-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest_defender_deploy.py
More file actions
98 lines (82 loc) · 3.34 KB
/
test_defender_deploy.py
File metadata and controls
98 lines (82 loc) · 3.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# SPDX-FileCopyrightText: 2026 KustoKing / SecM8
# SPDX-License-Identifier: Apache-2.0
"""Tests for Defender deploy logic."""
from __future__ import annotations
from unittest.mock import MagicMock
import pytest
from contentops.defender.deploy import build_display_name_map, deploy_defender_rule
class TestBuildDisplayNameMap:
def test_builds_map(self) -> None:
mock_client = MagicMock()
mock_client.list_rules.return_value = [
{"displayName": "Rule A", "id": "1"},
{"displayName": "Rule B", "id": "2"},
]
name_map = build_display_name_map(mock_client)
assert name_map == {"Rule A": "1", "Rule B": "2"}
def test_fails_on_duplicates(self) -> None:
mock_client = MagicMock()
mock_client.list_rules.return_value = [
{"displayName": "Rule A", "id": "1"},
{"displayName": "Rule A", "id": "2"},
]
with pytest.raises(Exception, match="Duplicate displayNames"):
build_display_name_map(mock_client)
class TestDeployDefenderRule:
def test_dry_run(self) -> None:
result = deploy_defender_rule(
client=None,
rule_id="defender-test-001",
payload={"displayName": "Test Rule", "isEnabled": True},
status="production",
name_map={},
dry_run=True,
)
assert result["result"] == "dry-run"
assert result["action"] == "create"
def test_create_new_rule(self) -> None:
mock_response = MagicMock()
mock_response.status_code = 201
mock_client = MagicMock()
mock_client.create_rule.return_value = mock_response
result = deploy_defender_rule(
client=mock_client,
rule_id="defender-test-001",
payload={"displayName": "New Rule", "isEnabled": True},
status="production",
name_map={},
)
assert result["result"] == "success"
assert result["action"] == "created"
def test_update_existing_rule(self) -> None:
mock_response = MagicMock()
mock_response.status_code = 200
mock_client = MagicMock()
mock_client.update_rule.return_value = mock_response
result = deploy_defender_rule(
client=mock_client,
rule_id="defender-test-001",
payload={"displayName": "Existing Rule", "isEnabled": True},
status="production",
name_map={"Existing Rule": "42"},
)
assert result["result"] == "success"
assert result["action"] == "updated"
mock_client.update_rule.assert_called_once_with("42", {"displayName": "Existing Rule", "isEnabled": True})
def test_deprecated_disables(self) -> None:
mock_response = MagicMock()
mock_response.status_code = 200
mock_client = MagicMock()
mock_client.update_rule.return_value = mock_response
result = deploy_defender_rule(
client=mock_client,
rule_id="defender-test-001",
payload={"displayName": "Old Rule", "isEnabled": True},
status="deprecated",
name_map={"Old Rule": "42"},
)
# Verify isEnabled was set to False
call_args = mock_client.update_rule.call_args
body = call_args[0][1]
assert body["isEnabled"] is False
assert result["action"] == "disabled"