def test_find_violations_whitelist_inapplicable_dataset(self): rules_local_path = get_datafile_path(__file__, 'bigquery_test_rules_6.yaml') rules_engine = bqe.BigqueryRulesEngine(rules_local_path) rules_engine.build_rule_book() fake_bq_acls_data = create_list_of_bq_objects_from_data() actual_violations_list = [] for bqt in fake_bq_acls_data: violation = rules_engine.find_violations(self.project, bqt) actual_violations_list.extend(violation) self.assertEqual([], actual_violations_list)
def test_find_violations_blacklist_with_no_violations(self): """Test that a rule for a given rule there are no violations.""" rules_local_path = get_datafile_path(__file__, 'bigquery_test_rules_3.yaml') rules_engine = bqe.BigqueryRulesEngine(rules_local_path) rules_engine.build_rule_book() fake_bq_acls = create_list_of_bq_objects_from_data() actual_violations_list = [] for bqt in fake_bq_acls: violation = rules_engine.find_violations(self.project, bqt) actual_violations_list.extend(violation) self.assertEqual([], actual_violations_list)
def test_find_violations_multiple_dataset_ids(self): rules_local_path = get_datafile_path(__file__, 'bigquery_test_rules_10.yaml') rules_engine = bqe.BigqueryRulesEngine(rules_local_path) rules_engine.build_rule_book() fake_bq_acls_data = create_list_of_bq_objects_from_data() actual_violations_list = [] for bqt in fake_bq_acls_data: violation = rules_engine.find_violations(self.project, bqt) actual_violations_list.extend(violation) self.assertEqual( [fake_bigquery_scanner_data.BIGQUERY_EXPECTED_VIOLATION_LIST[0]], actual_violations_list)
def __init__(self, global_configs, scanner_configs, service_config, model_name, snapshot_timestamp, rules): """Initialization. Args: global_configs (dict): Global configurations. scanner_configs (dict): Scanner configurations. service_config (ServiceConfig): Forseti 2.0 service configs model_name (str): name of the data model snapshot_timestamp (str): Timestamp, formatted as YYYYMMDDTHHMMSSZ. rules (str): Fully-qualified path and filename of the rules file. """ super(BigqueryScanner, self).__init__( global_configs, scanner_configs, service_config, model_name, snapshot_timestamp, rules) self.rules_engine = bigquery_rules_engine.BigqueryRulesEngine( rules_file_path=self.rules, snapshot_timestamp=self.snapshot_timestamp) self.rules_engine.build_rule_book(self.global_configs)