regscale-cli 6.25.0.1__py3-none-any.whl → 6.26.0.0__py3-none-any.whl

tests/regscale/integrations/commercial/wizv2/test_wiz_status_mapping.py

@@ -0,0 +1,149 @@
+"""
+Unit tests for Wiz status mapping functionality.
+Tests that Wiz issue statuses are correctly mapped to RegScale IssueStatus.
+"""
+
+from unittest.mock import Mock, patch
+
+import pytest
+
+from regscale.integrations.commercial.wizv2.issue import WizIssue
+from regscale.integrations.commercial.wizv2.scanner import WizVulnerabilityIntegration
+from regscale.models import IssueStatus
+
+
+class TestWizStatusMapping:
+    """Test class for Wiz status mapping functionality."""
+
+    @pytest.fixture
+    def mock_app(self):
+        """Create a mock app with config."""
+        app = Mock()
+        app.config = {}
+        return app
+
+    @pytest.fixture
+    def wiz_integration(self, mock_app):
+        """Create a WizVulnerabilityIntegration instance."""
+        with patch("regscale.integrations.scanner_integration.ScannerIntegration.__init__"):
+            integration = WizVulnerabilityIntegration(app=mock_app, plan_id=1)
+            integration.app = mock_app
+            integration._compliance_settings = None
+            return integration
+
+    @pytest.fixture
+    def wiz_issue_integration(self, mock_app):
+        """Create a WizIssue instance."""
+        with patch("regscale.integrations.scanner_integration.ScannerIntegration.__init__"):
+            integration = WizIssue(app=mock_app, plan_id=1)
+            integration.app = mock_app
+            integration._compliance_settings = None
+            return integration
+
+    def test_default_status_mapping_open_statuses(self, wiz_integration):
+        """Test that OPEN and IN_PROGRESS statuses map to IssueStatus.Open."""
+        open_statuses = ["OPEN", "Open", "open", "IN_PROGRESS", "In_Progress", "in_progress"]
+
+        for status in open_statuses:
+            result = wiz_integration._get_default_issue_status_mapping(status)
+            assert result == IssueStatus.Open, f"Status '{status}' should map to Open, got {result}"
+
+    def test_default_status_mapping_closed_statuses(self, wiz_integration):
+        """Test that RESOLVED and REJECTED statuses map to IssueStatus.Closed."""
+        closed_statuses = ["RESOLVED", "Resolved", "resolved", "REJECTED", "Rejected", "rejected"]
+
+        for status in closed_statuses:
+            result = wiz_integration._get_default_issue_status_mapping(status)
+            assert result == IssueStatus.Closed, f"Status '{status}' should map to Closed, got {result}"
+
+    def test_default_status_mapping_unknown_status(self, wiz_integration):
+        """Test that unknown statuses default to IssueStatus.Open."""
+        unknown_statuses = ["UNKNOWN", "PENDING", "WEIRD_STATUS", ""]
+
+        for status in unknown_statuses:
+            result = wiz_integration._get_default_issue_status_mapping(status)
+            assert result == IssueStatus.Open, f"Unknown status '{status}' should default to Open, got {result}"
+
+    def test_map_status_to_issue_status_without_compliance_settings(self, wiz_integration):
+        """Test status mapping without compliance settings (uses default mapping)."""
+        # Ensure no compliance settings
+        wiz_integration._compliance_settings = None
+
+        test_cases = [
+            ("OPEN", IssueStatus.Open),
+            ("IN_PROGRESS", IssueStatus.Open),
+            ("RESOLVED", IssueStatus.Closed),
+            ("REJECTED", IssueStatus.Closed),
+            ("UNKNOWN", IssueStatus.Open),
+        ]
+
+        for wiz_status, expected in test_cases:
+            result = wiz_integration.map_status_to_issue_status(wiz_status)
+            assert result == expected, f"Status '{wiz_status}' should map to {expected}, got {result}"
+
+    def test_map_status_to_issue_status_with_compliance_settings(self, wiz_integration):
+        """Test status mapping with compliance settings."""
+        # Mock compliance settings
+        mock_compliance = Mock()
+        mock_compliance.get_field_labels.return_value = ["Open", "In Progress", "Closed", "Resolved"]
+        wiz_integration._compliance_settings = mock_compliance
+
+        # Test that IN_PROGRESS still maps to Open even with compliance settings
+        result = wiz_integration.map_status_to_issue_status("IN_PROGRESS")
+        assert result == IssueStatus.Open, "IN_PROGRESS should map to Open with compliance settings"
+
+        # Test other statuses
+        result = wiz_integration.map_status_to_issue_status("RESOLVED")
+        assert result == IssueStatus.Closed, "RESOLVED should map to Closed with compliance settings"
+
+    def test_match_wiz_status_to_label(self, wiz_integration):
+        """Test the _match_wiz_status_to_label method."""
+        # Test open status mappings
+        assert wiz_integration._match_wiz_status_to_label("open", "Open") == IssueStatus.Open
+        assert wiz_integration._match_wiz_status_to_label("in_progress", "In Progress") == IssueStatus.Open
+        assert wiz_integration._match_wiz_status_to_label("in_progress", "Active") == IssueStatus.Open
+
+        # Test closed status mappings
+        assert wiz_integration._match_wiz_status_to_label("resolved", "Closed") == IssueStatus.Closed
+        assert wiz_integration._match_wiz_status_to_label("rejected", "Resolved") == IssueStatus.Closed
+
+        # Test non-matching combinations
+        assert wiz_integration._match_wiz_status_to_label("open", "Closed") is None
+        assert wiz_integration._match_wiz_status_to_label("resolved", "Open") is None
+
+    def test_wiz_issue_status_mapping(self, wiz_issue_integration):
+        """Test that WizIssue class uses the same status mapping."""
+        test_cases = [
+            ("OPEN", IssueStatus.Open),
+            ("IN_PROGRESS", IssueStatus.Open),
+            ("RESOLVED", IssueStatus.Closed),
+            ("REJECTED", IssueStatus.Closed),
+        ]
+
+        for wiz_status, expected in test_cases:
+            result = wiz_issue_integration.map_status_to_issue_status(wiz_status)
+            assert result == expected, f"WizIssue: Status '{wiz_status}' should map to {expected}, got {result}"
+
+    @pytest.mark.parametrize(
+        "status,expected",
+        [
+            ("OPEN", IssueStatus.Open),
+            ("Open", IssueStatus.Open),
+            ("open", IssueStatus.Open),
+            ("IN_PROGRESS", IssueStatus.Open),
+            ("In_Progress", IssueStatus.Open),
+            ("in_progress", IssueStatus.Open),
+            ("RESOLVED", IssueStatus.Closed),
+            ("Resolved", IssueStatus.Closed),
+            ("resolved", IssueStatus.Closed),
+            ("REJECTED", IssueStatus.Closed),
+            ("Rejected", IssueStatus.Closed),
+            ("rejected", IssueStatus.Closed),
+            ("UNKNOWN_STATUS", IssueStatus.Open),
+            ("", IssueStatus.Open),
+        ],
+    )
+    def test_comprehensive_status_mapping(self, wiz_integration, status, expected):
+        """Comprehensive parameterized test for all status variations."""
+        result = wiz_integration.map_status_to_issue_status(status)
+        assert result == expected, f"Status '{status}' should map to {expected}, got {result}"

tests/regscale/integrations/commercial/wizv2/test_wizv2.py

@@ -0,0 +1,264 @@
+"""
+Unit tests for WizVulnerabilityIntegration
+"""
+
+import logging
+import unittest
+from unittest.mock import patch, MagicMock
+
+from regscale.core.app.utils.api_handler import APIHandler
+from regscale.integrations.commercial.wizv2.scanner import WizVulnerabilityIntegration
+from regscale.integrations.commercial.wizv2.variables import WizVariables
+from regscale.integrations.variables import ScannerVariables
+from regscale.models import regscale_models
+from tests.regscale.integrations.commercial.wizv2 import (
+    asset_nodes,
+    vuln_nodes,
+    PROJECT_ID,
+    PLAN_ID,
+)
+
+logger = logging.getLogger("regscale")
+
+
+class TestWizVulnerabilityIntegration(unittest.TestCase):
+    regscale_version = APIHandler().regscale_version
+    project_id = PROJECT_ID
+    plan_id = PLAN_ID
+
+    def clean_plan(self, plan_id):
+        if self.regscale_version >= "5.64.0" or self.regscale_version == "localdev":
+            for scan in regscale_models.ScanHistory.get_all_by_parent(
+                plan_id, regscale_models.SecurityPlan.get_module_string()
+            ):
+                for vuln_mapping in regscale_models.VulnerabilityMapping.find_by_scan(scan.id):
+                    vuln_mapping.delete()
+                # No delete api
+                # scan.delete()
+        for asset in regscale_models.Asset.get_all_by_parent(plan_id, regscale_models.SecurityPlan.get_module_string()):
+            for issue in regscale_models.Issue.get_all_by_parent(asset.id, asset.get_module_string()):
+                issue.delete()
+            asset.delete()
+        for issue in regscale_models.Issue.get_all_by_parent(plan_id, regscale_models.SecurityPlan.get_module_string()):
+            issue.delete()
+
+    def assert_vulnerability_counts(self, assets, expected_counts):
+        for asset in assets:
+            vulnerability_ids = self.get_vulnerability_ids(asset)
+            expected_count = expected_counts.get(asset.wizId, 0)
+            if expected_count != len(vulnerability_ids):
+                logger.error(f"Vulnerabilities for asset {asset.wizId}: {vulnerability_ids}")
+            self.assertEqual(
+                expected_count,
+                len(vulnerability_ids),
+                f"Expected {expected_count} vulnerability ids for asset {asset.wizId}, got {vulnerability_ids}",
+            )
+
+    def get_vulnerability_ids(self, asset):
+        if self.regscale_version >= "5.64.0" or self.regscale_version == "localdev":
+            return {
+                vuln_mapping.vulnerabilityId
+                for vuln_mapping in regscale_models.VulnerabilityMapping.find_by_asset(asset.id, status="Open")
+            }
+        return set()
+
+    def assert_open_issues_with_assets(self, assets, expected_count):
+        open_issues_with_assets = self.get_open_issues_with_assets(assets)
+        if expected_count != len(open_issues_with_assets):
+            logger.error(f"Open Issues: {open_issues_with_assets}")
+        self.assertEqual(
+            expected_count,
+            len(open_issues_with_assets),
+            f"Expected {expected_count} open issues tied to assets, but found {len(open_issues_with_assets)}",
+        )
+        self.verify_issue_asset_association(open_issues_with_assets, assets)
+
+    def get_open_issues_with_assets(self, assets):
+        open_issues = []
+        for asset in assets:
+            asset_issues = regscale_models.Issue.get_all_by_parent(
+                parent_id=asset.id, parent_module=asset.get_module_string()
+            )
+            open_issues.extend([issue for issue in asset_issues if issue.status == regscale_models.IssueStatus.Open])
+        return open_issues
+
+    def verify_issue_asset_association(self, issues, assets):
+        asset_names = [asset.wizId for asset in assets]
+        for issue in issues:
+            self.assertIsNotNone(issue.assetIdentifier, f"Issue {issue.id} is not associated with an asset")
+            self.assertIn(
+                issue.assetIdentifier.split("\n")[0],
+                asset_names,
+                f"Issue {issue.id} is associated with an asset not in the current set",
+            )
+
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.fetch_wiz_data_if_needed")
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.authenticate")
+    def test_wiz_vulnerability_integration_consolidated(self, mock_authenticate, mock_fetch_wiz_data):
+        mock_authenticate.return_value = None
+        self.clean_plan(self.plan_id)
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+
+        mock_fetch_wiz_data.return_value = asset_nodes
+        assets = list(integration.fetch_assets(wiz_project_id=self.project_id))
+        self.assertEqual(2, len(assets))
+        integration.sync_assets(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes
+        findings = integration.fetch_findings(wiz_project_id=self.project_id)
+        self.assertEqual(12, len(list(findings)))
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        assets = regscale_models.Asset.get_all_by_parent(self.plan_id, regscale_models.SecurityPlan.get_module_string())
+        self.assertEqual(2, len(assets))
+
+        expected_counts = {
+            "52c50c20-3d07-58ac-ab2e-c412bf35351b": 2,
+            "52c50c20-3d07-58ac-ab2e-c412bf35351c": 1,
+        }
+        self.assert_vulnerability_counts(assets, expected_counts)
+
+        if self.regscale_version >= "5.64.0" or self.regscale_version == "localdev":
+            self.assert_open_issues_with_assets(assets, 2)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes[:1]
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        expected_counts = {
+            "52c50c20-3d07-58ac-ab2e-c412bf35351b": 1,
+            "52c50c20-3d07-58ac-ab2e-c412bf35351c": 0,
+        }
+        self.assert_vulnerability_counts(assets, expected_counts)
+
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.fetch_wiz_data_if_needed")
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.authenticate")
+    def test_wiz_vulnerability_integration_per_asset(self, mock_authenticate, mock_fetch_wiz_data):
+        ScannerVariables.issueCreation = "PerAsset"
+        mock_authenticate.return_value = None
+        self.clean_plan(self.plan_id)
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+
+        mock_fetch_wiz_data.return_value = asset_nodes
+        assets = list(integration.fetch_assets(wiz_project_id=self.project_id))
+        self.assertEqual(2, len(assets))
+        integration.sync_assets(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes
+        findings = integration.fetch_findings(wiz_project_id=self.project_id)
+        self.assertEqual(12, len(list(findings)))
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        assets = regscale_models.Asset.get_all_by_parent(self.plan_id, regscale_models.SecurityPlan.get_module_string())
+        self.assertEqual(2, len(assets))
+
+        expected_counts = {
+            "52c50c20-3d07-58ac-ab2e-c412bf35351b": 2,
+            "52c50c20-3d07-58ac-ab2e-c412bf35351c": 1,
+        }
+        self.assert_vulnerability_counts(assets, expected_counts)
+
+        self.assert_open_issues_with_assets(assets, 3)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes[:1]
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        expected_counts = {
+            "52c50c20-3d07-58ac-ab2e-c412bf35351b": 1,
+            "52c50c20-3d07-58ac-ab2e-c412bf35351c": 0,
+        }
+        self.assert_vulnerability_counts(assets, expected_counts)
+
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.fetch_wiz_data_if_needed")
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.authenticate")
+    def test_wiz_assets_with_hardware_asset_types_enabled(self, mock_authenticate, mock_fetch_wiz_data):
+        WizVariables.useWizHardwareAssetTypes = True
+        WizVariables.wizHardwareAssetTypes = ["CLIENT_APPLICATION"]
+        mock_authenticate.return_value = None
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+
+        mock_fetch_wiz_data.return_value = asset_nodes
+        assets = list(integration.fetch_assets(wiz_project_id=self.project_id))
+        self.assertEqual(2, len(assets))
+        integration.sync_assets(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes
+        findings = integration.fetch_findings(wiz_project_id=self.project_id)
+        self.assertEqual(12, len(list(findings)))
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        assets = regscale_models.Asset.get_all_by_parent(self.plan_id, regscale_models.SecurityPlan.get_module_string())
+        self.assertEqual(2, len(assets))
+        for asset in assets:
+            self.assertEqual(asset.assetCategory, regscale_models.AssetCategory.Hardware)
+
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.fetch_wiz_data_if_needed")
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.authenticate")
+    def test_wiz_assets_with_hardware_asset_types_disabled(self, mock_authenticate, mock_fetch_wiz_data):
+        WizVariables.useWizHardwareAssetTypes = False
+        WizVariables.wizHardwareAssetTypes = ["CLIENT_APPLICATION"]
+        mock_authenticate.return_value = None
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+
+        mock_fetch_wiz_data.return_value = asset_nodes
+        assets = list(integration.fetch_assets(wiz_project_id=self.project_id))
+        self.assertEqual(2, len(assets))
+        integration.sync_assets(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes
+        findings = integration.fetch_findings(wiz_project_id=self.project_id)
+        self.assertEqual(12, len(list(findings)))
+        integration.sync_findings(plan_id=self.plan_id, wiz_project_id=self.project_id)
+
+        assets = regscale_models.Asset.get_all_by_parent(self.plan_id, regscale_models.SecurityPlan.get_module_string())
+        self.assertEqual(2, len(assets))
+        for asset in assets:
+            self.assertEqual(asset.assetCategory, regscale_models.AssetCategory.Software)
+
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.fetch_wiz_data_if_needed")
+    @patch("regscale.integrations.commercial.wizv2.scanner.WizVulnerabilityIntegration.authenticate")
+    def test_wiz_due_date_calculation(self, mock_authenticate, mock_fetch_wiz_data):
+        from datetime import datetime, timedelta
+        from regscale.core.utils.date import date_obj
+
+        mock_authenticate.return_value = None
+        integration = WizVulnerabilityIntegration(plan_id=self.plan_id)
+
+        mock_fetch_wiz_data.return_value = vuln_nodes
+        mock_app = MagicMock()
+        mock_app.config = {"issues": {"wiz": {"critical": 1, "high": 2, "moderate": 3, "low": 4}}}
+        with patch.object(integration, "app", mock_app):
+            findings = integration.fetch_findings(wiz_project_id=self.project_id)
+            findings = list(findings)
+            self.assertEqual(12, len(findings))
+            for finding in findings:
+                # convert the due_date to a datetime object for comparison
+                finding_due_date = datetime.strptime(finding.due_date, "%Y-%m-%dT%H:%M:%S")
+                first_seen_date = date_obj(finding.first_seen)
+                if finding.severity == regscale_models.IssueSeverity.Critical.value:
+                    self.assertEqual(
+                        finding_due_date.date(),
+                        (first_seen_date + timedelta(days=mock_app.config["issues"]["wiz"]["critical"])),
+                    )
+                elif finding.severity == regscale_models.IssueSeverity.High.value:
+                    self.assertEqual(
+                        finding_due_date.date(),
+                        (first_seen_date + timedelta(days=mock_app.config["issues"]["wiz"]["high"])),
+                    )
+                elif finding.severity == regscale_models.IssueSeverity.Moderate.value:
+                    self.assertEqual(
+                        finding_due_date.date(),
+                        (first_seen_date + timedelta(days=mock_app.config["issues"]["wiz"]["moderate"])),
+                    )
+                elif finding.severity == regscale_models.IssueSeverity.Low.value:
+                    self.assertEqual(
+                        finding_due_date.date(),
+                        (first_seen_date + timedelta(days=mock_app.config["issues"]["wiz"]["low"])),
+                    )
+                else:
+                    self.assertEqual(finding_due_date.date(), (first_seen_date + timedelta(days=60)))
+
+
+if __name__ == "__main__":
+    unittest.main()