PyPI - regscale-cli - Versions diffs - 6.26.0.0__py3-none-any.whl → 6.27.0.1__py3-none-any.whl - Mend - Supply Chain Defender

regscale-cli 6.26.0.0py3-none-any.whl → 6.27.0.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of regscale-cli might be problematic. Click here for more details.

Files changed (96) hide show

tests/regscale/integrations/public/test_fedramp.py CHANGED Viewed

@@ -849,3 +849,304 @@ class TestFedRamp(CLITestFixture):
         assert asset.get("ipAddress") is None
         assert asset.get("iPv6Address") is None
+    @staticmethod
+    def test_ssp_parser_vertical_table_single_header():
+        """Test vertical table detection with single header (original behavior)."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>System Owner Information</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Name</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>John Doe</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Title</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>System Owner</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 2
+        assert table_data[0] == {"Name": "John Doe"}
+        assert table_data[1] == {"Title": "System Owner"}
+    @staticmethod
+    def test_ssp_parser_vertical_table_two_headers_empty_second():
+        """Test vertical table detection with two headers where second is empty (new fix)."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>System Information</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t></w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>CSP Name:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Public Safety Platform (PSP)</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>CSO Name:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Mark43, Inc.</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Service Model:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Software-as-a-Service (SaaS)</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 3
+        assert table_data[0] == {"CSP Name:": "Public Safety Platform (PSP)"}
+        assert table_data[1] == {"CSO Name:": "Mark43, Inc."}
+        assert table_data[2] == {"Service Model:": "Software-as-a-Service (SaaS)"}
+    @staticmethod
+    def test_ssp_parser_vertical_table_two_headers_whitespace_second():
+        """Test vertical table detection with two headers where second is only whitespace."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>System Information</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>   </w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>FedRAMP Package ID:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>FR2235965777</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>FIPS PUB 199 Level:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>High</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 2
+        assert table_data[0] == {"FedRAMP Package ID:": "FR2235965777"}
+        assert table_data[1] == {"FIPS PUB 199 Level:": "High"}
+    @staticmethod
+    def test_ssp_parser_horizontal_table_not_detected_as_vertical():
+        """Test that horizontal tables with meaningful headers are not detected as vertical."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Date</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Description</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Version</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>05/14/2024</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Initial version</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>1.0</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>11/01/2024</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Updated version</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>2.0</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 2
+        # Should be horizontal format with named columns
+        assert table_data[0] == {"Date": "05/14/2024", "Description": "Initial version", "Version": "1.0"}
+        assert table_data[1] == {"Date": "11/01/2024", "Description": "Updated version", "Version": "2.0"}
+    @staticmethod
+    def test_ssp_parser_two_column_table_non_vertical():
+        """Test that 2-column tables with meaningful second header are not detected as vertical."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Security Objective</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Level</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Confidentiality</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>High</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Integrity</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>High</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 2
+        # Should be horizontal format since second header is not empty
+        assert table_data[0] == {"Security Objective": "Confidentiality", "Level": "High"}
+        assert table_data[1] == {"Security Objective": "Integrity", "Level": "High"}
+    @staticmethod
+    def test_ssp_parser_vertical_table_first_header_not_in_list():
+        """Test that tables with first header not in vertical_tables list are not detected as vertical."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        xml_content = b"""
+        <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+            <w:tbl>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Random Table Header</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t></w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Field One:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Value One</w:t></w:r></w:p></w:tc>
+                </w:tr>
+                <w:tr>
+                    <w:tc><w:p><w:r><w:t>Field Two:</w:t></w:r></w:p></w:tc>
+                    <w:tc><w:p><w:r><w:t>Value Two</w:t></w:r></w:p></w:tc>
+                </w:tr>
+            </w:tbl>
+        </w:document>
+        """
+        parser = SSPDocParser.__new__(SSPDocParser)
+        parser.doc = MagicMock()
+        parser.doc.element.body = []  # No preceding text needed for this test
+        tables = parser.parse_xml_for_tables(xml_content)
+        assert len(tables) == 1
+        table_data = tables[0]["table_data"]
+        assert len(table_data) == 2
+        # Should be horizontal format since "Random Table Header" is not in vertical_tables list
+        assert table_data[0] == {"Random Table Header": "Field One:", "": "Value One"}
+        assert table_data[1] == {"Random Table Header": "Field Two:", "": "Value Two"}
+    @staticmethod
+    def test_ssp_parser_all_vertical_table_types():
+        """Test all table types that should be detected as vertical."""
+        from regscale.integrations.public.fedramp.docx_parser import SSPDocParser
+        from unittest.mock import MagicMock
+        vertical_table_headers = [
+            "Identification of Organization that Prepared this Document",
+            "Identification of Cloud Service Provider",
+            "System Owner Information",
+            "System Information",
+            "System Component Information",
+            "ISSO (or Equivalent) Point of Contact",
+        ]
+        for header in vertical_table_headers:
+            # Test with single header
+            xml_content = f"""
+            <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+                <w:tbl>
+                    <w:tr>
+                        <w:tc><w:p><w:r><w:t>{header}</w:t></w:r></w:p></w:tc>
+                    </w:tr>
+                    <w:tr>
+                        <w:tc><w:p><w:r><w:t>Field:</w:t></w:r></w:p></w:tc>
+                        <w:tc><w:p><w:r><w:t>Value</w:t></w:r></w:p></w:tc>
+                    </w:tr>
+                </w:tbl>
+            </w:document>
+            """.encode()
+            parser = SSPDocParser.__new__(SSPDocParser)
+            parser.doc = MagicMock()
+            parser.doc.element.body = []  # No preceding text needed for this test
+            tables = parser.parse_xml_for_tables(xml_content)
+            assert len(tables) == 1
+            table_data = tables[0]["table_data"]
+            assert len(table_data) == 1
+            assert table_data[0] == {"Field:": "Value"}
+            # Test with two headers (empty second)
+            xml_content_two_headers = f"""
+            <w:document xmlns:w="http://schemas.openxmlformats.org/wordprocessingml/2006/main">
+                <w:tbl>
+                    <w:tr>
+                        <w:tc><w:p><w:r><w:t>{header}</w:t></w:r></w:p></w:tc>
+                        <w:tc><w:p><w:r><w:t></w:t></w:r></w:p></w:tc>
+                    </w:tr>
+                    <w:tr>
+                        <w:tc><w:p><w:r><w:t>Field:</w:t></w:r></w:p></w:tc>
+                        <w:tc><w:p><w:r><w:t>Value</w:t></w:r></w:p></w:tc>
+                    </w:tr>
+                </w:tbl>
+            </w:document>
+            """.encode()
+            parser2 = SSPDocParser.__new__(SSPDocParser)
+            parser2.doc = MagicMock()
+            parser2.doc.element.body = []  # No preceding text needed for this test
+            tables2 = parser2.parse_xml_for_tables(xml_content_two_headers)
+            assert len(tables2) == 1
+            table_data2 = tables2[0]["table_data"]
+            assert len(table_data2) == 1
+            assert table_data2[0] == {"Field:": "Value"}

tests/regscale/integrations/test_control_matcher.py CHANGED Viewed

@@ -201,6 +201,89 @@ class TestControlMatcherParseControlId:
             assert result is None, f"Expected None for input {input_id}, got {result}"
+class TestControlMatcherParseControlIdWithSpaces:
+    """Test cases for parse_control_id method with spaces in control IDs"""
+    @patch("regscale.integrations.control_matcher.Api")
+    @patch("regscale.integrations.control_matcher.Application")
+    def test_parse_control_id_with_space_before_parenthesis(self, mock_app_class, mock_api_class):
+        """Test parsing control ID with space before parenthesis"""
+        matcher = ControlMatcher()
+        test_cases = [
+            ("AC-1 (1)", "AC-1.1"),
+            ("AC-2 (3)", "AC-2.3"),
+            ("SI-4 (10)", "SI-4.10"),
+            ("CM-6 (1)", "CM-6.1"),
+        ]
+        for input_id, expected in test_cases:
+            result = matcher.parse_control_id(input_id)
+            assert result == expected, f"Failed for input {input_id}"
+    @patch("regscale.integrations.control_matcher.Api")
+    @patch("regscale.integrations.control_matcher.Application")
+    def test_parse_control_id_with_spaces_inside_parentheses(self, mock_app_class, mock_api_class):
+        """Test parsing control ID with spaces inside parentheses"""
+        matcher = ControlMatcher()
+        test_cases = [
+            ("AC-1( 1 )", "AC-1.1"),
+            ("AC-2(  3  )", "AC-2.3"),
+            ("SI-4( 10)", "SI-4.10"),
+            ("CM-6(1 )", "CM-6.1"),
+        ]
+        for input_id, expected in test_cases:
+            result = matcher.parse_control_id(input_id)
+            assert result == expected, f"Failed for input {input_id}"
+    @patch("regscale.integrations.control_matcher.Api")
+    @patch("regscale.integrations.control_matcher.Application")
+    def test_parse_control_id_with_leading_zeros_and_spaces(self, mock_app_class, mock_api_class):
+        """Test parsing control ID with both leading zeros and spaces"""
+        matcher = ControlMatcher()
+        test_cases = [
+            ("AC-01 (01)", "AC-1.1"),
+            ("AC-02 (04)", "AC-2.4"),
+            ("AC-17 (02)", "AC-17.2"),
+            ("SI-04 (05)", "SI-4.5"),
+        ]
+        for input_id, expected in test_cases:
+            result = matcher.parse_control_id(input_id)
+            assert result == expected, f"Failed for input {input_id}"
+    @patch("regscale.integrations.control_matcher.Api")
+    @patch("regscale.integrations.control_matcher.Application")
+    def test_parse_control_id_with_various_space_combinations(self, mock_app_class, mock_api_class):
+        """Test parsing control ID with various space combinations"""
+        matcher = ControlMatcher()
+        test_cases = [
+            ("AC-1  (1)", "AC-1.1"),  # Multiple spaces before
+            ("AC-1 ( 1 )", "AC-1.1"),  # Spaces everywhere
+            ("AC-1  (  1  )", "AC-1.1"),  # Multiple spaces everywhere
+            ("AC-01  (  04  )", "AC-1.4"),  # Leading zeros and multiple spaces
+        ]
+        for input_id, expected in test_cases:
+            result = matcher.parse_control_id(input_id)
+            assert result == expected, f"Failed for input {input_id}"
+    @patch("regscale.integrations.control_matcher.Api")
+    @patch("regscale.integrations.control_matcher.Application")
+    def test_parse_control_id_with_spaces_in_text(self, mock_app_class, mock_api_class):
+        """Test parsing control ID with spaces in descriptive text"""
+        matcher = ControlMatcher()
+        test_cases = [
+            ("Access Control AC-1 (1)", "AC-1.1"),
+            ("AC-2 (3) Account Management", "AC-2.3"),
+            ("NIST Control AC-17 (02)", "AC-17.2"),
+        ]
+        for input_id, expected in test_cases:
+            result = matcher.parse_control_id(input_id)
+            assert result == expected, f"Failed for input {input_id}"
 class TestControlMatcherFindControlInCatalog:
     """Test cases for find_control_in_catalog method"""