def test_AC05(self): process1 = Process("Process1") web = Server("Web Server") process1.providesIntegrity = False process1.authorizesSource = False web.providesIntegrity = False web.authorizesSource = False threat = threats["AC05"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(web))
def test_AC05(self): process1 = Process("Process1") web = Server("Web Server") process1.providesIntegrity = False process1.authorizesSource = False web.providesIntegrity = False web.authorizesSource = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC05")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(web))
def test_AC03(self): process1 = Process("Process1") lambda1 = Lambda("Lambda1") process1.usesEnvironmentVariables = True process1.implementsAuthenticationScheme = False process1.validatesInput = False process1.authorizesSource = False lambda1.usesEnvironmentVariables = True lambda1.implementsAuthenticationScheme = False lambda1.validatesInput = False lambda1.authorizesSource = False threat = threats["AC03"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(lambda1))
def test_AC01(self): web = Server("Web Server") process1 = Process("Process1") db = Datastore("DB") web.hasAccessControl = False web.authorizesSource = True process1.hasAccessControl = False process1.authorizesSource = False db.hasAccessControl = False db.authorizesSource = False threat = threats["AC01"] self.assertTrue(threat.apply(process1)) self.assertTrue(threat.apply(web)) self.assertTrue(threat.apply(db))
def test_AC03(self): process1 = Process("Process1") lambda1 = Lambda("Lambda1") process1.usesEnvironmentVariables = True process1.implementsAuthenticationScheme = False process1.validatesInput = False process1.authorizesSource = False lambda1.usesEnvironmentVariables = True lambda1.implementsAuthenticationScheme = False lambda1.validatesInput = False lambda1.authorizesSource = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC03")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(lambda1))
def test_AC01(self): web = Server("Web Server") process1 = Process("Process1") db = Datastore("DB") web.hasAccessControl = False web.authorizesSource = True process1.hasAccessControl = False process1.authorizesSource = False db.hasAccessControl = False db.authorizesSource = False ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC01")) self.assertTrue(ThreatObj.apply(process1)) self.assertTrue(ThreatObj.apply(web)) self.assertTrue(ThreatObj.apply(db))