def test_invalid_log_type(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter RuleID=Example.Bad.Log.Type'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) self.equal = assert_equal(len(invalid_specs), 7)
def test_with_invalid_mocks(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter Severity=Critical RuleID=Example.Rule.Invalid.Mock'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 7)
def test_with_tag_filters(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH}/valid_analysis --filter Tags=AWS,CIS'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 0) assert_equal(len(invalid_specs), 0)
def test_invalid_characters(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter Severity=High ResourceTypes=AWS.IAM.User'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 8)
def test_unknown_exception(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter RuleID=Example.Rule.Unknown.Exception'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 7)
def test_invalid_rule_definition(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter RuleID=AWS.CloudTrail.MFAEnabled'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 7)
def test_invalid_characters(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures --filter Severity=High ResourceTypes=AWS.IAM.User' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 4)
def test_parse_filters(self): args = pat.setup_parser().parse_args(f'test --path {DETECTIONS_FIXTURES_PATH}/valid_analysis --filter AnalysisType=policy,global Severity=Critical'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) assert_true('AnalysisType' in args.filter.keys()) assert_true('policy' in args.filter['AnalysisType']) assert_true('global' in args.filter['AnalysisType']) assert_true('Severity' in args.filter.keys()) assert_true('Critical' in args.filter['Severity'])
def test_with_tag_filters(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures/valid_analysis --filter Tags=AWS,CIS'. split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 0) assert_equal(len(invalid_specs), 0)
def test_with_invalid_mocks(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures --filter Severity=Critical RuleID=Example.Rule.Invalid.Mock' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 4)
def test_unknown_exception(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures --filter RuleID=Example.Rule.Unknown.Exception' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 4)
def test_with_minimum_tests_no_passing(self): args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH} --filter PolicyID=IAM.MFAEnabled.Required.Tests --minimum-tests 2'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) # Failing, because while there are two unit tests they both have expected result False assert_equal(return_code, 1) assert_equal(len(invalid_specs), 7)
def test_invalid_rule_test(self): args = pat.setup_parser().parse_args( f'test --path {FIXTURES_PATH} --filter RuleID=Example.Rule.Invalid.Test' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 4)
def test_invalid_rule_definition(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures --filter RuleID=AWS.CloudTrail.MFAEnabled' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 1) assert_equal(len(invalid_specs), 4)
def test_with_filters(self): args = pat.setup_parser().parse_args( f'test --path {FIXTURES_PATH}/valid_analysis --filter AnalysisType=policy,global' .split()) args.filter = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 0) assert_equal(len(invalid_specs), 0)
def test_with_tag_filters_inverted(self): # Note: a comparison of the tests passed is required to make this test robust # (8 passing vs 1 passing) args = pat.setup_parser().parse_args( f'test --path {DETECTIONS_FIXTURES_PATH}/valid_analysis --filter Tags=AWS,CIS Tags!=SOC2'.split()) args.filter, args.filter_inverted = pat.parse_filter(args.filter) return_code, invalid_specs = pat.test_analysis(args) assert_equal(return_code, 0) assert_equal(len(invalid_specs), 0)
def test_parse_filters(self): args = pat.setup_parser().parse_args( 'test --path tests/fixtures/valid_analysis --filter AnalysisType=policy,global Severity=Critical' .split()) args.filter = pat.parse_filter(args.filter) assert_true('AnalysisType' in args.filter.keys()) assert_true('policy' in args.filter['AnalysisType']) assert_true('global' in args.filter['AnalysisType']) assert_true('Severity' in args.filter.keys()) assert_true('Critical' in args.filter['Severity'])