster>>
{
Success = true,
Messages =
[
new ResponseInfo(1000, "Message 1")
],
Errors =
[
new ResponseInfo(1000, "Error 1")
],
ResultInfo = new PaginationInfo
{
Count = 1,
Page = 1,
PerPage = 20,
TotalCount = 2000,
TotalPages = 100,
},
Result =
[
new DnsFirewallCluster
{
Id = "cluster-1",
Name = "example-cluster",
ModifiedOn = DateTime.Parse("2024-01-01T05:20:00.12345Z"),
DeprecateAnyRequests = true,
MaximumCacheTtl = 3600,
MinimumCacheTtl = 60,
RateLimit = 1000,
Retries = 2,
DnsFirewallIps = ["10.0.0.1"],
UpstreamIps = ["192.0.2.1"],
AttackMitigation = new AttackMitigation { Enabled = true, OnlyWhenUpstreamUnhealthy = false }
}
]
};
}
[TestMethod]
public async Task ShouldListDNSFirewallClusters()
{
// Arrange
var client = GetClient();
// Act
var response = await client.ListDNSFirewallClusters(AccountId, cancellationToken: TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.HasCount(1, response.Result);
Assert.AreEqual("cluster-1", response.Result.First().Id);
Assert.AreEqual("example-cluster", response.Result.First().Name);
Assert.HasCount(1, _callbacks);
var (requestPath, queryFilter) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNull(queryFilter);
_clientMock.Verify(m => m.GetAsync<IReadOnlyCollection<DnsFirewallCluster>>($"/accounts/{AccountId}/dns_firewall", null, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
public async Task ShouldListDNSFirewallClustersWithFilter()
{
// Arrange
var filter = new ListDNSFirewallClustersFilter
{
Page = 2,
PerPage = 10
};
var client = GetClient();
// Act
var response = await client.ListDNSFirewallClusters(AccountId, filter, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.HasCount(1, response.Result);
Assert.AreEqual("cluster-1", response.Result.First().Id);
Assert.AreEqual("example-cluster", response.Result.First().Name);
Assert.HasCount(1, _callbacks);
var (requestPath, queryFilter) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNotNull(queryFilter);
Assert.IsInstanceOfType<ListDNSFirewallClustersFilter>(queryFilter);
Assert.AreEqual(2, ((ListDNSFirewallClustersFilter)queryFilter).Page);
Assert.AreEqual(10, ((ListDNSFirewallClustersFilter)queryFilter).PerPage);
_clientMock.Verify(m => m.GetAsync<IReadOnlyCollection<DnsFirewallCluster>>($"/accounts/{AccountId}/dns_firewall", filter, TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
public void ShouldReturnEmptyParameterList()
{
// Arrange
var filter = new ListDNSFirewallClustersFilter();
// Act
var dict = filter.GetQueryParameters();
// Assert
Assert.IsNotNull(dict);
Assert.IsEmpty(dict);
}
[TestMethod]
public void ShouldReturnFullParameterList()
{
// Arrange
var filter = new ListDNSFirewallClustersFilter
{
Page = 2,
PerPage = 20
};
// Act
var dict = filter.GetQueryParameters();
// Assert
Assert.IsNotNull(dict);
Assert.HasCount(2, dict);
Assert.IsTrue(dict.ContainsKey("page"));
Assert.IsTrue(dict.ContainsKey("per_page"));
Assert.AreEqual("2", dict["page"]);
Assert.AreEqual("20", dict["per_page"]);
}
[TestMethod]
[DataRow(null)]
[DataRow(0)]
public void ShouldNotAddPage(int? page)
{
// Arrange
var filter = new ListDNSFirewallClustersFilter { Page = page };
// Act
var dict = filter.GetQueryParameters();
// Assert
Assert.IsNotNull(dict);
Assert.IsEmpty(dict);
}
[TestMethod]
[DataRow(null)]
[DataRow(0)]
[DataRow(101)]
public void ShouldNotAddPerPage(int? perPage)
{
// Arrange
var filter = new ListDNSFirewallClustersFilter { PerPage = perPage };
// Act
var dict = filter.GetQueryParameters();
// Assert
Assert.IsNotNull(dict);
Assert.IsEmpty(dict);
}
private ICloudflareClient GetClient()
{
_clientMock = new Mock<ICloudflareClient>();
_clientMock
.Setup(m => m.GetAsync<IReadOnlyCollection<DnsFirewallCluster>>(It.IsAny<string>(), It.IsAny<IQueryParameterFilter>(), It.IsAny<CancellationToken>()))
.Callback<string, IQueryParameterFilter, CancellationToken>((requestPath, queryFilter, _) => _callbacks.Add((requestPath, queryFilter)))
.ReturnsAsync(() => _response);
return _clientMock.Object;
}
}
}

250
test/Extensions/Cloudflare.Dns.Tests/DnsFirewallExtensions/UpdateDNSFirewallClusterTest.cs Normal file
View File

@@ -0,0 +1,250 @@
using System.Linq;
using System.Threading;
using System.Threading.Tasks;
using AMWD.Net.Api.Cloudflare;
using AMWD.Net.Api.Cloudflare.Dns;
using AMWD.Net.Api.Cloudflare.Dns.Internals;
using Moq;
namespace Cloudflare.Dns.Tests.DnsFirewallExtensions
{
[TestClass]
public class UpdateDNSFirewallClusterTest
{
public TestContext TestContext { get; set; }
private const string AccountId = "023e105f4ecef8ad9ca31a8372d0c353";
private const string ClusterId = "023e105f4ecef8ad9ca31a8372d0c355";
private Mock<ICloudflareClient> _clientMock;
private CloudflareResponse<DnsFirewallCluster> _response;
private List<(string RequestPath, InternalDNSFirewallClusterRequest Request)> _callbacks;
private UpdateDNSFirewallClusterRequest _request;
[TestInitialize]
public void Initialize()
{
_callbacks = [];
_response = new CloudflareResponse<DnsFirewallCluster>
{
Success = true,
Messages = [new ResponseInfo(1000, "Message 1")],
Errors = [new ResponseInfo(1000, "Error 1")],
Result = new DnsFirewallCluster
{
Id = ClusterId,
Name = "example-cluster"
}
};
_request = new UpdateDNSFirewallClusterRequest(AccountId, ClusterId)
{
Name = "example-cluster",
UpstreamIps = ["192.0.2.1"],
AttackMitigation = new AttackMitigation { Enabled = true, OnlyWhenUpstreamUnhealthy = false },
DeprecateAnyRequests = true,
EcsFallback = false,
MaximumCacheTtl = 3600,
MinimumCacheTtl = 60,
NegativeCacheTtl = 120,
RateLimit = 1000,
Retries = 1
};
}
[TestMethod]
public async Task ShouldUpdateDnsFirewallCluster()
{
// Arrange
var client = GetClient();
// Act
var response = await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.AreEqual(_response.Result, response.Result);
Assert.HasCount(1, _callbacks);
var (requestPath, request) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNotNull(request);
Assert.AreEqual(_request.Name, request.Name);
CollectionAssert.AreEqual(_request.UpstreamIps?.ToList(), request.UpstreamIps?.ToList());
Assert.IsNotNull(request.AttackMitigation);
Assert.AreEqual(_request.AttackMitigation?.Enabled, request.AttackMitigation?.Enabled);
Assert.AreEqual(_request.AttackMitigation?.OnlyWhenUpstreamUnhealthy, request.AttackMitigation?.OnlyWhenUpstreamUnhealthy);
Assert.AreEqual(_request.DeprecateAnyRequests, request.DeprecateAnyRequests);
Assert.AreEqual(_request.EcsFallback, request.EcsFallback);
Assert.AreEqual(_request.MaximumCacheTtl, request.MaximumCacheTtl);
Assert.AreEqual(_request.MinimumCacheTtl, request.MinimumCacheTtl);
Assert.AreEqual(_request.NegativeCacheTtl, request.NegativeCacheTtl);
Assert.AreEqual(_request.RateLimit, request.RateLimit);
Assert.AreEqual(_request.Retries, request.Retries);
_clientMock.Verify(m => m.PatchAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{AccountId}/dns_firewall", It.IsAny<InternalDNSFirewallClusterRequest>(), TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
public async Task ShouldUpdateDnsFirewallClusterMinimalSet()
{
// Arrange
_request = new UpdateDNSFirewallClusterRequest(AccountId, ClusterId);
var client = GetClient();
// Act
var response = await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
// Assert
Assert.IsNotNull(response);
Assert.IsTrue(response.Success);
Assert.AreEqual(_response.Result, response.Result);
Assert.HasCount(1, _callbacks);
var (requestPath, request) = _callbacks.First();
Assert.AreEqual($"/accounts/{AccountId}/dns_firewall", requestPath);
Assert.IsNotNull(request);
Assert.IsNull(request.Name);
Assert.IsNull(request.UpstreamIps);
Assert.IsNull(request.AttackMitigation);
Assert.IsNull(request.DeprecateAnyRequests);
Assert.IsNull(request.EcsFallback);
Assert.IsNull(request.MaximumCacheTtl);
Assert.IsNull(request.MinimumCacheTtl);
Assert.IsNull(request.NegativeCacheTtl);
Assert.IsNull(request.RateLimit);
Assert.IsNull(request.Retries);
_clientMock.Verify(m => m.PatchAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>($"/accounts/{AccountId}/dns_firewall", It.IsAny<InternalDNSFirewallClusterRequest>(), TestContext.CancellationToken), Times.Once);
_clientMock.VerifyNoOtherCalls();
}
[TestMethod]
public async Task ShouldTrimName()
{
// Arrange
_request.Name = " example-trim ";
var client = GetClient();
// Act
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
// Assert
Assert.HasCount(1, _callbacks);
var (_, request) = _callbacks.First();
Assert.AreEqual("example-trim", request.Name);
}
[TestMethod]
public async Task ShouldThrowArgumentExceptionWhenNameTooLong()
{
// Arrange
_request.Name = new string('a', 161);
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForMaximumCacheTtl(int invalid)
{
// Arrange
_request.MaximumCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForMinimumCacheTtl(int invalid)
{
// Arrange
_request.MinimumCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(29)]
[DataRow(36001)]
public async Task ShouldThrowArgumentOutOfRangeForNegativeCacheTtl(int invalid)
{
// Arrange
_request.NegativeCacheTtl = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(99)]
[DataRow(1_000_000_001)]
public async Task ShouldThrowArgumentOutOfRangeForRateLimit(int invalid)
{
// Arrange
_request.RateLimit = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
[TestMethod]
[DataRow(-1)]
[DataRow(3)]
public async Task ShouldThrowArgumentOutOfRangeForRetries(int invalid)
{
// Arrange
_request.Retries = invalid;
var client = GetClient();
// Act & Assert
await Assert.ThrowsExactlyAsync<ArgumentOutOfRangeException>(async () =>
{
await client.UpdateDNSFirewallCluster(_request, TestContext.CancellationToken);
});
}
private ICloudflareClient GetClient()
{
_clientMock = new Mock<ICloudflareClient>();
_clientMock
.Setup(m => m.PatchAsync<DnsFirewallCluster, InternalDNSFirewallClusterRequest>(It.IsAny<string>(), It.IsAny<InternalDNSFirewallClusterRequest>(), It.IsAny<CancellationToken>()))
.Callback<string, InternalDNSFirewallClusterRequest, CancellationToken>((requestPath, request, _) => _callbacks.Add((requestPath, request)))
.ReturnsAsync(() => _response);
return _clientMock.Object;
}
}
}