def test_sca_response_without_result(mock_agent, mock_sca_agent): """ Test failing when WazuhDB don't return 'items' key into result """ with patch('wazuh.core.sca.WazuhDBBackend') as mock_wdb: mock_wdb.return_value.connect_to_db.return_value.execute.side_effect = get_fake_sca_data with patch('wazuh.core.sca.WazuhDBQuerySCA.run', return_value={}): with pytest.raises(exception.WazuhException, match=".* 2007 .*"): get_sca_checks('not_exists', agent_list=['000'])
def test_get_sca_checks(mock_agent, mock_sca_agent): """ Checks sca checks data are properly loaded from database """ with patch('wazuh.core.utils.WazuhDBConnection') as mock_wdb: mock_wdb.return_value = InitWDBSocketMock( sql_schema_file='schema_sca_test.sql') result = get_sca_checks('cis_debian', agent_list=['000']) assert isinstance(result, AffectedItemsWazuhResult) result = result.to_dict() assert isinstance(result['total_affected_items'], int) sca = result['affected_items'] assert isinstance(sca, list) assert len(sca) > 0 assert set(sca[0].keys()).issubset( set(fields_translation_sca_check.keys()) | {'compliance', 'rules'}) compliance = sca[0]['compliance'] assert isinstance(compliance, list) assert len(compliance) > 0 assert set(compliance[0].keys()) == set( fields_translation_sca_check_compliance.values()) # Check 0 result result = get_sca_checks('not_exists', agent_list=['000']) assert isinstance(result, AffectedItemsWazuhResult) result = result.to_dict() assert isinstance(result['total_affected_items'], int) sca = result['affected_items'] assert isinstance(sca, list) assert len(sca) == 0 result = get_sca_checks('cis_debian', agent_list=['999']) assert isinstance(result, AffectedItemsWazuhResult) result = result.to_dict() assert isinstance(result['total_affected_items'], int) assert result['total_affected_items'] == 0 assert len(result['affected_items']) == 0 assert result['total_failed_items'] == 1 assert len(result['failed_items']) == 1 failed = result['failed_items'] assert isinstance(list(failed.keys())[0], WazuhResourceNotFound) assert list(failed.keys())[0].to_dict()['code'] == 1701 assert failed[list(failed.keys())[0]] == {'999'}
def test_sca_checks_select_and_q(mock_agent, mock_sca_agent): """ Tests filtering using q parameter and selecting multiple fields """ with patch('wazuh.core.utils.WazuhDBConnection') as mock_wdb: mock_wdb.return_value = InitWDBSocketMock( sql_schema_file='schema_sca_test.sql') result = get_sca_checks( 'cis_debian', agent_list=['000'], q="rules.type!=file", select=['compliance', 'policy_id', 'result', 'rules']).to_dict() assert result['affected_items'][0]['rules'][0]['type'] != 'file' assert set(result['affected_items'][0].keys()).issubset( {'compliance', 'policy_id', 'result', 'rules'})