예제 #1
0
 def __get_status_of_single_pillar(pillar):
     all_findings = FindingService.get_all_findings_from_db()
     grade = PillarService.__get_pillar_grade(pillar, all_findings)
     for status in zero_trust_consts.ORDERED_TEST_STATUSES:
         if grade[status] > 0:
             return status
     return zero_trust_consts.STATUS_UNEXECUTED
예제 #2
0
 def _get_pillars_grades():
     pillars_grades = []
     all_findings = FindingService.get_all_findings_from_db()
     for pillar in zero_trust_consts.PILLARS:
         pillars_grades.append(
             PillarService.__get_pillar_grade(pillar, all_findings))
     return pillars_grades
예제 #3
0
    def get(self, report_data=None):
        if report_data == REPORT_DATA_PILLARS:
            return jsonify(PillarService.get_pillar_report_data())
        elif report_data == REPORT_DATA_PRINCIPLES_STATUS:
            return jsonify(PrincipleService.get_principles_status())
        elif report_data == REPORT_DATA_FINDINGS:
            return jsonify(FindingService.get_all_findings_for_ui())
        elif report_data == REPORT_DATA_SCOUTSUITE:
            # Raw ScoutSuite data is already solved as json, no need to jsonify
            return Response(
                ScoutSuiteRawDataService.get_scoutsuite_data_json(),
                mimetype='application/json')

        flask_restful.abort(http.client.NOT_FOUND)
예제 #4
0
def test_get_all_findings():
    get_scoutsuite_finding_dto().save()
    get_monkey_finding_dto().save()

    # This method fails due to mongomock not being able to simulate $unset, so don't test details
    MonkeyZTDetailsService.fetch_details_for_display = MagicMock(return_value=None)

    findings = FindingService.get_all_findings_for_ui()

    description = TESTS_MAP[TEST_SCOUTSUITE_SERVICE_SECURITY]["finding_explanation"][STATUS_FAILED]
    expected_finding0 = EnrichedFinding(
        finding_id=findings[0].finding_id,
        pillars=[DEVICES, NETWORKS],
        status=STATUS_FAILED,
        test=description,
        test_key=TEST_SCOUTSUITE_SERVICE_SECURITY,
        details=None,
    )

    description = TESTS_MAP[TEST_ENDPOINT_SECURITY_EXISTS]["finding_explanation"][STATUS_PASSED]
    expected_finding1 = EnrichedFinding(
        finding_id=findings[1].finding_id,
        pillars=[DEVICES],
        status=STATUS_PASSED,
        test=description,
        test_key=TEST_ENDPOINT_SECURITY_EXISTS,
        details=None,
    )

    # Don't test details
    details = []
    for finding in findings:
        details.append(finding.details)
        finding.details = None

    assert findings[0] == expected_finding0
    assert findings[1] == expected_finding1