mirror of
https://github.com/prowler-cloud/prowler.git
synced 2026-07-04 19:21:51 +00:00
537c3ea71e
Signed-off-by: Legin-ML <leginml2004@gmail.com>
153 lines
5.4 KiB
Python
153 lines
5.4 KiB
Python
from unittest.mock import MagicMock, patch
|
|
|
|
from prowler.providers.azure.services.policy.policy_service import (
|
|
Policy,
|
|
PolicyAssigment,
|
|
)
|
|
from tests.providers.azure.azure_fixtures import (
|
|
AZURE_SUBSCRIPTION_ID,
|
|
RESOURCE_GROUP,
|
|
RESOURCE_GROUP_LIST,
|
|
set_mocked_azure_provider,
|
|
)
|
|
|
|
|
|
def mock_policy_assigments(_):
|
|
return {
|
|
AZURE_SUBSCRIPTION_ID: {
|
|
"policy-1": PolicyAssigment(
|
|
id="id-1", name="policy-1", enforcement_mode="Default"
|
|
)
|
|
}
|
|
}
|
|
|
|
|
|
@patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
new=mock_policy_assigments,
|
|
)
|
|
class Test_Policy_Service:
|
|
def test_get_client(self):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
assert (
|
|
policy.clients[AZURE_SUBSCRIPTION_ID].__class__.__name__ == "PolicyClient"
|
|
)
|
|
|
|
def test__get_subscriptions__(self):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
assert policy.subscriptions.__class__.__name__ == "dict"
|
|
|
|
def test_get_policy_assigments(self):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
assert policy.policy_assigments.__class__.__name__ == "dict"
|
|
assert (
|
|
policy.policy_assigments[AZURE_SUBSCRIPTION_ID].__class__.__name__ == "dict"
|
|
)
|
|
assert (
|
|
policy.policy_assigments[AZURE_SUBSCRIPTION_ID][
|
|
"policy-1"
|
|
].__class__.__name__
|
|
== "PolicyAssigment"
|
|
)
|
|
assert policy.policy_assigments[AZURE_SUBSCRIPTION_ID]["policy-1"].id == "id-1"
|
|
assert (
|
|
policy.policy_assigments[AZURE_SUBSCRIPTION_ID]["policy-1"].enforcement_mode
|
|
== "Default"
|
|
)
|
|
|
|
|
|
class Test_Policy_get_policy_assigments:
|
|
def test_get_policy_assigments_no_resource_groups(self):
|
|
mock_client = MagicMock()
|
|
mock_client.policy_assignments.list.return_value = []
|
|
|
|
with patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
return_value={},
|
|
):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
|
|
policy.clients = {AZURE_SUBSCRIPTION_ID: mock_client}
|
|
policy.resource_groups = None
|
|
|
|
result = policy._get_policy_assigments()
|
|
|
|
mock_client.policy_assignments.list.assert_called_once()
|
|
mock_client.policy_assignments.list_for_resource_group.assert_not_called()
|
|
assert AZURE_SUBSCRIPTION_ID in result
|
|
|
|
def test_get_policy_assigments_with_resource_group(self):
|
|
mock_client = MagicMock()
|
|
mock_client.policy_assignments.list.return_value = []
|
|
|
|
with patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
return_value={},
|
|
):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
|
|
policy.clients = {AZURE_SUBSCRIPTION_ID: mock_client}
|
|
policy.resource_groups = {AZURE_SUBSCRIPTION_ID: [RESOURCE_GROUP]}
|
|
|
|
result = policy._get_policy_assigments()
|
|
|
|
mock_client.policy_assignments.list.assert_called_once()
|
|
mock_client.policy_assignments.list_for_resource_group.assert_not_called()
|
|
assert AZURE_SUBSCRIPTION_ID in result
|
|
|
|
def test_get_policy_assigments_empty_resource_group_for_subscription(self):
|
|
mock_client = MagicMock()
|
|
mock_client.policy_assignments.list.return_value = []
|
|
|
|
with patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
return_value={},
|
|
):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
|
|
policy.clients = {AZURE_SUBSCRIPTION_ID: mock_client}
|
|
policy.resource_groups = {AZURE_SUBSCRIPTION_ID: []}
|
|
|
|
result = policy._get_policy_assigments()
|
|
|
|
mock_client.policy_assignments.list.assert_called_once()
|
|
mock_client.policy_assignments.list_for_resource_group.assert_not_called()
|
|
assert AZURE_SUBSCRIPTION_ID in result
|
|
|
|
def test_get_policy_assigments_with_multiple_resource_groups(self):
|
|
mock_client = MagicMock()
|
|
mock_client.policy_assignments.list.return_value = []
|
|
|
|
with patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
return_value={},
|
|
):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
|
|
policy.clients = {AZURE_SUBSCRIPTION_ID: mock_client}
|
|
policy.resource_groups = {AZURE_SUBSCRIPTION_ID: RESOURCE_GROUP_LIST}
|
|
|
|
result = policy._get_policy_assigments()
|
|
|
|
mock_client.policy_assignments.list.assert_called_once()
|
|
mock_client.policy_assignments.list_for_resource_group.assert_not_called()
|
|
assert AZURE_SUBSCRIPTION_ID in result
|
|
|
|
def test_get_policy_assigments_with_mixed_case_resource_group(self):
|
|
mock_client = MagicMock()
|
|
mock_client.policy_assignments.list.return_value = []
|
|
|
|
with patch(
|
|
"prowler.providers.azure.services.policy.policy_service.Policy._get_policy_assigments",
|
|
return_value={},
|
|
):
|
|
policy = Policy(set_mocked_azure_provider())
|
|
|
|
policy.clients = {AZURE_SUBSCRIPTION_ID: mock_client}
|
|
policy.resource_groups = {AZURE_SUBSCRIPTION_ID: ["RG"]}
|
|
|
|
policy._get_policy_assigments()
|
|
|
|
mock_client.policy_assignments.list.assert_called_once()
|
|
mock_client.policy_assignments.list_for_resource_group.assert_not_called()
|