-
Notifications
You must be signed in to change notification settings - Fork 181
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
6f7b89c
commit cd65842
Showing
1 changed file
with
206 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,206 @@ | ||
import pytest | ||
from rest_framework.test import APIClient | ||
from core.models import SecurityFunction, Policy | ||
from iam.models import Folder | ||
|
||
from test_api import EndpointTestsQueries | ||
|
||
# Generic security measure data for tests | ||
POLICY_NAME = "Test Security Measure" | ||
POLICY_DESCRIPTION = "Test Description" | ||
POLICY_STATUS = ("planned", "Planned") | ||
POLICY_STATUS2 = ("active", "Active") | ||
POLICY_EFFORT = ("L", "Large") | ||
POLICY_EFFORT2 = ("M", "Medium") | ||
POLICY_LINK = "https://example.com" | ||
POLICY_ETA = "2024-01-01" | ||
|
||
|
||
@pytest.mark.django_db | ||
class TestPolicysUnauthenticated: | ||
"""Perform tests on Security Measures API endpoint without authentication""" | ||
|
||
client = APIClient() | ||
|
||
def test_get_security_measures(self): | ||
"""test to get security measures from the API without authentication""" | ||
|
||
EndpointTestsQueries.get_object( | ||
self.client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"folder": Folder.objects.create(name="test"), | ||
}, | ||
) | ||
|
||
def test_create_security_measures(self): | ||
"""test to create security measures with the API without authentication""" | ||
|
||
EndpointTestsQueries.create_object( | ||
self.client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"folder": Folder.objects.create(name="test").id, | ||
}, | ||
) | ||
|
||
def test_update_security_measures(self): | ||
"""test to update security measures with the API without authentication""" | ||
|
||
EndpointTestsQueries.update_object( | ||
self.client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"folder": Folder.objects.create(name="test"), | ||
}, | ||
{ | ||
"name": "new " + POLICY_NAME, | ||
"description": "new " + POLICY_DESCRIPTION, | ||
"folder": Folder.objects.create(name="test2").id, | ||
}, | ||
) | ||
|
||
def test_delete_security_measures(self): | ||
"""test to delete security measures with the API without authentication""" | ||
|
||
EndpointTestsQueries.delete_object( | ||
self.client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"folder": Folder.objects.create(name="test"), | ||
}, | ||
) | ||
|
||
|
||
@pytest.mark.django_db | ||
class TestPolicysAuthenticated: | ||
"""Perform tests on Security Measures API endpoint with authentication""" | ||
|
||
def test_get_security_measures(self, authenticated_client): | ||
"""test to get security measures from the API with authentication""" | ||
|
||
EndpointTestsQueries.Auth.get_object( | ||
authenticated_client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"status": POLICY_STATUS[0], | ||
"link": POLICY_LINK, | ||
"eta": POLICY_ETA, | ||
"effort": POLICY_EFFORT[0], | ||
"folder": Folder.get_root_folder(), | ||
}, | ||
{ | ||
"folder": {"str": Folder.get_root_folder().name}, | ||
"security_function": None, | ||
"status": POLICY_STATUS[1], | ||
"effort": POLICY_EFFORT[1], | ||
}, | ||
) | ||
|
||
def test_create_security_measures(self, authenticated_client): | ||
"""test to create security measures with the API with authentication""" | ||
|
||
security_function = SecurityFunction.objects.create( | ||
name="test", typical_evidence={}, folder=Folder.objects.create(name="test") | ||
) | ||
|
||
EndpointTestsQueries.Auth.create_object( | ||
authenticated_client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"status": POLICY_STATUS[0], | ||
"link": POLICY_LINK, | ||
"eta": POLICY_ETA, | ||
"effort": POLICY_EFFORT[0], | ||
"folder": str(Folder.get_root_folder().id), | ||
}, | ||
{ | ||
"folder": {"str": Folder.get_root_folder().name}, | ||
"status": POLICY_STATUS[1], | ||
"effort": POLICY_EFFORT[1], | ||
}, | ||
) | ||
|
||
def test_update_security_measures(self, authenticated_client): | ||
"""test to update security measures with the API with authentication""" | ||
|
||
folder = Folder.objects.create(name="test") | ||
security_function = SecurityFunction.objects.create( | ||
name="test", typical_evidence={}, folder=folder | ||
) | ||
|
||
EndpointTestsQueries.Auth.update_object( | ||
authenticated_client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"description": POLICY_DESCRIPTION, | ||
"status": POLICY_STATUS[0], | ||
"link": POLICY_LINK, | ||
"eta": POLICY_ETA, | ||
"effort": POLICY_EFFORT[0], | ||
"folder": Folder.get_root_folder(), | ||
}, | ||
{ | ||
"name": "new " + POLICY_NAME, | ||
"description": "new " + POLICY_DESCRIPTION, | ||
"status": POLICY_STATUS2[0], | ||
"link": "new " + POLICY_LINK, | ||
"eta": "2025-01-01", | ||
"effort": POLICY_EFFORT2[0], | ||
"folder": str(folder.id), | ||
}, | ||
{ | ||
"folder": {"str": Folder.get_root_folder().name}, | ||
"status": POLICY_STATUS[1], | ||
"effort": POLICY_EFFORT[1], | ||
}, | ||
) | ||
|
||
def test_delete_security_measures(self, authenticated_client): | ||
"""test to delete security measures with the API with authentication""" | ||
|
||
EndpointTestsQueries.Auth.delete_object( | ||
authenticated_client, | ||
"Security measures", | ||
Policy, | ||
{ | ||
"name": POLICY_NAME, | ||
"folder": Folder.objects.create(name="test"), | ||
}, | ||
) | ||
|
||
def test_get_effort_choices(self, authenticated_client): | ||
"""test to get security measures effort choices from the API with authentication""" | ||
|
||
EndpointTestsQueries.Auth.get_object_options( | ||
authenticated_client, "Security measures", "effort", Policy.EFFORT | ||
) | ||
|
||
def test_get_status_choices(self, authenticated_client): | ||
"""test to get security measures status choices from the API with authentication""" | ||
|
||
EndpointTestsQueries.Auth.get_object_options( | ||
authenticated_client, | ||
"Security measures", | ||
"status", | ||
Policy.Status.choices, | ||
) |