Skip to content

Commit

Permalink
Write API tests for /policies
Browse files Browse the repository at this point in the history
  • Loading branch information
@nas-tabchiche
nas-tabchiche committed Feb 14, 2024
1 parent 6f7b89c commit cd65842
Showing 1 changed file with 206 additions and 0 deletions.
206 changes: 206 additions & 0 deletions backend/app_tests/api/test_api_policies.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
import pytest
from rest_framework.test import APIClient
from core.models import SecurityFunction, Policy
from iam.models import Folder

from test_api import EndpointTestsQueries

# Generic security measure data for tests
POLICY_NAME = "Test Security Measure"
POLICY_DESCRIPTION = "Test Description"
POLICY_STATUS = ("planned", "Planned")
POLICY_STATUS2 = ("active", "Active")
POLICY_EFFORT = ("L", "Large")
POLICY_EFFORT2 = ("M", "Medium")
POLICY_LINK = "https://example.com"
POLICY_ETA = "2024-01-01"


@pytest.mark.django_db
class TestPolicysUnauthenticated:
"""Perform tests on Security Measures API endpoint without authentication"""

client = APIClient()

def test_get_security_measures(self):
"""test to get security measures from the API without authentication"""

EndpointTestsQueries.get_object(
self.client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"folder": Folder.objects.create(name="test"),
},
)

def test_create_security_measures(self):
"""test to create security measures with the API without authentication"""

EndpointTestsQueries.create_object(
self.client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"folder": Folder.objects.create(name="test").id,
},
)

def test_update_security_measures(self):
"""test to update security measures with the API without authentication"""

EndpointTestsQueries.update_object(
self.client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"folder": Folder.objects.create(name="test"),
},
{
"name": "new " + POLICY_NAME,
"description": "new " + POLICY_DESCRIPTION,
"folder": Folder.objects.create(name="test2").id,
},
)

def test_delete_security_measures(self):
"""test to delete security measures with the API without authentication"""

EndpointTestsQueries.delete_object(
self.client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"folder": Folder.objects.create(name="test"),
},
)


@pytest.mark.django_db
class TestPolicysAuthenticated:
"""Perform tests on Security Measures API endpoint with authentication"""

def test_get_security_measures(self, authenticated_client):
"""test to get security measures from the API with authentication"""

EndpointTestsQueries.Auth.get_object(
authenticated_client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"status": POLICY_STATUS[0],
"link": POLICY_LINK,
"eta": POLICY_ETA,
"effort": POLICY_EFFORT[0],
"folder": Folder.get_root_folder(),
},
{
"folder": {"str": Folder.get_root_folder().name},
"security_function": None,
"status": POLICY_STATUS[1],
"effort": POLICY_EFFORT[1],
},
)

def test_create_security_measures(self, authenticated_client):
"""test to create security measures with the API with authentication"""

security_function = SecurityFunction.objects.create(
name="test", typical_evidence={}, folder=Folder.objects.create(name="test")
)

EndpointTestsQueries.Auth.create_object(
authenticated_client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"status": POLICY_STATUS[0],
"link": POLICY_LINK,
"eta": POLICY_ETA,
"effort": POLICY_EFFORT[0],
"folder": str(Folder.get_root_folder().id),
},
{
"folder": {"str": Folder.get_root_folder().name},
"status": POLICY_STATUS[1],
"effort": POLICY_EFFORT[1],
},
)

def test_update_security_measures(self, authenticated_client):
"""test to update security measures with the API with authentication"""

folder = Folder.objects.create(name="test")
security_function = SecurityFunction.objects.create(
name="test", typical_evidence={}, folder=folder
)

EndpointTestsQueries.Auth.update_object(
authenticated_client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"description": POLICY_DESCRIPTION,
"status": POLICY_STATUS[0],
"link": POLICY_LINK,
"eta": POLICY_ETA,
"effort": POLICY_EFFORT[0],
"folder": Folder.get_root_folder(),
},
{
"name": "new " + POLICY_NAME,
"description": "new " + POLICY_DESCRIPTION,
"status": POLICY_STATUS2[0],
"link": "new " + POLICY_LINK,
"eta": "2025-01-01",
"effort": POLICY_EFFORT2[0],
"folder": str(folder.id),
},
{
"folder": {"str": Folder.get_root_folder().name},
"status": POLICY_STATUS[1],
"effort": POLICY_EFFORT[1],
},
)

def test_delete_security_measures(self, authenticated_client):
"""test to delete security measures with the API with authentication"""

EndpointTestsQueries.Auth.delete_object(
authenticated_client,
"Security measures",
Policy,
{
"name": POLICY_NAME,
"folder": Folder.objects.create(name="test"),
},
)

def test_get_effort_choices(self, authenticated_client):
"""test to get security measures effort choices from the API with authentication"""

EndpointTestsQueries.Auth.get_object_options(
authenticated_client, "Security measures", "effort", Policy.EFFORT
)

def test_get_status_choices(self, authenticated_client):
"""test to get security measures status choices from the API with authentication"""

EndpointTestsQueries.Auth.get_object_options(
authenticated_client,
"Security measures",
"status",
Policy.Status.choices,
)

0 comments on commit cd65842

Please sign in to comment.