def test_get_tags_admin(admin, ncrs):
api = get_api(admin['token'])
ncr = ncrs[0]
ncr_id = '#'.join([ncr['scanId'], ncr['accntId_rsrceId_rqrmntId']])
result = api.get_tags(ncr_id=ncr_id)
assert result.ncr_tags.ncr_id == ncr_id
assert isinstance(result.ncr_tags.tags, list)
def test_put_exclusions_admin(admin, requirements, exclusion_types):
api = get_api(admin['token'])
requirement = requirements[0]
exclusion_type = requirement['exclusionType']
exclusion_config = exclusion_types[exclusion_type]
form_fields = {key: 'sampletext' for key, value in exclusion_config['formFields'].items()}
create_response = api.put_exclusions({
'exclusion': {
'accountId': '*',
'resourceId': 'someresource',
'requirementId': requirement['requirementId'],
'status': 'initial',
'formFields': form_fields,
'expirationDate': (datetime.now() + timedelta(days=1)).strftime('%Y/%m/%d'),
},
})
assert create_response.new_exclusion.exclusion_id == '#'.join(['*', requirements[0]['requirementId'], 'someresource'])
# empty deleteExclusion
for value in create_response.to_dict().get('delete_exclusion', {}).values():
assert value is None
update_replacement_response = api.put_exclusions({
'exclusionId': '#'.join(['*', requirements[0]['requirementId'], 'someresource']),
'exclusion': {
'accountId': '*',
'resourceId': 'otherresource',
'status': 'initial',
},
})
assert update_replacement_response.new_exclusion.exclusion_id == '#'.join(['*', requirements[0]['requirementId'], 'otherresource'])
assert update_replacement_response.delete_exclusion.exclusion_id == '#'.join(['*', requirements[0]['requirementId'], 'someresource'])
result = api.get_exclusions()
for exclusion in result.exclusions:
assert exclusion.exclusion_id == '#'.join([exclusion.account_id, exclusion.requirement_id, exclusion.resource_id])
def test_get_user_status_admin(admin):
api = get_api(admin['token'])
result = api.get_user_status()
assert result.is_authenticated is True
assert result.is_admin is True
assert result.email == admin['email']
assert result.requirements
assert result.severity_colors
assert result.exclusion_types
def test_get_detailed_scores(admin):
account_id = '012345678911'
api = get_api(admin['token'])
create_account({'accountId': account_id})
result = api.get_account_detailed_scores(account_ids=account_id)
delete_account(account_id)
assert len(result.accounts) == 1
for account in result.accounts: # object is iterable but not subscriptable.
assert account.account_id == account_id
assert account.requirements_scores == []
def test_get_summary(admin):
account_id = '012345678922'
api = get_api(admin['token'])
create_account({'accountId': account_id})
result = api.get_account_summary(account_ids=account_id)
delete_account(account_id)
assert len(result.accounts) == 1
for account in result.accounts: # object is iterable but not subscriptable.
assert account.account_id == account_id
assert account.account_name == account_id
assert account.critical_count is None
assert account.current_score is None
assert account.historical_scores == []
def test_get_detailed_scores_two_accounts(admin):
account_ids = ['012345678933', '012345678922']
api = get_api(admin['token'])
create_account({'accountId': account_ids[0]})
create_account({'accountId': account_ids[1]})
result = api.get_account_detailed_scores(
account_ids=f'{account_ids[0]},{account_ids[1]}')
delete_account(account_ids[0])
delete_account(account_ids[1])
assert len(result.accounts) == 2
for account in result.accounts: # object is iterable but not subscriptable.
assert account.account_id in account_ids
account_ids.remove(account.account_id)
assert account.requirements_scores == []
def test_get_summary_two_accounts(admin):
account_ids = ['012345678944', '012345678955']
api = get_api(admin['token'])
create_account({'accountId': account_ids[0]})
create_account({'accountId': account_ids[1]})
result = api.get_account_summary(
account_ids=f'{account_ids[0]},{account_ids[1]}')
delete_account(account_ids[0])
delete_account(account_ids[1])
assert len(result.accounts) == 2
for account in result.accounts: # object is iterable but not subscriptable.
assert account.account_id in account_ids
assert account.account_name in account_ids
account_ids.remove(account.account_id)
assert account.critical_count is None
assert account.current_score is None
assert account.historical_scores == []
def test_get_user_status_not_authenticated(not_authenticated):
api = get_api(not_authenticated['token'])
result = api.get_user_status()
assert result.is_authenticated is False
def test_get_documentation_admin(admin):
api = get_api(admin['token'])
result = api.get_documentation()
assert '<html>' in result
assert '</html>' in result
def test_get_documentation_not_authenticated(not_authenticated):
api = get_api(not_authenticated['token'])
result = api.get_documentation()
assert '<html>' in result
assert '</html>' in result
def test_get_documentation_user(user):
api = get_api(user['token'])
result = api.get_documentation()
assert '<html>' in result
assert '</html>' in result
def test_get_ncr_user(user):
account_id = list(user['accounts'].keys())[0]
api = get_api(user['token'])
result = api.get_ncr(account_id=[account_id])
assert result.ncr_records == []
def test_get_ncr_admin(admin):
api = get_api(admin['token'])
result = api.get_ncr(account_id=['123456789012'])
assert result.ncr_records == []
def test_get_ncr_not_authenticated(not_authenticated):
api = get_api(not_authenticated['token'])
with pytest.raises(Exception) as excinfo:
api.get_ncr(account_id=['123456789012'])
assert excinfo.value.status == 403