forked from RedHatProductSecurity/rapidast
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Wrong scan policy name check (RedHatProductSecurity#266)
Raise an error if a wrong scan policy name is provided See: RedHatProductSecurity#266
- Loading branch information
Showing
5 changed files
with
221 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
85 changes: 85 additions & 0 deletions
85
tests/scanners/zap/test_setup_activescan_policy_validatio.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
from pathlib import Path | ||
|
||
import pytest | ||
|
||
from scanners.zap.zap import InvalidXMLFileError | ||
from scanners.zap.zap import MismatchedPolicyNameError | ||
from scanners.zap.zap import MissingConfigurationNodeError | ||
from scanners.zap.zap import MissingPolicyNodeError | ||
from scanners.zap.zap import PolicyFileNotFoundError | ||
from scanners.zap.zap import validate_active_scan_policy | ||
|
||
|
||
@pytest.fixture | ||
def valid_policy_file(tmp_path): | ||
policy_name = "policy1" | ||
valid_xml_content = """<configuration> | ||
<policy>policy1</policy> | ||
<setting name="max_connections">100</setting> | ||
</configuration>""" | ||
file_path = tmp_path / f"{policy_name}.policy" | ||
file_path.write_text(valid_xml_content) | ||
return file_path | ||
|
||
|
||
@pytest.fixture | ||
def invalid_xml_file(tmp_path): | ||
policy_name = "policy1" | ||
invalid_xml_content = """<configuration> | ||
<policy>policy2</policy> | ||
</configuration>""" # Mismatched policy name | ||
file_path = tmp_path / f"{policy_name}.policy" | ||
file_path.write_text(invalid_xml_content) | ||
return file_path | ||
|
||
|
||
@pytest.fixture | ||
def missing_policy_file(): | ||
return Path("/non/existent/path/policy1.policy") | ||
|
||
|
||
def test_valid_policy(valid_policy_file): | ||
validate_active_scan_policy(valid_policy_file) | ||
|
||
|
||
def test_missing_policy_file(missing_policy_file): | ||
with pytest.raises(PolicyFileNotFoundError): | ||
validate_active_scan_policy(missing_policy_file) | ||
|
||
|
||
def test_invalid_xml_file(invalid_xml_file): | ||
with pytest.raises(MismatchedPolicyNameError): | ||
validate_active_scan_policy(invalid_xml_file) | ||
|
||
|
||
def test_invalid_xml_parse(invalid_xml_file): | ||
invalid_xml_content = """<configuration> | ||
<policy>policy1</policy> | ||
</configuration""" # Missing closing tag | ||
file_path = invalid_xml_file | ||
file_path.write_text(invalid_xml_content) | ||
|
||
with pytest.raises(InvalidXMLFileError): | ||
validate_active_scan_policy(file_path) | ||
|
||
|
||
def test_missing_configuration_node(invalid_xml_file): | ||
invalid_xml_content = """<as> | ||
<policy>policy1</policy> | ||
</as>""" | ||
file_path = invalid_xml_file | ||
file_path.write_text(invalid_xml_content) | ||
|
||
with pytest.raises(MissingConfigurationNodeError): | ||
validate_active_scan_policy(file_path) | ||
|
||
|
||
def test_missing_policy_node(invalid_xml_file): | ||
invalid_xml_content = """<configuration> | ||
<po>policy1</po> | ||
</configuration>""" | ||
file_path = invalid_xml_file | ||
file_path.write_text(invalid_xml_content) | ||
|
||
with pytest.raises(MissingPolicyNodeError): | ||
validate_active_scan_policy(file_path) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,61 @@ | ||
from unittest.mock import MagicMock | ||
from unittest.mock import patch | ||
|
||
import rapidast | ||
from rapidast import scanners | ||
|
||
|
||
@patch("rapidast.scanners.str_to_scanner") | ||
def test_run_scanner_setup_failure(mock_str_to_scanner): | ||
""" | ||
Test that if an exception occurs during `scanner.setup`, the `run_scanner` method | ||
catches the exception, returns 1, and updates the scanner's state to 'ERROR' | ||
""" | ||
|
||
mock_config = MagicMock() | ||
mock_args = MagicMock() | ||
mock_scan_exporter = MagicMock() | ||
|
||
mock_scanner = MagicMock() | ||
mock_str_to_scanner.return_value = lambda config, name: mock_scanner | ||
|
||
mock_scanner.setup.side_effect = Exception("Setup failed") | ||
|
||
result = rapidast.run_scanner("mock_name", mock_config, mock_args, mock_scan_exporter) | ||
|
||
assert result == 1 | ||
mock_scanner.setup.assert_called_once() | ||
assert mock_scanner.state == scanners.State.ERROR | ||
|
||
|
||
@patch("rapidast.scanners.str_to_scanner") | ||
def test_run_scanner_setup_success(mock_str_to_scanner): | ||
""" | ||
Test that if `scanner.setup` is successful, `run_scanner` continues as expected. | ||
Subsequent actions are mocked to focus on ensuring `run_scanner` returns a successful | ||
result (0) | ||
""" | ||
|
||
def update_state(state): | ||
mock_scanner.state = state | ||
|
||
def update_state_ready(): | ||
update_state(scanners.State.READY) | ||
|
||
def update_state_processed(): | ||
update_state(scanners.State.PROCESSED) | ||
|
||
mock_config = MagicMock() | ||
mock_args = MagicMock() | ||
mock_scan_exporter = MagicMock() | ||
|
||
mock_scanner = MagicMock() | ||
mock_str_to_scanner.return_value = lambda config, name: mock_scanner | ||
|
||
mock_scanner.setup.side_effect = update_state_ready | ||
mock_scanner.postprocess.side_effect = update_state_processed | ||
|
||
result = rapidast.run_scanner("mock_name", mock_config, mock_args, mock_scan_exporter) | ||
|
||
assert result == 0 | ||
mock_scanner.setup.assert_called_once() |