def test_AC05(self):
process1 = Process("Process1")
web = Server("Web Server")
process1.providesIntegrity = False
process1.authorizesSource = False
web.providesIntegrity = False
web.authorizesSource = False
threat = threats["AC05"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(web))
def test_AC05(self):
process1 = Process("Process1")
web = Server("Web Server")
process1.providesIntegrity = False
process1.authorizesSource = False
web.providesIntegrity = False
web.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC05"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(web))
def test_AC03(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.usesEnvironmentVariables = True
process1.implementsAuthenticationScheme = False
process1.validatesInput = False
process1.authorizesSource = False
lambda1.usesEnvironmentVariables = True
lambda1.implementsAuthenticationScheme = False
lambda1.validatesInput = False
lambda1.authorizesSource = False
threat = threats["AC03"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(lambda1))
def test_AC01(self):
web = Server("Web Server")
process1 = Process("Process1")
db = Datastore("DB")
web.hasAccessControl = False
web.authorizesSource = True
process1.hasAccessControl = False
process1.authorizesSource = False
db.hasAccessControl = False
db.authorizesSource = False
threat = threats["AC01"]
self.assertTrue(threat.apply(process1))
self.assertTrue(threat.apply(web))
self.assertTrue(threat.apply(db))
def test_AC03(self):
process1 = Process("Process1")
lambda1 = Lambda("Lambda1")
process1.usesEnvironmentVariables = True
process1.implementsAuthenticationScheme = False
process1.validatesInput = False
process1.authorizesSource = False
lambda1.usesEnvironmentVariables = True
lambda1.implementsAuthenticationScheme = False
lambda1.validatesInput = False
lambda1.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC03"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(lambda1))
def test_AC01(self):
web = Server("Web Server")
process1 = Process("Process1")
db = Datastore("DB")
web.hasAccessControl = False
web.authorizesSource = True
process1.hasAccessControl = False
process1.authorizesSource = False
db.hasAccessControl = False
db.authorizesSource = False
ThreatObj = Threat(next(item for item in threats_json if item["SID"] == "AC01"))
self.assertTrue(ThreatObj.apply(process1))
self.assertTrue(ThreatObj.apply(web))
self.assertTrue(ThreatObj.apply(db))
