def test_create_or_add_to_existing_2_tests_already_exist(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
test = zero_trust_consts.TEST_MALICIOUS_ACTIVITY_TIMELINE
status = zero_trust_consts.STATUS_VERIFY
event = Event.create_event("t", "t",
zero_trust_consts.EVENT_TYPE_MONKEY_NETWORK)
events = [event]
self.assertEqual(len(Finding.objects(test=test, status=status)), 0)
Finding.save_finding(test, status, events)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(
len(Finding.objects(test=test, status=status)[0].events), 1)
AggregateFinding.create_or_add_to_existing(test, status, events)
self.assertEqual(len(Finding.objects(test=test, status=status)), 1)
self.assertEqual(
len(Finding.objects(test=test, status=status)[0].events), 2)
Finding.save_finding(test, status, events)
self.assertEqual(len(Finding.objects(test=test, status=status)), 2)
with self.assertRaises(AssertionError):
AggregateFinding.create_or_add_to_existing(test, status, events)
def test_save_finding_validation(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
with self.assertRaises(ValidationError):
_ = Finding.save_finding(test="bla bla", status=STATUS_FAILED, events=[])
with self.assertRaises(ValidationError):
_ = Finding.save_finding(test=TEST_SEGMENTATION, status="bla bla", events=[])
def test_save_finding_sanity(self):
self.fail_if_not_testing_env()
self.clean_finding_db()
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 0)
event_example = Event.create_event(
title="Event Title", message="event message", event_type=EVENT_TYPE_MONKEY_NETWORK)
Finding.save_finding(test=TEST_SEGMENTATION, status=STATUS_FAILED, events=[event_example])
self.assertEquals(len(Finding.objects(test=TEST_SEGMENTATION)), 1)
self.assertEquals(len(Finding.objects(status=STATUS_FAILED)), 1)
def create_or_add_to_existing(test, status, events):
"""
Create a new finding or add the events to an existing one if it's the same (same meaning same status and same
test).
:raises: Assertion error if this is used when there's more then one finding which fits the query - this is not
when this function should be used.
"""
existing_findings = Finding.objects(test=test,
status=status).exclude('events')
assert (len(existing_findings) <
2), "More than one finding exists for {}:{}".format(
test, status)
if len(existing_findings) == 0:
Finding.save_finding(test, status, events)
else:
# Now we know for sure this is the only one
orig_finding = existing_findings[0]
orig_finding.add_events(events)
def save_example_findings():
# arrange
Finding.save_finding(zero_trust_consts.TEST_ENDPOINT_SECURITY_EXISTS,
zero_trust_consts.STATUS_PASSED,
[]) # devices passed = 1
Finding.save_finding(zero_trust_consts.TEST_ENDPOINT_SECURITY_EXISTS,
zero_trust_consts.STATUS_PASSED,
[]) # devices passed = 2
Finding.save_finding(zero_trust_consts.TEST_ENDPOINT_SECURITY_EXISTS,
zero_trust_consts.STATUS_FAILED,
[]) # devices failed = 1
# devices unexecuted = 1
# people verify = 1
# networks verify = 1
Finding.save_finding(zero_trust_consts.TEST_SCHEDULED_EXECUTION,
zero_trust_consts.STATUS_VERIFY, [])
# people verify = 2
# networks verify = 2
Finding.save_finding(zero_trust_consts.TEST_SCHEDULED_EXECUTION,
zero_trust_consts.STATUS_VERIFY, [])
# data failed 1
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_FAILED, [])
# data failed 2
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_FAILED, [])
# data failed 3
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_FAILED, [])
# data failed 4
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_FAILED, [])
# data failed 5
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_FAILED, [])
# data verify 1
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_VERIFY, [])
# data verify 2
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_VERIFY, [])
# data passed 1
Finding.save_finding(zero_trust_consts.TEST_DATA_ENDPOINT_HTTP,
zero_trust_consts.STATUS_PASSED, [])