ben.carrasco/prowler
1
0
Fork 0
mirror of https://github.com/prowler-cloud/prowler.git synced 2026-01-25 02:08:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(cloudflare): rename zones service to zone (#9792)

Browse Source
This commit is contained in:
Hugo Pereira Brito
2026-01-14 11:00:51 +01:00
committed by GitHub
parent 211b1b67f9
commit 9844379d30
31 changed files with 236 additions and 236 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
prowler/config/cloudflare_mutelist_example.yaml
View File

@@ -10,7 +10,7 @@ Mutelist:
Accounts:
"example-account-id":
Checks:
"zones_dnssec_enabled":
"zone_dnssec_enabled":
Regions:
- "*"
Resources:

10
prowler/providers/cloudflare/cloudflare_provider.py
View File

@@ -35,12 +35,12 @@ class CloudflareProvider(Provider):
_audit_config: dict
_fixer_config: dict
_mutelist: CloudflareMutelist
_filter_zones: set[str] | None
_filter_zone: set[str] | None
audit_metadata: Audit_Metadata
def __init__(
self,
filter_zones: Iterable[str] | None = None,
filter_zone: Iterable[str] | None = None,
config_path: str = None,
config_content: dict | None = None,
fixer_config: dict = {},
@@ -72,7 +72,7 @@ class CloudflareProvider(Provider):
self._mutelist = CloudflareMutelist(mutelist_path=mutelist_path)
# Store zone filter for filtering resources across services
self._filter_zones = set(filter_zones) if filter_zones else None
self._filter_zone = set(filter_zone) if filter_zone else None
Provider.set_global_provider(self)
@@ -101,9 +101,9 @@ class CloudflareProvider(Provider):
return self._mutelist
@property
def filter_zones(self) -> set[str] | None:
def filter_zone(self) -> set[str] | None:
"""Zone filter from --region argument to filter resources."""
return self._filter_zones
return self._filter_zone
@property
def accounts(self) -> list[CloudflareAccount]:

2
prowler/providers/cloudflare/models.py
View File

@@ -30,7 +30,7 @@ class CloudflareIdentityInfo(BaseModel):
email: Optional[str] = None
accounts: list[CloudflareAccount] = Field(default_factory=list)
audited_accounts: list[str] = Field(default_factory=list)
audited_zones: list[str] = Field(default_factory=list)
audited_zone: list[str] = Field(default_factory=list)
class CloudflareOutputOptions(ProviderOutputOptions):

0
prowler/providers/cloudflare/services/zones/__init__.py → prowler/providers/cloudflare/services/zone/__init__.py
View File

4
prowler/providers/cloudflare/services/zone/zone_client.py Normal file
View File

@@ -0,0 +1,4 @@
from prowler.providers.cloudflare.services.zone.zone_service import Zone
from prowler.providers.common.provider import Provider
zone_client = Zone(Provider.get_global_provider())

0
prowler/providers/cloudflare/services/zones/zones_dnssec_enabled/__init__.py → prowler/providers/cloudflare/services/zone/zone_dnssec_enabled/__init__.py
View File

6
prowler/providers/cloudflare/services/zones/zones_dnssec_enabled/zones_dnssec_enabled.metadata.json → prowler/providers/cloudflare/services/zone/zone_dnssec_enabled/zone_dnssec_enabled.metadata.json
View File

@@ -1,9 +1,9 @@
{
"Provider": "cloudflare",
"CheckID": "zones_dnssec_enabled",
"CheckID": "zone_dnssec_enabled",
"CheckTitle": "DNSSEC is enabled",
"CheckType": [],
"ServiceName": "zones",
"ServiceName": "zone",
"SubServiceName": "",
"ResourceIdTemplate": "",
"Severity": "high",
@@ -23,7 +23,7 @@
},
"Recommendation": {
"Text": "Enable **DNSSEC** and ensure **DS records** are properly configured at your domain registrar.\n- DNSSEC provides cryptographic authenticity for DNS responses\n- After enabling in Cloudflare, you must add the DS record at your registrar\n- Use online DNSSEC validators to verify correct configuration",
"Url": "https://hub.prowler.com/checks/cloudflare/zones_dnssec_enabled"
"Url": "https://hub.prowler.com/checks/cloudflare/zone_dnssec_enabled"
}
},
"Categories": [

6
prowler/providers/cloudflare/services/zones/zones_dnssec_enabled/zones_dnssec_enabled.py → prowler/providers/cloudflare/services/zone/zone_dnssec_enabled/zone_dnssec_enabled.py
View File

@@ -1,8 +1,8 @@
from prowler.lib.check.models import Check, CheckReportCloudflare
from prowler.providers.cloudflare.services.zones.zones_client import zones_client
from prowler.providers.cloudflare.services.zone.zone_client import zone_client
class zones_dnssec_enabled(Check):
class zone_dnssec_enabled(Check):
"""Ensure that DNSSEC is enabled for Cloudflare zones.
DNSSEC (Domain Name System Security Extensions) adds cryptographic signatures
@@ -23,7 +23,7 @@ class zones_dnssec_enabled(Check):
is active, or FAIL status if DNSSEC is not enabled for the zone.
"""
findings = []
for zone in zones_client.zones.values():
for zone in zone_client.zones.values():
report = CheckReportCloudflare(
metadata=self.metadata(),
resource=zone,

0
prowler/providers/cloudflare/services/zones/zones_hsts_enabled/__init__.py → prowler/providers/cloudflare/services/zone/zone_hsts_enabled/__init__.py
View File

6
prowler/providers/cloudflare/services/zones/zones_hsts_enabled/zones_hsts_enabled.metadata.json → prowler/providers/cloudflare/services/zone/zone_hsts_enabled/zone_hsts_enabled.metadata.json
View File

@@ -1,9 +1,9 @@
{
"Provider": "cloudflare",
"CheckID": "zones_hsts_enabled",
"CheckID": "zone_hsts_enabled",
"CheckTitle": "HSTS is enabled with recommended max-age and includes subdomains",
"CheckType": [],
"ServiceName": "zones",
"ServiceName": "zone",
"SubServiceName": "",
"ResourceIdTemplate": "",
"Severity": "high",
@@ -23,7 +23,7 @@
},
"Recommendation": {
"Text": "Enable **HSTS** with at least a **6-month max-age** (12 months recommended).\n- Verify all resources work over HTTPS before enabling\n- Enable **include_subdomains** to protect all subdomains\n- Consider **HSTS preloading** for maximum protection against SSL stripping attacks\n- Test thoroughly as HSTS cannot be easily disabled once deployed",
"Url": "https://hub.prowler.com/checks/cloudflare/zones_hsts_enabled"
"Url": "https://hub.prowler.com/checks/cloudflare/zone_hsts_enabled"
}
},
"Categories": [

6
prowler/providers/cloudflare/services/zones/zones_hsts_enabled/zones_hsts_enabled.py → prowler/providers/cloudflare/services/zone/zone_hsts_enabled/zone_hsts_enabled.py
View File

@@ -1,8 +1,8 @@
from prowler.lib.check.models import Check, CheckReportCloudflare
from prowler.providers.cloudflare.services.zones.zones_client import zones_client
from prowler.providers.cloudflare.services.zone.zone_client import zone_client
class zones_hsts_enabled(Check):
class zone_hsts_enabled(Check):
"""Ensure that HSTS is enabled with secure settings for Cloudflare zones.
HTTP Strict Transport Security (HSTS) forces browsers to only connect via
@@ -29,7 +29,7 @@ class zones_hsts_enabled(Check):
# Recommended minimum max-age is 6 months (15768000 seconds)
recommended_max_age = 15768000
for zone in zones_client.zones.values():
for zone in zone_client.zones.values():
report = CheckReportCloudflare(
metadata=self.metadata(),
resource=zone,

0
prowler/providers/cloudflare/services/zones/zones_https_redirect_enabled/__init__.py → prowler/providers/cloudflare/services/zone/zone_https_redirect_enabled/__init__.py
View File

6
prowler/providers/cloudflare/services/zones/zones_https_redirect_enabled/zones_https_redirect_enabled.metadata.json → prowler/providers/cloudflare/services/zone/zone_https_redirect_enabled/zone_https_redirect_enabled.metadata.json
View File

@@ -1,9 +1,9 @@
{
"Provider": "cloudflare",
"CheckID": "zones_https_redirect_enabled",
"CheckID": "zone_https_redirect_enabled",
"CheckTitle": "Always Use HTTPS is enabled",
"CheckType": [],
"ServiceName": "zones",
"ServiceName": "zone",
"SubServiceName": "",
"ResourceIdTemplate": "",
"Severity": "medium",
@@ -24,7 +24,7 @@
},
"Recommendation": {
"Text": "Enable **Always Use HTTPS** to enforce encrypted connections for all visitors.\n- Combine with **HSTS** to prevent SSL stripping attacks\n- Ensure all resources (images, scripts, stylesheets) are served over HTTPS\n- Test for mixed content warnings before enabling",
"Url": "https://hub.prowler.com/checks/cloudflare/zones_https_redirect_enabled"
"Url": "https://hub.prowler.com/checks/cloudflare/zone_https_redirect_enabled"
}
},
"Categories": [

6
prowler/providers/cloudflare/services/zones/zones_https_redirect_enabled/zones_https_redirect_enabled.py → prowler/providers/cloudflare/services/zone/zone_https_redirect_enabled/zone_https_redirect_enabled.py
View File

@@ -1,8 +1,8 @@
from prowler.lib.check.models import Check, CheckReportCloudflare
from prowler.providers.cloudflare.services.zones.zones_client import zones_client
from prowler.providers.cloudflare.services.zone.zone_client import zone_client
class zones_https_redirect_enabled(Check):
class zone_https_redirect_enabled(Check):
"""Ensure that Always Use HTTPS redirect is enabled for Cloudflare zones.
The Always Use HTTPS setting automatically redirects all HTTP requests to
@@ -24,7 +24,7 @@ class zones_https_redirect_enabled(Check):
setting is disabled for the zone.
"""
findings = []
for zone in zones_client.zones.values():
for zone in zone_client.zones.values():
report = CheckReportCloudflare(
metadata=self.metadata(),
resource=zone,

0
prowler/providers/cloudflare/services/zones/zones_min_tls_version_secure/__init__.py → prowler/providers/cloudflare/services/zone/zone_min_tls_version_secure/__init__.py
View File

6
prowler/providers/cloudflare/services/zones/zones_min_tls_version_secure/zones_min_tls_version_secure.metadata.json → prowler/providers/cloudflare/services/zone/zone_min_tls_version_secure/zone_min_tls_version_secure.metadata.json
View File

@@ -1,9 +1,9 @@
{
"Provider": "cloudflare",
"CheckID": "zones_min_tls_version_secure",
"CheckID": "zone_min_tls_version_secure",
"CheckTitle": "Minimum TLS version is set to 1.2 or higher",
"CheckType": [],
"ServiceName": "zones",
"ServiceName": "zone",
"SubServiceName": "",
"ResourceIdTemplate": "",
"Severity": "high",
@@ -24,7 +24,7 @@
},
"Recommendation": {
"Text": "Set **minimum TLS version** to `1.2` or higher.\n- **TLS 1.0 and 1.1** are deprecated by all major browsers and contain known vulnerabilities\n- Consider setting to `TLS 1.3` for environments with modern client requirements\n- Test client compatibility before upgrading minimum version",
"Url": "https://hub.prowler.com/checks/cloudflare/zones_min_tls_version_secure"
"Url": "https://hub.prowler.com/checks/cloudflare/zone_min_tls_version_secure"
}
},
"Categories": [

6
prowler/providers/cloudflare/services/zones/zones_min_tls_version_secure/zones_min_tls_version_secure.py → prowler/providers/cloudflare/services/zone/zone_min_tls_version_secure/zone_min_tls_version_secure.py
View File

@@ -1,8 +1,8 @@
from prowler.lib.check.models import Check, CheckReportCloudflare
from prowler.providers.cloudflare.services.zones.zones_client import zones_client
from prowler.providers.cloudflare.services.zone.zone_client import zone_client
class zones_min_tls_version_secure(Check):
class zone_min_tls_version_secure(Check):
"""Ensure that minimum TLS version is set to 1.2 or higher for Cloudflare zones.
TLS 1.0 and 1.1 have known vulnerabilities (BEAST, POODLE) and are deprecated.
@@ -26,7 +26,7 @@ class zones_min_tls_version_secure(Check):
"""
findings = []
for zone in zones_client.zones.values():
for zone in zone_client.zones.values():
report = CheckReportCloudflare(
metadata=self.metadata(),
resource=zone,

16
prowler/providers/cloudflare/services/zones/zones_service.py → prowler/providers/cloudflare/services/zone/zone_service.py
View File

@@ -7,7 +7,7 @@ from prowler.providers.cloudflare.lib.service.service import CloudflareService
from prowler.providers.cloudflare.models import CloudflareAccount
class Zones(CloudflareService):
class Zone(CloudflareService):
"""Retrieve Cloudflare zones with security-relevant settings."""
def __init__(self, provider):
@@ -19,9 +19,9 @@ class Zones(CloudflareService):
def _list_zones(self) -> None:
"""List all Cloudflare zones with their basic information."""
logger.info("Zones - Listing zones...")
logger.info("Zone - Listing zones...")
audited_accounts = self.provider.identity.audited_accounts
filter_zones = self.provider.filter_zones
filter_zone = self.provider.filter_zone
seen_zone_ids: set[str] = set()
try:
@@ -43,9 +43,9 @@ class Zones(CloudflareService):
# Apply zone filter if specified via --region
if (
filter_zones
and zone_id not in filter_zones
and zone_name not in filter_zones
filter_zone
and zone_id not in filter_zone
and zone_name not in filter_zone
):
continue
@@ -86,7 +86,7 @@ class Zones(CloudflareService):
def _get_zones_settings(self) -> None:
"""Get settings for all zones."""
logger.info("Zones - Getting zone settings...")
logger.info("Zone - Getting zone settings...")
for zone in self.zones.values():
try:
zone.settings = self._get_zone_settings(zone.id)
@@ -97,7 +97,7 @@ class Zones(CloudflareService):
def _get_zones_dnssec(self) -> None:
"""Get DNSSEC status for all zones."""
logger.info("Zones - Getting DNSSEC status...")
logger.info("Zone - Getting DNSSEC status...")
for zone in self.zones.values():
try:
dnssec = self.client.dns.dnssec.get(zone_id=zone.id)

0
prowler/providers/cloudflare/services/zones/zones_ssl_strict/__init__.py → prowler/providers/cloudflare/services/zone/zone_ssl_strict/__init__.py
View File

6
prowler/providers/cloudflare/services/zones/zones_ssl_strict/zones_ssl_strict.metadata.json → prowler/providers/cloudflare/services/zone/zone_ssl_strict/zone_ssl_strict.metadata.json
View File

@@ -1,9 +1,9 @@
{
"Provider": "cloudflare",
"CheckID": "zones_ssl_strict",
"CheckID": "zone_ssl_strict",
"CheckTitle": "SSL/TLS encryption mode is set to Full (Strict)",
"CheckType": [],
"ServiceName": "zones",
"ServiceName": "zone",
"SubServiceName": "",
"ResourceIdTemplate": "",
"Severity": "high",
@@ -23,7 +23,7 @@
},
"Recommendation": {
"Text": "Configure **SSL/TLS mode** to `Full (Strict)` and install a valid certificate on your origin server.\n- Use **Cloudflare Origin CA certificates** for seamless integration\n- Ensure origin server presents a valid certificate matching your domain\n- Enable **Authenticated Origin Pulls** for additional security",
"Url": "https://hub.prowler.com/checks/cloudflare/zones_ssl_strict"
"Url": "https://hub.prowler.com/checks/cloudflare/zone_ssl_strict"
}
},
"Categories": [

6
prowler/providers/cloudflare/services/zones/zones_ssl_strict/zones_ssl_strict.py → prowler/providers/cloudflare/services/zone/zone_ssl_strict/zone_ssl_strict.py
View File

@@ -1,8 +1,8 @@
from prowler.lib.check.models import Check, CheckReportCloudflare
from prowler.providers.cloudflare.services.zones.zones_client import zones_client
from prowler.providers.cloudflare.services.zone.zone_client import zone_client
class zones_ssl_strict(Check):
class zone_ssl_strict(Check):
"""Ensure that SSL/TLS encryption mode is set to Full (Strict) for Cloudflare zones.
The SSL/TLS encryption mode determines how Cloudflare connects to the origin
@@ -26,7 +26,7 @@ class zones_ssl_strict(Check):
less secure modes like 'off', 'flexible', or 'full'.
"""
findings = []
for zone in zones_client.zones.values():
for zone in zone_client.zones.values():
report = CheckReportCloudflare(
metadata=self.metadata(),
resource=zone,

4
prowler/providers/cloudflare/services/zones/zones_client.py
View File

@@ -1,4 +0,0 @@
from prowler.providers.cloudflare.services.zones.zones_service import Zones
from prowler.providers.common.provider import Provider
zones_client = Zones(Provider.get_global_provider())

8
tests/providers/cloudflare/cloudflare_provider_test.py
View File

@@ -169,7 +169,7 @@ class TestCloudflareProvider:
with pytest.raises(CloudflareCredentialsError):
CloudflareProvider()
def test_cloudflare_provider_with_filter_zones(self):
def test_cloudflare_provider_with_filter_zone(self):
with (
patch(
"prowler.providers.cloudflare.cloudflare_provider.CloudflareProvider.setup_session",
@@ -196,10 +196,10 @@ class TestCloudflareProvider:
),
),
):
filter_zones = ["zone1", "zone2"]
provider = CloudflareProvider(filter_zones=filter_zones)
filter_zone = ["zone1", "zone2"]
provider = CloudflareProvider(filter_zone=filter_zone)
assert provider.filter_zones == set(filter_zones)
assert provider.filter_zone == set(filter_zone)
def test_cloudflare_provider_properties(self):
with (

8
tests/providers/cloudflare/lib/mutelist/cloudflare_mutelist_test.py
View File

@@ -45,7 +45,7 @@ class TestCloudflareMutelist:
"Accounts": {
"test-account-id": {
"Checks": {
"zones_dnssec_enabled": {
"zone_dnssec_enabled": {
"Regions": ["*"],
"Resources": ["test-zone-id"],
}
@@ -58,7 +58,7 @@ class TestCloudflareMutelist:
finding = MagicMock()
finding.check_metadata = MagicMock()
finding.check_metadata.CheckID = "zones_dnssec_enabled"
finding.check_metadata.CheckID = "zone_dnssec_enabled"
finding.status = "FAIL"
finding.resource_id = "test-zone-id"
finding.resource_name = "example.com"
@@ -71,7 +71,7 @@ class TestCloudflareMutelist:
"Accounts": {
"test-account-id": {
"Checks": {
"zones_dnssec_enabled": {
"zone_dnssec_enabled": {
"Regions": ["*"],
"Resources": ["other-zone-id"],
}
@@ -84,7 +84,7 @@ class TestCloudflareMutelist:
finding = MagicMock()
finding.check_metadata = MagicMock()
finding.check_metadata.CheckID = "zones_dnssec_enabled"
finding.check_metadata.CheckID = "zone_dnssec_enabled"
finding.status = "FAIL"
finding.resource_id = "test-zone-id"
finding.resource_name = "example.com"

2
tests/providers/cloudflare/lib/mutelist/fixtures/cloudflare_mutelist.yaml
View File

@@ -2,7 +2,7 @@ Mutelist:
Accounts:
"test-account-id":
Checks:
"zones_dnssec_enabled":
"zone_dnssec_enabled":
Regions:
- "*"
Resources:

60
tests/providers/cloudflare/services/zones/zones_dnssec_enabled/zones_dnssec_enabled_test.py → tests/providers/cloudflare/services/zone/zone_dnssec_enabled/zone_dnssec_enabled_test.py
View File

@@ -1,6 +1,6 @@
from unittest import mock
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
)
@@ -11,10 +11,10 @@ from tests.providers.cloudflare.cloudflare_fixtures import (
)
class Test_zones_dnssec_enabled:
class Test_zone_dnssec_enabled:
def test_no_zones(self):
zones_client = mock.MagicMock
zones_client.zones = {}
zone_client = mock.MagicMock
zone_client.zones = {}
with (
mock.patch(
@@ -22,21 +22,21 @@ class Test_zones_dnssec_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled import (
zones_dnssec_enabled,
from prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled import (
zone_dnssec_enabled,
)
check = zones_dnssec_enabled()
check = zone_dnssec_enabled()
result = check.execute()
assert len(result) == 0
def test_zone_dnssec_enabled(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -53,15 +53,15 @@ class Test_zones_dnssec_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled import (
zones_dnssec_enabled,
from prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled import (
zone_dnssec_enabled,
)
check = zones_dnssec_enabled()
check = zone_dnssec_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -72,8 +72,8 @@ class Test_zones_dnssec_enabled:
)
def test_zone_dnssec_disabled(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -90,15 +90,15 @@ class Test_zones_dnssec_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled import (
zones_dnssec_enabled,
from prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled import (
zone_dnssec_enabled,
)
check = zones_dnssec_enabled()
check = zone_dnssec_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -110,8 +110,8 @@ class Test_zones_dnssec_enabled:
)
def test_zone_dnssec_pending(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -128,15 +128,15 @@ class Test_zones_dnssec_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_dnssec_enabled.zones_dnssec_enabled import (
zones_dnssec_enabled,
from prowler.providers.cloudflare.services.zone.zone_dnssec_enabled.zone_dnssec_enabled import (
zone_dnssec_enabled,
)
check = zones_dnssec_enabled()
check = zone_dnssec_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"

74
tests/providers/cloudflare/services/zones/zones_hsts_enabled/zones_hsts_enabled_test.py → tests/providers/cloudflare/services/zone/zone_hsts_enabled/zone_hsts_enabled_test.py
View File

@@ -1,6 +1,6 @@
from unittest import mock
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
StrictTransportSecurity,
@@ -12,10 +12,10 @@ from tests.providers.cloudflare.cloudflare_fixtures import (
)
class Test_zones_hsts_enabled:
class Test_zone_hsts_enabled:
def test_no_zones(self):
zones_client = mock.MagicMock
zones_client.zones = {}
zone_client = mock.MagicMock
zone_client.zones = {}
with (
mock.patch(
@@ -23,21 +23,21 @@ class Test_zones_hsts_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled import (
zones_hsts_enabled,
from prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled import (
zone_hsts_enabled,
)
check = zones_hsts_enabled()
check = zone_hsts_enabled()
result = check.execute()
assert len(result) == 0
def test_zone_hsts_enabled_properly_configured(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -60,15 +60,15 @@ class Test_zones_hsts_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled import (
zones_hsts_enabled,
from prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled import (
zone_hsts_enabled,
)
check = zones_hsts_enabled()
check = zone_hsts_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -77,8 +77,8 @@ class Test_zones_hsts_enabled:
assert "HSTS is enabled" in result[0].status_extended
def test_zone_hsts_disabled(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -98,23 +98,23 @@ class Test_zones_hsts_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled import (
zones_hsts_enabled,
from prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled import (
zone_hsts_enabled,
)
check = zones_hsts_enabled()
check = zone_hsts_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
assert "HSTS is not enabled" in result[0].status_extended
def test_zone_hsts_enabled_no_subdomains(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -136,23 +136,23 @@ class Test_zones_hsts_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled import (
zones_hsts_enabled,
from prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled import (
zone_hsts_enabled,
)
check = zones_hsts_enabled()
check = zone_hsts_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
assert "does not include subdomains" in result[0].status_extended
def test_zone_hsts_enabled_low_max_age(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -174,15 +174,15 @@ class Test_zones_hsts_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_hsts_enabled.zones_hsts_enabled import (
zones_hsts_enabled,
from prowler.providers.cloudflare.services.zone.zone_hsts_enabled.zone_hsts_enabled import (
zone_hsts_enabled,
)
check = zones_hsts_enabled()
check = zone_hsts_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"

60
tests/providers/cloudflare/services/zones/zones_https_redirect_enabled/zones_https_redirect_enabled_test.py → tests/providers/cloudflare/services/zone/zone_https_redirect_enabled/zone_https_redirect_enabled_test.py
View File

@@ -1,6 +1,6 @@
from unittest import mock
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
)
@@ -11,10 +11,10 @@ from tests.providers.cloudflare.cloudflare_fixtures import (
)
class Test_zones_https_redirect_enabled:
class Test_zone_https_redirect_enabled:
def test_no_zones(self):
zones_client = mock.MagicMock
zones_client.zones = {}
zone_client = mock.MagicMock
zone_client.zones = {}
with (
mock.patch(
@@ -22,21 +22,21 @@ class Test_zones_https_redirect_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled import (
zones_https_redirect_enabled,
from prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled import (
zone_https_redirect_enabled,
)
check = zones_https_redirect_enabled()
check = zone_https_redirect_enabled()
result = check.execute()
assert len(result) == 0
def test_zone_https_redirect_enabled(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -54,15 +54,15 @@ class Test_zones_https_redirect_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled import (
zones_https_redirect_enabled,
from prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled import (
zone_https_redirect_enabled,
)
check = zones_https_redirect_enabled()
check = zone_https_redirect_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -71,8 +71,8 @@ class Test_zones_https_redirect_enabled:
assert "Always Use HTTPS is enabled" in result[0].status_extended
def test_zone_https_redirect_disabled(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -90,15 +90,15 @@ class Test_zones_https_redirect_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled import (
zones_https_redirect_enabled,
from prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled import (
zone_https_redirect_enabled,
)
check = zones_https_redirect_enabled()
check = zone_https_redirect_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -107,8 +107,8 @@ class Test_zones_https_redirect_enabled:
assert "Always Use HTTPS is not enabled" in result[0].status_extended
def test_zone_https_redirect_none(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -126,15 +126,15 @@ class Test_zones_https_redirect_enabled:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_https_redirect_enabled.zones_https_redirect_enabled import (
zones_https_redirect_enabled,
from prowler.providers.cloudflare.services.zone.zone_https_redirect_enabled.zone_https_redirect_enabled import (
zone_https_redirect_enabled,
)
check = zones_https_redirect_enabled()
check = zone_https_redirect_enabled()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"

84
tests/providers/cloudflare/services/zones/zones_min_tls_version_secure/zones_min_tls_version_secure_test.py → tests/providers/cloudflare/services/zone/zone_min_tls_version_secure/zone_min_tls_version_secure_test.py
View File

@@ -1,6 +1,6 @@
from unittest import mock
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
)
@@ -11,11 +11,11 @@ from tests.providers.cloudflare.cloudflare_fixtures import (
)
class Test_zones_min_tls_version_secure:
class Test_zone_min_tls_version_secure:
def test_no_zones(self):
zones_client = mock.MagicMock
zones_client.zones = {}
zones_client.audit_config = {"min_tls_version": "1.2"}
zone_client = mock.MagicMock
zone_client.zones = {}
zone_client.audit_config = {"min_tls_version": "1.2"}
with (
mock.patch(
@@ -23,21 +23,21 @@ class Test_zones_min_tls_version_secure:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure import (
zones_min_tls_version_secure,
from prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure import (
zone_min_tls_version_secure,
)
check = zones_min_tls_version_secure()
check = zone_min_tls_version_secure()
result = check.execute()
assert len(result) == 0
def test_zone_tls_version_secure(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -48,7 +48,7 @@ class Test_zones_min_tls_version_secure:
),
)
}
zones_client.audit_config = {"min_tls_version": "1.2"}
zone_client.audit_config = {"min_tls_version": "1.2"}
with (
mock.patch(
@@ -56,15 +56,15 @@ class Test_zones_min_tls_version_secure:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure import (
zones_min_tls_version_secure,
from prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure import (
zone_min_tls_version_secure,
)
check = zones_min_tls_version_secure()
check = zone_min_tls_version_secure()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -73,8 +73,8 @@ class Test_zones_min_tls_version_secure:
assert "1.2" in result[0].status_extended
def test_zone_tls_version_1_3(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -85,7 +85,7 @@ class Test_zones_min_tls_version_secure:
),
)
}
zones_client.audit_config = {"min_tls_version": "1.2"}
zone_client.audit_config = {"min_tls_version": "1.2"}
with (
mock.patch(
@@ -93,22 +93,22 @@ class Test_zones_min_tls_version_secure:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure import (
zones_min_tls_version_secure,
from prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure import (
zone_min_tls_version_secure,
)
check = zones_min_tls_version_secure()
check = zone_min_tls_version_secure()
result = check.execute()
assert len(result) == 1
assert result[0].status == "PASS"
def test_zone_tls_version_insecure(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -119,7 +119,7 @@ class Test_zones_min_tls_version_secure:
),
)
}
zones_client.audit_config = {"min_tls_version": "1.2"}
zone_client.audit_config = {"min_tls_version": "1.2"}
with (
mock.patch(
@@ -127,15 +127,15 @@ class Test_zones_min_tls_version_secure:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure import (
zones_min_tls_version_secure,
from prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure import (
zone_min_tls_version_secure,
)
check = zones_min_tls_version_secure()
check = zone_min_tls_version_secure()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -144,8 +144,8 @@ class Test_zones_min_tls_version_secure:
assert "below the recommended" in result[0].status_extended
def test_zone_tls_version_1_1(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -156,7 +156,7 @@ class Test_zones_min_tls_version_secure:
),
)
}
zones_client.audit_config = {"min_tls_version": "1.2"}
zone_client.audit_config = {"min_tls_version": "1.2"}
with (
mock.patch(
@@ -164,15 +164,15 @@ class Test_zones_min_tls_version_secure:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_min_tls_version_secure.zones_min_tls_version_secure import (
zones_min_tls_version_secure,
from prowler.providers.cloudflare.services.zone.zone_min_tls_version_secure.zone_min_tls_version_secure import (
zone_min_tls_version_secure,
)
check = zones_min_tls_version_secure()
check = zone_min_tls_version_secure()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"

4
tests/providers/cloudflare/services/zones/zones_service_test.py → tests/providers/cloudflare/services/zone/zone_service_test.py
View File

@@ -1,4 +1,4 @@
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
StrictTransportSecurity,
@@ -6,7 +6,7 @@ from prowler.providers.cloudflare.services.zones.zones_service import (
from tests.providers.cloudflare.cloudflare_fixtures import ZONE_ID, ZONE_NAME
class TestZonesService:
class TestZoneService:
def test_cloudflare_zone_model(self):
zone = CloudflareZone(
id=ZONE_ID,

74
tests/providers/cloudflare/services/zones/zones_ssl_strict/zones_ssl_strict_test.py → tests/providers/cloudflare/services/zone/zone_ssl_strict/zone_ssl_strict_test.py
View File

@@ -1,6 +1,6 @@
from unittest import mock
from prowler.providers.cloudflare.services.zones.zones_service import (
from prowler.providers.cloudflare.services.zone.zone_service import (
CloudflareZone,
CloudflareZoneSettings,
)
@@ -11,10 +11,10 @@ from tests.providers.cloudflare.cloudflare_fixtures import (
)
class Test_zones_ssl_strict:
class Test_zone_ssl_strict:
def test_no_zones(self):
zones_client = mock.MagicMock
zones_client.zones = {}
zone_client = mock.MagicMock
zone_client.zones = {}
with (
mock.patch(
@@ -22,21 +22,21 @@ class Test_zones_ssl_strict:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict import (
zones_ssl_strict,
from prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict import (
zone_ssl_strict,
)
check = zones_ssl_strict()
check = zone_ssl_strict()
result = check.execute()
assert len(result) == 0
def test_zone_ssl_strict_mode(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -54,15 +54,15 @@ class Test_zones_ssl_strict:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict import (
zones_ssl_strict,
from prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict import (
zone_ssl_strict,
)
check = zones_ssl_strict()
check = zone_ssl_strict()
result = check.execute()
assert len(result) == 1
assert result[0].resource_id == ZONE_ID
@@ -74,8 +74,8 @@ class Test_zones_ssl_strict:
)
def test_zone_ssl_full_mode(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -93,15 +93,15 @@ class Test_zones_ssl_strict:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict import (
zones_ssl_strict,
from prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict import (
zone_ssl_strict,
)
check = zones_ssl_strict()
check = zone_ssl_strict()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
@@ -111,8 +111,8 @@ class Test_zones_ssl_strict:
)
def test_zone_ssl_flexible_mode(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -130,15 +130,15 @@ class Test_zones_ssl_strict:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict import (
zones_ssl_strict,
from prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict import (
zone_ssl_strict,
)
check = zones_ssl_strict()
check = zone_ssl_strict()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"
@@ -148,8 +148,8 @@ class Test_zones_ssl_strict:
)
def test_zone_ssl_off_mode(self):
zones_client = mock.MagicMock
zones_client.zones = {
zone_client = mock.MagicMock
zone_client.zones = {
ZONE_ID: CloudflareZone(
id=ZONE_ID,
name=ZONE_NAME,
@@ -167,15 +167,15 @@ class Test_zones_ssl_strict:
return_value=set_mocked_cloudflare_provider(),
),
mock.patch(
"prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict.zones_client",
new=zones_client,
"prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict.zone_client",
new=zone_client,
),
):
from prowler.providers.cloudflare.services.zones.zones_ssl_strict.zones_ssl_strict import (
zones_ssl_strict,
from prowler.providers.cloudflare.services.zone.zone_ssl_strict.zone_ssl_strict import (
zone_ssl_strict,
)
check = zones_ssl_strict()
check = zone_ssl_strict()
result = check.execute()
assert len(result) == 1
assert result[0].status == "FAIL"