regscale-cli 6.25.1.0__py3-none-any.whl → 6.27.0.0__py3-none-any.whl

tests/regscale/integrations/test_control_matching.py

@@ -0,0 +1,155 @@
+#!/usr/bin/env python3
+"""Test control matching for Wiz compliance report against catalog 3."""
+
+import logging
+from regscale.integrations.control_matcher import ControlMatcher
+
+# Configure logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+
+# Sample control IDs from Wiz report
+wiz_control_samples = [
+    "AC-2(4)",
+    "AC-6(9)",
+    "AU-12",
+    "AU-3(1)",
+    "CM-3",
+    "SI-4(20)",
+    "AC-4(21)",
+    "AC-3",
+    "AC-17(1)",
+    "AC-17(2)",
+    "SC-8(1)",
+    "SC-28",
+    "SC-28(1)",
+    "SI-7(12)",
+    "PE-19",
+    "PS-6",
+    "SA-9(5)",
+    "SC-7",
+    "SI-4",
+    "AU-13",
+]
+
+
+def test_individual_controls(matcher: ControlMatcher, catalog_id: int) -> tuple:
+    """
+    Test individual control matching.
+
+    :param ControlMatcher matcher: Control matcher instance
+    :param int catalog_id: Catalog ID to search
+    :return: Tuple of (found_controls, not_found_controls)
+    :rtype: tuple
+    """
+    found_controls = []
+    not_found_controls = []
+
+    for control_id in wiz_control_samples:
+        logger.info(f"\nTesting: {control_id}")
+
+        parsed = matcher.parse_control_id(control_id)
+        logger.info(f"  Parsed as: {parsed}")
+
+        control = matcher.find_control_in_catalog(control_id, catalog_id)
+
+        if control:
+            logger.info(f"  ✓ FOUND in catalog: {control.controlId} (ID: {control.id})")
+            found_controls.append(control_id)
+        else:
+            logger.warning("  ✗ NOT FOUND in catalog")
+            not_found_controls.append(control_id)
+
+    return found_controls, not_found_controls
+
+
+def log_summary(found_controls: list, not_found_controls: list) -> None:
+    """
+    Log summary of control matching results.
+
+    :param list found_controls: List of found controls
+    :param list not_found_controls: List of not found controls
+    :return: None
+    :rtype: None
+    """
+    logger.info("\n" + "=" * 60)
+    logger.info("SUMMARY:")
+    logger.info(f"Total tested: {len(wiz_control_samples)}")
+    logger.info(f"Found: {len(found_controls)} ({len(found_controls) / len(wiz_control_samples) * 100:.1f}%)")
+    logger.info(
+        f"Not found: {len(not_found_controls)} ({len(not_found_controls) / len(wiz_control_samples) * 100:.1f}%)"
+    )
+
+    if not_found_controls:
+        logger.info("\nControls not found in catalog:")
+        for control in not_found_controls:
+            logger.info(f"  - {control}")
+
+
+def test_multi_control_parsing() -> None:
+    """Test multi-control parsing from Wiz data format."""
+    logger.info("\n" + "=" * 60)
+    logger.info("Testing multi-control parsing:")
+
+    multi_control_string = "AC-2(4) Account Management | Automated Audit Actions, AC-6(9) Least Privilege | Log Use of Privileged Functions, AU-12 Audit Record Generation"
+    logger.info(f"\nInput: {multi_control_string}")
+
+    import re
+
+    control_id_pattern = r"([A-Za-z]{2}-\d+)(?:\s*\(\s*(\d+)\s*\))?"
+    matches = []
+    for part in multi_control_string.split(", "):
+        found = re.findall(control_id_pattern, part.strip())
+        for match in found:
+            base_control, enhancement = match
+            if enhancement:
+                matches.append(f"{base_control}({enhancement})")
+            else:
+                matches.append(base_control)
+
+    logger.info(f"Extracted control IDs: {matches}")
+
+
+def test_normalization(matcher: ControlMatcher) -> None:
+    """
+    Test control ID normalization.
+
+    :param ControlMatcher matcher: Control matcher instance
+    :return: None
+    :rtype: None
+    """
+    logger.info("\n" + "=" * 60)
+    logger.info("Testing control ID normalization:")
+
+    test_cases = [
+        ("AC-01", "AC-1"),
+        ("AC-1(01)", "AC-1.1"),
+        ("AC-2 (4)", "AC-2.4"),
+        ("ac-3", "AC-3"),
+    ]
+
+    for original, expected in test_cases:
+        parsed = matcher.parse_control_id(original)
+        logger.info(f"  {original} -> {parsed} (expected: {expected})")
+        if parsed == expected:
+            logger.info("    ✓ Correct")
+        else:
+            logger.warning(f"    ✗ Mismatch (got {parsed}, expected {expected})")
+
+
+def test_control_matching():
+    """Test control matching against catalog 3."""
+    matcher = ControlMatcher()
+    catalog_id = 3
+
+    logger.info(f"Testing control matching for catalog {catalog_id}")
+    logger.info("=" * 60)
+
+    found_controls, not_found_controls = test_individual_controls(matcher, catalog_id)
+    log_summary(found_controls, not_found_controls)
+    test_multi_control_parsing()
+    test_normalization(matcher)
+
+
+if __name__ == "__main__":
+    test_control_matching()

tests/regscale/integrations/test_milestone_manager.py

@@ -0,0 +1,408 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+"""Tests for MilestoneManager class."""
+import logging
+from unittest.mock import MagicMock, patch
+
+import pytest
+
+from regscale.integrations.milestone_manager import MilestoneManager
+from regscale.integrations.scanner_integration import IntegrationFinding
+from regscale.models import regscale_models
+
+
+logger = logging.getLogger("regscale")
+
+
+@pytest.fixture
+def milestone_manager():
+    """Create a MilestoneManager instance for testing."""
+    return MilestoneManager(
+        integration_title="Test Integration",
+        assessor_id="test-assessor-id",
+        scan_date="2024-01-15T10:00:00Z",
+    )
+
+
+@pytest.fixture
+def mock_issue():
+    """Create a mock issue for testing."""
+    issue = MagicMock(spec=regscale_models.Issue)
+    issue.id = 123
+    issue.status = regscale_models.IssueStatus.Open
+    issue.dateCompleted = "2024-01-15T12:00:00Z"
+    return issue
+
+
+@pytest.fixture
+def mock_finding():
+    """Create a mock finding for testing."""
+    finding = MagicMock(spec=IntegrationFinding)
+    finding.external_id = "test-external-id-123"
+    return finding
+
+
+class TestMilestoneManagerInitialization:
+    """Test MilestoneManager initialization."""
+
+    def test_initialization(self):
+        """Test that MilestoneManager initializes correctly."""
+        manager = MilestoneManager(
+            integration_title="Test Integration",
+            assessor_id="assessor-123",
+            scan_date="2024-01-15T10:00:00Z",
+        )
+
+        assert manager.integration_title == "Test Integration"
+        assert manager.assessor_id == "assessor-123"
+        assert manager.scan_date == "2024-01-15T10:00:00Z"
+
+
+class TestMilestoneShouldCreateChecks:
+    """Test the milestone creation decision logic."""
+
+    def test_should_create_milestones_enabled(self, milestone_manager, mock_issue):
+        """Test that milestones should be created when enabled and issue has ID."""
+        with patch("regscale.integrations.milestone_manager.ScannerVariables") as mock_vars:
+            mock_vars.useMilestones = True
+            assert milestone_manager._should_create_milestones(mock_issue) is True
+
+    def test_should_not_create_milestones_disabled(self, milestone_manager, mock_issue):
+        """Test that milestones should not be created when disabled."""
+        with patch("regscale.integrations.milestone_manager.ScannerVariables") as mock_vars:
+            mock_vars.useMilestones = False
+            assert milestone_manager._should_create_milestones(mock_issue) is False
+
+    def test_should_not_create_milestones_no_id(self, milestone_manager):
+        """Test that milestones should not be created when issue has no ID."""
+        issue = MagicMock(spec=regscale_models.Issue)
+        issue.id = None
+
+        with patch("regscale.integrations.milestone_manager.ScannerVariables") as mock_vars:
+            mock_vars.useMilestones = True
+            assert milestone_manager._should_create_milestones(issue) is False
+
+
+class TestMilestoneTransitionDetection:
+    """Test detection of status transitions."""
+
+    def test_should_create_reopened_milestone(self, milestone_manager, mock_issue):
+        """Test detection of issue reopening (Closed -> Open)."""
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Closed
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.status = regscale_models.IssueStatus.Open
+
+        assert milestone_manager._should_create_reopened_milestone(existing_issue, current_issue) is True
+
+    def test_should_not_create_reopened_milestone_same_status(self, milestone_manager):
+        """Test that reopened milestone is not created when status doesn't change."""
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Open
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.status = regscale_models.IssueStatus.Open
+
+        assert milestone_manager._should_create_reopened_milestone(existing_issue, current_issue) is False
+
+    def test_should_create_closed_milestone(self, milestone_manager):
+        """Test detection of issue closing (Open -> Closed)."""
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Open
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.status = regscale_models.IssueStatus.Closed
+
+        assert milestone_manager._should_create_closed_milestone(existing_issue, current_issue) is True
+
+    def test_should_not_create_closed_milestone_same_status(self, milestone_manager):
+        """Test that closed milestone is not created when status doesn't change."""
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Closed
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.status = regscale_models.IssueStatus.Closed
+
+        assert milestone_manager._should_create_closed_milestone(existing_issue, current_issue) is False
+
+
+class TestMilestoneCreation:
+    """Test actual milestone creation."""
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_create_new_issue_milestone(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding
+    ):
+        """Test creation of milestone for new issue."""
+        mock_vars.useMilestones = True
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+
+        milestone_manager.create_milestones_for_issue(
+            issue=mock_issue,
+            finding=mock_finding,
+            existing_issue=None,
+        )
+
+        # Verify Milestone was created with correct parameters
+        mock_milestone_class.assert_called_once_with(
+            title="Issue created from Test Integration scan",
+            milestoneDate=milestone_manager.scan_date,
+            responsiblePersonId=milestone_manager.assessor_id,
+            parentID=mock_issue.id,
+            parentModule="issues",
+        )
+        mock_milestone.create_or_update.assert_called_once()
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    @patch("regscale.integrations.milestone_manager.get_current_datetime")
+    def test_create_reopened_milestone(
+        self, mock_datetime, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding
+    ):
+        """Test creation of milestone for reopened issue."""
+        mock_vars.useMilestones = True
+        mock_datetime.return_value = "2024-01-15T14:00:00Z"
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Closed
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.id = 123
+        current_issue.status = regscale_models.IssueStatus.Open
+
+        milestone_manager.create_milestones_for_issue(
+            issue=current_issue,
+            finding=mock_finding,
+            existing_issue=existing_issue,
+        )
+
+        # Verify Milestone was created with correct parameters
+        mock_milestone_class.assert_called_once_with(
+            title="Issue reopened from Test Integration scan",
+            milestoneDate="2024-01-15T14:00:00Z",
+            responsiblePersonId=milestone_manager.assessor_id,
+            parentID=current_issue.id,
+            parentModule="issues",
+        )
+        mock_milestone.create_or_update.assert_called_once()
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_create_closed_milestone(self, mock_vars, mock_milestone_class, milestone_manager, mock_finding):
+        """Test creation of milestone for closed issue."""
+        mock_vars.useMilestones = True
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Open
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.id = 123
+        current_issue.status = regscale_models.IssueStatus.Closed
+        current_issue.dateCompleted = "2024-01-15T12:00:00Z"
+
+        milestone_manager.create_milestones_for_issue(
+            issue=current_issue,
+            finding=mock_finding,
+            existing_issue=existing_issue,
+        )
+
+        # Verify Milestone was created with correct parameters
+        mock_milestone_class.assert_called_once_with(
+            title="Issue closed from Test Integration scan",
+            milestoneDate=current_issue.dateCompleted,
+            responsiblePersonId=milestone_manager.assessor_id,
+            parentID=current_issue.id,
+            parentModule="issues",
+        )
+        mock_milestone.create_or_update.assert_called_once()
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_no_milestone_for_existing_open_issue(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding
+    ):
+        """Test that no milestone is created when existing issue remains open."""
+        mock_vars.useMilestones = True
+
+        existing_issue = MagicMock(spec=regscale_models.Issue)
+        existing_issue.status = regscale_models.IssueStatus.Open
+
+        current_issue = MagicMock(spec=regscale_models.Issue)
+        current_issue.id = 123
+        current_issue.status = regscale_models.IssueStatus.Open
+
+        milestone_manager.create_milestones_for_issue(
+            issue=current_issue,
+            finding=mock_finding,
+            existing_issue=existing_issue,
+        )
+
+        # Verify no Milestone was created
+        mock_milestone_class.assert_not_called()
+
+
+class TestMilestoneCreationErrors:
+    """Test error handling in milestone creation."""
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_milestone_creation_error_handled(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding, caplog
+    ):
+        """Test that milestone creation errors are handled gracefully."""
+        mock_vars.useMilestones = True
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+        mock_milestone.create_or_update.side_effect = Exception("Database error")
+
+        with caplog.at_level(logging.WARNING):
+            milestone_manager.create_milestones_for_issue(
+                issue=mock_issue,
+                finding=mock_finding,
+                existing_issue=None,
+            )
+
+        # Verify error was logged
+        assert "Failed to create new milestone" in caplog.text
+        assert "Database error" in caplog.text
+
+
+class TestMilestoneBackfilling:
+    """Test milestone backfilling functionality."""
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    def test_get_existing_milestones(self, mock_milestone_class, milestone_manager, mock_issue):
+        """Test retrieval of existing milestones for an issue."""
+        # Mock milestones
+        mock_milestone1 = MagicMock()
+        mock_milestone1.title = "Issue created from Test Integration scan"
+        mock_milestone2 = MagicMock()
+        mock_milestone2.title = "Some other milestone"
+
+        mock_milestone_class.get_by_parent.return_value = [mock_milestone1, mock_milestone2]
+
+        milestones = milestone_manager.get_existing_milestones(mock_issue)
+
+        assert len(milestones) == 2
+        mock_milestone_class.get_by_parent.assert_called_once_with(parent_id=mock_issue.id, parent_module="issues")
+
+    def test_get_existing_milestones_no_id(self, milestone_manager):
+        """Test that get_existing_milestones returns empty list when issue has no ID."""
+        issue = MagicMock(spec=regscale_models.Issue)
+        issue.id = None
+
+        milestones = milestone_manager.get_existing_milestones(issue)
+
+        assert milestones == []
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    def test_has_creation_milestone_true(self, mock_milestone_class, milestone_manager, mock_issue):
+        """Test detection of existing creation milestone."""
+        mock_milestone = MagicMock()
+        mock_milestone.title = "Issue created from Test Integration scan"
+
+        mock_milestone_class.get_by_parent.return_value = [mock_milestone]
+
+        assert milestone_manager.has_creation_milestone(mock_issue) is True
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    def test_has_creation_milestone_false(self, mock_milestone_class, milestone_manager, mock_issue):
+        """Test detection when no creation milestone exists."""
+        mock_milestone = MagicMock()
+        mock_milestone.title = "Issue closed from Test Integration scan"
+
+        mock_milestone_class.get_by_parent.return_value = [mock_milestone]
+
+        assert milestone_manager.has_creation_milestone(mock_issue) is False
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    def test_has_creation_milestone_empty(self, mock_milestone_class, milestone_manager, mock_issue):
+        """Test detection when no milestones exist."""
+        mock_milestone_class.get_by_parent.return_value = []
+
+        assert milestone_manager.has_creation_milestone(mock_issue) is False
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_ensure_creation_milestone_exists_backfill(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding, caplog
+    ):
+        """Test backfilling of missing creation milestone."""
+        mock_vars.useMilestones = True
+
+        # Mock no existing creation milestone
+        mock_milestone_class.get_by_parent.return_value = []
+
+        # Mock Milestone creation
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+
+        # Set issue dateCreated
+        mock_issue.dateCreated = "2024-01-10T10:00:00Z"
+
+        with caplog.at_level(logging.INFO):
+            milestone_manager.ensure_creation_milestone_exists(issue=mock_issue, finding=mock_finding)
+
+        # Verify milestone was created with issue's dateCreated
+        mock_milestone_class.assert_called_once_with(
+            title="Issue created from Test Integration scan",
+            milestoneDate=mock_issue.dateCreated,
+            responsiblePersonId=milestone_manager.assessor_id,
+            parentID=mock_issue.id,
+            parentModule="issues",
+        )
+        mock_milestone.create_or_update.assert_called_once()
+
+        assert "Backfilling missing creation milestone" in caplog.text
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_ensure_creation_milestone_exists_no_backfill_exists(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding
+    ):
+        """Test that no milestone is created when one already exists."""
+        mock_vars.useMilestones = True
+
+        # Mock has_creation_milestone to return True (issue already has creation milestone)
+        with patch.object(milestone_manager, "has_creation_milestone", return_value=True):
+            milestone_manager.ensure_creation_milestone_exists(issue=mock_issue, finding=mock_finding)
+
+        # Verify no new milestone was created (constructor not called)
+        mock_milestone_class.assert_not_called()
+
+    @patch("regscale.integrations.milestone_manager.regscale_models.Milestone")
+    @patch("regscale.integrations.milestone_manager.ScannerVariables")
+    def test_ensure_creation_milestone_exists_uses_scan_date_fallback(
+        self, mock_vars, mock_milestone_class, milestone_manager, mock_issue, mock_finding
+    ):
+        """Test that scan_date is used when issue.dateCreated is None."""
+        mock_vars.useMilestones = True
+
+        # Mock no existing creation milestone
+        mock_milestone_class.get_by_parent.return_value = []
+
+        # Mock Milestone creation
+        mock_milestone = MagicMock()
+        mock_milestone_class.return_value = mock_milestone
+
+        # Set issue dateCreated to None
+        mock_issue.dateCreated = None
+
+        milestone_manager.ensure_creation_milestone_exists(issue=mock_issue, finding=mock_finding)
+
+        # Verify milestone was created with scan_date as fallback
+        mock_milestone_class.assert_called_once_with(
+            title="Issue created from Test Integration scan",
+            milestoneDate=milestone_manager.scan_date,
+            responsiblePersonId=milestone_manager.assessor_id,
+            parentID=mock_issue.id,
+            parentModule="issues",
+        )
+        mock_milestone.create_or_update.assert_called_once()