def pre_test_setup(self):
account_type_result = AccountType(name='AWS')
db.session.add(account_type_result)
db.session.commit()
account = Account(identifier="012345678910", name="TEST_ACCOUNT1",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT1",
third_party=False, active=True)
db.session.add(account)
account = Account(identifier="123123123123", name="TEST_ACCOUNT2",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT2",
third_party=False, active=True)
db.session.add(account)
account = Account(identifier="109876543210", name="TEST_ACCOUNT3",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT3",
third_party=False, active=False)
db.session.add(account)
account = Account(identifier="456456456456", name="TEST_ACCOUNT4",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT4",
third_party=False, active=False)
db.session.add(account)
db.session.commit()
RUNTIME_WATCHERS.clear()
RUNTIME_AUDIT_COUNTS.clear()
def pre_test_setup(self):
account_type_result = AccountType(name='AWS')
db.session.add(account_type_result)
db.session.commit()
account = Account(identifier="012345678910", name="TEST_ACCOUNT1",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT1",
third_party=False, active=True)
db.session.add(account)
account = Account(identifier="123123123123", name="TEST_ACCOUNT2",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT2",
third_party=False, active=True)
db.session.add(account)
account = Account(identifier="109876543210", name="TEST_ACCOUNT3",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT3",
third_party=False, active=False)
db.session.add(account)
account = Account(identifier="456456456456", name="TEST_ACCOUNT4",
account_type_id=account_type_result.id, notes="TEST_ACCOUNT4",
third_party=False, active=False)
db.session.add(account)
db.session.commit()
RUNTIME_WATCHERS.clear()
RUNTIME_AUDIT_COUNTS.clear()
def test_find_all_changes(self):
from security_monkey.scheduler import find_changes
build_mock_result(watcher_configs, auditor_configs)
find_changes(['TEST_ACCOUNT1', 'TEST_ACCOUNT2'],
['index1', 'index2', 'index3'])
watcher_keys = RUNTIME_WATCHERS.keys()
self.assertEqual(first=3,
second=len(watcher_keys),
msg="Should run 3 watchers but ran {}".format(
len(watcher_keys)))
self.assertTrue('index1' in watcher_keys, msg="Watcher index1 not run")
self.assertTrue('index2' in watcher_keys, msg="Watcher index3 not run")
self.assertTrue('index3' in watcher_keys, msg="Watcher index3 not run")
self.assertEqual(
first=2,
second=len(RUNTIME_WATCHERS['index1']),
msg="Watcher index1 should run twice but ran {} times".format(
len(RUNTIME_WATCHERS['index1'])))
self.assertEqual(
first=2,
second=len(RUNTIME_WATCHERS['index2']),
msg="Watcher index2 should run twice but ran {} times".format(
len(RUNTIME_WATCHERS['index2'])))
self.assertEqual(
first=2,
second=len(RUNTIME_WATCHERS['index3']),
msg="Watcher index2 should run twice but ran {} times".format(
len(RUNTIME_WATCHERS['index3'])))
auditor_keys = RUNTIME_AUDIT_COUNTS.keys()
self.assertEqual(first=3,
second=len(auditor_keys),
msg="Should run 3 auditors but ran {}".format(
len(auditor_keys)))
self.assertTrue('index1' in auditor_keys, msg="Auditor index1 not run")
self.assertTrue('index2' in auditor_keys, msg="Auditor index2 not run")
self.assertTrue('index3' in auditor_keys, msg="Auditor index3 not run")
self.assertEqual(
first=2,
second=RUNTIME_AUDIT_COUNTS['index1'],
msg="Auditor index1 should have audited 2 items but audited {}".
format(RUNTIME_AUDIT_COUNTS['index1']))
self.assertEqual(
first=2,
second=RUNTIME_AUDIT_COUNTS['index2'],
msg="Auditor index2 should have audited 2 items but audited {}".
format(RUNTIME_AUDIT_COUNTS['index2']))
self.assertEqual(
first=2,
second=RUNTIME_AUDIT_COUNTS['index3'],
msg="Auditor index3 should have audited 2 items but audited {}".
format(RUNTIME_AUDIT_COUNTS['index3']))
def test_run_with_interval_watcher_dependencies(self):
"""
If an interval is passed to reporter.run(), the reporter will run all watchers in the interval
along with their auditors. It will also reaudit all existing items of watchers that are not in
the interval but are dependent on watchers/auditors in the interval. This is done because any
changes to the dependencies could change the audit results even is the items have not changed.
In this case, index1 and index2 are in the interval and index3 is dependent on index1 watcher.
Expected result:
Watchers of index1 and index2 are run
New items of index1 and index2 are audited
Items of index3 are reaudited
"""
from security_monkey.reporter import Reporter
build_mock_result(watcher_configs, auditor_configs_with_watcher_dependencies)
reporter = Reporter(account="TEST_ACCOUNT")
reporter.run("TEST_ACCOUNT", 15)
watcher_keys = RUNTIME_WATCHERS.keys()
self.assertEqual(first=2, second=len(watcher_keys),
msg="Should run 2 watchers but ran {}"
.format(len(watcher_keys)))
self.assertTrue('index1' in watcher_keys,
msg="Watcher index1 not run")
self.assertTrue('index2' in watcher_keys,
msg="Watcher index2 not run")
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index1']),
msg="Watcher index1 should have audited 1 item but audited {}"
.format(len(RUNTIME_WATCHERS['index1'])))
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index2']),
msg="Watcher index2 should have audited 1 item but audited {}"
.format(len(RUNTIME_WATCHERS['index2'])))
auditor_keys = RUNTIME_AUDIT_COUNTS.keys()
self.assertEqual(first=3, second=len(auditor_keys),
msg="Should run 3 auditors but ran {}"
.format(len(auditor_keys)))
self.assertTrue('index1' in auditor_keys,
msg="Auditor index1 not run")
self.assertTrue('index2' in auditor_keys,
msg="Auditor index2 not run")
self.assertTrue('index3' in auditor_keys,
msg="Auditor index3 not run")
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index1'],
msg="Auditor index1 should run once but ran {} times"
.format(RUNTIME_AUDIT_COUNTS['index1']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index2'],
msg="Auditor index2 should run once but ran {} times"
.format(RUNTIME_AUDIT_COUNTS['index2']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index3'],
msg="Auditor index3 should run once but ran {} times"
.format(RUNTIME_AUDIT_COUNTS['index3']))
def test_find_account_changes(self):
from security_monkey.scheduler import find_changes
build_mock_result(watcher_configs, auditor_configs)
find_changes(['TEST_ACCOUNT1'],
['index1', 'index2', 'index3'])
watcher_keys = RUNTIME_WATCHERS.keys()
self.assertEqual(first=3, second=len(watcher_keys),
msg="Should run 3 watchers but ran {}"
.format(len(watcher_keys)))
self.assertTrue('index1' in watcher_keys,
msg="Watcher index1 not run")
self.assertTrue('index2' in watcher_keys,
msg="Watcher index3 not run")
self.assertTrue('index3' in watcher_keys,
msg="Watcher index3 not run")
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index1']),
msg="Watcher index1 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index1'])))
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index2']),
msg="Watcher index2 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index2'])))
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index3']),
msg="Watcher index2 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index3'])))
auditor_keys = RUNTIME_AUDIT_COUNTS.keys()
self.assertEqual(first=3, second=len(auditor_keys),
msg="Should run 3 auditors but ran {}"
.format(len(auditor_keys)))
self.assertTrue('index1' in auditor_keys,
msg="Auditor index1 not run")
self.assertTrue('index2' in auditor_keys,
msg="Auditor index2 not run")
self.assertTrue('index3' in auditor_keys,
msg="Auditor index3 not run")
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index1'],
msg="Auditor index1 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index1']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index2'],
msg="Auditor index2 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index2']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index3'],
msg="Auditor index3 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index3']))
def test_find_account_changes(self):
from security_monkey.task_scheduler.tasks import manual_run_change_finder, setup
build_mock_result(watcher_configs, auditor_configs)
setup()
manual_run_change_finder(['TEST_ACCOUNT1'], ['index1', 'index2', 'index3'])
watcher_keys = list(RUNTIME_WATCHERS.keys())
self.assertEqual(first=3, second=len(watcher_keys),
msg="Should run 3 watchers but ran {}"
.format(len(watcher_keys)))
self.assertTrue('index1' in watcher_keys,
msg="Watcher index1 not run")
self.assertTrue('index2' in watcher_keys,
msg="Watcher index3 not run")
self.assertTrue('index3' in watcher_keys,
msg="Watcher index3 not run")
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index1']),
msg="Watcher index1 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index1'])))
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index2']),
msg="Watcher index2 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index2'])))
self.assertEqual(first=1, second=len(RUNTIME_WATCHERS['index3']),
msg="Watcher index2 should run once but ran {} times"
.format(len(RUNTIME_WATCHERS['index3'])))
auditor_keys = list(RUNTIME_AUDIT_COUNTS.keys())
self.assertEqual(first=3, second=len(auditor_keys),
msg="Should run 3 auditors but ran {}"
.format(len(auditor_keys)))
self.assertTrue('index1' in auditor_keys,
msg="Auditor index1 not run")
self.assertTrue('index2' in auditor_keys,
msg="Auditor index2 not run")
self.assertTrue('index3' in auditor_keys,
msg="Auditor index3 not run")
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index1'],
msg="Auditor index1 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index1']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index2'],
msg="Auditor index2 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index2']))
self.assertEqual(first=1, second=RUNTIME_AUDIT_COUNTS['index3'],
msg="Auditor index3 should have audited 1 item but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index3']))
def test_find_all_changes(self):
from security_monkey.task_scheduler.tasks import manual_run_change_finder, setup
build_mock_result(watcher_configs, auditor_configs)
setup()
manual_run_change_finder(['TEST_ACCOUNT1', 'TEST_ACCOUNT2'], ['index1', 'index2', 'index3'])
watcher_keys = RUNTIME_WATCHERS.keys()
self.assertEqual(first=3, second=len(watcher_keys),
msg="Should run 3 watchers but ran {}"
.format(len(watcher_keys)))
self.assertTrue('index1' in watcher_keys,
msg="Watcher index1 not run")
self.assertTrue('index2' in watcher_keys,
msg="Watcher index3 not run")
self.assertTrue('index3' in watcher_keys,
msg="Watcher index3 not run")
self.assertEqual(first=2, second=len(RUNTIME_WATCHERS['index1']),
msg="Watcher index1 should run twice but ran {} times"
.format(len(RUNTIME_WATCHERS['index1'])))
self.assertEqual(first=2, second=len(RUNTIME_WATCHERS['index2']),
msg="Watcher index2 should run twice but ran {} times"
.format(len(RUNTIME_WATCHERS['index2'])))
self.assertEqual(first=2, second=len(RUNTIME_WATCHERS['index3']),
msg="Watcher index2 should run twice but ran {} times"
.format(len(RUNTIME_WATCHERS['index3'])))
auditor_keys = RUNTIME_AUDIT_COUNTS.keys()
self.assertEqual(first=3, second=len(auditor_keys),
msg="Should run 3 auditors but ran {}"
.format(len(auditor_keys)))
self.assertTrue('index1' in auditor_keys,
msg="Auditor index1 not run")
self.assertTrue('index2' in auditor_keys,
msg="Auditor index2 not run")
self.assertTrue('index3' in auditor_keys,
msg="Auditor index3 not run")
self.assertEqual(first=2, second=RUNTIME_AUDIT_COUNTS['index1'],
msg="Auditor index1 should have audited 2 items but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index1']))
self.assertEqual(first=2, second=RUNTIME_AUDIT_COUNTS['index2'],
msg="Auditor index2 should have audited 2 items but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index2']))
self.assertEqual(first=2, second=RUNTIME_AUDIT_COUNTS['index3'],
msg="Auditor index3 should have audited 2 items but audited {}"
.format(RUNTIME_AUDIT_COUNTS['index3']))