akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity

fix(security): implement security module toggle actions

Browse Source 
Complete Phase 4 implementation enabling ACL, WAF, and Rate Limiting
toggle functionality in the Security Dashboard UI.

Backend:

Add 60-second TTL settings cache layer to Cerberus middleware
Trigger async Caddy config reload on security.* setting changes
Query runtime settings in Caddy manager before config generation
Wire SettingsHandler with CaddyManager and Cerberus dependencies
Frontend:

Fix optimistic update logic to preserve mode field for WAF/rate_limit
Replace onChange with onCheckedChange for all Switch components
Add unit tests for mode preservation and rollback behavior
Test Fixes:

Fix CrowdSec startup test assertions (cfg.Enabled is global Cerberus flag)
Fix security service test UUID uniqueness for UNIQUE constraint
Add .first() to toast locator in wait-helpers.ts for multiple toasts
Documentation:

Add Security Dashboard Toggles section to features.md
Mark phase4_security_toggles_spec.md as IMPLEMENTED
Add E2E coverage mode (Docker vs Vite) documentation
Enables 8 previously skipped E2E tests in security-dashboard.spec.ts
and rate-limiting.spec.ts.
This commit is contained in:
GitHub Actions
2026-01-24 03:40:57 +00:00
parent a198b76da6
commit 99faac0b6a
17 changed files with 2325 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
CHANGELOG.md
View File

@@ -7,6 +7,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
## [Unreleased]
### Added
- **Phase 4: Security Module Toggle Actions**: Security dashboard toggles for ACL, WAF, and Rate Limiting are now fully functional (PR #XXX)
- **Toggle Functionality**: Enable/disable security modules directly from the Security Dashboard UI
- **Backend Cache Layer**: 60-second TTL in-memory cache for settings to minimize database queries in middleware
- **Auto Config Reload**: Caddy configuration automatically reloads when security settings change
- **Optimistic Updates**: Toggle changes reflect instantly in the UI with proper rollback on failure
- **Mode Preservation**: WAF and Rate Limiting mode settings (detection/prevention, log/block) preserved during toggles
- **8 E2E Tests Enabled**: Previously skipped security dashboard tests now pass
- See [Phase 4 Specification](docs/plans/phase4_security_toggles_spec.md) for implementation details
### Security
- **CRITICAL**: Fixed CVE-2025-68156 by upgrading expr-lang/expr to v1.17.7