Beispiel #1
0
    def test_create_excluded_resources_handler_success_case_not_exists_data_create(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        # Call function test
        actual_response = checkitemsettings.create_excluded_resources_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.CREATED, actual_status_code)

        self.assertEqual(data_pm_exclusion_resources["OrganizationID"],
                         actual_response_body["organizationId"])
        self.assertEqual(data_pm_exclusion_resources["ProjectID"],
                         actual_response_body["projectId"])
        self.assertEqual(data_pm_aws_account_coops["AWSAccount"],
                         actual_response_body["awsAccount"])
        self.assertEqual(data_pm_exclusion_resources["CheckItemCode"],
                         actual_response_body["checkItemCode"])
        self.assertEqual(data_pm_exclusion_resources["RegionName"],
                         actual_response_body["regionName"])
        self.assertEqual(data_pm_exclusion_resources["ResourceName"],
                         actual_response_body["resourceName"])
        self.assertEqual(data_pm_exclusion_resources["ResourceType"],
                         actual_response_body["resourceType"])
        self.assertEqual(data_pm_exclusion_resources["ExclusionComment"],
                         actual_response_body["exclusionComment"])
Beispiel #2
0
    def test_list_item_settings_handler_success_case_not_exists_data_exclusion_resource(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_projects.create(data_pm_projects)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        # Call function test
        actual_response = checkitemsettings.list_item_settings_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_bodys = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        for actual_response_body in actual_response_bodys:
            if actual_response_body[
                    "checkItemCode"] in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE:
                self.assertEqual(ExcludedResourceFlag.Disable,
                                 actual_response_body["excludedResourceFlag"])
            else:
                self.assertEqual(ExcludedResourceFlag.Other,
                                 actual_response_body["excludedResourceFlag"])
    def test_get_excluded_resources_handler_success_case_exists_excluded_resource(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        # create record pm_exclusionResources
        mock_pm_exclusionResources.create(data_pm_exclusion_resources)

        # Call function test
        actual_response = checkitemsettings.get_excluded_resources_handler(
            event_mock, {})

        # get record pm_exclusionResources
        expected_exclusion_resources = mock_pm_exclusionResources.query_key(
            data_pm_exclusion_resources['ExclusionResourceID'])

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        self.assertEqual(1, len(actual_response_body))
        self.assertEqual(12, len(actual_response_body[0]))
        self.assertEqual(expected_exclusion_resources['ExclusionResourceID'],
                         actual_response_body[0]['id'])
        self.assertEqual(expected_exclusion_resources['OrganizationID'],
                         actual_response_body[0]['organizationId'])
        self.assertEqual(expected_exclusion_resources['ProjectID'],
                         actual_response_body[0]['projectId'])
        self.assertEqual(expected_exclusion_resources['AWSAccount'],
                         actual_response_body[0]['awsAccount'])
        self.assertEqual(expected_exclusion_resources['CheckItemCode'],
                         actual_response_body[0]['checkItemCode'])
        self.assertEqual(expected_exclusion_resources['RegionName'],
                         actual_response_body[0]['regionName'])
        self.assertEqual(expected_exclusion_resources['ResourceName'],
                         actual_response_body[0]['resourceName'])
        self.assertEqual(expected_exclusion_resources['ResourceType'],
                         actual_response_body[0]['resourceType'])
        self.assertEqual(expected_exclusion_resources['ExclusionComment'],
                         actual_response_body[0]['exclusionComment'])
        self.assertEqual(expected_exclusion_resources['MailAddress'],
                         actual_response_body[0]['mailAddress'])
        self.assertEqual(expected_exclusion_resources['CreatedAt'],
                         actual_response_body[0]['createdAt'])
        self.assertEqual(expected_exclusion_resources['UpdatedAt'],
                         actual_response_body[0]['updatedAt'])
Beispiel #4
0
    def test_create_excluded_resources_handler_success_case_exists_data_create(
            self):
        # perpare data test
        body_update = {
            "regionName": data_pm_exclusion_resources['RegionName'],
            "resourceType": data_pm_exclusion_resources['ResourceType'],
            "resourceName": data_pm_exclusion_resources['ResourceName'],
            "exclusionComment": exclusion_comment_update
        }

        event_mock_update = event_create.get_event_object(
            trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))),
            path_parameters=path_parameters,
            body=json.dumps(body_update))
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)
        mock_pm_exclusionResources.create(data_pm_exclusion_resources)

        # Call function test
        actual_response = checkitemsettings.create_excluded_resources_handler(
            event_mock_update, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.CREATED, actual_status_code)

        self.assertEqual(data_pm_exclusion_resources["ExclusionResourceID"],
                         actual_response_body["id"])
        self.assertEqual(data_pm_exclusion_resources["OrganizationID"],
                         actual_response_body["organizationId"])
        self.assertEqual(data_pm_exclusion_resources["ProjectID"],
                         actual_response_body["projectId"])
        self.assertEqual(data_pm_exclusion_resources["AWSAccount"],
                         actual_response_body["awsAccount"])
        self.assertEqual(data_pm_exclusion_resources["CheckItemCode"],
                         actual_response_body["checkItemCode"])
        self.assertEqual(data_pm_exclusion_resources["RegionName"],
                         actual_response_body["regionName"])
        self.assertEqual(data_pm_exclusion_resources["ResourceName"],
                         actual_response_body["resourceName"])
        self.assertEqual(data_pm_exclusion_resources["ResourceType"],
                         actual_response_body["resourceType"])
        self.assertEqual(exclusion_comment_update,
                         actual_response_body["exclusionComment"])
    def test_get_excluded_resources_handler_success_case_not_exists_excluded_resource(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        # Call function test
        actual_response = checkitemsettings.get_excluded_resources_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        self.assertEqual([], actual_response_body)
Beispiel #6
0
    def test_get_security_check_resource_handler_error_authority(self):
        # perpare data test
        mock_pm_affiliation.create(
            copy.deepcopy(DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER))

        event_mock = event_create.get_event_object(
            trace_id="user_not_authority", path_parameters=path_parameters)

        # Call function test
        actual_response = awschecks.get_security_check_resource_handler(
            event_mock, {})

        # Check data
        message_101 = MsgConst.ERR_101
        response_body = json.loads(actual_response['body'])
        self.assertEqual(response_body['code'], message_101['code'])
        self.assertEqual(response_body['message'], message_101['message'])
        self.assertEqual(actual_response['statusCode'], HTTPStatus.FORBIDDEN)
Beispiel #7
0
    def setUp(self):
        super().setUp()

        # truncate old data in the table
        if db_utils.check_table_exist(Tables.PM_AFFILIATION):
            db_utils.delete_table(Tables.PM_AFFILIATION)
        if db_utils.check_table_exist(Tables.PM_PROJECTS):
            db_utils.delete_table(Tables.PM_PROJECTS)
        if db_utils.check_table_exist(Tables.PM_CHECK_HISTORY):
            db_utils.delete_table(Tables.PM_CHECK_HISTORY)

        # create table
        mock_pm_affiliation.create_table()
        mock_pm_projects.create_table()
        mock_pm_checkHistory.create_table()

        # create data table
        mock_pm_projects.create(data_pm_project)
        mock_pm_affiliation.create(data_pm_affiliation)
Beispiel #8
0
    def test_create_excluded_resources_handler_error_authority(self):
        # perpare data test
        mock_pm_affiliation.create(
            copy.deepcopy(DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER))

        event_mock = event_create.get_event_object(
            trace_id=copy.deepcopy(
                DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER['UserID']),
            path_parameters=path_parameters,
            body=json.dumps(body))

        # Call function test
        actual_response = checkitemsettings.create_excluded_resources_handler(
            event_mock, {})

        # Check data
        message_101 = MsgConst.ERR_101
        response_body = json.loads(actual_response['body'])
        self.assertEqual(response_body['code'], message_101['code'])
        self.assertEqual(response_body['message'], message_101['message'])
        self.assertEqual(actual_response['statusCode'], HTTPStatus.FORBIDDEN)
Beispiel #9
0
    def test_get_security_check_resource_handler_success_case_not_exist_record_pm_latest_check_result(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        event_mock = event_create.get_event_object(
            trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))),
            path_parameters=path_parameters)

        # Call function test
        actual_response = awschecks.get_security_check_resource_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        self.assertEqual([], actual_response_body)
    def test_delete_excluded_resources_handler_success(self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        event_mock = event_create.get_event_object(
            trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))),
            path_parameters=path_parameters,
            query_string_parameters=query_string_parameters)

        # create record pm_exclusionResources delete
        mock_pm_exclusionResources.create(data_pm_exclusion_resources)

        # create record pm_exclusionResources not delete
        mock_pm_exclusionResources.create(data_exclusion_resources_not_delete)

        # Call function test
        actual_response = checkitemsettings.delete_excluded_resources_handler(
            event_mock, {})

        # get record pm_exclusionResources delete
        actual_exclusion_resources_delete = mock_pm_exclusionResources.query_key(
            data_pm_exclusion_resources['ExclusionResourceID'])

        # get record pm_exclusionResources not delete
        actual_exclusion_resources_not_delete = mock_pm_exclusionResources.query_key(
            data_exclusion_resources_not_delete['ExclusionResourceID'])

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(None, actual_exclusion_resources_delete)
        self.assertEqual(None, actual_response_body)
        self.assertEqual(HTTPStatus.NO_CONTENT, actual_status_code)

        self.assertDictEqual(data_exclusion_resources_not_delete,
                             actual_exclusion_resources_not_delete)
Beispiel #11
0
    def test_list_item_settings_handler_success_case_exists_data_exclusion_resource(
            self):
        # perpare data test
        aws_account = copy.deepcopy(DataCommon.AWS_ACCOUNT)
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_projects.create(data_pm_projects)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)

        for check_item_code in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE:
            data_pm_exclusion_resources[
                'ExclusionResourceID'] = common_utils.get_uuid4()
            data_pm_exclusion_resources['CheckItemCode'] = check_item_code
            data_pm_exclusion_resources['CheckItemRefineCode'] = copy.deepcopy(
                DataPmExclusionResources.CHECK_ITEM_REFINE_CODE_TEMPLATE.
                format(organization_id, project_id, aws_account,
                       check_item_code))
            data_pm_exclusion_resources['AccountRefineCode'] = copy.deepcopy(
                DataPmExclusionResources.ACCOUNT_REFINE_CODE_TEMPLATE.format(
                    organization_id, project_id, aws_account))
            mock_pm_exclusionResources.create(data_pm_exclusion_resources)

        # Call function test
        actual_response = checkitemsettings.list_item_settings_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_bodys = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        for actual_response_body in actual_response_bodys:
            if actual_response_body[
                    "checkItemCode"] in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE:
                self.assertEqual(ExcludedResourceFlag.Enable,
                                 actual_response_body["excludedResourceFlag"])
            else:
                self.assertEqual(ExcludedResourceFlag.Other,
                                 actual_response_body["excludedResourceFlag"])
Beispiel #12
0
    def test_get_security_check_resource_handler_success_case_exist_record_pm_check_result_items_and_pm_latest_check_result(
            self):
        # perpare data test
        mock_pm_affiliation.create(data_pm_affiliation)
        mock_pm_awsAccountCoops.create(data_pm_aws_account_coops)
        mock_pm_latestCheckResult.create(data_pm_latest_check_result)
        mock_pm_checkResultItems.create(data_pm_check_result_items)

        # mock object
        patch_read_json = patch('premembers.common.FileUtils.read_json')

        # start mock object
        mock_read_json = patch_read_json.start()

        # mock data
        mock_read_json.return_value = data_check_cis12_item_1_21

        # addCleanup stop mock object
        self.addCleanup(mock_read_json.stop)

        event_mock = event_create.get_event_object(
            trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))),
            path_parameters=path_parameters)

        # Call function test
        actual_response = awschecks.get_security_check_resource_handler(
            event_mock, {})

        # Get data response
        actual_status_code = actual_response['statusCode']
        actual_response_body = json.loads(actual_response['body'])

        # Check data
        self.assertEqual(HTTPStatus.OK, actual_status_code)
        self.assertEqual(1, len(actual_response_body))

        actual_response_data = actual_response_body[0]

        self.assertEqual(data_pm_check_result_items['CheckResultItemID'],
                         actual_response_data['id'])
        self.assertEqual(data_pm_check_result_items['CheckHistoryID'],
                         actual_response_data['checkHistoryId'])
        self.assertEqual(data_pm_check_result_items['CheckResultID'],
                         actual_response_data['checkResultId'])
        self.assertEqual(data_pm_check_result_items['CheckItemCode'],
                         actual_response_data['checkItemCode'])
        self.assertEqual(data_pm_check_result_items['OrganizationName'],
                         actual_response_data['organizationName'])
        self.assertEqual(data_pm_check_result_items['ProjectName'],
                         actual_response_data['projectName'])
        self.assertEqual(data_pm_check_result_items['AWSAccount'],
                         actual_response_data['awsAccount'])
        self.assertEqual(data_pm_check_result_items['AWSAccountName'],
                         actual_response_data['awsAccountName'])
        self.assertEqual(data_pm_check_result_items['ExclusionFlag'],
                         actual_response_data['exclusionFlag'])
        self.assertEqual(data_pm_check_result_items['CheckResult'],
                         actual_response_data['checkResult'])
        self.assertListEqual(data_check_cis12_item_1_21['CheckResults'],
                             actual_response_data['resources'])
        self.assertEqual(data_pm_check_result_items['CreatedAt'],
                         actual_response_data['createdAt'])
        self.assertEqual(data_pm_check_result_items['UpdatedAt'],
                         actual_response_data['updatedAt'])
    def test_execute_change_email_handler_success_case_caller_service_name_is_insightwatch(self):
        # perpare data test
        for affiliation in list_affiliations:
            mock_pm_affiliation.create(affiliation)

        for org_notify_mail_destination in list_org_notify_mail_destinations:
            mock_pm_orgNotifyMailDestinations.create(
                org_notify_mail_destination)

        mock_pm_emailChangeApply.create(
            data_insert_caller_service_name_insightwatch)

        # patch mock
        get_cognito_user_info_by_user_name_patch = patch(
            'premembers.common.aws_common.get_cognito_user_info_by_user_name')
        update_cognito_user_attributes_patch = patch(
            'premembers.common.aws_common.update_cognito_user_attributes')
        patch_read_yaml = patch('premembers.common.FileUtils.read_yaml')

        # start mock object
        mock_get_cognito_user_info_by_user_name = get_cognito_user_info_by_user_name_patch.start()
        mock_update_cognito_user_attributes = update_cognito_user_attributes_patch.start()
        mock_read_yaml = patch_read_yaml.start()

        # mock data
        mock_get_cognito_user_info_by_user_name.return_value = user_info
        mock_update_cognito_user_attributes.return_value = None
        mock_read_yaml.return_value = data_config

        # addCleanup stop mock object
        self.addCleanup(get_cognito_user_info_by_user_name_patch.stop)
        self.addCleanup(update_cognito_user_attributes_patch.stop)
        self.addCleanup(patch_read_yaml.stop)

        # Call function test
        result = user.execute_change_email_handler(event_mock, {})

        # Check data
        status_code = result['statusCode']
        response_body = result['body']
        response_headers = result['headers']

        self.assertEqual(HTTPStatus.OK.value, status_code)
        self.assertEqual(
            response_execute_change_email_caller_service_insightwatch,
            response_body)
        self.assertEqual(content_type_text_html,
                         response_headers['content-type'])

        # check update data table PM_OrgNotifyMailDestinations
        for affiliation in list_affiliations:
            org_notify_mail_destinations = mock_pm_orgNotifyMailDestinations.query_key(
                affiliation['OrganizationID'], notify_code)
            for destination in org_notify_mail_destinations['Destinations']:
                self.assertEqual(after_mail_address,
                                 destination['MailAddress'])

        # check update data table PM_Affiliation
        list_affiliations_update = mock_pm_affiliation.query_userid_key(
            user_id)
        for affiliation_update in list_affiliations_update:
            self.assertEqual(after_mail_address,
                             affiliation_update['MailAddress'])

        # check delete data table PM_EmailChangeApply
        email_change_apply = mock_pm_emailChangeApply.query_key(apply_id)
        self.assertEqual(None, email_change_apply)

        # check param call function get_cognito_user_info_by_user_name
        mock_get_cognito_user_info_by_user_name.assert_called_once_with(
            apply_id, user_id)

        # check param call function update_cognito_user_attributes
        mock_update_cognito_user_attributes.update_cognito_user_attributes(
            apply_id, user_id, user_attributes)