diff --git a/.github/workflows/test-install.yml b/.github/workflows/test-install.yml index d049b38bee..3bd92e7c6f 100644 --- a/.github/workflows/test-install.yml +++ b/.github/workflows/test-install.yml @@ -40,8 +40,7 @@ jobs: - name: Running in GitHub actions requires testing puppeteer pdf creation separately if: ${{ env.RUNNING_ON_GITHUB_ACTIONS }} == 'true' run: | - cd /home/runner/work/firewall-orchestrator/firewall-orchestrator/roles/tests-unit/files/FWO.Test + cd /home/runner/work/firewall-orchestrator/firewall-orchestrator/roles/tests/files/FWO.Test dotnet restore dotnet build dotnet test --filter "Name=HtmlToPdfTest" - diff --git a/fwo.code-workspace b/fwo.code-workspace index 402c648101..3786b0cabc 100644 --- a/fwo.code-workspace +++ b/fwo.code-workspace @@ -3,7 +3,7 @@ { "path": "." }, - { "path": "roles/tests-unit/files/FWO.Test" }, + { "path": "roles/tests/files/FWO.Test" }, { "path": "roles" } diff --git a/roles/FWO.sln b/roles/FWO.sln index 50dbb1730f..43c3f5e36f 100644 --- a/roles/FWO.sln +++ b/roles/FWO.sln @@ -7,7 +7,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Lib", "Lib", "{CE55F125-0CD EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Middleware.Client", "lib\files\FWO.Middleware.Client\FWO.Middleware.Client.csproj", "{ECB165CE-BE81-4C5C-B27A-D73177D73E28}" EndProject -Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Test", "tests-unit\files\FWO.Test\FWO.Test.csproj", "{9C66B86B-FFB2-44A9-A944-54B33D31D413}" +Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Test", "tests\files\FWO.Test\FWO.Test.csproj", "{9C66B86B-FFB2-44A9-A944-54B33D31D413}" EndProject Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Report", "lib\files\FWO.Report\FWO.Report.csproj", "{84CA4892-7C35-4F1F-AF25-2A379112DFCA}" EndProject diff --git a/roles/lib/files/FWO.Report/ReportRules.cs b/roles/lib/files/FWO.Report/ReportRules.cs index 9027e766a8..b69d27a553 100644 --- a/roles/lib/files/FWO.Report/ReportRules.cs +++ b/roles/lib/files/FWO.Report/ReportRules.cs @@ -13,6 +13,7 @@ using System.Text; using System.Text.Json; using Microsoft.Extensions.DependencyInjection; +using System.Linq; namespace FWO.Report { @@ -242,71 +243,48 @@ private static void AdditionalFilter(ManagementReport mgt, List relevantOb public static Rule[] GetRulesByRulebaseId(int rulebaseId, ManagementReport managementReport) { - Rule[]? rules = managementReport.Rulebases.FirstOrDefault(rb => rb.Id == rulebaseId)?.Rules; - if (rules != null) - { - return rules; - } - return []; + return managementReport.Rulebases + .FirstOrDefault(rb => rb.Id == rulebaseId)? + .Rules ?? Array.Empty(); } public static Rule[] GetInitialRulesOfGateway(DeviceReportController deviceReport, ManagementReport managementReport) { - int? initialRulebaseId = deviceReport.GetInitialRulebaseId(managementReport); - if (initialRulebaseId != null) - { - Rule[]? rules = GetRulesByRulebaseId((int)initialRulebaseId, managementReport); - if (rules != null) - { - return rules; - } - } - return []; + return deviceReport.GetInitialRulebaseId(managementReport) is int rulebaseId + ? GetRulesByRulebaseId(rulebaseId, managementReport) + : Array.Empty(); } public static Rule[] GetAllRulesOfGateway(DeviceReportController deviceReport, ManagementReport managementReport) { - if (_rulesCache.TryGetValue((deviceReport.Id, managementReport.Id), out Rule[]? allRules)) + return _rulesCache.TryGetValue((deviceReport.Id, managementReport.Id), out Rule[]? allRules) + ? allRules + : Array.Empty(); + } + + public static int GetRuleCount(ManagementReport mgmReport, RulebaseLink? currentRbLink, RulebaseLink[] rulebaseLinks) + { + if (currentRbLink == null) { - return allRules; + return 0; } - else + + RulebaseReport? nextRulebase = mgmReport.Rulebases.FirstOrDefault(rb => rb.Id == currentRbLink.NextRulebaseId); + if (nextRulebase == null) { - return Array.Empty(); + return 0; } - } - public static int GetRuleCount(ManagementReport mgmReport, RulebaseLink? currentRbLink, RulebaseLink[] rulebaseLinks) - { - if (currentRbLink != null) + int ruleCount = 0; + RulebaseLink[] links = rulebaseLinks ?? Array.Empty(); + + foreach (var rule in nextRulebase.Rules.Where(rule => string.IsNullOrEmpty(rule.SectionHeader))) { - int ruleCount = 0; - if (currentRbLink != null) - { - int nextRulebaseId = currentRbLink.NextRulebaseId; - RulebaseReport? nextRulebase = mgmReport.Rulebases.FirstOrDefault(_ => _.Id == nextRulebaseId); - if (nextRulebase != null) - { - foreach (var rule in nextRulebase.Rules) - { - if (string.IsNullOrEmpty(rule.SectionHeader)) - { - RulebaseLink? nextRbLink = rulebaseLinks.FirstOrDefault(_ => _.FromRuleId == rule.Id); - if (nextRbLink != null) - { - ruleCount += 1 + GetRuleCount(mgmReport, nextRbLink, rulebaseLinks); - } - else - { - ruleCount++; - } - } - } - return ruleCount; - } - } + RulebaseLink? nextRbLink = links.FirstOrDefault(link => link.FromRuleId == rule.Id); + ruleCount += 1 + (nextRbLink != null ? GetRuleCount(mgmReport, nextRbLink, links) : 0); } - return 0; + + return ruleCount; } public override string SetDescription() diff --git a/roles/tests-integration/files/importer/config_changes/write_date_to_comment.py b/roles/tests-integration/files/importer/config_changes/write_date_to_comment.py deleted file mode 100644 index db9e2087d0..0000000000 --- a/roles/tests-integration/files/importer/config_changes/write_date_to_comment.py +++ /dev/null @@ -1,43 +0,0 @@ -# Changes the comment in rule x to the current date in fortigate.cfg -# x = 52 by default, can be changed in ansible -# Created by alf - -import fnmatch -import datetime -import os -import sys - -# Define global variables that may be passed on the command line and their defaults if not -# example$ python3 write_date_to_comment.py uid "path" - -uid = sys.argv[1] if len(sys.argv) >= 2 else 52 -config_path = sys.argv[2] if len(sys.argv) >= 3 else "/home/fworchsample/sample-configs/fortinet_demo/fortigate.cfg" - -with open(config_path, "r") as fin: - data = fin.readlines() - -rule_area_flag = False -uid_flag = False -current_line = 0 -for line in data: - if fnmatch.filter([line], 'config firewall policy\n'): - rule_area_flag = True - if fnmatch.filter([line], ' edit {}\n'.format(uid)): - uid_flag = True - if fnmatch.filter([line], ' set comments*') and uid_flag and rule_area_flag: - data[current_line] = ' set comments "{}"\n'.format(datetime.datetime.now()) - break - if fnmatch.filter([line], ' next\n') and uid_flag and rule_area_flag: - data.insert(current_line, ' set comments "{}"\n'.format(datetime.datetime.now())) - break - if fnmatch.filter([line], ' next\n'): - uid_flag = False - if fnmatch.filter([line], 'end\n'): - rule_area_flag = False - current_line = current_line + 1 - -with open(config_path + "2.tmp", "w") as fout: - data = "".join(data) - fout.write(data) - -os.rename(config_path + '2.tmp', config_path) diff --git a/roles/tests-unit/files/FWO.Test/ReportRulesTest.cs b/roles/tests-unit/files/FWO.Test/ReportRulesTest.cs deleted file mode 100644 index d96d4f74fa..0000000000 --- a/roles/tests-unit/files/FWO.Test/ReportRulesTest.cs +++ /dev/null @@ -1,12 +0,0 @@ -using NUnit.Framework; -using FWO.Report; -using FWO.Data; - -namespace FWO.Test -{ - [TestFixture] - internal class ReportRulesTest - { - - } -} diff --git a/roles/tests/defaults/main.yml b/roles/tests/defaults/main.yml new file mode 100644 index 0000000000..33908e4c3c --- /dev/null +++ b/roles/tests/defaults/main.yml @@ -0,0 +1,2 @@ +run_unit_tests: true +run_integration_tests: true diff --git a/roles/tests-unit/files/FWO.Test/AesEncryptionTest.cs b/roles/tests/files/FWO.Test/AesEncryptionTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/AesEncryptionTest.cs rename to roles/tests/files/FWO.Test/AesEncryptionTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ApiConfigTest.cs b/roles/tests/files/FWO.Test/ApiConfigTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ApiConfigTest.cs rename to roles/tests/files/FWO.Test/ApiConfigTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ApiTest.cs b/roles/tests/files/FWO.Test/ApiTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ApiTest.cs rename to roles/tests/files/FWO.Test/ApiTest.cs diff --git a/roles/tests-unit/files/FWO.Test/AppRoleTest.cs b/roles/tests/files/FWO.Test/AppRoleTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/AppRoleTest.cs rename to roles/tests/files/FWO.Test/AppRoleTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ComparerTest.cs b/roles/tests/files/FWO.Test/ComparerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ComparerTest.cs rename to roles/tests/files/FWO.Test/ComparerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ComplianceCheckTest.cs b/roles/tests/files/FWO.Test/ComplianceCheckTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ComplianceCheckTest.cs rename to roles/tests/files/FWO.Test/ComplianceCheckTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ConfigFileTest.cs b/roles/tests/files/FWO.Test/ConfigFileTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ConfigFileTest.cs rename to roles/tests/files/FWO.Test/ConfigFileTest.cs diff --git a/roles/tests-unit/files/FWO.Test/DisplayBaseTest.cs b/roles/tests/files/FWO.Test/DisplayBaseTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/DisplayBaseTest.cs rename to roles/tests/files/FWO.Test/DisplayBaseTest.cs diff --git a/roles/tests-unit/files/FWO.Test/DistNameTest.cs b/roles/tests/files/FWO.Test/DistNameTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/DistNameTest.cs rename to roles/tests/files/FWO.Test/DistNameTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ExportTest.cs b/roles/tests/files/FWO.Test/ExportTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExportTest.cs rename to roles/tests/files/FWO.Test/ExportTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ExtRequestSenderTest.cs b/roles/tests/files/FWO.Test/ExtRequestSenderTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExtRequestSenderTest.cs rename to roles/tests/files/FWO.Test/ExtRequestSenderTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ExtRequestSenderTestApiConn.cs b/roles/tests/files/FWO.Test/ExtRequestSenderTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExtRequestSenderTestApiConn.cs rename to roles/tests/files/FWO.Test/ExtRequestSenderTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/ExtStateTestApiConn.cs b/roles/tests/files/FWO.Test/ExtStateTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExtStateTestApiConn.cs rename to roles/tests/files/FWO.Test/ExtStateTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/ExtTicketHandlerTest.cs b/roles/tests/files/FWO.Test/ExtTicketHandlerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExtTicketHandlerTest.cs rename to roles/tests/files/FWO.Test/ExtTicketHandlerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ExtTicketHandlerTestApiConn.cs b/roles/tests/files/FWO.Test/ExtTicketHandlerTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ExtTicketHandlerTestApiConn.cs rename to roles/tests/files/FWO.Test/ExtTicketHandlerTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/FWO.Test.csproj b/roles/tests/files/FWO.Test/FWO.Test.csproj similarity index 100% rename from roles/tests-unit/files/FWO.Test/FWO.Test.csproj rename to roles/tests/files/FWO.Test/FWO.Test.csproj diff --git a/roles/tests-unit/files/FWO.Test/FakeLocalTimeZone.cs b/roles/tests/files/FWO.Test/FakeLocalTimeZone.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/FakeLocalTimeZone.cs rename to roles/tests/files/FWO.Test/FakeLocalTimeZone.cs diff --git a/roles/tests-unit/files/FWO.Test/FilterTest.cs b/roles/tests/files/FWO.Test/FilterTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/FilterTest.cs rename to roles/tests/files/FWO.Test/FilterTest.cs diff --git a/roles/tests-unit/files/FWO.Test/HtmlToPdfTest.cs b/roles/tests/files/FWO.Test/HtmlToPdfTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/HtmlToPdfTest.cs rename to roles/tests/files/FWO.Test/HtmlToPdfTest.cs diff --git a/roles/tests-unit/files/FWO.Test/IPAddressRangeComparerTest.cs b/roles/tests/files/FWO.Test/IPAddressRangeComparerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/IPAddressRangeComparerTest.cs rename to roles/tests/files/FWO.Test/IPAddressRangeComparerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/IPOperationsTest.cs b/roles/tests/files/FWO.Test/IPOperationsTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/IPOperationsTest.cs rename to roles/tests/files/FWO.Test/IPOperationsTest.cs diff --git a/roles/tests-unit/files/FWO.Test/IPOverlapTest.cs b/roles/tests/files/FWO.Test/IPOverlapTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/IPOverlapTest.cs rename to roles/tests/files/FWO.Test/IPOverlapTest.cs diff --git a/roles/tests-unit/files/FWO.Test/LockTest.cs b/roles/tests/files/FWO.Test/LockTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/LockTest.cs rename to roles/tests/files/FWO.Test/LockTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ManagedIdStringTest.cs b/roles/tests/files/FWO.Test/ManagedIdStringTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ManagedIdStringTest.cs rename to roles/tests/files/FWO.Test/ManagedIdStringTest.cs diff --git a/roles/tests-unit/files/FWO.Test/Mocks/Mock.cs b/roles/tests/files/FWO.Test/Mocks/Mock.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Mocks/Mock.cs rename to roles/tests/files/FWO.Test/Mocks/Mock.cs diff --git a/roles/tests-unit/files/FWO.Test/Mocks/MockApiConnection.cs b/roles/tests/files/FWO.Test/Mocks/MockApiConnection.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Mocks/MockApiConnection.cs rename to roles/tests/files/FWO.Test/Mocks/MockApiConnection.cs diff --git a/roles/tests-unit/files/FWO.Test/Mocks/MockReportCompliance.cs b/roles/tests/files/FWO.Test/Mocks/MockReportCompliance.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Mocks/MockReportCompliance.cs rename to roles/tests/files/FWO.Test/Mocks/MockReportCompliance.cs diff --git a/roles/tests-unit/files/FWO.Test/Mocks/MockReportComplianceDiff.cs b/roles/tests/files/FWO.Test/Mocks/MockReportComplianceDiff.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Mocks/MockReportComplianceDiff.cs rename to roles/tests/files/FWO.Test/Mocks/MockReportComplianceDiff.cs diff --git a/roles/tests-unit/files/FWO.Test/Mocks/MockReportRules.cs b/roles/tests/files/FWO.Test/Mocks/MockReportRules.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Mocks/MockReportRules.cs rename to roles/tests/files/FWO.Test/Mocks/MockReportRules.cs diff --git a/roles/tests-unit/files/FWO.Test/ModellingHandlerTest.cs b/roles/tests/files/FWO.Test/ModellingHandlerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ModellingHandlerTest.cs rename to roles/tests/files/FWO.Test/ModellingHandlerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ModellingHandlerTestApiConn.cs b/roles/tests/files/FWO.Test/ModellingHandlerTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ModellingHandlerTestApiConn.cs rename to roles/tests/files/FWO.Test/ModellingHandlerTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/ModellingVarianceAnalysisTest.cs b/roles/tests/files/FWO.Test/ModellingVarianceAnalysisTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ModellingVarianceAnalysisTest.cs rename to roles/tests/files/FWO.Test/ModellingVarianceAnalysisTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ModellingVarianceAnalysisTestApiConn.cs b/roles/tests/files/FWO.Test/ModellingVarianceAnalysisTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ModellingVarianceAnalysisTestApiConn.cs rename to roles/tests/files/FWO.Test/ModellingVarianceAnalysisTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/NetworkZoneServiceTest.cs b/roles/tests/files/FWO.Test/NetworkZoneServiceTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/NetworkZoneServiceTest.cs rename to roles/tests/files/FWO.Test/NetworkZoneServiceTest.cs diff --git a/roles/tests-unit/files/FWO.Test/ReportComplianceTest.cs b/roles/tests/files/FWO.Test/ReportComplianceTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/ReportComplianceTest.cs rename to roles/tests/files/FWO.Test/ReportComplianceTest.cs diff --git a/roles/tests/files/FWO.Test/ReportRulesTest.cs b/roles/tests/files/FWO.Test/ReportRulesTest.cs new file mode 100644 index 0000000000..dacdade65c --- /dev/null +++ b/roles/tests/files/FWO.Test/ReportRulesTest.cs @@ -0,0 +1,141 @@ +using System.Collections.Generic; +using System.Linq; +using System.Reflection; +using NUnit.Framework; +using FWO.Report; +using FWO.Data; +using FWO.Data.Report; + +namespace FWO.Test +{ + [TestFixture] + internal class ReportRulesTest + { + [SetUp] + public void SetUp() + { + SetRulesCache(new Dictionary<(int deviceId, int managementId), Rule[]>()); + } + + [Test] + public void GetRulesByRulebaseId_ReturnsMatchingRules() + { + Rule expectedRule = new() { Id = 20 }; + ManagementReport managementReport = CreateManagementReport( + new RulebaseReport { Id = 1, Rules = new[] { new Rule { Id = 10 } } }, + new RulebaseReport { Id = 2, Rules = new[] { expectedRule } }); + + Rule[] rules = ReportRules.GetRulesByRulebaseId(2, managementReport); + + Assert.That(rules, Has.Length.EqualTo(1)); + Assert.That(rules[0].Id, Is.EqualTo(expectedRule.Id)); + } + + [Test] + public void GetRulesByRulebaseId_ReturnsEmptyWhenIdUnknown() + { + ManagementReport managementReport = CreateManagementReport( + new RulebaseReport { Id = 1, Rules = new[] { new Rule { Id = 10 } } }); + + Rule[] rules = ReportRules.GetRulesByRulebaseId(42, managementReport); + + Assert.That(rules, Is.Empty); + } + + [Test] + public void GetInitialRulesOfGateway_ReturnsInitialRulebaseRules() + { + Rule expectedRule = new() { Id = 100 }; + ManagementReport managementReport = CreateManagementReport( + new RulebaseReport { Id = 5, Rules = new[] { expectedRule } }); + DeviceReportController device = CreateDevice(1, new RulebaseLink { IsInitial = true, NextRulebaseId = 5 }); + + Rule[] rules = ReportRules.GetInitialRulesOfGateway(device, managementReport); + + Assert.That(rules.Select(r => r.Id), Is.EqualTo(new[] { expectedRule.Id })); + } + + [Test] + public void GetAllRulesOfGateway_ReturnsCachedRules() + { + var cacheContent = new Dictionary<(int, int), Rule[]> + { + { (7, 11), new[] { new Rule { Id = 1 }, new Rule { Id = 2 } } } + }; + SetRulesCache(cacheContent); + DeviceReportController device = CreateDevice(7); + ManagementReport managementReport = new() { Id = 11 }; + + Rule[] rules = ReportRules.GetAllRulesOfGateway(device, managementReport); + + Assert.That(rules, Is.EqualTo(cacheContent[(7, 11)])); + } + + [Test] + public void GetAllRulesOfGateway_ReturnsEmptyWhenCacheEntryMissing() + { + DeviceReportController device = CreateDevice(3); + ManagementReport managementReport = new() { Id = 4 }; + + Rule[] rules = ReportRules.GetAllRulesOfGateway(device, managementReport); + + Assert.That(rules, Is.Empty); + } + + [Test] + public void GetRuleCount_CountsNestedRulebases() + { + Rule parentRule = new() { Id = 101 }; + Rule sectionRule = new() { Id = 102, SectionHeader = "header" }; + Rule childRule = new() { Id = 201 }; + ManagementReport managementReport = CreateManagementReport( + new RulebaseReport { Id = 1, Rules = new[] { parentRule, sectionRule } }, + new RulebaseReport { Id = 2, Rules = new[] { childRule } }); + RulebaseLink[] links = + { + new RulebaseLink { IsInitial = true, NextRulebaseId = 1 }, + new RulebaseLink { FromRuleId = (int)parentRule.Id, NextRulebaseId = 2 } + }; + + int ruleCount = ReportRules.GetRuleCount(managementReport, links[0], links); + + Assert.That(ruleCount, Is.EqualTo(2)); + } + + [Test] + public void GetRuleCount_ReturnsZeroWhenRulebaseMissing() + { + ManagementReport managementReport = CreateManagementReport(); + RulebaseLink missingLink = new() { IsInitial = true, NextRulebaseId = 99 }; + + int ruleCount = ReportRules.GetRuleCount(managementReport, missingLink, Array.Empty()); + + Assert.That(ruleCount, Is.Zero); + } + + private static void SetRulesCache(Dictionary<(int deviceId, int managementId), Rule[]> cache) + { + FieldInfo? cacheField = typeof(ReportRules).GetField("_rulesCache", BindingFlags.Static | BindingFlags.NonPublic); + Assert.That(cacheField, Is.Not.Null, "Unable to access rules cache via reflection."); + cacheField!.SetValue(null, cache); + } + + private static ManagementReport CreateManagementReport(params RulebaseReport[] rulebases) + { + return new ManagementReport + { + Id = 1, + Rulebases = rulebases.Length > 0 ? rulebases : Array.Empty() + }; + } + + private static DeviceReportController CreateDevice(int id, params RulebaseLink[] links) + { + return new DeviceReportController + { + Id = id, + RulebaseLinks = links.Length > 0 ? links : Array.Empty() + }; + } + } +} diff --git a/roles/tests-unit/files/FWO.Test/RuleTreeBuilderTest.cs b/roles/tests/files/FWO.Test/RuleTreeBuilderTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/RuleTreeBuilderTest.cs rename to roles/tests/files/FWO.Test/RuleTreeBuilderTest.cs diff --git a/roles/tests-unit/files/FWO.Test/RuleViewDataTest.cs b/roles/tests/files/FWO.Test/RuleViewDataTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/RuleViewDataTest.cs rename to roles/tests/files/FWO.Test/RuleViewDataTest.cs diff --git a/roles/tests-unit/files/FWO.Test/SCTicketTest.cs b/roles/tests/files/FWO.Test/SCTicketTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SCTicketTest.cs rename to roles/tests/files/FWO.Test/SCTicketTest.cs diff --git a/roles/tests-unit/files/FWO.Test/SanitizerTest.cs b/roles/tests/files/FWO.Test/SanitizerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SanitizerTest.cs rename to roles/tests/files/FWO.Test/SanitizerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/SchedulerTest.cs b/roles/tests/files/FWO.Test/SchedulerTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SchedulerTest.cs rename to roles/tests/files/FWO.Test/SchedulerTest.cs diff --git a/roles/tests-unit/files/FWO.Test/SchedulerTestApiConn.cs b/roles/tests/files/FWO.Test/SchedulerTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SchedulerTestApiConn.cs rename to roles/tests/files/FWO.Test/SchedulerTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/SimulatedApiConnection.cs b/roles/tests/files/FWO.Test/SimulatedApiConnection.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SimulatedApiConnection.cs rename to roles/tests/files/FWO.Test/SimulatedApiConnection.cs diff --git a/roles/tests-unit/files/FWO.Test/SimulatedReport.cs b/roles/tests/files/FWO.Test/SimulatedReport.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SimulatedReport.cs rename to roles/tests/files/FWO.Test/SimulatedReport.cs diff --git a/roles/tests-unit/files/FWO.Test/SimulatedSCClient.cs b/roles/tests/files/FWO.Test/SimulatedSCClient.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SimulatedSCClient.cs rename to roles/tests/files/FWO.Test/SimulatedSCClient.cs diff --git a/roles/tests-unit/files/FWO.Test/SimulatedUserConfig.cs b/roles/tests/files/FWO.Test/SimulatedUserConfig.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/SimulatedUserConfig.cs rename to roles/tests/files/FWO.Test/SimulatedUserConfig.cs diff --git a/roles/tests-unit/files/FWO.Test/TestDataGeneratorTest.cs b/roles/tests/files/FWO.Test/TestDataGeneratorTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/TestDataGeneratorTest.cs rename to roles/tests/files/FWO.Test/TestDataGeneratorTest.cs diff --git a/roles/tests-unit/files/FWO.Test/TestHelper.cs b/roles/tests/files/FWO.Test/TestHelper.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/TestHelper.cs rename to roles/tests/files/FWO.Test/TestHelper.cs diff --git a/roles/tests-unit/files/FWO.Test/TestInitializer.cs b/roles/tests/files/FWO.Test/TestInitializer.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/TestInitializer.cs rename to roles/tests/files/FWO.Test/TestInitializer.cs diff --git a/roles/tests-unit/files/FWO.Test/Tools/CustomAssert.cs b/roles/tests/files/FWO.Test/Tools/CustomAssert.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Tools/CustomAssert.cs rename to roles/tests/files/FWO.Test/Tools/CustomAssert.cs diff --git a/roles/tests-unit/files/FWO.Test/Tools/TestDataGenerator.cs b/roles/tests/files/FWO.Test/Tools/TestDataGenerator.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/Tools/TestDataGenerator.cs rename to roles/tests/files/FWO.Test/Tools/TestDataGenerator.cs diff --git a/roles/tests-unit/files/FWO.Test/UiRsbLinkTest.cs b/roles/tests/files/FWO.Test/UiRsbLinkTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/UiRsbLinkTest.cs rename to roles/tests/files/FWO.Test/UiRsbLinkTest.cs diff --git a/roles/tests-unit/files/FWO.Test/UiRsbTestApiConn.cs b/roles/tests/files/FWO.Test/UiRsbTestApiConn.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/UiRsbTestApiConn.cs rename to roles/tests/files/FWO.Test/UiRsbTestApiConn.cs diff --git a/roles/tests-unit/files/FWO.Test/UiZoneMatrixTest.cs b/roles/tests/files/FWO.Test/UiZoneMatrixTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/UiZoneMatrixTest.cs rename to roles/tests/files/FWO.Test/UiZoneMatrixTest.cs diff --git a/roles/tests-unit/files/FWO.Test/UrlSanitisationTest.cs b/roles/tests/files/FWO.Test/UrlSanitisationTest.cs similarity index 100% rename from roles/tests-unit/files/FWO.Test/UrlSanitisationTest.cs rename to roles/tests/files/FWO.Test/UrlSanitisationTest.cs diff --git a/roles/tests-integration/files/api/test-graphql.md b/roles/tests/files/api/test-graphql.md similarity index 100% rename from roles/tests-integration/files/api/test-graphql.md rename to roles/tests/files/api/test-graphql.md diff --git a/roles/tests-integration/files/api/test_api.sh b/roles/tests/files/api/test_api.sh similarity index 100% rename from roles/tests-integration/files/api/test_api.sh rename to roles/tests/files/api/test_api.sh diff --git a/roles/tests-integration/files/auth/config.ldif b/roles/tests/files/auth/config.ldif similarity index 100% rename from roles/tests-integration/files/auth/config.ldif rename to roles/tests/files/auth/config.ldif diff --git a/roles/tests-integration/files/auth/roles.ldif b/roles/tests/files/auth/roles.ldif similarity index 100% rename from roles/tests-integration/files/auth/roles.ldif rename to roles/tests/files/auth/roles.ldif diff --git a/roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py b/roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py similarity index 92% rename from roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py rename to roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py index 3ab52f384c..66c0dde0f9 100644 --- a/roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py +++ b/roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py @@ -1,6 +1,8 @@ import requests import json import argparse +import urllib3 +from urllib3.exceptions import InsecureRequestWarning parser = argparse.ArgumentParser(description='Create configuration from Check Point R8x management via API calls') @@ -24,10 +26,12 @@ limit = 100 details_level = "full" # 'standard' ssl_verification = False +urllib3.disable_warnings(InsecureRequestWarning) use_object_dictionary = 'false' name_prefix = 'fworch_test_' obj_types = ['hosts', 'networks', 'services-tcp'] base_ip = '10.88.99.' +UNDEFINED_OPERATION = "error, not defined" def api_call(ip_addr, port, command, json_payload, sid_a): @@ -36,7 +40,7 @@ def api_call(ip_addr, port, command, json_payload, sid_a): request_headers = {'Content-Type': 'application/json'} else: request_headers = {'Content-Type': 'application/json', 'X-chkp-sid': sid_a} - r = requests.post(url, data=json.dumps(json_payload), headers=request_headers, verify=ssl_verification) + r = requests.post(url, data=json.dumps(json_payload), headers=request_headers, verify=ssl_verification) # NOSONAR - test script intentionally skips cert validation return r.json() @@ -52,8 +56,8 @@ def login(user, password, api_host_a, api_port): for obj_type in obj_types: current = 0 while current < args.number_of_test_objs: - del_cmd = "error, not defined" - del_req = "error, not defined" + del_cmd = UNDEFINED_OPERATION + del_req = UNDEFINED_OPERATION if obj_type == 'networks': del_cmd = 'delete-network' del_req = {'name': name_prefix + 'net_' + str(current)} @@ -77,8 +81,8 @@ def login(user, password, api_host_a, api_port): for obj_type in obj_types: current = 0 while current < args.number_of_test_objs: - create_cmd = "error, not defined" - create_req = "error, not defined" + create_cmd = UNDEFINED_OPERATION + create_req = UNDEFINED_OPERATION if obj_type == 'networks': create_cmd = 'add-network' create_req = {'name': name_prefix + 'net_' + str(current), diff --git a/roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_get_layer_names.py b/roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_get_layer_names.py similarity index 100% rename from roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_get_layer_names.py rename to roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_get_layer_names.py diff --git a/roles/tests-integration/files/importer/CP-R8x/unused_create_csv_sting.sh b/roles/tests/files/importer/CP-R8x/unused_create_csv_sting.sh similarity index 100% rename from roles/tests-integration/files/importer/CP-R8x/unused_create_csv_sting.sh rename to roles/tests/files/importer/CP-R8x/unused_create_csv_sting.sh diff --git a/roles/sample-data/files/config_changes/changeRule.py b/roles/tests/files/importer/config_changes/changeRule.py similarity index 94% rename from roles/sample-data/files/config_changes/changeRule.py rename to roles/tests/files/importer/config_changes/changeRule.py index 5fe7fc7f48..4f94c0fb5a 100644 --- a/roles/sample-data/files/config_changes/changeRule.py +++ b/roles/tests/files/importer/config_changes/changeRule.py @@ -9,15 +9,15 @@ import logging -def randomOctet(): +def random_octet(): return str(random.randrange(0, 256)) -def randomIp(): - return randomOctet() + '.' + randomOctet() + '.' + randomOctet() + '.' + randomOctet() +def random_ip(): + return random_octet() + '.' + random_octet() + '.' + random_octet() + '.' + random_octet() -def randomUid(): +def random_uid(): s = ''.join(random.choices(string.ascii_lowercase + string.digits, k=32)) return s[:8] + '-' + s[8:12] + '-' + s[12:16] + '-' + s[16:20] + '-' + s[20:] @@ -76,8 +76,8 @@ def randomUid(): if actionChosen == 'changeSrcOrDst': if not deleteElement: - newUid = randomUid() - newIp = randomIp() + newUid = random_uid() + newIp = random_ip() # cannot add to any obj, so delete it first if anyObj in ruleSide: diff --git a/roles/tests-integration/files/importer/config_changes/enlarge_rule.py b/roles/tests/files/importer/config_changes/enlarge_rule.py similarity index 95% rename from roles/tests-integration/files/importer/config_changes/enlarge_rule.py rename to roles/tests/files/importer/config_changes/enlarge_rule.py index 4f69d9ce53..f501239f8d 100644 --- a/roles/tests-integration/files/importer/config_changes/enlarge_rule.py +++ b/roles/tests/files/importer/config_changes/enlarge_rule.py @@ -77,7 +77,7 @@ def random_uuid(): else: data[replace_counter] = line.rstrip() + ' "{}"\n'.format(ip_address) break - if fnmatch.filter([line], ' next\n'.format(uid)): + if fnmatch.filter([line], ' next\n'): uid_flag = False if fnmatch.filter([line], 'end\n'): rule_area_flag = False @@ -98,9 +98,7 @@ def random_uuid(): if line == '# end recognition comment for auto-delete function\n': delete_flag = False last_comment_line_flag = True - if object_count < 2: - fout.write(line) - elif not (delete_flag or last_comment_line_flag): + if object_count < 2 or not (delete_flag or last_comment_line_flag): fout.write(line) else: for line in data: diff --git a/roles/sample-data/files/config_changes/write_date_to_comment.py b/roles/tests/files/importer/config_changes/write_date_to_comment.py similarity index 100% rename from roles/sample-data/files/config_changes/write_date_to_comment.py rename to roles/tests/files/importer/config_changes/write_date_to_comment.py diff --git a/roles/tests-integration/files/tenant_networks/create_tenant_network_data.py b/roles/tests/files/tenant_networks/create_tenant_network_data.py similarity index 71% rename from roles/tests-integration/files/tenant_networks/create_tenant_network_data.py rename to roles/tests/files/tenant_networks/create_tenant_network_data.py index d5fb663f15..8a414b7ed0 100644 --- a/roles/tests-integration/files/tenant_networks/create_tenant_network_data.py +++ b/roles/tests/files/tenant_networks/create_tenant_network_data.py @@ -3,17 +3,15 @@ from netaddr import IPNetwork -def createTenantTestData(tenantTopIpNet, numberOfTenantNetworks, tenantId): +def create_tenant_test_data(tenantTopIpNet, numberOfTenantNetworks, tenantId): code = "" i = 0 mask = 0 tenantTopIpNetTypecasted = IPNetwork(tenantTopIpNet) - # numberOfPossibleIPs = tenantTopIpNet.num_addresses numberOfPossibleIPs = tenantTopIpNetTypecasted.size while i< numberOfTenantNetworks: i += 1 - # mask = randint(28, 32) mask = 32 randomIndex = randint(0,numberOfPossibleIPs-1) randomIp = tenantTopIpNetTypecasted[randomIndex] @@ -24,4 +22,4 @@ def createTenantTestData(tenantTopIpNet, numberOfTenantNetworks, tenantId): if __name__ == '__main__': - print(createTenantTestData(IPNetwork('10.0.0.0/12'), 1000, 6)) + print(create_tenant_test_data(IPNetwork('10.0.0.0/12'), 1000, 6)) diff --git a/roles/tests-integration/handlers/main.yml b/roles/tests/handlers/main.yml similarity index 100% rename from roles/tests-integration/handlers/main.yml rename to roles/tests/handlers/main.yml diff --git a/roles/tests-integration/tasks/b64pad.yml b/roles/tests/tasks/b64pad.yml similarity index 100% rename from roles/tests-integration/tasks/b64pad.yml rename to roles/tests/tasks/b64pad.yml diff --git a/roles/tests-integration/tasks/main.yml b/roles/tests/tasks/integration.yml similarity index 100% rename from roles/tests-integration/tasks/main.yml rename to roles/tests/tasks/integration.yml diff --git a/roles/tests/tasks/main.yml b/roles/tests/tasks/main.yml new file mode 100644 index 0000000000..3f1292a107 --- /dev/null +++ b/roles/tests/tasks/main.yml @@ -0,0 +1,15 @@ +- name: run unit tests + tags: + - test + - unittests + include_tasks: unit.yml + when: + - (run_unit_tests | default(true)) | bool + +- name: run integration tests + tags: + - test + - integrationtests + include_tasks: integration.yml + when: + - (run_integration_tests | default(true)) | bool diff --git a/roles/tests-integration/tasks/test-api.yml b/roles/tests/tasks/test-api.yml similarity index 86% rename from roles/tests-integration/tasks/test-api.yml rename to roles/tests/tasks/test-api.yml index d1c25fd480..22d0adeb30 100644 --- a/roles/tests-integration/tasks/test-api.yml +++ b/roles/tests/tasks/test-api.yml @@ -1,5 +1,9 @@ # this playbook contains api tests +- name: disable tls certificate validation for api tests + ansible.builtin.set_fact: + api_validate_certs: false + - name: test api version uri: url: https://{{ api_network_listening_ip_address }}:{{ api_web_port }}/api/v1/version @@ -9,7 +13,7 @@ body: query: "" body_format: json - validate_certs: false + validate_certs: "{{ api_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: api_version changed_when: false @@ -30,7 +34,7 @@ body: query: "query { object(limit:3) {obj_name} }" body_format: json - validate_certs: false + validate_certs: "{{ api_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: api_query_anonymous changed_when: false @@ -57,7 +61,7 @@ Username: user1{{ test_postfix }} Password: "{{ test_user1_pw }}" body_format: json - validate_certs: false + validate_certs: "{{ api_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: sample_JWT changed_when: false @@ -74,7 +78,7 @@ body: query: "query text { txt(limit:3) { id } }" body_format: json - validate_certs: false + validate_certs: "{{ api_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: api_query_anonymous_with_JWT changed_when: false @@ -107,7 +111,7 @@ body: query: "query { object (limit: 1) {obj_name} }" body_format: json - validate_certs: false + validate_certs: "{{ api_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: api_query_admin changed_when: false diff --git a/roles/tests-integration/tasks/test-auth.yml b/roles/tests/tasks/test-auth.yml similarity index 92% rename from roles/tests-integration/tasks/test-auth.yml rename to roles/tests/tasks/test-auth.yml index 438b9aa138..81891b585e 100644 --- a/roles/tests-integration/tasks/test-auth.yml +++ b/roles/tests/tasks/test-auth.yml @@ -8,6 +8,10 @@ delay: 10 timeout: 25 +- name: disable tls certificate validation for middleware auth tests + ansible.builtin.set_fact: + middleware_validate_certs: false + - name: middleware test get jwt valid creds ansible.builtin.uri: url: "https://{{ middleware_hostname }}:{{ middleware_web_listener_port }}/api/AuthenticationToken/Get/" @@ -18,7 +22,7 @@ Username: "user1{{ test_postfix }}" Password: "{{ test_user1_pw }}" body_format: json - validate_certs: false + validate_certs: "{{ middleware_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: sample_jwt changed_when: false @@ -102,7 +106,7 @@ Username: "user1{{ test_postfix }}" Password: "wrong-pwd" body_format: json - validate_certs: false + validate_certs: "{{ middleware_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: sample_jwt changed_when: false diff --git a/roles/tests-integration/tasks/test-database.yml b/roles/tests/tasks/test-database.yml similarity index 100% rename from roles/tests-integration/tasks/test-database.yml rename to roles/tests/tasks/test-database.yml diff --git a/roles/tests-integration/tasks/test-importer.yml b/roles/tests/tasks/test-importer.yml similarity index 100% rename from roles/tests-integration/tasks/test-importer.yml rename to roles/tests/tasks/test-importer.yml diff --git a/roles/tests-integration/tasks/test-web.yml b/roles/tests/tasks/test-web.yml similarity index 83% rename from roles/tests-integration/tasks/test-web.yml rename to roles/tests/tasks/test-web.yml index 282a8dbc5d..7950dd739b 100644 --- a/roles/tests-integration/tasks/test-web.yml +++ b/roles/tests/tasks/test-web.yml @@ -1,5 +1,9 @@ # this playbook contains web server availabitlity tests +- name: disable tls certificate validation for web tests + ansible.builtin.set_fact: + web_validate_certs: false + - name: test middleware web server availability uri: url: "{{ middleware_uri }}/swagger/" @@ -7,7 +11,7 @@ headers: Content-Type: html/text body: - validate_certs: false + validate_certs: "{{ web_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: web_call_result changed_when: false @@ -29,7 +33,7 @@ headers: Content-Type: html/text body: - validate_certs: false + validate_certs: "{{ web_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: web_call_result changed_when: false @@ -51,7 +55,7 @@ headers: Content-Type: html/text body: - validate_certs: false + validate_certs: "{{ web_validate_certs }}" # NOSONAR - self-signed certs in tests return_content: true register: web_call_result changed_when: false diff --git a/roles/tests-unit/tasks/main.yml b/roles/tests/tasks/unit.yml similarity index 100% rename from roles/tests-unit/tasks/main.yml rename to roles/tests/tasks/unit.yml diff --git a/roles/tests-integration/tasks/write-config-test-user-creds.yml b/roles/tests/tasks/write-config-test-user-creds.yml similarity index 100% rename from roles/tests-integration/tasks/write-config-test-user-creds.yml rename to roles/tests/tasks/write-config-test-user-creds.yml diff --git a/site.yml b/site.yml index ee505320fe..9f7e9dcaab 100644 --- a/site.yml +++ b/site.yml @@ -103,16 +103,10 @@ - hosts: all roles: - - { role: tests-unit, when: not installation_mode == 'uninstall' } + - { role: tests, when: not installation_mode == 'uninstall' } tags: - test - unittests - -- hosts: all - roles: - - { role: tests-integration, when: not installation_mode == 'uninstall' } - tags: - - test - integrationtests - hosts: all