Refactoring on Action - having RuleWithAction and RuleWithActionsProperties

test/test-cases/regression/config-secdefaultaction.json

@@ -277,7 +277,13 @@
     },
     "rules":[
       "SecRuleEngine On",
-      "SecAuditEngine On",
+      "SecAuditEngine RelevantOnly",
+      "SecAuditLogParts ABCFHZ",
+      "SecAuditLog /tmp/test/modsec_audit_auditlog_1.log",
+      "SecAuditLogDirMode 0766",
+      "SecAuditLogFileMode 0666",
+      "SecAuditLogType Serial",
+      "SecAuditLogRelevantStatus \"^(?:3|4(?!04))\"",
       "SecDefaultAction \"phase:2,log,auditlog,status:302,redirect:'http://www.google.com'\"",
       "SecRule REQUEST_HEADERS \"@contains PHPSESSID\" \"phase:2,id:1,block\"",
       "SecRule TX \"@contains to_test\" \"id:2,t:lowercase,t:none,block\""

test/test-cases/regression/issue-1528.json

@@ -27,12 +27,13 @@
   },
   "expected": {
     "debug_log": "Rule returned 1",
-    "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'"
+    "error_log": "Matched \"Operator `Rx' with parameter `\\^attack\\$'",
+    "http_code": 403
   },
   "rules": [
     "SecRuleEngine On",
     "SecAction \"id:1, setvar:tx.bad_value=attack\"",
-    "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,log\""
+    "SecRule ARGS:param \"@rx ^%{tx.bad_value}$\" \"id:2,log,deny\""
   ]
 }
 ]

test/test-cases/regression/issue-1844.json

@@ -85,10 +85,12 @@
       ]
     },
     "expected":{
-      "error_log":"line \"55\""
+      "error_log":"line \"55\"",
+      "http_code": 403
     },
     "rules":[
       "SecRuleEngine On",
+      "SecDefaultAction \"phase:2,deny\"",
       "SecRule WEBAPPID \"@contains test2\" \"id:1,phase:3,pass,t:trim\"",
       "Include test-cases/data/big-file.conf"
     ]