Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Detailed report messages for Drive&Docs #300

Merged
merged 36 commits into from
Jul 15, 2024
Merged

Add Detailed report messages for Drive&Docs #300

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
8daadfa
Fixed 5.1 and 4.1, still need to account for groups. Some progress on…
LaurenBassett May 13, 2024
ec5deca
Added support for groups for 2.X, Fixed logic issue on 2.4, Fixed spe…
LaurenBassett May 15, 2024
7880269
Everything is done but 2.2, 2.3, and 2.4 messages and testing.
LaurenBassett May 29, 2024
a93aab0
[#259] Update policy 2
snarve May 29, 2024
4954ff7
Drive_01 Testing Complete.
LaurenBassett May 30, 2024
0ad94eb
removed print statements
LaurenBassett May 30, 2024
2ffbb69
Fixed tests for Drive02, and flipped the logic to reflect the baselin…
LaurenBassett May 30, 2024
0771ec2
[#259] Tests for policy 6 updated
snarve Jun 3, 2024
6435481
[#259] Tests for policy 5 updated
snarve Jun 3, 2024
55882e8
[#259] Tests updated for policy 4
snarve Jun 3, 2024
138812a
[#259] Updated tests for policy 3. All unit tests are updated
snarve Jun 3, 2024
cf4602c
[#259] Fix linter issues
snarve Jun 3, 2024
5cc9d11
[#259] More linter clean up
snarve Jun 3, 2024
a85af65
[#259] Linter fix
snarve Jun 3, 2024
c8a9c78
[#259] another linter fix
snarve Jun 3, 2024
c23a9f8
[#259] linter fixes
snarve Jun 3, 2024
f2bc706
[#259] more linter fixes
snarve Jun 3, 2024
ad0f86e
[#259] MR updates for policy 1
snarve Jun 4, 2024
c0844ed
[#259] More MR updates
snarve Jun 4, 2024
ac4e101
[#259] Remove unnecessary concats
snarve Jun 4, 2024
dabb364
Correct minor typo in GetFriendlyValue1_7
adhilto Jun 4, 2024
63b5d5b
[#259] MR updates
snarve Jun 4, 2024
0bda048
Merge branch '259-detailed-report-message-for-drive-docs' of https://…
snarve Jun 4, 2024
55ebb4f
[#259] Linter fix
snarve Jun 4, 2024
84d4eb7
[#259] formatting error
snarve Jun 4, 2024
319c312
[#259] Fix unit tests
snarve Jun 4, 2024
fdcaf16
[#259] Update policy 1.5
snarve Jun 4, 2024
fb72c18
[#259] Update 1.6
snarve Jun 5, 2024
d78bfd8
[#259] Remove friendly message method for 1.6
snarve Jun 5, 2024
b1a66d5
Merge branch 'main' into 259-detailed-report-message-for-drive-docs
adhilto Jun 7, 2024
5c9ed1c
Correct unit tests missed by merge
adhilto Jun 7, 2024
1b99ee8
Added missing event for the Drive provider
adhilto Jun 7, 2024
62a84f7
[#259] MR updates - typos and formatting
snarve Jun 26, 2024
c4f5db3
Merge branch '259-detailed-report-message-for-drive-docs' of https://…
snarve Jun 26, 2024
7a81eed
[#259] Unit tests updated
snarve Jun 26, 2024
7bf6c6d
[#259] Missed one typo
snarve Jun 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
248 changes: 196 additions & 52 deletions Testing/RegoTests/drive/drive01_test.rego
View file
Open in desktop

Large diffs are not rendered by default.

83 changes: 49 additions & 34 deletions Testing/RegoTests/drive/drive02_test.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ test_Managers_Correct_V1 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Managers_Correct_V2 if {
Expand Down Expand Up @@ -67,7 +67,7 @@ test_Managers_Correct_V2 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Managers_Correct_V3 if {
Expand Down Expand Up @@ -105,7 +105,7 @@ test_Managers_Correct_V3 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Managers_Incorrect_V1 if {
Expand Down Expand Up @@ -165,7 +165,8 @@ test_Managers_Incorrect_V2 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: Members with manager access can override shared drive settings.</li></ul>"])
}

test_Managers_Incorrect_V3 if {
Expand Down Expand Up @@ -203,7 +204,8 @@ test_Managers_Incorrect_V3 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: Members with manager access can override shared drive settings.</li></ul>"])
}

test_Managers_Incorrect_V4 if {
Expand Down Expand Up @@ -241,7 +243,8 @@ test_Managers_Incorrect_V4 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Secondary OU: Members with manager access can override shared drive settings.</li></ul>"])
}

test_Managers_Incorrect_V5 if {
Expand Down Expand Up @@ -307,7 +310,7 @@ test_Outside_Correct_V1 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Outside_Correct_V2 if {
Expand Down Expand Up @@ -351,7 +354,7 @@ test_Outside_Correct_V2 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Outside_Correct_V3 if {
Expand Down Expand Up @@ -395,7 +398,7 @@ test_Outside_Correct_V3 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Outside_Incorrect_V1 if {
Expand Down Expand Up @@ -458,7 +461,8 @@ test_Outside_Incorrect_V2 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: Users outside the organization can access files in shared drives</li></ul>"])
}

test_Outside_Incorrect_V3 if {
Expand Down Expand Up @@ -502,7 +506,8 @@ test_Outside_Incorrect_V3 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: Users outside the organization can access files in shared drives</li></ul>"])
}

test_Outside_Incorrect_V4 if {
Expand Down Expand Up @@ -546,7 +551,8 @@ test_Outside_Incorrect_V4 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Secondary OU: Users outside the organization can access files in shared drives</li></ul>"])
}

test_Outside_Incorrect_V5 if {
Expand Down Expand Up @@ -615,7 +621,7 @@ test_SharedDrive_Correct_V1 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_SharedDrive_Correct_V2 if {
Expand Down Expand Up @@ -659,7 +665,7 @@ test_SharedDrive_Correct_V2 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_SharedDrive_Correct_V3 if {
Expand Down Expand Up @@ -703,7 +709,7 @@ test_SharedDrive_Correct_V3 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_SharedDrive_Incorrect_V1 if {
Expand Down Expand Up @@ -766,7 +772,8 @@ test_SharedDrive_Incorrect_V2 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: People who aren't shared drive members can be added to files</li></ul>"])
}

test_SharedDrive_Incorrect_V3 if {
Expand Down Expand Up @@ -810,9 +817,11 @@ test_SharedDrive_Incorrect_V3 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: People who aren't shared drive members can be added to files</li></ul>"])
}


test_SharedDrive_Incorrect_V4 if {
# Test sharing setting when top OU is correct but secondary isn't
PolicyId := "GWS.DRIVEDOCS.2.3v0.2"
Expand Down Expand Up @@ -854,7 +863,8 @@ test_SharedDrive_Incorrect_V4 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Secondary OU: People who aren't shared drive members can be added to files</li></ul>"])
}

test_SharedDrive_Incorrect_V5 if {
Expand Down Expand Up @@ -905,7 +915,7 @@ test_Viewers_Correct_V1 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -920,7 +930,7 @@ test_Viewers_Correct_V1 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Viewers_Correct_V2 if {
Expand All @@ -933,7 +943,7 @@ test_Viewers_Correct_V2 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -943,7 +953,7 @@ test_Viewers_Correct_V2 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -958,7 +968,7 @@ test_Viewers_Correct_V2 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Viewers_Correct_V3 if {
Expand All @@ -971,7 +981,7 @@ test_Viewers_Correct_V3 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -981,7 +991,7 @@ test_Viewers_Correct_V3 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Secondary OU"},
]
}]
Expand All @@ -996,7 +1006,7 @@ test_Viewers_Correct_V3 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Viewers_Incorrect_V1 if {
Expand Down Expand Up @@ -1041,7 +1051,7 @@ test_Viewers_Incorrect_V2 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -1056,7 +1066,8 @@ test_Viewers_Incorrect_V2 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: Viewers and commenters are allowed to download, print, and copy files</li></ul>"])
}

test_Viewers_Incorrect_V3 if {
Expand All @@ -1069,7 +1080,7 @@ test_Viewers_Incorrect_V3 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -1079,7 +1090,7 @@ test_Viewers_Incorrect_V3 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -1094,7 +1105,9 @@ test_Viewers_Incorrect_V3 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: ",
"Viewers and commenters are allowed to download, print, and copy files</li></ul>"])
}

test_Viewers_Incorrect_V4 if {
Expand All @@ -1107,7 +1120,7 @@ test_Viewers_Incorrect_V4 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"},
]
}]
Expand All @@ -1117,7 +1130,7 @@ test_Viewers_Incorrect_V4 if {
"events": [{
"parameters": [
{"name": "SETTING_NAME", "value": "Shared Drive Creation new_team_drive_restricts_download"},
{"name": "NEW_VALUE", "value": "true"},
{"name": "NEW_VALUE", "value": "false"},
{"name": "ORG_UNIT_NAME", "value": "Test Secondary OU"},
]
}]
Expand All @@ -1132,7 +1145,9 @@ test_Viewers_Incorrect_V4 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Secondary OU: ",
"Viewers and commenters are allowed to download, print, and copy files</li></ul>"])
}

test_Viewers_Incorrect_V5 if {
Expand Down
18 changes: 12 additions & 6 deletions Testing/RegoTests/drive/drive03_test.rego
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ test_Sharing_Correct_V1 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Sharing_Correct_V2 if {
Expand Down Expand Up @@ -96,7 +96,7 @@ test_Sharing_Correct_V2 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Sharing_Correct_V3 if {
Expand Down Expand Up @@ -160,7 +160,7 @@ test_Sharing_Correct_V3 if {
count(RuleOutput) == 1
RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement met in all OUs."
RuleOutput[0].ReportDetails == "Requirement met in all OUs and groups."
}

test_Sharing_Incorrect_V1 if {
Expand Down Expand Up @@ -234,7 +234,9 @@ test_Sharing_Incorrect_V2 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: ",
"Users are allowed to remove/apply the security update for files they own or manage</li></ul>"])
}

test_Sharing_Incorrect_V3 if {
Expand Down Expand Up @@ -288,7 +290,9 @@ test_Sharing_Incorrect_V3 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Top-Level OU: ",
"Users are allowed to remove/apply the security update for files they own or manage</li></ul>"])
}

test_Sharing_Incorrect_V4 if {
Expand Down Expand Up @@ -352,7 +356,9 @@ test_Sharing_Incorrect_V4 if {
count(RuleOutput) == 1
not RuleOutput[0].RequirementMet
not RuleOutput[0].NoSuchEvent
RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU."
RuleOutput[0].ReportDetails == concat("", ["The following OUs are non-compliant:",
"<ul><li>Test Secondary OU: ",
"Users are allowed to remove/apply the security update for files they own or manage</li></ul>"])
}

test_Sharing_Incorrect_V5 if {
Expand Down
Loading
Loading