def test_parse_bad_imported():
    test_file = open(test_data + 'CIS-bad.json')
    event = json.loads(test_file.read())
    test_file.close()

    with pytest.raises(findings.InvalidFindingJson):
        finding = findings.Finding(event['detail']['findings'][0])
Esempio n. 2
0
def test_parse_custom_mismatch():
    test_file = open(test_data + 'custom-action-mismatch.json')
    event = json.loads(test_file.read())
    test_file.close()

    finding = findings.Finding(event['detail']['findings'][0])

    assert finding.details.get('Id') == event['detail']['findings'][0]['Id']
    assert finding.account_id == '111111111111'
    assert not finding.is_cis_ruleset()
    assert finding.is_aws_fsbp_ruleset() == { 'ruleset': 'aws-foundational-security-best-practices', 'version': '1.0.0', 'ruleid': 'CloudTrail.1' }
def test_notify(mocker):
    test_file = open(test_data + 'CIS_1-6.json')
    event = json.loads(test_file.read())
    test_file.close()

    finding = findings.Finding(event['detail']['findings'][0])

    logger = Logger(loglevel='info')
    logger_obj = mocker.patch('lib.logger.Logger.info', return_value=None)

    applogger = LogHandler('pytest')
    mocker.patch('lib.applogger.LogHandler.add_message', return_value='')

    # mocker.patch('lib.sechub_findings.Finding.resolve', return_value='')

    mocker.patch('lib.sechub_findings.Finding.update_text', return_value='')

    AWS = AWSClient('aws', 'us-east-1')
    mocker.patch('lib.awsapi_helpers.AWSClient.postit', return_value='')

    test_message = {
        'Note': '',
        'State': 'INFO',
        'Account': '111111111111',
        'Remediation': 'Remediate all the things',
        'AffectedObject': 'An AWS Thingy',
        'metrics_data': {
            'status': 'RESOLVED'
        }
    }
    findings.notify(finding,
                    test_message,
                    logger,
                    cwlogs=applogger,
                    sechub=True,
                    sns=AWS)
    logger_obj.assert_called_once_with(
        'INFO: "Remediate all the things" , Account Id: 111111111111, Resource: An AWS Thingy'
    )

    # assert logger_mock('message', mocker.ANY)
    test_message = {}
    findings.notify(finding,
                    test_message,
                    logger,
                    cwlogs=applogger,
                    sechub=True,
                    sns=AWS)
    logger_obj.assert_called_with(
        'INFO: error - missing note, Account Id: error, Resource: error')
def test_parse_custom_match():
    test_file = open(test_data + 'CIS_1-6.json')
    event = json.loads(test_file.read())
    test_file.close()

    finding = findings.Finding(event['detail']['findings'][0])

    assert finding.details.get('Id') == event['detail']['findings'][0]['Id']
    assert finding.account_id == '111111111111'
    assert finding.is_cis_ruleset() == {
        'ruleset': 'cis-aws-foundations-benchmark',
        'version': '1.2.0',
        'ruleid': '1.6'
    }
    assert not finding.is_aws_fsbp_ruleset()
def test_parse_imported():

    test_cis_13 = open(test_data + 'CIS-1.3.json')
    event = json.loads(test_cis_13.read())
    test_cis_13.close()

    finding = findings.Finding(event['detail']['findings'][0])
    assert finding.details.get('Id') == event['detail']['findings'][0]['Id']
    assert finding.generator_id == 'arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0/rule/1.3'
    assert finding.account_id == '111111111111'
    assert finding.is_cis_ruleset() == {
        'ruleset': 'cis-aws-foundations-benchmark',
        'version': '1.2.0',
        'ruleid': '1.3'
    }
    assert finding.is_aws_fsbp_ruleset() == False