def test_sca_response_without_result(mock_agent, mock_sca_agent):
"""
Test failing when WazuhDB don't return 'items' key into result
"""
with patch('wazuh.core.sca.WazuhDBBackend') as mock_wdb:
mock_wdb.return_value.connect_to_db.return_value.execute.side_effect = get_fake_sca_data
with patch('wazuh.core.sca.WazuhDBQuerySCA.run', return_value={}):
with pytest.raises(exception.WazuhException, match=".* 2007 .*"):
get_sca_checks('not_exists', agent_list=['000'])
def test_get_sca_checks(mock_agent, mock_sca_agent):
"""
Checks sca checks data are properly loaded from database
"""
with patch('wazuh.core.utils.WazuhDBConnection') as mock_wdb:
mock_wdb.return_value = InitWDBSocketMock(
sql_schema_file='schema_sca_test.sql')
result = get_sca_checks('cis_debian', agent_list=['000'])
assert isinstance(result, AffectedItemsWazuhResult)
result = result.to_dict()
assert isinstance(result['total_affected_items'], int)
sca = result['affected_items']
assert isinstance(sca, list)
assert len(sca) > 0
assert set(sca[0].keys()).issubset(
set(fields_translation_sca_check.keys()) | {'compliance', 'rules'})
compliance = sca[0]['compliance']
assert isinstance(compliance, list)
assert len(compliance) > 0
assert set(compliance[0].keys()) == set(
fields_translation_sca_check_compliance.values())
# Check 0 result
result = get_sca_checks('not_exists', agent_list=['000'])
assert isinstance(result, AffectedItemsWazuhResult)
result = result.to_dict()
assert isinstance(result['total_affected_items'], int)
sca = result['affected_items']
assert isinstance(sca, list)
assert len(sca) == 0
result = get_sca_checks('cis_debian', agent_list=['999'])
assert isinstance(result, AffectedItemsWazuhResult)
result = result.to_dict()
assert isinstance(result['total_affected_items'], int)
assert result['total_affected_items'] == 0
assert len(result['affected_items']) == 0
assert result['total_failed_items'] == 1
assert len(result['failed_items']) == 1
failed = result['failed_items']
assert isinstance(list(failed.keys())[0], WazuhResourceNotFound)
assert list(failed.keys())[0].to_dict()['code'] == 1701
assert failed[list(failed.keys())[0]] == {'999'}
def test_sca_checks_select_and_q(mock_agent, mock_sca_agent):
"""
Tests filtering using q parameter and selecting multiple fields
"""
with patch('wazuh.core.utils.WazuhDBConnection') as mock_wdb:
mock_wdb.return_value = InitWDBSocketMock(
sql_schema_file='schema_sca_test.sql')
result = get_sca_checks(
'cis_debian',
agent_list=['000'],
q="rules.type!=file",
select=['compliance', 'policy_id', 'result', 'rules']).to_dict()
assert result['affected_items'][0]['rules'][0]['type'] != 'file'
assert set(result['affected_items'][0].keys()).issubset(
{'compliance', 'policy_id', 'result', 'rules'})
