def test_disabled_factor_detail(self): ts: TrustFactorsV2 = TrustFactorsV2.Schema().loads( load_testdata("tests/data/trust_factors.json")) self.assertIn('NotJailbroken', ts.explanation.details.keys()) d = ts.explanation.details['NotJailbroken'] self.assertEqual(False, d.is_active) self.assertEqual(0, d.relative_contribution)
def test_parse_group_role(self): r: Role = Role.Schema().loads( load_testdata("tests/data/role_group.json")) self.assertEqual(Role.KIND, r.kind) self.assertEqual("Gitlab", r.metadata.name) self.assertEqual(["Security"], r.spec.group) self.assertEqual([], r.spec.device_ownership)
def test_parse_config(self): c: ShieldConfig = ShieldConfig.Schema().loads( load_testdata("tests/data/shields.json")) self.assertIn(ShieldParserTest.SHIELD_UUID, [str(x.id) for x in c.shields]) self.assertIn(ShieldParserTest.SHIELD_UUID, c.last_activity_map.keys()) self.assertIn(ShieldParserTest.SHIELD_UUID, c.netagent_map.keys())
def test_parse_web_service(self): s: Service = Service.Schema().loads(load_testdata("tests/data/service_web.json")) self.assertEqual(API_VERSION, s.apiVersion) self.assertEqual(ServiceParserTest.SERVICE_NAME, s.metadata.name) self.assertEqual(ServiceParserTest.SERVICE_DOMAIN, s.metadata.tags.domain) self.assertEqual(ServiceTemplate.WEB, s.metadata.tags.template) self.assertEqual(ServiceAppType.WEB, s.metadata.tags.service_app_type)
def test_parse_email_role(self): r: Role = Role.Schema().loads( load_testdata("tests/data/role_email.json")) self.assertEqual(Role.KIND, r.kind) self.assertEqual("Email", r.metadata.name) self.assertEqual([], r.spec.group) self.assertEqual([], r.spec.device_ownership, []) self.assertEqual(["*****@*****.**"], r.spec.email)
def test_parse_attachments(self): a: List[Attachment] = Attachment.Schema().loads(load_testdata("tests/data/attachments.json"), many=True) self.assertEqual(13, len(a)) self.assertEqual("005b23d0-3f5a-471a-8c7a-05f4599c5453", str(a[0].policy_id)) self.assertEqual("vault-api", a[0].attached_to_name) self.assertEqual("vault-api.us-east-1.bnn", a[0].attached_to_id) self.assertEqual(AttachmentType.SERVICE, a[0].attached_to_type) self.assertEqual(True, a[0].enabled)
def test_enabled_factor_detail(self): ts: TrustFactorsV2 = TrustFactorsV2.Schema().loads( load_testdata("tests/data/trust_factors.json")) self.assertIn('AutoUpdateEnabled', ts.explanation.details.keys()) d: TrustFactorDetailV2 = ts.explanation.details['AutoUpdateEnabled'] self.assertEqual('AutoUpdateEnabled', d.factor_name) self.assertEqual('true', d.factor_value) self.assertEqual(True, d.is_active) self.assertEqual(1, d.relative_contribution)
def test_parse_workload_role(self): r: Role = Role.Schema().loads( load_testdata("tests/data/role_workload.json")) self.assertEqual(Role.KIND, r.kind) self.assertEqual("vault-client", r.metadata.name) self.assertEqual(1, len(r.spec.label_selector)) self.assertEqual( "vault-client", r.spec.label_selector[0]["com.banyanops.hosttag.role"])
def test_device(self): d: Device = Device.Schema().loads( load_testdata("tests/data/device.json")) self.assertEqual("C02WG12DHTD7", d.serial_number) self.assertEqual(True, bool(d.registered_status)) self.assertEqual("High", d.trust_data.level) self.assertEqual("BNN", d.mdm_data.source) self.assertEqual("AutoUpdateEnabled", d.trust_data.factors[0].name) self.assertEqual(True, bool(d.trust_data.factors[0].value)) self.assertEqual("banyan", d.trust_data.factors[0].source)
def test_inactive_factor(self): ts: TrustFactorsV2 = TrustFactorsV2.Schema().loads( load_testdata("tests/data/trust_factors.json")) f: List[TrustFactorV2] = [ x for x in ts.inactive_factors if x.name == 'NotJailbroken' ] self.assertEqual(1, len(f)) self.assertEqual('C02TQ08VHF1R', f[0].resource_id) self.assertIn('NotJailbroken', f[0].input_features.keys()) self.assertEqual('', f[0].value) self.assertEqual('', f[0].input_features['NotJailbroken'])
def test_active_factor(self): ts: TrustFactorsV2 = TrustFactorsV2.Schema().loads( load_testdata("tests/data/trust_factors.json")) f: List[TrustFactorV2] = [ x for x in ts.active_factors if x.name == 'AutoUpdateEnabled' ] self.assertEqual(1, len(f)) self.assertEqual('C02TQ08VHF1R', f[0].resource_id) self.assertIn('AutoUpdateEnabled', f[0].input_features.keys()) self.assertEqual('true', f[0].value) self.assertEqual('true', f[0].input_features['AutoUpdateEnabled'])
def test_score(self): ts: List[TrustScore] = TrustScore.Schema().loads( load_testdata("tests/data/trust_scores.json"), many=True) self.assertEqual(2, len(ts)) self.assertEqual('C02TQ08VHF1R', ts[0].trust_id) self.assertEqual(TrustType.DEVICE, ts[0].trust_type) self.assertEqual('932f0800-556b-4296-a07c-92971a5c87c4', ts[0].factors.score_id) self.assertEqual('C02TQ08VHF1R', ts[1].trust_id) self.assertEqual(TrustType.EXTERNAL, ts[1].trust_type) self.assertEqual('eb087ea4-25d1-4ee7-9f15-a9137411c170', ts[1].factors.score_id)
def test_exempted_paths(self): s: Service = Service.Schema().loads( load_testdata("tests/data/exempted_paths.json")) self.assertEqual("pipelines.bnndemos.com", s.name) self.assertTrue(s.spec.http_settings.exempted_paths.enabled) self.assertEqual(2, len(s.spec.http_settings.exempted_paths.patterns)) ep0: Pattern = s.spec.http_settings.exempted_paths.patterns[0] self.assertEqual(2, len(ep0.source_cidrs)) # self.assertIsInstance(ep0.source_cidrs[0], IPv4Interface) self.assertIn("12.34.56.0/24", ep0.source_cidrs) self.assertIn("56.78.90.12", ep0.source_cidrs) self.assertIn("/api/*", ep0.paths) self.assertEqual(1, len(ep0.hosts)) self.assertEqual(1, len(ep0.hosts[0].target)) self.assertEqual("https://pipelines.bnndemos.com:443", ep0.hosts[0].target[0])
def test_parse_web_policy(self): p: Policy = Policy.Schema().loads( load_testdata("tests/data/policy_web.json")) self.assertEqual(API_VERSION, p.apiVersion) self.assertEqual(Policy.KIND, p.kind) self.assertEqual("jupyter-allow", p.metadata.name) self.assertEqual(Template.USER, p.metadata.tags.template) self.assertEqual(p.type, p.metadata.tags.template) self.assertEqual(True, p.spec.options.disable_tls_client_authentication) self.assertEqual("http", p.spec.options.l7_protocol) self.assertEqual(1, len(p.spec.access)) a0 = p.spec.access[0] self.assertEqual(TrustLevel.LOW, a0.rules.conditions.trust_level) self.assertEqual(["ANY"], a0.roles) self.assertEqual(1, len(a0.rules.l7_access)) r0 = a0.rules.l7_access[0] self.assertEqual(["*"], r0.resources) self.assertEqual(["*"], r0.actions)
def test_parse_info(self): i: RoleInfo = RoleInfo.Schema().loads( load_testdata("tests/data/roleinfo.json")) self.assertEqual("SecurityTeam", i.role_name) self.assertEqual("SecurityTeam", i.role.name)
def test_parse_last_activity(self): la: ShieldLastActivity = ShieldLastActivity.Schema().loads( load_testdata("tests/data/shield_activity.json")) self.assertEqual(self.SHIELD_UUID, str(la.uuid))
def test_parse_shield(self): s: Shield = Shield.Schema().loads( load_testdata("tests/data/shield.json")) self.assertEqual("us-east-1", s.name) self.assertEqual(self.SHIELD_UUID, str(s.id))
def test_parse_info(self): i: PolicyInfo = PolicyInfo.Schema().loads( load_testdata("tests/data/policyinfo.json")) self.assertEqual("nginx-stage-mesh", i.name) self.assertEqual("nginx-stage-mesh", i.policy.name) self.assertEqual("0e599ef2-a9a3-45a2-855b-7c30e80f083f", str(i.id))
def test_parse_netagent(self): n: Netagent = Netagent.Schema().loads( load_testdata("tests/data/netagent.json")) self.assertEqual("ip-172-31-62-215.ec2.internal", n.hostname) self.assertEqual("Linux", n.host_data["Sysname"]) self.assertEqual("transtar-test", n.site_name)
def test_parse_null_user(self): e: EventV2 = EventV2.Schema().loads( load_testdata("tests/data/event_v2_null_user.json")) self.assertIsNone(e.user_principal.user)
def test_parse_more(self): e: List[EventV2] = EventV2.Schema().loads( load_testdata("tests/data/more_events_v2.json"), many=True) self.assertEqual(292, len(e))
def test_parse_many(self): e: List[EventV2] = EventV2.Schema().loads( load_testdata("tests/data/events_v2.json"), many=True) self._test_specific_event(e[0])
def test_parse_tags(self): t: Tags = Tags.Schema().loads( load_testdata("tests/data/service_tags.json")) self.assertEqual(ServiceParserTest.SERVICE_DOMAIN, t.domain) self.assertEqual(ServiceTemplate.WEB, t.template) self.assertEqual(ServiceAppType.WEB, t.service_app_type)
def test_parse_event(self): e: AuditEvent = AuditEvent.Schema().loads( load_testdata("tests/data/audit_event.json")) self._test_specific_event(e)
def test_parse_info(self): i: ServiceInfo = ServiceInfo.Schema().loads( load_testdata("tests/data/serviceinfo.json")) self.assertEqual(ServiceParserTest.SERVICE_NAME, i.service_name) self.assertEqual(ServiceParserTest.SERVICE_NAME, i.service.name)
def test_factors(self): ts: TrustFactorsV2 = TrustFactorsV2.Schema().loads( load_testdata("tests/data/trust_factors.json")) self.assertEqual('C02TQ08VHF1R', ts.resource_id) self.assertEqual(99, ts.score) self.assertEqual('device.algo', ts.score_type)
def test_parse_many(self): e: List[AuditEvent] = AuditEvent.Schema().loads( load_testdata("tests/data/audit_events.json"), many=True) self._test_specific_event(e[0])
def test_parse_event(self): e: EventV2 = EventV2.Schema().loads( load_testdata("tests/data/event_v2.json")) self._test_specific_event(e)