Coverage for turvallisuusneuvonta/csaf/core/rules/mandatory/defined_group_ids.py: 100.00%

7 statements  

« prev     ^ index     » next       coverage.py v7.4.1, created at 2024-02-05 19:27:17 +00:00

1"""6.1.4 Missing Definition of Product Group ID 

2 

3For each element of type /$defs/product_group_id_t which is not inside a Product Group (/product_tree/product_groups[]) 

4and therefore reference an element within the product_tree it must be tested that the Product Group element with the 

5matching group_id exists. The same applies for all items of elements of type /$defs/product_groups_t. 

6 

7The relevant paths for this test are: 

8 

9 /vulnerabilities[]/remediations[]/group_ids 

10 /vulnerabilities[]/threats[]/group_ids 

11 

12Example 43 which fails the test: 

13 

14 "product_tree": { 

15 "full_product_names": [ 

16 { 

17 "product_id": "CSAFPID-9080700", 

18 "name": "Product A" 

19 } 

20 ] 

21 }, 

22 "vulnerabilities": [ 

23 { 

24 "threats": [ 

25 { 

26 "category": "exploit_status", 

27 "details": "Reliable exploits integrated in Metasploit.", 

28 "group_ids": [ 

29 "CSAFGID-1020301" 

30 ] 

31 } 

32 ] 

33 } 

34 ] 

35 

36CSAFGID-1020301 was not defined in the Product Tree. 

37""" 

38 

39ID = (6, 1, 4) 

40TOPIC = 'Missing Definition of Product Group ID' 

41 

42TRIGGER_PATH = '/product_tree/product_groups[]/group_id' 

43TRIGGER_JMES_PATH = TRIGGER_PATH.lstrip('/').replace('/', '.') 

44CONDITION_PATHS = ( 

45 '/vulnerabilities[]/remediations[]/group_ids', 

46 '/vulnerabilities[]/threats[]/group_ids', 

47) 

48CONDITION_JMES_PATHS = tuple(path.lstrip('/').replace('/', '.') for path in CONDITION_PATHS) 

49PATHS = CONDITION_PATHS