@stuntman/server 0.1.4 → 0.1.6

package/dist/ruleExecutor.js

@@ -0,0 +1,187 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getRuleExecutor = void 0;
+const await_lock_1 = __importDefault(require("await-lock"));
+const shared_1 = require("@stuntman/shared");
+const rules_1 = require("./rules");
+const ruleExecutors = {};
+const transformMockRuleToLive = (rule) => {
+    var _a;
+    return {
+        ...rule,
+        counter: 0,
+        isEnabled: (_a = rule.isEnabled) !== null && _a !== void 0 ? _a : true,
+        createdTimestamp: Date.now(),
+    };
+};
+class RuleExecutor {
+    get enabledRules() {
+        if (!this._rules) {
+            return new Array();
+        }
+        const now = Date.now();
+        return this._rules
+            .filter((r) => (r.isEnabled && !Number.isFinite(r.ttlSeconds)) || r.createdTimestamp + r.ttlSeconds * 1000 > now)
+            .sort((a, b) => { var _a, _b; return ((_a = a.priority) !== null && _a !== void 0 ? _a : shared_1.DEFAULT_RULE_PRIORITY) - ((_b = b.priority) !== null && _b !== void 0 ? _b : shared_1.DEFAULT_RULE_PRIORITY); });
+    }
+    constructor(rules) {
+        this.rulesLock = new await_lock_1.default();
+        this._rules = (rules || []).map(transformMockRuleToLive);
+    }
+    hasExpired() {
+        const now = Date.now();
+        return this._rules.some((r) => Number.isFinite(r.ttlSeconds) && r.createdTimestamp + r.ttlSeconds * 1000 < now);
+    }
+    async cleanUpExpired() {
+        if (!this.hasExpired()) {
+            return;
+        }
+        await this.rulesLock.acquireAsync();
+        const now = Date.now();
+        try {
+            this._rules = this._rules.filter((r) => {
+                const shouldKeep = !Number.isFinite(r.ttlSeconds) || r.createdTimestamp + r.ttlSeconds * 1000 > now;
+                if (!shouldKeep) {
+                    shared_1.logger.debug({ ruleId: r.id }, 'removing expired rule');
+                }
+                return shouldKeep;
+            });
+        }
+        finally {
+            await this.rulesLock.release();
+        }
+    }
+    async addRule(rule, overwrite) {
+        await this.cleanUpExpired();
+        await this.rulesLock.acquireAsync();
+        try {
+            if (this._rules.some((r) => r.id === rule.id)) {
+                if (!overwrite) {
+                    throw new shared_1.AppError({ httpCode: shared_1.HttpCode.CONFLICT, message: 'rule with given ID already exists' });
+                }
+                this._removeRule(rule.id);
+            }
+            const liveRule = transformMockRuleToLive(rule);
+            this._rules.push(liveRule);
+            shared_1.logger.debug(liveRule, 'rule added');
+            return liveRule;
+        }
+        finally {
+            await this.rulesLock.release();
+        }
+    }
+    _removeRule(ruleOrId) {
+        this._rules = this._rules.filter((r) => {
+            const notFound = r.id !== (typeof ruleOrId === 'string' ? ruleOrId : ruleOrId.id);
+            if (!notFound) {
+                shared_1.logger.debug({ ruleId: r.id }, 'rule removed');
+            }
+            return notFound;
+        });
+    }
+    async removeRule(ruleOrId) {
+        await this.cleanUpExpired();
+        await this.rulesLock.acquireAsync();
+        try {
+            this._removeRule(ruleOrId);
+        }
+        finally {
+            await this.rulesLock.release();
+        }
+    }
+    enableRule(ruleOrId) {
+        this._rules.forEach((r) => {
+            if (r.id === (typeof ruleOrId === 'string' ? ruleOrId : ruleOrId.id)) {
+                r.counter = 0;
+                r.isEnabled = true;
+                shared_1.logger.debug({ ruleId: r.id }, 'rule enabled');
+            }
+        });
+    }
+    disableRule(ruleOrId) {
+        this._rules.forEach((r) => {
+            if (r.id === (typeof ruleOrId === 'string' ? ruleOrId : ruleOrId.id)) {
+                r.isEnabled = false;
+                shared_1.logger.debug({ ruleId: r.id }, 'rule disabled');
+            }
+        });
+    }
+    async findMatchingRule(request) {
+        const logContext = {
+            requestId: request.id,
+        };
+        const matchingRule = this.enabledRules.find((rule) => {
+            try {
+                const matchResult = rule.matches(request);
+                shared_1.logger.trace({ ...logContext, matchResult }, `rule match attempt for ${rule.id}`);
+                if (typeof matchResult === 'boolean') {
+                    return matchResult;
+                }
+                return matchResult.result;
+            }
+            catch (error) {
+                shared_1.logger.error({ ...logContext, ruleId: rule === null || rule === void 0 ? void 0 : rule.id, error }, 'error in rule match function');
+            }
+        });
+        if (!matchingRule) {
+            shared_1.logger.debug(logContext, 'no matching rule found');
+            return null;
+        }
+        const matchResult = matchingRule.matches(request);
+        logContext.ruleId = matchingRule.id;
+        shared_1.logger.debug({ ...logContext, matchResultMessage: typeof matchResult !== 'boolean' ? matchResult.description : null }, 'found matching rule');
+        const matchingRuleClone = Object.freeze(Object.assign({}, matchingRule));
+        ++matchingRule.counter;
+        logContext.ruleCounter = matchingRule.counter;
+        if (Number.isNaN(matchingRule.counter) || !Number.isFinite(matchingRule.counter)) {
+            matchingRule.counter = 0;
+            shared_1.logger.warn(logContext, "it's over 9000!!!");
+        }
+        // TODO check if that works
+        if (matchingRule.disableAfterUse) {
+            if (typeof matchingRule.disableAfterUse === 'boolean' || matchingRule.disableAfterUse <= matchingRule.counter) {
+                shared_1.logger.debug(logContext, 'disabling rule for future requests');
+                this.disableRule(matchingRule);
+            }
+        }
+        if (matchingRule.removeAfterUse) {
+            if (typeof matchingRule.removeAfterUse === 'boolean' || matchingRule.removeAfterUse <= matchingRule.counter) {
+                shared_1.logger.debug(logContext, 'removing rule for future requests');
+                await this.removeRule(matchingRule);
+            }
+        }
+        if (typeof matchResult !== 'boolean') {
+            if (matchResult.disableRuleIds && matchResult.disableRuleIds.length > 0) {
+                shared_1.logger.debug({ ...logContext, disableRuleIds: matchResult.disableRuleIds }, 'disabling rules based on matchResult');
+                for (const ruleId of matchResult.disableRuleIds) {
+                    this.disableRule(ruleId);
+                }
+            }
+            if (matchResult.enableRuleIds && matchResult.enableRuleIds.length > 0) {
+                shared_1.logger.debug({ ...logContext, disableRuleIds: matchResult.disableRuleIds }, 'enabling rules based on matchResult');
+                for (const ruleId of matchResult.enableRuleIds) {
+                    this.enableRule(ruleId);
+                }
+            }
+        }
+        return matchingRuleClone;
+    }
+    async getRules() {
+        await this.cleanUpExpired();
+        return this._rules;
+    }
+    async getRule(id) {
+        await this.cleanUpExpired();
+        return this._rules.find((r) => r.id === id);
+    }
+}
+const getRuleExecutor = (mockUuid) => {
+    if (!ruleExecutors[mockUuid]) {
+        ruleExecutors[mockUuid] = new RuleExecutor([...rules_1.DEFAULT_RULES, ...rules_1.CUSTOM_RULES].map((r) => ({ ...r, ttlSeconds: Infinity })));
+    }
+    return ruleExecutors[mockUuid];
+};
+exports.getRuleExecutor = getRuleExecutor;

package/dist/rules/catchAll.d.ts

@@ -0,0 +1,2 @@
+import type * as Stuntman from '@stuntman/shared';
+export declare const catchAllRule: Stuntman.DeployedRule;

package/dist/rules/catchAll.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.catchAllRule = void 0;
+const shared_1 = require("@stuntman/shared");
+exports.catchAllRule = {
+    id: shared_1.CATCH_RULE_NAME,
+    matches: () => true,
+    priority: shared_1.CATCH_ALL_RULE_PRIORITY,
+    actions: {
+        mockResponse: (req) => ({
+            body: `Request received by Stuntman mock <pre>${JSON.stringify(req, null, 4)}</pre>`,
+            status: 200,
+        }),
+    },
+};

package/dist/rules/echo.d.ts

@@ -0,0 +1,2 @@
+import type * as Stuntman from '@stuntman/shared';
+export declare const echoRule: Stuntman.DeployedRule;

package/dist/rules/echo.js

@@ -0,0 +1,15 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.echoRule = void 0;
+const shared_1 = require("@stuntman/shared");
+exports.echoRule = {
+    id: 'internal/echo',
+    priority: shared_1.DEFAULT_RULE_PRIORITY + 1,
+    matches: (req) => /https?:\/\/echo\/.*/.test(req.url),
+    actions: {
+        mockResponse: (req) => ({
+            body: req,
+            status: 200,
+        }),
+    },
+};

package/dist/rules/index.d.ts

@@ -0,0 +1,3 @@
+import type * as Stuntman from '@stuntman/shared';
+export declare const DEFAULT_RULES: Stuntman.DeployedRule[];
+export declare const CUSTOM_RULES: Stuntman.DeployedRule[];

package/dist/rules/index.js

@@ -0,0 +1,70 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CUSTOM_RULES = exports.DEFAULT_RULES = void 0;
+const fs_1 = __importDefault(require("fs"));
+const glob_1 = __importDefault(require("glob"));
+const tsImport = __importStar(require("ts-import"));
+const catchAll_1 = require("./catchAll");
+const echo_1 = require("./echo");
+const shared_1 = require("@stuntman/shared");
+exports.DEFAULT_RULES = [catchAll_1.catchAllRule, echo_1.echoRule];
+exports.CUSTOM_RULES = [];
+const loadAdditionalRules = () => {
+    if (!shared_1.serverConfig.mock.rulesPath || !fs_1.default.existsSync(shared_1.serverConfig.mock.rulesPath)) {
+        shared_1.logger.debug({ rulesPath: shared_1.serverConfig.mock.rulesPath }, `additional rules directory not found`);
+        return;
+    }
+    shared_1.logger.debug({ rulesPath: shared_1.serverConfig.mock.rulesPath }, `loading additional rules`);
+    const filePaths = glob_1.default.sync('*.[tj]s', { absolute: true, cwd: shared_1.serverConfig.mock.rulesPath });
+    for (const filePath of filePaths) {
+        // TODO add .ts rule support
+        try {
+            const loadedFile = /\.js$/.test(filePath) ? require(filePath) : tsImport.loadSync(filePath);
+            // eslint-disable-next-line @typescript-eslint/no-var-requires
+            const exportedRules = Object.values(loadedFile).filter((rule) => {
+                if (!rule || !rule.id || typeof rule.matches !== 'function') {
+                    shared_1.logger.error({ filePath, rule }, 'invalid exported rule');
+                    return false;
+                }
+                return true;
+            });
+            exports.CUSTOM_RULES.push(...exportedRules);
+        }
+        catch (error) {
+            shared_1.logger.error({ filePath, error }, 'error importing rule');
+        }
+    }
+    const ruleIds = [...exports.DEFAULT_RULES, ...exports.CUSTOM_RULES].map((rule) => rule.id);
+    const duplicatedRuleIds = ruleIds.filter((currentValue, currentIndex) => ruleIds.indexOf(currentValue) !== currentIndex);
+    if (duplicatedRuleIds.length > 0) {
+        shared_1.logger.error({ duplicatedRuleIds }, 'duplicated rule ids');
+        throw new Error('duplicated rule ids');
+    }
+};
+loadAdditionalRules();

package/dist/storage.d.ts

@@ -0,0 +1,4 @@
+import LRUCache from 'lru-cache';
+import type * as Stuntman from '@stuntman/shared';
+export declare const getTrafficStore: (key: string, options?: Stuntman.StorageConfig) => LRUCache<string, Stuntman.LogEntry>;
+export declare const getDnsResolutionCache: (key: string) => LRUCache<string, string>;

package/dist/storage.js

@@ -0,0 +1,42 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getDnsResolutionCache = exports.getTrafficStore = void 0;
+const lru_cache_1 = __importDefault(require("lru-cache"));
+const object_sizeof_1 = __importDefault(require("object-sizeof"));
+const DNS_CACHE_OPTIONS = {
+    max: 1000,
+    ttl: 1000 * 60 * 15,
+    allowStale: false,
+    updateAgeOnGet: false,
+    updateAgeOnHas: false,
+};
+const trafficStoreInstances = {};
+const dnsResolutionCacheInstances = {};
+const getTrafficStore = (key, options) => {
+    if (!(key in trafficStoreInstances)) {
+        if (!options) {
+            throw new Error('initialize with options first');
+        }
+        trafficStoreInstances[key] = new lru_cache_1.default({
+            max: options.limitCount,
+            maxSize: options.limitSize,
+            ttl: options.ttl,
+            allowStale: false,
+            updateAgeOnGet: false,
+            updateAgeOnHas: false,
+            sizeCalculation: (value) => (0, object_sizeof_1.default)(value),
+        });
+    }
+    return trafficStoreInstances[key];
+};
+exports.getTrafficStore = getTrafficStore;
+const getDnsResolutionCache = (key) => {
+    if (!(key in dnsResolutionCacheInstances)) {
+        dnsResolutionCacheInstances[key] = new lru_cache_1.default(DNS_CACHE_OPTIONS);
+    }
+    return dnsResolutionCacheInstances[key];
+};
+exports.getDnsResolutionCache = getDnsResolutionCache;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@stuntman/server",
-  "version": "0.1.4",
+  "version": "0.1.6",
   "description": "Stuntman - HTTP proxy / mock server with API",
   "main": "dist/index.js",
   "repository": {
@@ -41,29 +41,32 @@
     "pug": "3.0.2",
     "serialize-javascript": "6.0.1",
     "ts-import": "4.0.0-beta.10",
-    "typescript": "4.9.5",
     "undici": "5.20.0",
     "uuid": "9.0.0"
   },
   "devDependencies": {
+    "@jest/globals": "29.4.3",
     "@prettier/plugin-pug": "2.4.1",
     "@types/express": "4.17.17",
     "@types/glob": "8.1.0",
     "@types/serialize-javascript": "5.0.2",
     "@types/uuid": "9.0.0",
-    "prettier": "2.8.4"
+    "jest": "29.4.3",
+    "prettier": "2.8.4",
+    "typescript": "4.9.5"
   },
   "bin": {
     "stuntman": "./dist/bin/stuntman.js"
   },
   "files": [
-    "dist/",
+    "src/**",
+    "dist/**",
     "README.md",
     "LICENSE",
     "CHANGELOG.md"
   ],
   "scripts": {
-    "test": "echo \"Error: no test specified\" && exit 1",
+    "test": "SUPPRESS_NO_CONFIG_WARNING=1 jest",
     "clean": "rm -fr dist",
     "build": "tsc && cp -rv src/api/webgui dist/api",
     "lint": "prettier --check . && eslint . --ext ts",

package/src/api/api.ts

@@ -0,0 +1,225 @@
+import http from 'http';
+import express, { NextFunction, Request, Response, Express as ExpressServer } from 'express';
+import { v4 as uuidv4 } from 'uuid';
+import { getTrafficStore } from '../storage';
+import { getRuleExecutor } from '../ruleExecutor';
+import { logger, AppError, HttpCode, MAX_RULE_TTL_SECONDS, stringify, INDEX_DTS } from '@stuntman/shared';
+import type * as Stuntman from '@stuntman/shared';
+import RequestContext from '../requestContext';
+import serializeJavascript from 'serialize-javascript';
+import LRUCache from 'lru-cache';
+import { validateDeserializedRule } from './validators';
+import { deserializeRule, escapedSerialize, liveRuleToRule } from './utils';
+
+type ApiOptions = Stuntman.ApiConfig & {
+    mockUuid: string;
+};
+
+const API_KEY_HEADER = 'x-api-key';
+
+export class API {
+    protected options: Required<ApiOptions>;
+    protected apiApp: ExpressServer;
+    trafficStore: LRUCache<string, Stuntman.LogEntry>;
+    server: http.Server | null = null;
+    auth: (req: Request, type: 'read' | 'write') => void;
+    authReadOnly: (req: Request, res: Response, next: NextFunction) => void;
+    authReadWrite: (req: Request, res: Response, next: NextFunction) => void;
+
+    constructor(options: ApiOptions, webGuiOptions?: Stuntman.WebGuiConfig) {
+        if (!options.apiKeyReadOnly !== !options.apiKeyReadWrite) {
+            throw new Error('apiKeyReadOnly and apiKeyReadWrite options need to be set either both or none');
+        }
+        this.options = options;
+
+        this.trafficStore = getTrafficStore(this.options.mockUuid);
+        this.apiApp = express();
+
+        this.apiApp.use(express.json());
+        this.apiApp.use(express.text());
+
+        this.auth = (req: Request, type: 'read' | 'write'): void => {
+            if (!this.options.apiKeyReadOnly && !this.options.apiKeyReadWrite) {
+                return;
+            }
+            const hasValidReadKey = req.header(API_KEY_HEADER) === this.options.apiKeyReadOnly;
+            const hasValidWriteKey = req.header(API_KEY_HEADER) === this.options.apiKeyReadWrite;
+            const hasValidKey = type === 'read' ? hasValidReadKey || hasValidWriteKey : hasValidWriteKey;
+            if (!hasValidKey) {
+                throw new AppError({ httpCode: HttpCode.UNAUTHORIZED, message: 'unauthorized' });
+            }
+            return;
+        };
+
+        this.authReadOnly = (req: Request, res: Response, next: NextFunction): void => {
+            this.auth(req, 'read');
+            next();
+        };
+
+        this.authReadWrite = (req: Request, res: Response, next: NextFunction): void => {
+            this.auth(req, 'write');
+            next();
+        };
+
+        this.apiApp.use((req: Request, res: Response, next: NextFunction) => {
+            RequestContext.bind(req, this.options.mockUuid);
+            next();
+        });
+
+        this.apiApp.get('/rule', this.authReadOnly, async (req, res) => {
+            res.send(stringify(await getRuleExecutor(this.options.mockUuid).getRules()));
+        });
+
+        this.apiApp.get('/rule/:ruleId', this.authReadOnly, async (req, res) => {
+            res.send(stringify(await getRuleExecutor(this.options.mockUuid).getRule(req.params.ruleId)));
+        });
+
+        this.apiApp.get('/rule/:ruleId/disable', this.authReadWrite, (req, res) => {
+            getRuleExecutor(this.options.mockUuid).disableRule(req.params.ruleId);
+            res.send();
+        });
+
+        this.apiApp.get('/rule/:ruleId/enable', this.authReadWrite, (req, res) => {
+            getRuleExecutor(this.options.mockUuid).enableRule(req.params.ruleId);
+            res.send();
+        });
+
+        this.apiApp.post(
+            '/rule',
+            this.authReadWrite,
+            async (req: Request<object, string, Stuntman.SerializedRule>, res: Response) => {
+                const deserializedRule = deserializeRule(req.body);
+                validateDeserializedRule(deserializedRule);
+                // eslint-disable-next-line @typescript-eslint/ban-ts-comment
+                // @ts-ignore
+                const rule = await getRuleExecutor(this.options.mockUuid).addRule(deserializedRule);
+                res.send(stringify(rule));
+            }
+        );
+
+        this.apiApp.get('/rule/:ruleId/remove', this.authReadWrite, async (req, res) => {
+            await getRuleExecutor(this.options.mockUuid).removeRule(req.params.ruleId);
+            res.send();
+        });
+
+        this.apiApp.get('/traffic', this.authReadOnly, (req, res) => {
+            const serializedTraffic: Stuntman.LogEntry[] = [];
+            for (const value of this.trafficStore.values()) {
+                serializedTraffic.push(value);
+            }
+            res.json(serializedTraffic);
+        });
+
+        this.apiApp.get('/traffic/:ruleIdOrLabel', this.authReadOnly, (req, res) => {
+            const serializedTraffic: Stuntman.LogEntry[] = [];
+            for (const value of this.trafficStore.values()) {
+                if (value.mockRuleId === req.params.ruleIdOrLabel || (value.labels || []).includes(req.params.ruleIdOrLabel)) {
+                    serializedTraffic.push(value);
+                }
+            }
+            res.json(serializedTraffic);
+        });
+
+        if (!webGuiOptions?.disabled) {
+            this.apiApp.set('views', __dirname + '/webgui');
+            this.apiApp.set('view engine', 'pug');
+            this.initWebGui();
+        }
+
+        this.apiApp.all(/.*/, (req: Request, res: Response) => res.status(404).send());
+
+        this.apiApp.use((error: Error | AppError, req: Request, res: Response) => {
+            const ctx: RequestContext | null = RequestContext.get(req);
+            const uuid = ctx?.uuid || uuidv4();
+            if (error instanceof AppError && error.isOperational && res) {
+                logger.error(error);
+                res.status(error.httpCode).json({
+                    error: { message: error.message, httpCode: error.httpCode, stack: error.stack },
+                });
+                return;
+            }
+            logger.error({ message: error.message, stack: error.stack, name: error.name, uuid }, 'unexpected error');
+            if (res) {
+                res.status(HttpCode.INTERNAL_SERVER_ERROR).json({
+                    error: { message: error.message, httpCode: HttpCode.INTERNAL_SERVER_ERROR, uuid },
+                });
+                return;
+            }
+            // eslint-disable-next-line no-console
+            console.log('API server encountered a critical error. Exiting');
+            process.exit(1);
+        });
+    }
+
+    private initWebGui() {
+        this.apiApp.get('/webgui/rules', this.authReadOnly, async (req, res) => {
+            const rules: Record<string, string> = {};
+            for (const rule of await getRuleExecutor(this.options.mockUuid).getRules()) {
+                rules[rule.id] = serializeJavascript(liveRuleToRule(rule), { unsafe: true });
+            }
+            res.render('rules', { rules: escapedSerialize(rules), INDEX_DTS, ruleKeys: Object.keys(rules) });
+        });
+
+        this.apiApp.get('/webgui/traffic', this.authReadOnly, async (req, res) => {
+            const serializedTraffic: Stuntman.LogEntry[] = [];
+            for (const value of this.trafficStore.values()) {
+                serializedTraffic.push(value);
+            }
+            res.render('traffic', {
+                traffic: JSON.stringify(
+                    serializedTraffic.sort((a, b) => b.originalRequest.timestamp - a.originalRequest.timestamp)
+                ),
+            });
+        });
+
+        // TODO make webui way better and safer, nicer formatting, eslint/prettier, blackjack and hookers
+
+        this.apiApp.post('/webgui/rules/unsafesave', this.authReadWrite, async (req, res) => {
+            const rule: Stuntman.Rule = new Function(req.body)();
+            if (
+                !rule ||
+                !rule.id ||
+                typeof rule.matches !== 'function' ||
+                typeof rule.ttlSeconds !== 'number' ||
+                rule.ttlSeconds > MAX_RULE_TTL_SECONDS
+            ) {
+                throw new AppError({ httpCode: HttpCode.BAD_REQUEST, message: 'Invalid rule' });
+            }
+            await getRuleExecutor(this.options.mockUuid).addRule(
+                {
+                    id: rule.id,
+                    matches: rule.matches,
+                    ttlSeconds: rule.ttlSeconds,
+                    actions: rule.actions,
+                    ...(rule.disableAfterUse !== undefined && { disableAfterUse: rule.disableAfterUse }),
+                    ...(rule.isEnabled !== undefined && { isEnabled: rule.isEnabled }),
+                    ...(rule.labels !== undefined && { labels: rule.labels }),
+                    ...(rule.priority !== undefined && { priority: rule.priority }),
+                    ...(rule.removeAfterUse !== undefined && { removeAfterUse: rule.removeAfterUse }),
+                    ...(rule.storeTraffic !== undefined && { storeTraffic: rule.storeTraffic }),
+                },
+                true
+            );
+            res.send();
+        });
+    }
+
+    public start() {
+        if (this.server) {
+            throw new Error('mock server already started');
+        }
+        this.server = this.apiApp.listen(this.options.port, () => {
+            logger.info(`API listening on ${this.options.port}`);
+        });
+    }
+
+    public stop() {
+        if (!this.server) {
+            throw new Error('mock server not started');
+        }
+        this.server.close((error) => {
+            logger.warn(error, 'problem closing server');
+            this.server = null;
+        });
+    }
+}