Skip to content

Commit

Permalink
Merge branch 'main' into Check-for-undefined-text
Browse files Browse the repository at this point in the history
  • Loading branch information
Alexdev8 authored Feb 29, 2024
2 parents e18b7e3 + f9dfeef commit 18932e6
Show file tree
Hide file tree
Showing 73 changed files with 3,404 additions and 1,423 deletions.
22 changes: 18 additions & 4 deletions backend/app_tests/api/test_api_assets.py
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,12 @@ def test_delete_assets(self):


@pytest.mark.django_db
@pytest.mark.parametrize("test", GROUPS_PERMISSIONS.keys(), ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()], indirect=True)
@pytest.mark.parametrize(
"test",
GROUPS_PERMISSIONS.keys(),
ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()],
indirect=True,
)
class TestAssetsAuthenticated:
"""Perform tests on Assets API endpoint with authentication"""

Expand All @@ -97,7 +102,10 @@ def test_get_assets(self, test):
"type": ASSET_TYPE[0],
"folder": test.folder,
},
{"folder": {"id": str(test.folder.id), "str": test.folder.name}, "type": ASSET_TYPE[1]},
{
"folder": {"id": str(test.folder.id), "str": test.folder.name},
"type": ASSET_TYPE[1],
},
user_group=test.user_group,
)

Expand All @@ -116,7 +124,10 @@ def test_create_assets(self, test):
"parent_assets": [],
"folder": str(test.folder.id),
},
{"folder": {"id": str(test.folder.id), "str": test.folder.name}, "type": ASSET_TYPE[1]},
{
"folder": {"id": str(test.folder.id), "str": test.folder.name},
"type": ASSET_TYPE[1],
},
user_group=test.user_group,
)

Expand Down Expand Up @@ -174,7 +185,10 @@ def test_update_assets(self, test):
"type": ASSET_TYPE2[0],
"folder": str(folder.id),
},
{"folder": {"id": str(test.folder.id), "str": test.folder.name}, "type": ASSET_TYPE[1]},
{
"folder": {"id": str(test.folder.id), "str": test.folder.name},
"type": ASSET_TYPE[1],
},
user_group=test.user_group,
)

Expand Down
23 changes: 10 additions & 13 deletions backend/app_tests/api/test_api_compliance_assessments.py
Original file line number Diff line number Diff line change
Expand Up @@ -97,17 +97,20 @@ def test_delete_compliance_assessments(self, authenticated_client):


@pytest.mark.django_db
@pytest.mark.parametrize("test", GROUPS_PERMISSIONS.keys(), ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()], indirect=True)
@pytest.mark.parametrize(
"test",
GROUPS_PERMISSIONS.keys(),
ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()],
indirect=True,
)
class TestComplianceAssessmentsAuthenticated:
"""Perform tests on ComplianceAssessments API endpoint with authentication"""

def test_get_compliance_assessments(self, test):
"""test to get compliance assessments from the API with authentication"""

EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework")
project = Project.objects.create(
name="test", folder=test.folder
)
project = Project.objects.create(name="test", folder=test.folder)

EndpointTestsQueries.Auth.get_object(
test.client,
Expand All @@ -134,9 +137,7 @@ def test_create_compliance_assessments(self, test):
"""test to create compliance assessments with the API with authentication"""

EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework")
project = Project.objects.create(
name="test", folder=test.folder
)
project = Project.objects.create(name="test", folder=test.folder)

EndpointTestsQueries.Auth.create_object(
test.client,
Expand Down Expand Up @@ -165,9 +166,7 @@ def test_update_compliance_assessments(self, test):
EndpointTestsQueries.Auth.import_object(test.admin_client, "Documents")
EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework")
EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework2")
project = Project.objects.create(
name="test", folder=test.folder
)
project = Project.objects.create(name="test", folder=test.folder)
project2 = Project.objects.create(
name="test2", folder=Folder.objects.create(name="test2")
)
Expand Down Expand Up @@ -204,9 +203,7 @@ def test_delete_compliance_assessments(self, test):
"""test to delete compliance assessments with the API with authentication"""

EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework")
project = Project.objects.create(
name="test", folder=test.folder
)
project = Project.objects.create(name="test", folder=test.folder)

EndpointTestsQueries.Auth.delete_object(
test.client,
Expand Down
19 changes: 15 additions & 4 deletions backend/app_tests/api/test_api_evidences.py
Original file line number Diff line number Diff line change
Expand Up @@ -92,14 +92,21 @@ def test_delete_evidences(self):


@pytest.mark.django_db
@pytest.mark.parametrize("test", GROUPS_PERMISSIONS.keys(), ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()], indirect=True)
@pytest.mark.parametrize(
"test",
GROUPS_PERMISSIONS.keys(),
ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()],
indirect=True,
)
class TestEvidencesAuthenticated:
"""Perform tests on Evidences API endpoint with authentication"""

def test_get_evidences(self, test):
"""test to get evidences from the API with authentication"""

security_measure = SecurityMeasure.objects.create(name="test", folder=test.folder)
security_measure = SecurityMeasure.objects.create(
name="test", folder=test.folder
)

EndpointTestsQueries.Auth.get_object(
test.client,
Expand Down Expand Up @@ -127,7 +134,9 @@ def test_get_evidences(self, test):
def test_create_evidences(self, test):
"""test to create evidences with the API with authentication"""

security_measure = SecurityMeasure.objects.create(name="test", folder=test.folder)
security_measure = SecurityMeasure.objects.create(
name="test", folder=test.folder
)

with open(
path.join(path.dirname(path.dirname(__file__)), EVIDENCE_ATTACHMENT), "rb"
Expand Down Expand Up @@ -162,7 +171,9 @@ def test_update_evidences(self, test):
"""test to update evidences with the API with authentication"""

folder = Folder.objects.create(name="test2")
security_measure = SecurityMeasure.objects.create(name="test", folder=test.folder)
security_measure = SecurityMeasure.objects.create(
name="test", folder=test.folder
)
security_measure2 = SecurityMeasure.objects.create(name="test2", folder=folder)

with open(
Expand Down
9 changes: 7 additions & 2 deletions backend/app_tests/api/test_api_folders.py
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,12 @@ def test_delete_folders(self):


@pytest.mark.django_db
@pytest.mark.parametrize("test", GROUPS_PERMISSIONS.keys(), ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()], indirect=True)
@pytest.mark.parametrize(
"test",
GROUPS_PERMISSIONS.keys(),
ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()],
indirect=True,
)
class TestFoldersAuthenticated:
"""Perform tests on Folders API endpoint with authentication"""

Expand All @@ -74,7 +79,7 @@ def test_get_folders(self, test):
"Folders",
Folder,
{
"name": FOLDER_NAME,
"name": FOLDER_NAME,
"description": FOLDER_DESCRIPTION,
"parent_folder": test.folder,
},
Expand Down
169 changes: 125 additions & 44 deletions backend/app_tests/api/test_api_libraries.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
from core.models import Framework
from core.models import RiskMatrix
from iam.models import Folder
from rest_framework import status

from test_vars import GROUPS_PERMISSIONS
from test_utils import EndpointTestsQueries, EndpointTestsUtils
Expand Down Expand Up @@ -43,7 +44,12 @@ def test_delete_risk_matrix(self, authenticated_client):


@pytest.mark.django_db
@pytest.mark.parametrize("test", GROUPS_PERMISSIONS.keys(), ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()], indirect=True)
@pytest.mark.parametrize(
"test",
GROUPS_PERMISSIONS.keys(),
ids=[GROUPS_PERMISSIONS[key]["name"] for key in GROUPS_PERMISSIONS.keys()],
indirect=True,
)
class TestLibrariesAuthenticated:
"""Perform tests on Libraries API endpoint with authentication"""

Expand All @@ -66,34 +72,73 @@ def test_import_frameworks(self, test):
assert (
Framework.objects.all().count() == 0
), "libraries are already imported in the database"
EndpointTestsQueries.Auth.get_object(test.client, "Frameworks", user_group=test.user_group)
EndpointTestsQueries.Auth.get_object(
test.client, "Frameworks", user_group=test.user_group
)

EndpointTestsQueries.Auth.import_object(test.client, "Framework", user_group=test.user_group)
EndpointTestsQueries.Auth.import_object(
test.client, "Framework", user_group=test.user_group
)

# Uses the API endpoint to assert that the library was properly imported
assert (
Framework.objects.all().count() == 1
expect = {
"BI-UG-ADM": True,
"BI-UG-GAD": False,
"BI-UG-GVA": False,
"BI-UG-DMA": False,
"BI-UG-ANA": False,
"BI-UG-VAL": False,
"BI-UG-AUD": False,
}

assert Framework.objects.all().count() == (
1 if expect[test["user_group"]] else 0
), "frameworks are not correctly imported in the database"
EndpointTestsQueries.Auth.get_object(
test.client,
"Frameworks",
test_params={
"name": lib_detail_response["name"],
"description": lib_detail_response["description"],
"urn": lib_detail_response["urn"],
"folder": {"str": Folder.get_root_folder().name},
},
base_count=1,
user_group=test.user_group,
)
if expect[test["user_group"]]:
# Uses the API endpoint to assert that the library was properly imported
EndpointTestsQueries.Auth.get_object(
test.client,
"Frameworks",
test_params={
"name": lib_detail_response["name"],
"description": lib_detail_response["description"],
"urn": lib_detail_response["urn"],
"folder": {"str": Folder.get_root_folder().name},
},
base_count=1,
user_group=test.user_group,
)

def test_delete_frameworks(self, test):
"""test to delete frameworks with the API with authentication"""

EndpointTestsQueries.Auth.import_object(test.client, "Framework", user_group=test.user_group)
EndpointTestsQueries.Auth.delete_object(
test.client, "Frameworks", Framework, user_group=test.user_group
)
EndpointTestsQueries.Auth.import_object(test.admin_client, "Framework")
assert (
Framework.objects.all().count() == 1
), "frameworks for deletion are not correctly imported in the database"
expect = {
"BI-UG-ADM": True,
"BI-UG-GAD": False,
"BI-UG-GVA": False,
"BI-UG-DMA": False,
"BI-UG-ANA": False,
"BI-UG-VAL": False,
"BI-UG-AUD": False,
}
should_work = expect[test["user_group"]]
if (
should_work
): # this if should be removed, but it is not working as expected, todo
EndpointTestsQueries.Auth.delete_object(
test.client,
"Frameworks",
Framework,
user_group=test.user_group,
fails=not (should_work),
)
if not should_work: # remove object
EndpointTestsQueries.Auth.delete_object(
test.admin_client, "Frameworks", Framework
)

def test_import_risk_matrix(self, test):
"""test to import risk matrix with the API with authentication"""
Expand All @@ -107,32 +152,68 @@ def test_import_risk_matrix(self, test):
assert (
RiskMatrix.objects.all().count() == 0
), "libraries are already imported in the database"
EndpointTestsQueries.Auth.get_object(test.client, "Risk matrices", user_group=test.user_group)

EndpointTestsQueries.Auth.import_object(test.client, "Risk matrix", user_group=test.user_group)
EndpointTestsQueries.Auth.get_object(
test.client, "Risk matrices", user_group=test.user_group
)

EndpointTestsQueries.Auth.import_object(
test.client, "Risk matrix", user_group=test.user_group
)

# Uses the API endpoint to assert that the library was properly imported
assert (
RiskMatrix.objects.all().count() == 1
expect = {
"BI-UG-ADM": True,
"BI-UG-GAD": False,
"BI-UG-GVA": False,
"BI-UG-DMA": False,
"BI-UG-ANA": False,
"BI-UG-VAL": False,
"BI-UG-AUD": False,
}

assert RiskMatrix.objects.all().count() == (
1 if expect[test["user_group"]] else 0
), "Risk matrices are not correctly imported in the database"
EndpointTestsQueries.Auth.get_object(
test.client,
"Risk matrices",
test_params={
"name": lib_detail_response["name"],
"description": lib_detail_response["description"],
"urn": lib_detail_response["urn"],
"folder": {"str": Folder.get_root_folder().name},
# 'json_definition': lib_detail_response # TODO: restore this test
},
base_count=1,
user_group=test.user_group,
)
if expect[test["user_group"]]:
EndpointTestsQueries.Auth.get_object(
test.client,
"Risk matrices",
test_params={
"name": lib_detail_response["name"],
"description": lib_detail_response["description"],
"urn": lib_detail_response["urn"],
"folder": {"str": Folder.get_root_folder().name},
# 'json_definition': lib_detail_response # TODO: restore this test
},
base_count=1,
user_group=test.user_group,
)

def test_delete_matrix(self, test):
"""test to delete risk matrix with the API with authentication"""

EndpointTestsQueries.Auth.import_object(test.client, "Risk matrix", user_group=test.user_group)
EndpointTestsQueries.Auth.delete_object(
test.client, "Risk matrices", RiskMatrix, user_group=test.user_group
)
EndpointTestsQueries.Auth.import_object(test.admin_client, "Risk matrix")
expect = {
"BI-UG-ADM": True,
"BI-UG-GAD": False,
"BI-UG-GVA": False,
"BI-UG-DMA": False,
"BI-UG-ANA": False,
"BI-UG-VAL": False,
"BI-UG-AUD": False,
}
should_work = expect[test["user_group"]]
if (
should_work
): # this if should be removed, but it is not working as expected, todo
EndpointTestsQueries.Auth.delete_object(
test.client,
"Risk matrices",
RiskMatrix,
user_group=test.user_group,
fails=not (should_work),
)
if not should_work: # remove object
EndpointTestsQueries.Auth.delete_object(
test.admin_client, "Risk matrices", RiskMatrix
)
Loading

0 comments on commit 18932e6

Please sign in to comment.