regscale-cli 6.16.0.0__py3-none-any.whl

tests/regscale/models/test_regscale_model.py

@@ -0,0 +1,346 @@
+from typing import Optional
+from unittest.mock import Mock, patch
+
+import pytest
+
+from regscale.models.regscale_models.regscale_model import RegScaleModel
+
+
+class TestModel(RegScaleModel):
+    _unique_fields = [["name"]]
+    _parent_id_field = "parentId"
+    id: Optional[int] = None
+    name: str
+    value: int
+    parentId: int
+    parentModule: str = "test_module"
+
+
+class TestModelMultipleUnique(RegScaleModel):
+    _unique_fields = [["field1", "field2"], ["field3"]]
+    _parent_id_field = "parentId"
+    id: Optional[int] = None
+    field1: Optional[str] = None
+    field2: Optional[str] = None
+    field3: Optional[str] = None
+    parentId: int
+    parentModule: str = "test_module"
+
+
+@pytest.fixture
+def mock_api_handler():
+    with patch("regscale.models.regscale_models.regscale_model.APIHandler") as mock:
+        yield mock
+
+
+@pytest.fixture
+def mocked_model():
+    with patch.object(TestModel, "get_cached_object") as mock_get_cached, patch.object(
+        TestModel, "cache_object"
+    ) as mock_cache, patch.object(TestModel, "create") as mock_create, patch.object(
+        TestModel, "_perform_save"
+    ) as mock_perform_save:
+        yield TestModel(name="test", value=1, parentId=1), {
+            "get_cached": mock_get_cached,
+            "cache": mock_cache,
+            "create": mock_create,
+            "perform_save": mock_perform_save,
+        }
+
+
+def test_create_new_instance(mocked_model):
+    model, mocks = mocked_model
+    mocks["get_cached"].return_value = None
+    mocks["create"].return_value = TestModel(id=1, name="test", value=1, parentId=1)
+
+    result = model.create_or_update()
+
+    assert result.id == 1
+    mocks["create"].assert_called_once()
+    mocks["perform_save"].assert_not_called()
+
+
+def test_update_existing_instance(mocked_model):
+    model, mocks = mocked_model
+    cached_instance = TestModel(id=2, name="test", value=2, parentId=1)
+    mocks["get_cached"].return_value = cached_instance
+    model.value = 3  # This change should trigger an update
+    mocks["perform_save"].return_value = TestModel(id=2, name="test", value=3, parentId=1)
+
+    result = model.create_or_update()
+
+    assert model._original_data == {
+        "id": 2,
+        "name": "test",
+        "value": 2,
+        "parentId": 1,
+        "parentModule": "test_module",
+    }, "Original data should be set to cached instance data"
+    assert result.id == 2
+    assert result.value == 3
+    mocks["perform_save"].assert_called_once()
+    assert model._original_data == {
+        "id": 2,
+        "name": "test",
+        "value": 2,
+        "parentId": 1,
+        "parentModule": "test_module",
+    }, "Original data should not change after save"
+
+
+def test_no_update_when_no_changes(mocked_model):
+    model, mocks = mocked_model
+    cached_instance = TestModel(id=3, name="test", value=1, parentId=1)
+    mocks["get_cached"].return_value = cached_instance
+
+    result = model.create_or_update()
+
+    mocks["get_cached"].assert_called_once()
+    mocks["perform_save"].assert_not_called()
+
+    assert result == cached_instance, "Should return the cached instance without changes"
+    assert model._original_data == cached_instance.dict(
+        exclude_unset=True
+    ), "Original data should be set to cached instance data"
+
+    print(f"Result: {result}")
+    print(f"Cached instance: {cached_instance}")
+    print(f"Model _original_data: {model._original_data}")
+
+
+@pytest.mark.parametrize(
+    "initial_value,new_value,expected_calls",
+    [
+        (1, 2, 1),  # Different value, should update
+        (1, 1, 0),  # Same value, should not update
+    ],
+)
+def test_update_behavior(mocked_model, initial_value, new_value, expected_calls):
+    model, mocks = mocked_model
+    cached_instance = TestModel(id=1, name="test", value=initial_value, parentId=1)
+    mocks["get_cached"].return_value = cached_instance
+    model.value = new_value
+    mocks["perform_save"].return_value = TestModel(id=1, name="test", value=new_value, parentId=1)
+
+    model.create_or_update()
+
+    assert mocks["perform_save"].call_count == expected_calls
+
+
+class TestFindByUnique:
+    @pytest.fixture
+    def mock_get_all_by_parent(self):
+        with patch.object(TestModel, "get_all_by_parent") as mock:
+            yield mock
+
+    def test_find_by_unique_single_field_match(self, mock_get_all_by_parent):
+        """Test finding an instance with a single unique field match"""
+        instance = TestModel(name="test", value=1, parentId=1)
+        existing = TestModel(id=1, name="test", value=2, parentId=1)
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        assert result == existing
+        mock_get_all_by_parent.assert_called_once_with(parent_id=1, parent_module="test_module")
+
+    def test_find_by_unique_case_insensitive(self, mock_get_all_by_parent):
+        """Test case-insensitive matching"""
+        instance = TestModel(name="Test", value=1, parentId=1)
+        existing = TestModel(id=1, name="test", value=2, parentId=1)
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        assert result == existing
+
+    def test_find_by_unique_no_match(self, mock_get_all_by_parent):
+        """Test when no match is found"""
+        instance = TestModel(name="test1", value=1, parentId=1)
+        existing = TestModel(id=1, name="test2", value=2, parentId=1)
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        assert result is None
+
+    def test_find_by_unique_no_unique_fields(self):
+        """Test when no unique fields are defined"""
+
+        class NoUniqueModel(RegScaleModel):
+            _unique_fields = []
+            name: str
+
+        instance = NoUniqueModel(name="test")
+
+        with pytest.raises(NotImplementedError):
+            instance.find_by_unique()
+
+    def test_find_by_unique_no_parent_id(self):
+        """Test when parent ID is missing"""
+        instance = TestModel(name="test", value=1)  # No parentId
+
+        with pytest.raises(ValueError):
+            instance.find_by_unique()
+
+
+class TestMultipleUniqueFields:
+    @pytest.fixture
+    def mock_get_all_by_parent(self):
+        with patch.object(TestModelMultipleUnique, "get_all_by_parent") as mock:
+            yield mock
+
+    def test_find_by_unique_first_set_match(self, mock_get_all_by_parent):
+        """Test matching on first set of unique fields"""
+        instance = TestModelMultipleUnique(
+            field1="test1",
+            field2="test2",
+            field3="different",  # Different value doesn't matter for first set match
+            parentId=1,
+        )
+        existing = TestModelMultipleUnique(
+            id=1,
+            field1="test1",
+            field2="test2",
+            field3="also_different",  # Different value doesn't matter for first set match
+            parentId=1,
+        )
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        # Should match because first set of unique fields matches
+        assert result == existing
+
+    def test_find_by_unique_second_set_match(self, mock_get_all_by_parent):
+        """Test matching on second set of unique fields"""
+        instance = TestModelMultipleUnique(
+            field1="different1", field2="different2", field3="test3", parentId=1  # Matches on second set
+        )
+        existing = TestModelMultipleUnique(
+            id=1, field1="test1", field2="test2", field3="test3", parentId=1  # Matches on second set
+        )
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        # Should match because second set of unique fields matches
+        assert result == existing
+
+    def test_find_by_unique_no_match(self, mock_get_all_by_parent):
+        """Test when no unique field sets match"""
+        instance = TestModelMultipleUnique(field1="different1", field2="different2", field3="different3", parentId=1)
+        existing = TestModelMultipleUnique(id=1, field1="test1", field2="test2", field3="test3", parentId=1)
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        # Should not match because no unique field sets match
+        assert result is None
+
+    def test_find_by_unique_with_none_values(self, mock_get_all_by_parent):
+        """Test handling of None values in multiple unique fields"""
+        instance = TestModelMultipleUnique(
+            field1="test1", field2=None, field3="different3", parentId=1  # None in first set  # Different in second set
+        )
+        existing = TestModelMultipleUnique(
+            id=1, field1="test1", field2=None, field3="test3", parentId=1  # None in first set
+        )
+        mock_get_all_by_parent.return_value = [existing]
+
+        result = instance.find_by_unique()
+
+        # Should not match because first set has None values and second set doesn't match
+        assert result is None
+
+
+class TestCaching:
+    def test_cache_hit(self, mocked_model):
+        """Test when object is found in cache"""
+        model, mocks = mocked_model
+        cached = TestModel(id=1, name="test", value=1, parentId=1)
+        mocks["get_cached"].return_value = cached
+
+        result = model.find_by_unique()
+
+        assert result == cached
+        mocks["get_cached"].assert_called_once()
+
+    def test_cache_update_after_save(self, mocked_model):
+        """Test that cache is updated after saving"""
+        model, mocks = mocked_model
+        updated = TestModel(id=1, name="test", value=2, parentId=1)
+        mocks["perform_save"].return_value = updated
+
+        model.value = 2
+        model.create_or_update()
+
+        mocks["cache"].assert_called_with(updated)
+
+
+class TestErrorHandling:
+    @pytest.fixture
+    def mock_get_all_by_parent(self):
+        with patch.object(TestModel, "get_all_by_parent") as mock:
+            yield mock
+
+    def test_create_or_update_with_api_error(self, mocked_model):
+        """Test handling of API errors during create/update"""
+        model, mocks = mocked_model
+        mocks["get_cached"].return_value = None
+        mocks["create"].side_effect = Exception("API Error")
+
+        with pytest.raises(Exception) as exc_info:
+            model.create_or_update()
+
+        assert str(exc_info.value) == "API Error"
+
+    @pytest.mark.parametrize("attribute_error_field", ["name", "value", "non_existent_field"])
+    def test_find_by_unique_attribute_error(self, attribute_error_field, mocker):
+        """Test handling of AttributeError during find_by_unique"""
+        # Use mocker fixture instead of manual patch
+        mock_get_all_by_parent = mocker.patch.object(TestModel, "get_all_by_parent")
+
+        instance = TestModel(name="test", value=1, parentId=1)
+
+        # Create a mock instance that will raise AttributeError for the specified field
+        class MockTestModel(TestModel):
+            def __getattr__(self, name):
+                if name == attribute_error_field:
+                    raise AttributeError(f"Mock object has no attribute '{name}'")
+                return super().__getattr__(name)
+
+        mock_instance = MockTestModel(name="test_value", value=1, parentId=1)
+        mock_get_all_by_parent.return_value = [mock_instance]
+
+        # Should not raise AttributeError
+        result = instance.find_by_unique()
+        assert result is None
+
+
+class TestConcurrency:
+    def test_concurrent_cache_access(self):
+        """Test concurrent access to cache"""
+        import threading
+        import time
+
+        model = TestModel(name="test", value=1, parentId=1)
+        cache_key = model._get_cache_key(model)
+
+        def cache_operation():
+            with model._get_lock(cache_key):
+                time.sleep(0.1)  # Simulate some work
+                model.cache_object(model)
+
+        threads = [threading.Thread(target=cache_operation) for _ in range(5)]
+        for t in threads:
+            t.start()
+        for t in threads:
+            t.join()
+
+        # Verify that cache operations completed without errors
+        assert model.get_cached_object(cache_key) is not None
+
+
+if __name__ == "__main__":
+    pytest.main()

tests/regscale/models/test_report.py

@@ -0,0 +1,32 @@
+from regscale.core.app.utils.report_utils import ReportGenerator
+from regscale.models import Asset
+from tests.fixtures.test_fixture import CLITestFixture
+
+
+class TestImport(CLITestFixture):
+    """
+    Test for Report Generator
+    """
+
+    def test_basic_report(self):
+        """
+        Test the basic report
+        """
+        assets = Asset.get_all_by_parent(3, "securityplans")
+        ReportGenerator(assets)
+
+    def test_advanced_report(self):
+        """
+        Test the advanced report
+        """
+        assets = Asset.get_all_by_parent(3, "securityplans")
+        ReportGenerator(objects=assets, to_file=True, report_name="test_report")
+
+    def test_save_to_regscale(self):
+        """
+        Test saving the report to Regscale
+        """
+        assets = Asset.get_all_by_parent(3, "securityplans")
+        ReportGenerator(
+            objects=assets, to_file=True, report_name="test_report", regscale_id=3, regscale_module="securityplans"
+        )

tests/regscale/models/test_tenable_integrations.py

@@ -0,0 +1,118 @@
+import json
+from random import randint
+from unittest.mock import patch
+
+import pytest
+from lxml import etree
+
+from regscale.integrations.commercial.nessus.nessus_utils import (
+    cpe_xml_to_dict,
+    get_cpe_file,
+    lookup_cpe_item_by_name,
+    lookup_kev,
+)
+from regscale.integrations.public.cisa import pull_cisa_kev
+from regscale.models.integration_models.tenable_models.models import TenableIOAsset
+
+
+@pytest.fixture
+def sync_vuln_result():
+    dat = {
+        "asset": {
+            "device_type": "general-purpose",
+            "hostname": "WIN-HJFQ8SOFVCP",
+            "uuid": "ef2eed0a-29b3-45a2-af6a-3d12141d1a71",
+            "ipv4": "10.40.16.200",
+            "netbios_name": "WIN-HJFQ8SOFVCP",
+            "operating_system": ["Microsoft Windows"],
+            "network_id": "32df72f3-5914-4c54-8e28-26a924c8c6ca",
+            "tracked": True,
+        },
+        "output": "\nAn SMB server is running on this port.\n",
+        "plugin": {
+            "bid": [11011],
+            "checks_for_default_account": False,
+            "checks_for_malware": False,
+            "description": "The remote service understands the CIFS (Common Internet File System) or "
+            "Server Message Block (SMB) protocol, used to provide shared access to files, "
+            "printers, etc between nodes on a network.",
+            "exploited_by_malware": False,
+            "exploited_by_nessus": False,
+            "family": "Windows",
+            "family_id": 7,
+            "id": 11011,
+            "in_the_news": False,
+            "name": "Microsoft Windows SMB Service Detection",
+            "modification_date": "2021-02-11T00:00:00Z",
+            "publication_date": "2002-06-05T00:00:00Z",
+            "risk_factor": "info",
+            "synopsis": "A file / print sharing service is listening on the remote host.",
+            "type": "REMOTE",
+            "unsupported_by_vendor": False,
+            "version": "1.43",
+        },
+        "port": {"port": 139, "protocol": "TCP", "service": "smb"},
+        "scan": {
+            "schedule_uuid": "template-0962c046-6816-1fa3-a5c4-ab987819db38a7aa1358e9a1e7eb",
+            "started_at": "2023-11-05T04:05:03.266Z",
+            "uuid": "0ec1bf66-28e1-4e19-9894-60a19556c1d9",
+        },
+        "severity": "info",
+        "severity_id": 0,
+        "severity_default_id": 0,
+        "severity_modification_type": "NONE",
+        "first_found": "2022-09-18T10:44:50.586Z",
+        "last_found": "2023-11-05T07:21:39.476Z",
+        "state": "OPEN",
+        "indexed": "2023-11-05T07:22:28.474691Z",
+    }
+    result = NessusReport(**dat)
+    return iter([result])
+
+
+@pytest.fixture
+def cpe_items():
+    cpe_root = etree.parse(get_cpe_file())
+    dat = cpe_xml_to_dict(cpe_root)
+    return dat
+
+
+@pytest.fixture
+def new_assets():
+    with open("./tests/test_data/ten_assets.json", "r") as f:
+        dat = json.load(f)
+    assets = [TenableIOAsset(**a) for a in dat]
+    return assets
+
+
+@patch("regscale.core.app.application.Application")
+@patch("regscale.models.integration_models.tenable_models.models.TenableIOAsset.sync_to_regscale")
+def test_fetch_assets(mock_app, new_assets):
+    # Call the fetch_assets function
+    assets = new_assets
+    app = mock_app
+    with patch.object(TenableIOAsset, "sync_to_regscale") as mock_sync:
+        mock_sync(app=app, assets=assets, ssp_id=2)
+
+        # Check that the sync_to_regscale method was called with the correct arguments
+        mock_sync.assert_called_once_with(app=app, assets=assets, ssp_id=2)
+
+
+def test_kev_lookup():
+    cve = "CVE-1234-3456"
+    data = pull_cisa_kev()
+    avail = [dat["cveID"] for dat in data["vulnerabilities"]]
+    index = randint(0, len(avail))
+    assert lookup_kev(cve, data)[0] is None
+    assert lookup_kev(avail[index], data)[0]
+
+
+def test_cpe_lookup(cpe_items):
+    name = "cpe:/a:gobalsky:vega:0.49.4"
+    lookup_cpe_item_by_name(name, cpe_items)
+
+
+@pytest.mark.skip("This test needs to be updated for the new tenable rewrite.")
+def test_sync_vulns_data(sync_vuln_result):
+    vulns = sync_vuln_result
+    assert vulns

tests/regscale/models/test_user_model.py

@@ -0,0 +1,121 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Tests for the User model"""
+
+import unittest
+from unittest.mock import patch, MagicMock
+
+from regscale.models.regscale_models.user import User
+
+
+class TestUser(unittest.TestCase):
+    """Test cases for the User model"""
+
+    def setUp(self):
+        """Set up test cases"""
+        self.test_user_data = {
+            "userName": "testuser",
+            "email": "test@example.com",
+            "firstName": "Test",
+            "lastName": "User",
+            "homePageUrl": "/custom-dashboard",
+        }
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_below_min_version(self, mock_api_handler):
+        """Test homePageUrl is None when version < 6.14.0.0"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.11.0.0"
+        mock_api_handler.return_value = mock_handler
+
+        # Create user instance
+        user = User(**self.test_user_data)
+
+        # Verify homePageUrl is None for version < 6.14.0.0
+        self.assertIsNone(user.homePageUrl)
+        # Verify the underlying field still has the value
+        self.assertEqual(user.homePageUrl_, "/custom-dashboard")
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_at_min_version(self, mock_api_handler):
+        """Test homePageUrl is accessible when version = 6.14.0.0"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.14.0.0"
+        mock_api_handler.return_value = mock_handler
+
+        # Create user instance
+        user = User(**self.test_user_data)
+
+        # Verify homePageUrl is accessible for version = 6.14.0.0
+        self.assertEqual(user.homePageUrl, "/custom-dashboard")
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_above_min_version(self, mock_api_handler):
+        """Test homePageUrl is accessible when version > 6.14.0.0"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.14.0.1"
+        mock_api_handler.return_value = mock_handler
+
+        # Create user instance
+        user = User(**self.test_user_data)
+
+        # Verify homePageUrl is accessible for version > 6.14.0.0
+        self.assertEqual(user.homePageUrl, "/custom-dashboard")
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_setter(self, mock_api_handler):
+        """Test homePageUrl setter works correctly"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.14.0.1"
+        mock_api_handler.return_value = mock_handler
+
+        # Create user instance
+        user = User(**self.test_user_data)
+
+        # Test setting a new value
+        new_url = "/new-dashboard"
+        user.homePageUrl = new_url
+
+        # Verify both the property and underlying field are updated
+        self.assertEqual(user.homePageUrl, new_url)
+        self.assertEqual(user.homePageUrl_, new_url)
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_default_value(self, mock_api_handler):
+        """Test homePageUrl default value behavior"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.14.0.0"
+        mock_api_handler.return_value = mock_handler
+
+        # Create user instance without specifying homePageUrl
+        user = User(userName="testuser", email="test@example.com")
+
+        # Verify default value is set correctly
+        self.assertEqual(user.homePageUrl, "/workbench")
+        self.assertEqual(user.homePageUrl_, "/workbench")
+
+    @patch("regscale.models.regscale_models.user.User._get_api_handler")
+    def test_homepage_url_none_value(self, mock_api_handler):
+        """Test homePageUrl with None value"""
+        # Setup mock
+        mock_handler = MagicMock()
+        mock_handler.regscale_version = "6.14.0.0"
+        mock_api_handler.return_value = mock_handler
+
+        # Create test data with None homePageUrl
+        test_data = self.test_user_data.copy()
+        test_data["homePageUrl"] = None
+        user = User(**test_data)
+
+        # Verify None value is handled correctly
+        self.assertIsNone(user.homePageUrl)
+        self.assertIsNone(user.homePageUrl_)
+
+
+if __name__ == "__main__":
+    unittest.main()

tests/regscale/test_about.py

@@ -0,0 +1,19 @@
+import pytest
+from unittest.mock import patch
+from click.testing import CliRunner
+
+
+def test_about_no_variable_fetch():
+    """
+    Test that the about command runs successfully without fetching any variables
+    """
+    with patch("regscale.core.app.utils.variables.RsVariablesMeta.fetch_config_value") as mock_fetch:
+        # Import after patching to ensure the mock takes effect
+        from regscale.regscale import cli
+
+        runner = CliRunner()
+        result = runner.invoke(cli, ["about"])
+
+        assert result.exit_code == 0
+        assert "RegScale CLI Version:" in result.output
+        mock_fetch.assert_not_called()