def _create_new_finding_from_rule(finding: ScoutSuiteFindingMap,
rule: ScoutSuiteRule):
details = ScoutSuiteFindingDetails()
details.scoutsuite_rules = [rule]
details.save()
status = ScoutSuiteZTFindingService.get_finding_status_from_rules(
details.scoutsuite_rules)
ScoutSuiteFinding.save_finding(finding.test, status, details)
def test_save_finding_sanity(self):
assert len(Finding.objects(test=zero_trust_consts.TEST_SEGMENTATION)) == 0
rule_example = RULES[0]
scoutsuite_details_example = ScoutSuiteFindingDetails()
scoutsuite_details_example.scoutsuite_rules.append(rule_example)
scoutsuite_details_example.save()
ScoutSuiteFinding.save_finding(test=zero_trust_consts.TEST_SEGMENTATION,
status=zero_trust_consts.STATUS_FAILED,
detail_ref=scoutsuite_details_example)
assert len(ScoutSuiteFinding.objects(test=zero_trust_consts.TEST_SEGMENTATION)) == 1
assert len(ScoutSuiteFinding.objects(status=zero_trust_consts.STATUS_FAILED)) == 1
assert len(Finding.objects(status=zero_trust_consts.STATUS_FAILED)) == 1
def test_process_rule(self):
# Creates new PermissiveFirewallRules finding with a rule
ScoutSuiteZTFindingService.process_rule(SCOUTSUITE_FINDINGS[0],
RULES[0])
findings = list(Finding.objects())
assert len(findings) == 1
assert type(findings[0]) == ScoutSuiteFinding
# Assert that details were created properly
details = findings[0].details.fetch()
assert len(details.scoutsuite_rules) == 1
assert details.scoutsuite_rules[0] == RULES[0]
# Rule processing should add rule to an already existing finding
ScoutSuiteZTFindingService.process_rule(SCOUTSUITE_FINDINGS[0],
RULES[1])
findings = list(ScoutSuiteFinding.objects())
assert len(findings) == 1
assert type(findings[0]) == ScoutSuiteFinding
# Assert that details were created properly
details = findings[0].details.fetch()
assert len(details.scoutsuite_rules) == 2
assert details.scoutsuite_rules[1] == RULES[1]
# New finding created
ScoutSuiteZTFindingService.process_rule(SCOUTSUITE_FINDINGS[1],
RULES[1])
findings = list(Finding.objects())
assert len(findings) == 2
assert type(findings[0]) == ScoutSuiteFinding
# Assert that details were created properly
details = findings[1].details.fetch()
assert len(details.scoutsuite_rules) == 1
assert details.scoutsuite_rules[0] == RULES[1]
def test_save_finding_validation(self):
with pytest.raises(ValidationError):
_ = ScoutSuiteFinding.save_finding(
test=zero_trust_consts.TEST_SEGMENTATION,
status="bla bla",
detail_ref=SCOUTSUITE_FINDING_DETAIL_MOCK,
)
def change_finding_status_by_rule(finding: ScoutSuiteFinding, rule: ScoutSuiteRule):
rule_status = ScoutSuiteZTFindingService.get_finding_status_from_rules([rule])
finding_status = finding.status
new_finding_status = ScoutSuiteZTFindingService.get_finding_status_from_rule_status(
finding_status, rule_status
)
if finding_status != new_finding_status:
finding.status = new_finding_status
def process_rule(finding: ScoutSuiteFindingMap, rule: ScoutSuiteRule):
existing_findings = ScoutSuiteFinding.objects(test=finding.test)
assert (len(existing_findings) <
2), "More than one finding exists for {}".format(finding.test)
if len(existing_findings) == 0:
ScoutSuiteZTFindingService._create_new_finding_from_rule(
finding, rule)
else:
ScoutSuiteZTFindingService.add_rule(existing_findings[0], rule)
def add_rule(finding: ScoutSuiteFinding, rule: ScoutSuiteRule):
ScoutSuiteZTFindingService.change_finding_status_by_rule(finding, rule)
finding.save()
finding.details.fetch().add_rule(rule)
def get_scoutsuite_finding_dto() -> Finding:
scoutsuite_details = get_scoutsuite_details_dto()
scoutsuite_details.save()
return ScoutSuiteFinding(test=TEST_SCOUTSUITE_SERVICE_SECURITY,
status=STATUS_FAILED,
details=scoutsuite_details)