Coverage for turvallisuusneuvonta/csaf/core/rules/mandatory/defined_product_ids.py: 100.00%

7 statements  

« prev     ^ index     » next       coverage.py v7.6.9, created at 2024-12-18 20:29:38 +00:00

1"""6.1.1 Missing Definition of Product ID 

2 

3For each element of type /$defs/product_id_t which is not inside a Full Product Name (type: full_product_name_t) 

4and therefore reference an element within the product_tree it must be tested that the Full Product Name element 

5with the matching product_id exists. The same applies for all items of elements of type /$defs/products_t. 

6 

7The relevant paths for this test are: 

8 /product_tree/product_groups[]/product_ids[] 

9 /product_tree/relationships[]/product_reference 

10 /product_tree/relationships[]/relates_to_product_reference 

11 /vulnerabilities[]/product_status/first_affected[] 

12 /vulnerabilities[]/product_status/first_fixed[] 

13 /vulnerabilities[]/product_status/fixed[] 

14 /vulnerabilities[]/product_status/known_affected[] 

15 /vulnerabilities[]/product_status/known_not_affected[] 

16 /vulnerabilities[]/product_status/last_affected[] 

17 /vulnerabilities[]/product_status/recommended[] 

18 /vulnerabilities[]/product_status/under_investigation[] 

19 /vulnerabilities[]/remediations[]/product_ids[] 

20 /vulnerabilities[]/scores[]/products[] 

21 /vulnerabilities[]/threats[]/product_ids[] 

22 

23Example 40 which fails the test: 

24 

25 "product_tree": { 

26 "product_groups": [ 

27 { 

28 "group_id": "CSAFGID-1020300", 

29 "product_ids": [ 

30 "CSAFPID-9080700", 

31 "CSAFPID-9080701" 

32 ] 

33 } 

34 ] 

35 } 

36 

37Neither CSAFPID-9080700 nor CSAFPID-9080701 were defined in the product_tree. 

38""" 

39 

40ID = (6, 1, 1) 

41TOPIC = 'Missing Definition of Product ID' 

42TRIGGER_PATH = 'product_tree/full_product_names[]/product_id' 

43TRIGGER_JMES_PATH = TRIGGER_PATH.lstrip('/').replace('/', '.') 

44CONDITION_PATHS = ( 

45 '/product_tree/product_groups[]/product_ids[]', 

46 '/product_tree/relationships[]/product_reference', 

47 '/product_tree/relationships[]/relates_to_product_reference', 

48 '/vulnerabilities[]/product_status/first_affected[]', 

49 '/vulnerabilities[]/product_status/first_fixed[]', 

50 '/vulnerabilities[]/product_status/fixed[]', 

51 '/vulnerabilities[]/product_status/known_affected[]', 

52 '/vulnerabilities[]/product_status/known_not_affected[]', 

53 '/vulnerabilities[]/product_status/last_affected[]', 

54 '/vulnerabilities[]/product_status/recommended[]', 

55 '/vulnerabilities[]/product_status/under_investigation[]', 

56 '/vulnerabilities[]/remediations[]/product_ids[]', 

57 '/vulnerabilities[]/scores[]/products[]', 

58 '/vulnerabilities[]/threats[]/product_ids[]', 

59) 

60CONDITION_JMES_PATHS = tuple(path.lstrip('/').replace('/', '.') for path in CONDITION_PATHS) 

61PATHS = CONDITION_PATHS