def test_create_excluded_resources_handler_success_case_not_exists_data_create( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) # Call function test actual_response = checkitemsettings.create_excluded_resources_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.CREATED, actual_status_code) self.assertEqual(data_pm_exclusion_resources["OrganizationID"], actual_response_body["organizationId"]) self.assertEqual(data_pm_exclusion_resources["ProjectID"], actual_response_body["projectId"]) self.assertEqual(data_pm_aws_account_coops["AWSAccount"], actual_response_body["awsAccount"]) self.assertEqual(data_pm_exclusion_resources["CheckItemCode"], actual_response_body["checkItemCode"]) self.assertEqual(data_pm_exclusion_resources["RegionName"], actual_response_body["regionName"]) self.assertEqual(data_pm_exclusion_resources["ResourceName"], actual_response_body["resourceName"]) self.assertEqual(data_pm_exclusion_resources["ResourceType"], actual_response_body["resourceType"]) self.assertEqual(data_pm_exclusion_resources["ExclusionComment"], actual_response_body["exclusionComment"])
def test_list_item_settings_handler_success_case_not_exists_data_exclusion_resource( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_projects.create(data_pm_projects) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) # Call function test actual_response = checkitemsettings.list_item_settings_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_bodys = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) for actual_response_body in actual_response_bodys: if actual_response_body[ "checkItemCode"] in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE: self.assertEqual(ExcludedResourceFlag.Disable, actual_response_body["excludedResourceFlag"]) else: self.assertEqual(ExcludedResourceFlag.Other, actual_response_body["excludedResourceFlag"])
def test_get_excluded_resources_handler_success_case_exists_excluded_resource( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) # create record pm_exclusionResources mock_pm_exclusionResources.create(data_pm_exclusion_resources) # Call function test actual_response = checkitemsettings.get_excluded_resources_handler( event_mock, {}) # get record pm_exclusionResources expected_exclusion_resources = mock_pm_exclusionResources.query_key( data_pm_exclusion_resources['ExclusionResourceID']) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) self.assertEqual(1, len(actual_response_body)) self.assertEqual(12, len(actual_response_body[0])) self.assertEqual(expected_exclusion_resources['ExclusionResourceID'], actual_response_body[0]['id']) self.assertEqual(expected_exclusion_resources['OrganizationID'], actual_response_body[0]['organizationId']) self.assertEqual(expected_exclusion_resources['ProjectID'], actual_response_body[0]['projectId']) self.assertEqual(expected_exclusion_resources['AWSAccount'], actual_response_body[0]['awsAccount']) self.assertEqual(expected_exclusion_resources['CheckItemCode'], actual_response_body[0]['checkItemCode']) self.assertEqual(expected_exclusion_resources['RegionName'], actual_response_body[0]['regionName']) self.assertEqual(expected_exclusion_resources['ResourceName'], actual_response_body[0]['resourceName']) self.assertEqual(expected_exclusion_resources['ResourceType'], actual_response_body[0]['resourceType']) self.assertEqual(expected_exclusion_resources['ExclusionComment'], actual_response_body[0]['exclusionComment']) self.assertEqual(expected_exclusion_resources['MailAddress'], actual_response_body[0]['mailAddress']) self.assertEqual(expected_exclusion_resources['CreatedAt'], actual_response_body[0]['createdAt']) self.assertEqual(expected_exclusion_resources['UpdatedAt'], actual_response_body[0]['updatedAt'])
def test_create_excluded_resources_handler_success_case_exists_data_create( self): # perpare data test body_update = { "regionName": data_pm_exclusion_resources['RegionName'], "resourceType": data_pm_exclusion_resources['ResourceType'], "resourceName": data_pm_exclusion_resources['ResourceName'], "exclusionComment": exclusion_comment_update } event_mock_update = event_create.get_event_object( trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))), path_parameters=path_parameters, body=json.dumps(body_update)) mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) mock_pm_exclusionResources.create(data_pm_exclusion_resources) # Call function test actual_response = checkitemsettings.create_excluded_resources_handler( event_mock_update, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.CREATED, actual_status_code) self.assertEqual(data_pm_exclusion_resources["ExclusionResourceID"], actual_response_body["id"]) self.assertEqual(data_pm_exclusion_resources["OrganizationID"], actual_response_body["organizationId"]) self.assertEqual(data_pm_exclusion_resources["ProjectID"], actual_response_body["projectId"]) self.assertEqual(data_pm_exclusion_resources["AWSAccount"], actual_response_body["awsAccount"]) self.assertEqual(data_pm_exclusion_resources["CheckItemCode"], actual_response_body["checkItemCode"]) self.assertEqual(data_pm_exclusion_resources["RegionName"], actual_response_body["regionName"]) self.assertEqual(data_pm_exclusion_resources["ResourceName"], actual_response_body["resourceName"]) self.assertEqual(data_pm_exclusion_resources["ResourceType"], actual_response_body["resourceType"]) self.assertEqual(exclusion_comment_update, actual_response_body["exclusionComment"])
def test_get_excluded_resources_handler_success_case_not_exists_excluded_resource( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) # Call function test actual_response = checkitemsettings.get_excluded_resources_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) self.assertEqual([], actual_response_body)
def test_get_security_check_resource_handler_error_authority(self): # perpare data test mock_pm_affiliation.create( copy.deepcopy(DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER)) event_mock = event_create.get_event_object( trace_id="user_not_authority", path_parameters=path_parameters) # Call function test actual_response = awschecks.get_security_check_resource_handler( event_mock, {}) # Check data message_101 = MsgConst.ERR_101 response_body = json.loads(actual_response['body']) self.assertEqual(response_body['code'], message_101['code']) self.assertEqual(response_body['message'], message_101['message']) self.assertEqual(actual_response['statusCode'], HTTPStatus.FORBIDDEN)
def setUp(self): super().setUp() # truncate old data in the table if db_utils.check_table_exist(Tables.PM_AFFILIATION): db_utils.delete_table(Tables.PM_AFFILIATION) if db_utils.check_table_exist(Tables.PM_PROJECTS): db_utils.delete_table(Tables.PM_PROJECTS) if db_utils.check_table_exist(Tables.PM_CHECK_HISTORY): db_utils.delete_table(Tables.PM_CHECK_HISTORY) # create table mock_pm_affiliation.create_table() mock_pm_projects.create_table() mock_pm_checkHistory.create_table() # create data table mock_pm_projects.create(data_pm_project) mock_pm_affiliation.create(data_pm_affiliation)
def test_create_excluded_resources_handler_error_authority(self): # perpare data test mock_pm_affiliation.create( copy.deepcopy(DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER)) event_mock = event_create.get_event_object( trace_id=copy.deepcopy( DataPmAffiliation.AFFILIATION_AUTHORITY_VIEWER['UserID']), path_parameters=path_parameters, body=json.dumps(body)) # Call function test actual_response = checkitemsettings.create_excluded_resources_handler( event_mock, {}) # Check data message_101 = MsgConst.ERR_101 response_body = json.loads(actual_response['body']) self.assertEqual(response_body['code'], message_101['code']) self.assertEqual(response_body['message'], message_101['message']) self.assertEqual(actual_response['statusCode'], HTTPStatus.FORBIDDEN)
def test_get_security_check_resource_handler_success_case_not_exist_record_pm_latest_check_result( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) event_mock = event_create.get_event_object( trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))), path_parameters=path_parameters) # Call function test actual_response = awschecks.get_security_check_resource_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) self.assertEqual([], actual_response_body)
def test_delete_excluded_resources_handler_success(self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) event_mock = event_create.get_event_object( trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))), path_parameters=path_parameters, query_string_parameters=query_string_parameters) # create record pm_exclusionResources delete mock_pm_exclusionResources.create(data_pm_exclusion_resources) # create record pm_exclusionResources not delete mock_pm_exclusionResources.create(data_exclusion_resources_not_delete) # Call function test actual_response = checkitemsettings.delete_excluded_resources_handler( event_mock, {}) # get record pm_exclusionResources delete actual_exclusion_resources_delete = mock_pm_exclusionResources.query_key( data_pm_exclusion_resources['ExclusionResourceID']) # get record pm_exclusionResources not delete actual_exclusion_resources_not_delete = mock_pm_exclusionResources.query_key( data_exclusion_resources_not_delete['ExclusionResourceID']) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(None, actual_exclusion_resources_delete) self.assertEqual(None, actual_response_body) self.assertEqual(HTTPStatus.NO_CONTENT, actual_status_code) self.assertDictEqual(data_exclusion_resources_not_delete, actual_exclusion_resources_not_delete)
def test_list_item_settings_handler_success_case_exists_data_exclusion_resource( self): # perpare data test aws_account = copy.deepcopy(DataCommon.AWS_ACCOUNT) mock_pm_affiliation.create(data_pm_affiliation) mock_pm_projects.create(data_pm_projects) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) for check_item_code in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE: data_pm_exclusion_resources[ 'ExclusionResourceID'] = common_utils.get_uuid4() data_pm_exclusion_resources['CheckItemCode'] = check_item_code data_pm_exclusion_resources['CheckItemRefineCode'] = copy.deepcopy( DataPmExclusionResources.CHECK_ITEM_REFINE_CODE_TEMPLATE. format(organization_id, project_id, aws_account, check_item_code)) data_pm_exclusion_resources['AccountRefineCode'] = copy.deepcopy( DataPmExclusionResources.ACCOUNT_REFINE_CODE_TEMPLATE.format( organization_id, project_id, aws_account)) mock_pm_exclusionResources.create(data_pm_exclusion_resources) # Call function test actual_response = checkitemsettings.list_item_settings_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_bodys = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) for actual_response_body in actual_response_bodys: if actual_response_body[ "checkItemCode"] in LIST_CHECK_ITEM_CODE_EXCLUDED_RESOURCE: self.assertEqual(ExcludedResourceFlag.Enable, actual_response_body["excludedResourceFlag"]) else: self.assertEqual(ExcludedResourceFlag.Other, actual_response_body["excludedResourceFlag"])
def test_get_security_check_resource_handler_success_case_exist_record_pm_check_result_items_and_pm_latest_check_result( self): # perpare data test mock_pm_affiliation.create(data_pm_affiliation) mock_pm_awsAccountCoops.create(data_pm_aws_account_coops) mock_pm_latestCheckResult.create(data_pm_latest_check_result) mock_pm_checkResultItems.create(data_pm_check_result_items) # mock object patch_read_json = patch('premembers.common.FileUtils.read_json') # start mock object mock_read_json = patch_read_json.start() # mock data mock_read_json.return_value = data_check_cis12_item_1_21 # addCleanup stop mock object self.addCleanup(mock_read_json.stop) event_mock = event_create.get_event_object( trace_id=copy.deepcopy(DataCommon.USER_ID_TEST.format(str(3))), path_parameters=path_parameters) # Call function test actual_response = awschecks.get_security_check_resource_handler( event_mock, {}) # Get data response actual_status_code = actual_response['statusCode'] actual_response_body = json.loads(actual_response['body']) # Check data self.assertEqual(HTTPStatus.OK, actual_status_code) self.assertEqual(1, len(actual_response_body)) actual_response_data = actual_response_body[0] self.assertEqual(data_pm_check_result_items['CheckResultItemID'], actual_response_data['id']) self.assertEqual(data_pm_check_result_items['CheckHistoryID'], actual_response_data['checkHistoryId']) self.assertEqual(data_pm_check_result_items['CheckResultID'], actual_response_data['checkResultId']) self.assertEqual(data_pm_check_result_items['CheckItemCode'], actual_response_data['checkItemCode']) self.assertEqual(data_pm_check_result_items['OrganizationName'], actual_response_data['organizationName']) self.assertEqual(data_pm_check_result_items['ProjectName'], actual_response_data['projectName']) self.assertEqual(data_pm_check_result_items['AWSAccount'], actual_response_data['awsAccount']) self.assertEqual(data_pm_check_result_items['AWSAccountName'], actual_response_data['awsAccountName']) self.assertEqual(data_pm_check_result_items['ExclusionFlag'], actual_response_data['exclusionFlag']) self.assertEqual(data_pm_check_result_items['CheckResult'], actual_response_data['checkResult']) self.assertListEqual(data_check_cis12_item_1_21['CheckResults'], actual_response_data['resources']) self.assertEqual(data_pm_check_result_items['CreatedAt'], actual_response_data['createdAt']) self.assertEqual(data_pm_check_result_items['UpdatedAt'], actual_response_data['updatedAt'])
def test_execute_change_email_handler_success_case_caller_service_name_is_insightwatch(self): # perpare data test for affiliation in list_affiliations: mock_pm_affiliation.create(affiliation) for org_notify_mail_destination in list_org_notify_mail_destinations: mock_pm_orgNotifyMailDestinations.create( org_notify_mail_destination) mock_pm_emailChangeApply.create( data_insert_caller_service_name_insightwatch) # patch mock get_cognito_user_info_by_user_name_patch = patch( 'premembers.common.aws_common.get_cognito_user_info_by_user_name') update_cognito_user_attributes_patch = patch( 'premembers.common.aws_common.update_cognito_user_attributes') patch_read_yaml = patch('premembers.common.FileUtils.read_yaml') # start mock object mock_get_cognito_user_info_by_user_name = get_cognito_user_info_by_user_name_patch.start() mock_update_cognito_user_attributes = update_cognito_user_attributes_patch.start() mock_read_yaml = patch_read_yaml.start() # mock data mock_get_cognito_user_info_by_user_name.return_value = user_info mock_update_cognito_user_attributes.return_value = None mock_read_yaml.return_value = data_config # addCleanup stop mock object self.addCleanup(get_cognito_user_info_by_user_name_patch.stop) self.addCleanup(update_cognito_user_attributes_patch.stop) self.addCleanup(patch_read_yaml.stop) # Call function test result = user.execute_change_email_handler(event_mock, {}) # Check data status_code = result['statusCode'] response_body = result['body'] response_headers = result['headers'] self.assertEqual(HTTPStatus.OK.value, status_code) self.assertEqual( response_execute_change_email_caller_service_insightwatch, response_body) self.assertEqual(content_type_text_html, response_headers['content-type']) # check update data table PM_OrgNotifyMailDestinations for affiliation in list_affiliations: org_notify_mail_destinations = mock_pm_orgNotifyMailDestinations.query_key( affiliation['OrganizationID'], notify_code) for destination in org_notify_mail_destinations['Destinations']: self.assertEqual(after_mail_address, destination['MailAddress']) # check update data table PM_Affiliation list_affiliations_update = mock_pm_affiliation.query_userid_key( user_id) for affiliation_update in list_affiliations_update: self.assertEqual(after_mail_address, affiliation_update['MailAddress']) # check delete data table PM_EmailChangeApply email_change_apply = mock_pm_emailChangeApply.query_key(apply_id) self.assertEqual(None, email_change_apply) # check param call function get_cognito_user_info_by_user_name mock_get_cognito_user_info_by_user_name.assert_called_once_with( apply_id, user_id) # check param call function update_cognito_user_attributes mock_update_cognito_user_attributes.update_cognito_user_attributes( apply_id, user_id, user_attributes)