def test_iot_get_raci_no_raci(monkeypatch):
"""
Scenario: checking the case of missing the group defined in IOT_CONFIG
Given
- A device with an owner WPR_SECURITY, and its email is not listed
When
- Calculating the RACI model result
Then
- Ensure the code is still returning the raci
"""
monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG)
outputs = get_raci({
'alert_name': 'FooBar',
'raw_type': 'IoT Alert',
'category': 'Camera',
'profile': 'Avigilon Camera'
}).outputs
assert outputs == {
'owner': 'WPR_SECURITY',
'r': None,
'r_email': None,
'r_snow': None,
'i': None,
'i_email': None
}
def test_iot_snow(monkeypatch):
"""
Scenario: checking the ServiceNow config is returned from the IOT_CONFIG
Given
- A device with an IoT Vulnerability
When
- Calculating the RACI model result
Then
- Ensure the r_snow is returned
"""
monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG)
outputs = get_raci({
'alert_name': 'FooBar',
'raw_type': 'IoT Vulnerability',
'category': 'Audio Streaming',
'profile': 'Profusion Media Player'
}).outputs
assert outputs == {
'owner': 'IT_AUDIO_VIDEO',
'r': 'IT_AUDIO_VIDEO',
'r_email': '*****@*****.**',
'r_snow': {
'custom_fields':
'u_resolver_department=IT;u_category_5=iot_category_snow_id',
'fields': 'assignment_group=itav_group_snow_id',
'table': 'incident'
},
'i': 'INFOSEC, SOC',
'i_email': '[email protected], [email protected]'
}
def test_iot_get_raci_default_email(monkeypatch):
"""
Scenario: checking the responsiblie email is the default one specified in IOT_CONFIG
Given
- A device with an IoT Vulnerability
When
- Calculating the RACI model result
Then
- Ensure the r_email is the default email in IOT_CONFIG
"""
monkeypatch.setattr(iot_get_raci, 'get_iot_config',
lambda x: _CONFIG_WITH_DEFAULT)
outputs = get_raci({
'alert_name': '',
'raw_type': 'IoT Vulnerability',
'category': 'Audio Streaming',
'profile': 'Profusion Media Player'
}).outputs
assert outputs == {
'owner': 'IT_AUDIO_VIDEO',
'r': 'IT_AUDIO_VIDEO',
'r_email': '*****@*****.**',
'r_snow': None,
'i': 'INFOSEC, SOC',
'i_email': '[email protected], [email protected]'
}
def test_iot_get_raci_normal(monkeypatch):
"""
Scenario: getting the raci result in a normal case
Given
- A device with an IoT alert named "DOUBLEPULSAR Backdoor traffic"
When
- Calculating the RACI model result
Then
- Ensure the correct RACI model is calculated
"""
monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG)
outputs = get_raci({
'alert_name': 'DOUBLEPULSAR Backdoor traffic',
'raw_type': 'IoT Alert',
'category': 'Audio Streaming',
'profile': 'Profusion Media Player'
}).outputs
assert outputs == {
'owner': 'IT_AUDIO_VIDEO',
'r': 'SOC',
'r_email': '*****@*****.**',
'r_snow': None,
'i': 'IT_AUDIO_VIDEO',
'i_email': '*****@*****.**'
}
def test_iot_get_raci_no_name_regex(monkeypatch):
"""
Scenario: checking the IOT_CONFIG is working without the name regex in the "alerts" section of the JSON
Given
- A device with an IoT Vulnerability
When
- Calculating the RACI model result
Then
- Ensure the r is correct
"""
monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG)
outputs = get_raci({
'alert_name': 'FooBar',
'raw_type': 'IoT Vulnerability',
'category': 'Foo'
}).outputs
assert outputs == {
'owner': None,
'r': None,
'r_email': None,
'r_snow': None,
'i': 'INFOSEC, SOC',
'i_email': '[email protected], [email protected]'
}
outputs = get_raci({
'alert_name': 'FooBar',
'raw_type': 'IoT Vulnerability',
'category': 'Camera',
'profile': 'Avigilon Camera'
}).outputs
assert outputs == {
'owner': 'WPR_SECURITY',
'r': 'WPR_SECURITY',
'r_email': '*****@*****.**',
'r_snow': None,
'i': 'INFOSEC, SOC',
'i_email': '[email protected], [email protected]'
}