def test_iot_get_raci_no_raci(monkeypatch): """ Scenario: checking the case of missing the group defined in IOT_CONFIG Given - A device with an owner WPR_SECURITY, and its email is not listed When - Calculating the RACI model result Then - Ensure the code is still returning the raci """ monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG) outputs = get_raci({ 'alert_name': 'FooBar', 'raw_type': 'IoT Alert', 'category': 'Camera', 'profile': 'Avigilon Camera' }).outputs assert outputs == { 'owner': 'WPR_SECURITY', 'r': None, 'r_email': None, 'r_snow': None, 'i': None, 'i_email': None }
def test_iot_snow(monkeypatch): """ Scenario: checking the ServiceNow config is returned from the IOT_CONFIG Given - A device with an IoT Vulnerability When - Calculating the RACI model result Then - Ensure the r_snow is returned """ monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG) outputs = get_raci({ 'alert_name': 'FooBar', 'raw_type': 'IoT Vulnerability', 'category': 'Audio Streaming', 'profile': 'Profusion Media Player' }).outputs assert outputs == { 'owner': 'IT_AUDIO_VIDEO', 'r': 'IT_AUDIO_VIDEO', 'r_email': '*****@*****.**', 'r_snow': { 'custom_fields': 'u_resolver_department=IT;u_category_5=iot_category_snow_id', 'fields': 'assignment_group=itav_group_snow_id', 'table': 'incident' }, 'i': 'INFOSEC, SOC', 'i_email': '[email protected], [email protected]' }
def test_iot_get_raci_default_email(monkeypatch): """ Scenario: checking the responsiblie email is the default one specified in IOT_CONFIG Given - A device with an IoT Vulnerability When - Calculating the RACI model result Then - Ensure the r_email is the default email in IOT_CONFIG """ monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG_WITH_DEFAULT) outputs = get_raci({ 'alert_name': '', 'raw_type': 'IoT Vulnerability', 'category': 'Audio Streaming', 'profile': 'Profusion Media Player' }).outputs assert outputs == { 'owner': 'IT_AUDIO_VIDEO', 'r': 'IT_AUDIO_VIDEO', 'r_email': '*****@*****.**', 'r_snow': None, 'i': 'INFOSEC, SOC', 'i_email': '[email protected], [email protected]' }
def test_iot_get_raci_normal(monkeypatch): """ Scenario: getting the raci result in a normal case Given - A device with an IoT alert named "DOUBLEPULSAR Backdoor traffic" When - Calculating the RACI model result Then - Ensure the correct RACI model is calculated """ monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG) outputs = get_raci({ 'alert_name': 'DOUBLEPULSAR Backdoor traffic', 'raw_type': 'IoT Alert', 'category': 'Audio Streaming', 'profile': 'Profusion Media Player' }).outputs assert outputs == { 'owner': 'IT_AUDIO_VIDEO', 'r': 'SOC', 'r_email': '*****@*****.**', 'r_snow': None, 'i': 'IT_AUDIO_VIDEO', 'i_email': '*****@*****.**' }
def test_iot_get_raci_no_name_regex(monkeypatch): """ Scenario: checking the IOT_CONFIG is working without the name regex in the "alerts" section of the JSON Given - A device with an IoT Vulnerability When - Calculating the RACI model result Then - Ensure the r is correct """ monkeypatch.setattr(iot_get_raci, 'get_iot_config', lambda x: _CONFIG) outputs = get_raci({ 'alert_name': 'FooBar', 'raw_type': 'IoT Vulnerability', 'category': 'Foo' }).outputs assert outputs == { 'owner': None, 'r': None, 'r_email': None, 'r_snow': None, 'i': 'INFOSEC, SOC', 'i_email': '[email protected], [email protected]' } outputs = get_raci({ 'alert_name': 'FooBar', 'raw_type': 'IoT Vulnerability', 'category': 'Camera', 'profile': 'Avigilon Camera' }).outputs assert outputs == { 'owner': 'WPR_SECURITY', 'r': 'WPR_SECURITY', 'r_email': '*****@*****.**', 'r_snow': None, 'i': 'INFOSEC, SOC', 'i_email': '[email protected], [email protected]' }