def test_create_control_rule(self): params = {"type": "Control Rule", "rule": "-b 1238"} actual_out = '-b 1238' rulesmodel = RulesModel() expected_out = rulesmodel.construct_control_rule(params) self._baseAssertEqual(actual_out, expected_out)
def test_create_control_rule_success(self, mock_load_audit_rule, mock_write_to_aucontrol_rules, mock_control_rule): param = {"type": "Control Rule", "rule": "-r 2"} rule = '-r 2' mock_control_rule.return_value = rule mock_write_to_aucontrol_rules.return_value = {} mock_load_audit_rule.return_value = {} rulesmodel = RulesModel() rule_out = rulesmodel.create(param) mock_control_rule.assert_called_with(param) self.assertEquals(rule, rule_out)
def test_create_fs_rule_success(self, mock_load_audit_rule, mock_write_to_audit_rules, mock_fs_rule): param = {"type": "File System Rule", "rule_info": {"permissions": "rwxa", "file_to_watch": "/home/test_user/1.txt", "key": "watch_me"}} rule_type = '-w' rule = '-w /home/test_user/1.txt -p rwxa -k watch_me' mock_fs_rule.return_value = rule mock_write_to_audit_rules.return_value = {} mock_load_audit_rule.return_value = {} rulesmodel = RulesModel() rule_out = rulesmodel.create(param) mock_fs_rule.assert_called_with(rule_type, param) self.assertEquals(rule, rule_out)
def test_create_sc_rule_success(self, mock_load_audit_rule, mock_write_to_audit_rules, mock_sc_rule): param = {"type": "System Rule", "rule_info": {"action": "always", "filter": "exit", "systemcall": "init_module,delete_module" ",finit_module", "field": ["arch=b32", "arch=b64"], "key": "abc99"}} rule_type = '-a' rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \ 'delete_module,finit_module -F key=abc99' mock_sc_rule.return_value = rule mock_write_to_audit_rules.return_value = {} mock_load_audit_rule.return_value = {} rulesmodel = RulesModel() rule_out = rulesmodel.create(param) mock_sc_rule.assert_called_with(rule_type, param) self.assertEquals(rule, rule_out)
def test_create_sc_rule_success(self, mock_load_audit_rule, mock_write_to_audit_rules, mock_sc_rule): param = {"type": "System Call Rule", "rule_info": {"action": "always", "filter": "exit", "systemcall": "init_module,delete_module" ",finit_module", "archfield": ["arch=b32", "arch=b64"], "field": ["exit=0"], "key": "abc99"}} rule_type = '-a' rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \ 'delete_module,finit_module -F exit=0 -F key=abc99' mock_sc_rule.return_value = rule mock_write_to_audit_rules.return_value = {} mock_load_audit_rule.return_value = {} rulesmodel = RulesModel() rule_out = rulesmodel.create(param) mock_sc_rule.assert_called_with(rule_type, param) self.assertEquals(rule, rule_out)