This repository has been archived by the owner on Jul 18, 2024. It is now read-only.
forked from lacework/go-sdk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
alerts_details_investigation_test.go
115 lines (100 loc) · 3.13 KB
/
alerts_details_investigation_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
//
// Author:: Salim Afiune Maya (<[email protected]>)
// Copyright:: Copyright 2020, Lacework Inc.
// License:: Apache License, Version 2.0
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package api_test
import (
"encoding/json"
"fmt"
"net/http"
"testing"
"github.com/circleci/fork-lacework-go-sdk/api"
"github.com/circleci/fork-lacework-go-sdk/internal/lacework"
"github.com/stretchr/testify/assert"
)
var alertInvestigationJSON = `{
"data": [
{
"question": "Has a new user been involved in the event in the last 60 days?",
"answer": "No"
},
{
"question": "Have the users involved in the event authenticated without MFA in the last 60 days?",
"answer": "No"
},
{
"question": "Have any of the users involved in the event used the Root account in the last 60 days?",
"answer": "No"
}
]
}`
func TestAlertsGetInvestigationMethod(t *testing.T) {
fakeServer := lacework.MockServer()
fakeServer.MockAPI(
fmt.Sprintf("Alerts/%d", alertID),
func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "GET", r.Method, "GetInvestigation should be a GET method")
fmt.Fprint(w, "{}")
},
)
defer fakeServer.Close()
c, err := api.NewClient("test",
api.WithToken("TOKEN"),
api.WithURL(fakeServer.URL()),
)
assert.Nil(t, err)
_, err = c.V2.Alerts.GetInvestigation(alertID)
assert.Nil(t, err)
}
func TestAlertsGetInvestigationOK(t *testing.T) {
mockResponse := alertInvestigationJSON
fakeServer := lacework.MockServer()
fakeServer.MockAPI(
fmt.Sprintf("Alerts/%d", alertID),
func(w http.ResponseWriter, r *http.Request) {
fmt.Fprint(w, mockResponse)
},
)
defer fakeServer.Close()
c, err := api.NewClient("test",
api.WithToken("TOKEN"),
api.WithURL(fakeServer.URL()),
)
assert.Nil(t, err)
investigationExpected := api.AlertInvestigationResponse{}
_ = json.Unmarshal([]byte(mockResponse), &investigationExpected)
var investigationActual api.AlertInvestigationResponse
investigationActual, err = c.V2.Alerts.GetInvestigation(alertID)
assert.Nil(t, err)
assert.Equal(t, investigationExpected, investigationActual)
}
func TestAlertsGetInvestigationError(t *testing.T) {
fakeServer := lacework.MockServer()
fakeServer.MockAPI(
fmt.Sprintf("Alerts/%d", alertID),
func(w http.ResponseWriter, r *http.Request) {
http.Error(w, lqlErrorReponse, http.StatusInternalServerError)
},
)
defer fakeServer.Close()
c, err := api.NewClient("test",
api.WithToken("TOKEN"),
api.WithURL(fakeServer.URL()),
)
assert.Nil(t, err)
_, err = c.V2.Alerts.GetInvestigation(alertID)
assert.NotNil(t, err)
}