diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 7e648c52..5b66c277 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -25,21 +25,15 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: - # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v3 - # install newest pip - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v4 - with: - python-version: ${{ matrix.python-version }} - - name: Install pip - run: python -m pip install --upgrade pip setuptools wheel - # install requirements - - name: Install requirements - run: | - python -m pip install --upgrade pip - pip install -r requirements.txt - # Runs a set of commands using the runners shell - - name: Run pytm tests - run: | - python3 -m unittest + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v4 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v6 + with: + python-version: ${{ matrix.python-version }} + - name: Install Poetry + run: pip install poetry + - name: Install dependencies + run: poetry install --with dev + - name: Run tests + run: poetry run pytest diff --git a/poetry.lock b/poetry.lock index 7c47da05..43b834b3 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,35 +1,39 @@ -# This file is automatically @generated by Poetry 2.1.4 and should not be changed by hand. +# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. [[package]] name = "black" -version = "25.9.0" +version = "25.11.0" description = "The uncompromising code formatter." optional = false python-versions = ">=3.9" groups = ["dev"] files = [ - {file = "black-25.9.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:ce41ed2614b706fd55fd0b4a6909d06b5bab344ffbfadc6ef34ae50adba3d4f7"}, - {file = "black-25.9.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:2ab0ce111ef026790e9b13bd216fa7bc48edd934ffc4cbf78808b235793cbc92"}, - {file = "black-25.9.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:f96b6726d690c96c60ba682955199f8c39abc1ae0c3a494a9c62c0184049a713"}, - {file = "black-25.9.0-cp310-cp310-win_amd64.whl", hash = "sha256:d119957b37cc641596063cd7db2656c5be3752ac17877017b2ffcdb9dfc4d2b1"}, - {file = "black-25.9.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:456386fe87bad41b806d53c062e2974615825c7a52159cde7ccaeb0695fa28fa"}, - {file = "black-25.9.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:a16b14a44c1af60a210d8da28e108e13e75a284bf21a9afa6b4571f96ab8bb9d"}, - {file = "black-25.9.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:aaf319612536d502fdd0e88ce52d8f1352b2c0a955cc2798f79eeca9d3af0608"}, - {file = "black-25.9.0-cp311-cp311-win_amd64.whl", hash = "sha256:c0372a93e16b3954208417bfe448e09b0de5cc721d521866cd9e0acac3c04a1f"}, - {file = "black-25.9.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:1b9dc70c21ef8b43248f1d86aedd2aaf75ae110b958a7909ad8463c4aa0880b0"}, - {file = "black-25.9.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8e46eecf65a095fa62e53245ae2795c90bdecabd53b50c448d0a8bcd0d2e74c4"}, - {file = "black-25.9.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:9101ee58ddc2442199a25cb648d46ba22cd580b00ca4b44234a324e3ec7a0f7e"}, - {file = "black-25.9.0-cp312-cp312-win_amd64.whl", hash = "sha256:77e7060a00c5ec4b3367c55f39cf9b06e68965a4f2e61cecacd6d0d9b7ec945a"}, - {file = "black-25.9.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:0172a012f725b792c358d57fe7b6b6e8e67375dd157f64fa7a3097b3ed3e2175"}, - {file = "black-25.9.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:3bec74ee60f8dfef564b573a96b8930f7b6a538e846123d5ad77ba14a8d7a64f"}, - {file = "black-25.9.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:b756fc75871cb1bcac5499552d771822fd9db5a2bb8db2a7247936ca48f39831"}, - {file = "black-25.9.0-cp313-cp313-win_amd64.whl", hash = "sha256:846d58e3ce7879ec1ffe816bb9df6d006cd9590515ed5d17db14e17666b2b357"}, - {file = "black-25.9.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:ef69351df3c84485a8beb6f7b8f9721e2009e20ef80a8d619e2d1788b7816d47"}, - {file = "black-25.9.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:e3c1f4cd5e93842774d9ee4ef6cd8d17790e65f44f7cdbaab5f2cf8ccf22a823"}, - {file = "black-25.9.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:154b06d618233fe468236ba1f0e40823d4eb08b26f5e9261526fde34916b9140"}, - {file = "black-25.9.0-cp39-cp39-win_amd64.whl", hash = "sha256:e593466de7b998374ea2585a471ba90553283fb9beefcfa430d84a2651ed5933"}, - {file = "black-25.9.0-py3-none-any.whl", hash = "sha256:474b34c1342cdc157d307b56c4c65bce916480c4a8f6551fdc6bf9b486a7c4ae"}, - {file = "black-25.9.0.tar.gz", hash = "sha256:0474bca9a0dd1b51791fcc507a4e02078a1c63f6d4e4ae5544b9848c7adfb619"}, + {file = "black-25.11.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:ec311e22458eec32a807f029b2646f661e6859c3f61bc6d9ffb67958779f392e"}, + {file = "black-25.11.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:1032639c90208c15711334d681de2e24821af0575573db2810b0763bcd62e0f0"}, + {file = "black-25.11.0-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:0c0f7c461df55cf32929b002335883946a4893d759f2df343389c4396f3b6b37"}, + {file = "black-25.11.0-cp310-cp310-win_amd64.whl", hash = "sha256:f9786c24d8e9bd5f20dc7a7f0cdd742644656987f6ea6947629306f937726c03"}, + {file = "black-25.11.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:895571922a35434a9d8ca67ef926da6bc9ad464522a5fe0db99b394ef1c0675a"}, + {file = "black-25.11.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:cb4f4b65d717062191bdec8e4a442539a8ea065e6af1c4f4d36f0cdb5f71e170"}, + {file = "black-25.11.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:d81a44cbc7e4f73a9d6ae449ec2317ad81512d1e7dce7d57f6333fd6259737bc"}, + {file = "black-25.11.0-cp311-cp311-win_amd64.whl", hash = "sha256:7eebd4744dfe92ef1ee349dc532defbf012a88b087bb7ddd688ff59a447b080e"}, + {file = "black-25.11.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:80e7486ad3535636657aa180ad32a7d67d7c273a80e12f1b4bfa0823d54e8fac"}, + {file = "black-25.11.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:6cced12b747c4c76bc09b4db057c319d8545307266f41aaee665540bc0e04e96"}, + {file = "black-25.11.0-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:6cb2d54a39e0ef021d6c5eef442e10fd71fcb491be6413d083a320ee768329dd"}, + {file = "black-25.11.0-cp312-cp312-win_amd64.whl", hash = "sha256:ae263af2f496940438e5be1a0c1020e13b09154f3af4df0835ea7f9fe7bfa409"}, + {file = "black-25.11.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:0a1d40348b6621cc20d3d7530a5b8d67e9714906dfd7346338249ad9c6cedf2b"}, + {file = "black-25.11.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:51c65d7d60bb25429ea2bf0731c32b2a2442eb4bd3b2afcb47830f0b13e58bfd"}, + {file = "black-25.11.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:936c4dd07669269f40b497440159a221ee435e3fddcf668e0c05244a9be71993"}, + {file = "black-25.11.0-cp313-cp313-win_amd64.whl", hash = "sha256:f42c0ea7f59994490f4dccd64e6b2dd49ac57c7c84f38b8faab50f8759db245c"}, + {file = "black-25.11.0-cp314-cp314-macosx_10_15_x86_64.whl", hash = "sha256:35690a383f22dd3e468c85dc4b915217f87667ad9cce781d7b42678ce63c4170"}, + {file = "black-25.11.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:dae49ef7369c6caa1a1833fd5efb7c3024bb7e4499bf64833f65ad27791b1545"}, + {file = "black-25.11.0-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:5bd4a22a0b37401c8e492e994bce79e614f91b14d9ea911f44f36e262195fdda"}, + {file = "black-25.11.0-cp314-cp314-win_amd64.whl", hash = "sha256:aa211411e94fdf86519996b7f5f05e71ba34835d8f0c0f03c00a26271da02664"}, + {file = "black-25.11.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:a3bb5ce32daa9ff0605d73b6f19da0b0e6c1f8f2d75594db539fdfed722f2b06"}, + {file = "black-25.11.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:9815ccee1e55717fe9a4b924cae1646ef7f54e0f990da39a34fc7b264fcf80a2"}, + {file = "black-25.11.0-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:92285c37b93a1698dcbc34581867b480f1ba3a7b92acf1fe0467b04d7a4da0dc"}, + {file = "black-25.11.0-cp39-cp39-win_amd64.whl", hash = "sha256:43945853a31099c7c0ff8dface53b4de56c41294fa6783c0441a8b1d9bf668bc"}, + {file = "black-25.11.0-py3-none-any.whl", hash = "sha256:e3f562da087791e96cefcd9dda058380a442ab322a02e222add53736451f604b"}, + {file = "black-25.11.0.tar.gz", hash = "sha256:9a323ac32f5dc75ce7470501b887250be5005a01602e931a15e45593f70f6e08"}, ] [package.dependencies] @@ -38,7 +42,7 @@ mypy-extensions = ">=0.4.3" packaging = ">=22.0" pathspec = ">=0.9.0" platformdirs = ">=2" -pytokens = ">=0.1.10" +pytokens = ">=0.3.0" tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""} @@ -70,12 +74,31 @@ description = "Cross-platform colored terminal text." optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" groups = ["dev"] -markers = "platform_system == \"Windows\"" +markers = "sys_platform == \"win32\" or platform_system == \"Windows\"" files = [ {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, ] +[[package]] +name = "exceptiongroup" +version = "1.3.0" +description = "Backport of PEP 654 (exception groups)" +optional = false +python-versions = ">=3.7" +groups = ["dev"] +markers = "python_version < \"3.11\"" +files = [ + {file = "exceptiongroup-1.3.0-py3-none-any.whl", hash = "sha256:4d111e6e0c13d0644cad6ddaa7ed0261a0b36971f6d23e7ec9b4b9097da78a10"}, + {file = "exceptiongroup-1.3.0.tar.gz", hash = "sha256:b241f5885f560bc56a59ee63ca4c6a8bfa46ae4ad651af316d4e81817bb9fd88"}, +] + +[package.dependencies] +typing-extensions = {version = ">=4.6.0", markers = "python_version < \"3.13\""} + +[package.extras] +test = ["pytest (>=6)"] + [[package]] name = "importlib-metadata" version = "8.7.0" @@ -101,6 +124,31 @@ perf = ["ipython"] test = ["flufl.flake8", "importlib_resources (>=1.3) ; python_version < \"3.9\"", "jaraco.test (>=5.4)", "packaging", "pyfakefs", "pytest (>=6,!=8.1.*)", "pytest-perf (>=0.9.2)"] type = ["pytest-mypy"] +[[package]] +name = "iniconfig" +version = "2.1.0" +description = "brain-dead simple config-ini parsing" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "iniconfig-2.1.0-py3-none-any.whl", hash = "sha256:9deba5723312380e77435581c6bf4935c94cbfab9b1ed33ef8d238ea168eb760"}, + {file = "iniconfig-2.1.0.tar.gz", hash = "sha256:3abbd2e30b36733fee78f9c7f7308f2d0050e88f0087fd25c2645f63c773e1c7"}, +] + +[[package]] +name = "legacy-cgi" +version = "2.6.4" +description = "Fork of the standard library cgi and cgitb modules removed in Python 3.13" +optional = false +python-versions = ">=3.8" +groups = ["main"] +markers = "python_version >= \"3.13\"" +files = [ + {file = "legacy_cgi-2.6.4-py3-none-any.whl", hash = "sha256:7e235ce58bf1e25d1fc9b2d299015e4e2cd37305eccafec1e6bac3fc04b878cd"}, + {file = "legacy_cgi-2.6.4.tar.gz", hash = "sha256:abb9dfc7835772f7c9317977c63253fd22a7484b5c9bbcdca60a29dcce97c577"}, +] + [[package]] name = "mako" version = "1.3.10" @@ -308,6 +356,22 @@ docs = ["furo (>=2024.8.6)", "proselint (>=0.14)", "sphinx (>=8.1.3)", "sphinx-a test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest (>=8.3.4)", "pytest-cov (>=6)", "pytest-mock (>=3.14)"] type = ["mypy (>=1.14.1)"] +[[package]] +name = "pluggy" +version = "1.6.0" +description = "plugin and hook calling mechanisms for python" +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "pluggy-1.6.0-py3-none-any.whl", hash = "sha256:e920276dd6813095e9377c0bc5566d94c932c33b27a3e3945d8389c374dd4746"}, + {file = "pluggy-1.6.0.tar.gz", hash = "sha256:7dcc130b76258d33b90f61b658791dede3486c3e6bfb003ee5c9bfb396dd22f3"}, +] + +[package.extras] +dev = ["pre-commit", "tox"] +testing = ["coverage", "pytest", "pytest-benchmark"] + [[package]] name = "pydal" version = "20200714.1" @@ -319,16 +383,55 @@ files = [ {file = "pydal-20200714.1.tar.gz", hash = "sha256:dd35b8ecb009099cce7efa72a40707d2e9bdcdf85924f30683a52d5172d1242f"}, ] +[[package]] +name = "pygments" +version = "2.19.2" +description = "Pygments is a syntax highlighting package written in Python." +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "pygments-2.19.2-py3-none-any.whl", hash = "sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b"}, + {file = "pygments-2.19.2.tar.gz", hash = "sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887"}, +] + +[package.extras] +windows-terminal = ["colorama (>=0.4.6)"] + +[[package]] +name = "pytest" +version = "8.4.2" +description = "pytest: simple powerful testing with Python" +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "pytest-8.4.2-py3-none-any.whl", hash = "sha256:872f880de3fc3a5bdc88a11b39c9710c3497a547cfa9320bc3c5e62fbf272e79"}, + {file = "pytest-8.4.2.tar.gz", hash = "sha256:86c0d0b93306b961d58d62a4db4879f27fe25513d4b969df351abdddb3c30e01"}, +] + +[package.dependencies] +colorama = {version = ">=0.4", markers = "sys_platform == \"win32\""} +exceptiongroup = {version = ">=1", markers = "python_version < \"3.11\""} +iniconfig = ">=1" +packaging = ">=20" +pluggy = ">=1.5,<2" +pygments = ">=2.7.2" +tomli = {version = ">=1", markers = "python_version < \"3.11\""} + +[package.extras] +dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "requests", "setuptools", "xmlschema"] + [[package]] name = "pytokens" -version = "0.1.10" -description = "A Fast, spec compliant Python 3.12+ tokenizer that runs on older Pythons." +version = "0.3.0" +description = "A Fast, spec compliant Python 3.14+ tokenizer that runs on older Pythons." optional = false python-versions = ">=3.8" groups = ["dev"] files = [ - {file = "pytokens-0.1.10-py3-none-any.whl", hash = "sha256:db7b72284e480e69fb085d9f251f66b3d2df8b7166059261258ff35f50fb711b"}, - {file = "pytokens-0.1.10.tar.gz", hash = "sha256:c9a4bfa0be1d26aebce03e6884ba454e842f186a59ea43a6d3b25af58223c044"}, + {file = "pytokens-0.3.0-py3-none-any.whl", hash = "sha256:95b2b5eaf832e469d141a378872480ede3f251a5a5041b8ec6e581d3ac71bbf3"}, + {file = "pytokens-0.3.0.tar.gz", hash = "sha256:2f932b14ed08de5fcf0b391ace2642f858f1394c0857202959000b68ed7a458a"}, ] [package.extras] @@ -336,45 +439,55 @@ dev = ["black", "build", "mypy", "pytest", "pytest-cov", "setuptools", "tox", "t [[package]] name = "tomli" -version = "2.2.1" +version = "2.3.0" description = "A lil' TOML parser" optional = false python-versions = ">=3.8" groups = ["dev"] markers = "python_version < \"3.11\"" files = [ - {file = "tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249"}, - {file = "tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6"}, - {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ece47d672db52ac607a3d9599a9d48dcb2f2f735c6c2d1f34130085bb12b112a"}, - {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6972ca9c9cc9f0acaa56a8ca1ff51e7af152a9f87fb64623e31d5c83700080ee"}, - {file = "tomli-2.2.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c954d2250168d28797dd4e3ac5cf812a406cd5a92674ee4c8f123c889786aa8e"}, - {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:8dd28b3e155b80f4d54beb40a441d366adcfe740969820caf156c019fb5c7ec4"}, - {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e59e304978767a54663af13c07b3d1af22ddee3bb2fb0618ca1593e4f593a106"}, - {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:33580bccab0338d00994d7f16f4c4ec25b776af3ffaac1ed74e0b3fc95e885a8"}, - {file = "tomli-2.2.1-cp311-cp311-win32.whl", hash = "sha256:465af0e0875402f1d226519c9904f37254b3045fc5084697cefb9bdde1ff99ff"}, - {file = "tomli-2.2.1-cp311-cp311-win_amd64.whl", hash = "sha256:2d0f2fdd22b02c6d81637a3c95f8cd77f995846af7414c5c4b8d0545afa1bc4b"}, - {file = "tomli-2.2.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4a8f6e44de52d5e6c657c9fe83b562f5f4256d8ebbfe4ff922c495620a7f6cea"}, - {file = "tomli-2.2.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8d57ca8095a641b8237d5b079147646153d22552f1c637fd3ba7f4b0b29167a8"}, - {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e340144ad7ae1533cb897d406382b4b6fede8890a03738ff1683af800d54192"}, - {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2b95f9de79181805df90bedc5a5ab4c165e6ec3fe99f970d0e302f384ad222"}, - {file = "tomli-2.2.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:40741994320b232529c802f8bc86da4e1aa9f413db394617b9a256ae0f9a7f77"}, - {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:400e720fe168c0f8521520190686ef8ef033fb19fc493da09779e592861b78c6"}, - {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:02abe224de6ae62c19f090f68da4e27b10af2b93213d36cf44e6e1c5abd19fdd"}, - {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:b82ebccc8c8a36f2094e969560a1b836758481f3dc360ce9a3277c65f374285e"}, - {file = "tomli-2.2.1-cp312-cp312-win32.whl", hash = "sha256:889f80ef92701b9dbb224e49ec87c645ce5df3fa2cc548664eb8a25e03127a98"}, - {file = "tomli-2.2.1-cp312-cp312-win_amd64.whl", hash = "sha256:7fc04e92e1d624a4a63c76474610238576942d6b8950a2d7f908a340494e67e4"}, - {file = "tomli-2.2.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f4039b9cbc3048b2416cc57ab3bda989a6fcf9b36cf8937f01a6e731b64f80d7"}, - {file = "tomli-2.2.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:286f0ca2ffeeb5b9bd4fcc8d6c330534323ec51b2f52da063b11c502da16f30c"}, - {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a92ef1a44547e894e2a17d24e7557a5e85a9e1d0048b0b5e7541f76c5032cb13"}, - {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9316dc65bed1684c9a98ee68759ceaed29d229e985297003e494aa825ebb0281"}, - {file = "tomli-2.2.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e85e99945e688e32d5a35c1ff38ed0b3f41f43fad8df0bdf79f72b2ba7bc5272"}, - {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:ac065718db92ca818f8d6141b5f66369833d4a80a9d74435a268c52bdfa73140"}, - {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:d920f33822747519673ee656a4b6ac33e382eca9d331c87770faa3eef562aeb2"}, - {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:a198f10c4d1b1375d7687bc25294306e551bf1abfa4eace6650070a5c1ae2744"}, - {file = "tomli-2.2.1-cp313-cp313-win32.whl", hash = "sha256:d3f5614314d758649ab2ab3a62d4f2004c825922f9e370b29416484086b264ec"}, - {file = "tomli-2.2.1-cp313-cp313-win_amd64.whl", hash = "sha256:a38aa0308e754b0e3c67e344754dff64999ff9b513e691d0e786265c93583c69"}, - {file = "tomli-2.2.1-py3-none-any.whl", hash = "sha256:cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc"}, - {file = "tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff"}, + {file = "tomli-2.3.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:88bd15eb972f3664f5ed4b57c1634a97153b4bac4479dcb6a495f41921eb7f45"}, + {file = "tomli-2.3.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:883b1c0d6398a6a9d29b508c331fa56adbcdff647f6ace4dfca0f50e90dfd0ba"}, + {file = "tomli-2.3.0-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:d1381caf13ab9f300e30dd8feadb3de072aeb86f1d34a8569453ff32a7dea4bf"}, + {file = "tomli-2.3.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:a0e285d2649b78c0d9027570d4da3425bdb49830a6156121360b3f8511ea3441"}, + {file = "tomli-2.3.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:0a154a9ae14bfcf5d8917a59b51ffd5a3ac1fd149b71b47a3a104ca4edcfa845"}, + {file = "tomli-2.3.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:74bf8464ff93e413514fefd2be591c3b0b23231a77f901db1eb30d6f712fc42c"}, + {file = "tomli-2.3.0-cp311-cp311-win32.whl", hash = "sha256:00b5f5d95bbfc7d12f91ad8c593a1659b6387b43f054104cda404be6bda62456"}, + {file = "tomli-2.3.0-cp311-cp311-win_amd64.whl", hash = "sha256:4dc4ce8483a5d429ab602f111a93a6ab1ed425eae3122032db7e9acf449451be"}, + {file = "tomli-2.3.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:d7d86942e56ded512a594786a5ba0a5e521d02529b3826e7761a05138341a2ac"}, + {file = "tomli-2.3.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:73ee0b47d4dad1c5e996e3cd33b8a76a50167ae5f96a2607cbe8cc773506ab22"}, + {file = "tomli-2.3.0-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:792262b94d5d0a466afb5bc63c7daa9d75520110971ee269152083270998316f"}, + {file = "tomli-2.3.0-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:4f195fe57ecceac95a66a75ac24d9d5fbc98ef0962e09b2eddec5d39375aae52"}, + {file = "tomli-2.3.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:e31d432427dcbf4d86958c184b9bfd1e96b5b71f8eb17e6d02531f434fd335b8"}, + {file = "tomli-2.3.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:7b0882799624980785240ab732537fcfc372601015c00f7fc367c55308c186f6"}, + {file = "tomli-2.3.0-cp312-cp312-win32.whl", hash = "sha256:ff72b71b5d10d22ecb084d345fc26f42b5143c5533db5e2eaba7d2d335358876"}, + {file = "tomli-2.3.0-cp312-cp312-win_amd64.whl", hash = "sha256:1cb4ed918939151a03f33d4242ccd0aa5f11b3547d0cf30f7c74a408a5b99878"}, + {file = "tomli-2.3.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:5192f562738228945d7b13d4930baffda67b69425a7f0da96d360b0a3888136b"}, + {file = "tomli-2.3.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:be71c93a63d738597996be9528f4abe628d1adf5e6eb11607bc8fe1a510b5dae"}, + {file = "tomli-2.3.0-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:c4665508bcbac83a31ff8ab08f424b665200c0e1e645d2bd9ab3d3e557b6185b"}, + {file = "tomli-2.3.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:4021923f97266babc6ccab9f5068642a0095faa0a51a246a6a02fccbb3514eaf"}, + {file = "tomli-2.3.0-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:a4ea38c40145a357d513bffad0ed869f13c1773716cf71ccaa83b0fa0cc4e42f"}, + {file = "tomli-2.3.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:ad805ea85eda330dbad64c7ea7a4556259665bdf9d2672f5dccc740eb9d3ca05"}, + {file = "tomli-2.3.0-cp313-cp313-win32.whl", hash = "sha256:97d5eec30149fd3294270e889b4234023f2c69747e555a27bd708828353ab606"}, + {file = "tomli-2.3.0-cp313-cp313-win_amd64.whl", hash = "sha256:0c95ca56fbe89e065c6ead5b593ee64b84a26fca063b5d71a1122bf26e533999"}, + {file = "tomli-2.3.0-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:cebc6fe843e0733ee827a282aca4999b596241195f43b4cc371d64fc6639da9e"}, + {file = "tomli-2.3.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:4c2ef0244c75aba9355561272009d934953817c49f47d768070c3c94355c2aa3"}, + {file = "tomli-2.3.0-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:c22a8bf253bacc0cf11f35ad9808b6cb75ada2631c2d97c971122583b129afbc"}, + {file = "tomli-2.3.0-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:0eea8cc5c5e9f89c9b90c4896a8deefc74f518db5927d0e0e8d4a80953d774d0"}, + {file = "tomli-2.3.0-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:b74a0e59ec5d15127acdabd75ea17726ac4c5178ae51b85bfe39c4f8a278e879"}, + {file = "tomli-2.3.0-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:b5870b50c9db823c595983571d1296a6ff3e1b88f734a4c8f6fc6188397de005"}, + {file = "tomli-2.3.0-cp314-cp314-win32.whl", hash = "sha256:feb0dacc61170ed7ab602d3d972a58f14ee3ee60494292d384649a3dc38ef463"}, + {file = "tomli-2.3.0-cp314-cp314-win_amd64.whl", hash = "sha256:b273fcbd7fc64dc3600c098e39136522650c49bca95df2d11cf3b626422392c8"}, + {file = "tomli-2.3.0-cp314-cp314t-macosx_10_13_x86_64.whl", hash = "sha256:940d56ee0410fa17ee1f12b817b37a4d4e4dc4d27340863cc67236c74f582e77"}, + {file = "tomli-2.3.0-cp314-cp314t-macosx_11_0_arm64.whl", hash = "sha256:f85209946d1fe94416debbb88d00eb92ce9cd5266775424ff81bc959e001acaf"}, + {file = "tomli-2.3.0-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:a56212bdcce682e56b0aaf79e869ba5d15a6163f88d5451cbde388d48b13f530"}, + {file = "tomli-2.3.0-cp314-cp314t-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:c5f3ffd1e098dfc032d4d3af5c0ac64f6d286d98bc148698356847b80fa4de1b"}, + {file = "tomli-2.3.0-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:5e01decd096b1530d97d5d85cb4dff4af2d8347bd35686654a004f8dea20fc67"}, + {file = "tomli-2.3.0-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:8a35dd0e643bb2610f156cca8db95d213a90015c11fee76c946aa62b7ae7e02f"}, + {file = "tomli-2.3.0-cp314-cp314t-win32.whl", hash = "sha256:a1f7f282fe248311650081faafa5f4732bdbfef5d45fe3f2e702fbc6f2d496e0"}, + {file = "tomli-2.3.0-cp314-cp314t-win_amd64.whl", hash = "sha256:70a251f8d4ba2d9ac2542eecf008b3c8a9fc5c3f9f02c56a9d7952612be2fdba"}, + {file = "tomli-2.3.0-py3-none-any.whl", hash = "sha256:e95b1af3c5b07d9e643909b5abbec77cd9f1217e6d0bca72b0234736b9fb1f1b"}, + {file = "tomli-2.3.0.tar.gz", hash = "sha256:64be704a875d2a59753d80ee8a533c3fe183e3f06807ff7dc2232938ccb01549"}, ] [[package]] @@ -413,5 +526,5 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.1" -python-versions = ">=3.9,<=3.11.13" -content-hash = "db76b1120c727c70e551fdf885e3eb4ee6a99b0c17e332662ca8b1c1d39aa63d" +python-versions = "^3.9 || ^3.10 || ^3.11" +content-hash = "d13ccd9a0de456c987bd6c6f20034c2f2a71279f65ddd4b2a0d597ef5ca5fd86" diff --git a/pyproject.toml b/pyproject.toml index 56a5d28c..483f31c9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -6,13 +6,15 @@ authors = ["pytm Team"] license = "MIT License" [tool.poetry.dependencies] -python = ">=3.9,<=3.11.13" +python = "^3.9 || ^3.10 || ^3.11" pydal = "~20200714.1" +legacy-cgi = { version = "^2.0", markers = "python_version >= '3.13'" } [tool.poetry.group.dev.dependencies] +pytest = "^8.3.5" black = "^25.9.0" pdoc3 = "^0.11.6" [build-system] -requires = ["poetry>=0.12"] -build-backend = "poetry.masonry.api" +requires = ["poetry-core>=1.0.0"] +build-backend = "poetry.core.masonry.api" diff --git a/tests/test_private_func.py b/tests/test_private_func.py index 4ce0816e..7f7b06e0 100644 --- a/tests/test_private_func.py +++ b/tests/test_private_func.py @@ -1,5 +1,5 @@ import random -import unittest +import pytest from pytm.pytm import ( TM, @@ -18,8 +18,7 @@ encode_threat_data, ) - -class TestUniqueNames(unittest.TestCase): +class TestUniqueNames: def test_duplicate_boundary_names_have_different_unique_names(self): random.seed(0) object_1 = Boundary("foo") @@ -28,66 +27,57 @@ def test_duplicate_boundary_names_have_different_unique_names(self): object_1_uniq_name = object_1._uniq_name() object_2_uniq_name = object_2._uniq_name() - self.assertNotEqual(object_1_uniq_name, object_2_uniq_name) - self.assertEqual(object_1_uniq_name, "boundary_foo_acf3059e70") - self.assertEqual(object_2_uniq_name, "boundary_foo_88f2d9c06f") - + assert object_1_uniq_name != object_2_uniq_name + assert object_1_uniq_name == "boundary_foo_acf3059e70" + assert object_2_uniq_name == "boundary_foo_88f2d9c06f" -class TestAttributes(unittest.TestCase): +class TestAttributes: def test_write_once(self): user = Actor("User") - with self.assertRaises(ValueError): + with pytest.raises(ValueError): user.name = "Computer" def test_kwargs(self): user = Actor("User", isAdmin=True) - self.assertEqual(user.isAdmin, True) + assert user.isAdmin is True user = Actor("User") - self.assertEqual(user.isAdmin, False) + assert user.isAdmin is False user.isAdmin = True - self.assertEqual(user.isAdmin, True) + assert user.isAdmin is True def test_load_threats(self): tm = TM("TM") - self.assertNotEqual(len(TM._threats), 0) - with self.assertRaises(UIError): + assert len(TM._threats) != 0 + with pytest.raises(UIError): tm.threatsFile = "threats.json" - - with self.assertRaises(UIError): + with pytest.raises(UIError): TM("TM", threatsFile="threats.json") def test_responses(self): tm = TM("my test tm", description="aa", isOrdered=True) - user = Actor("User") web = Server("Web Server") db = Datastore("SQL Database") - http_req = Dataflow(user, web, "http req") insert = Dataflow(web, db, "insert data") query = Dataflow(web, db, "query") query_resp = Dataflow(db, web, "query results", responseTo=query) http_resp = Dataflow(web, user, "http resp") http_resp.responseTo = http_req - - self.assertTrue(tm.check()) - - self.assertEqual(http_req.response, http_resp) - self.assertIs(http_resp.isResponse, True) - - self.assertIs(query_resp.isResponse, True) - self.assertEqual(query_resp.responseTo, query) - self.assertEqual(query.response, query_resp) - - self.assertIsNone(insert.response) - self.assertIs(insert.isResponse, False) + assert tm.check() + assert http_req.response == http_resp + assert http_resp.isResponse is True + assert query_resp.isResponse is True + assert query_resp.responseTo == query + assert query.response == query_resp + assert insert.response is None + assert insert.isResponse is False def test_defaults(self): tm = TM("TM") user_data = Data("HTTP") user = Actor("User", data=user_data) - user.controls.authenticatesDestination=True - + user.controls.authenticatesDestination = True json_data = Data("JSON") server = Server( "Server", port=443, protocol="HTTPS", isEncrypted=True, data=json_data @@ -99,10 +89,9 @@ def test_defaults(self): protocol="PostgreSQL", data=sql_resp, ) - db.controls.isEncrypted=False + db.controls.isEncrypted = False db.type = DatastoreType.SQL worker = Process("Task queue worker") - req_get_data = Data("HTTP GET") req_get = Dataflow(user, server, "HTTP GET", data=req_get_data) server_query_data = Data("SQL") @@ -111,108 +100,82 @@ def test_defaults(self): result = Dataflow(db, server, "Results", data=result_data, isResponse=True) resp_get_data = Data("HTTP Response") resp_get = Dataflow(server, user, "HTTP Response", data=resp_get_data, isResponse=True) - test_assumption = Assumption("test assumption") resp_get.assumptions = [test_assumption] - req_post_data = Data("JSON") req_post = Dataflow(user, server, "HTTP POST", data=req_post_data) resp_post = Dataflow(server, user, "HTTP Response", isResponse=True) test_assumption_exclude = Assumption("test assumption", exclude=["ABCD", "BCDE"]) resp_post.assumptions = [test_assumption_exclude] - sql_data = Data("SQL") worker_query = Dataflow(worker, db, "Query", data=sql_data) Dataflow(db, worker, "Results", isResponse=True) - cookie = Data("Auth Cookie", carriedBy=[req_get, req_post]) - - self.assertTrue(tm.check()) - - self.assertEqual(req_get.srcPort, -1) - self.assertEqual(req_get.dstPort, server.port) - self.assertEqual(req_get.controls.isEncrypted, server.controls.isEncrypted) - self.assertEqual( - req_get.controls.authenticatesDestination, user.controls.authenticatesDestination - ) - self.assertEqual(req_get.protocol, server.protocol) - self.assertTrue(user.data.issubset(req_get.data)) - - self.assertEqual(server_query.srcPort, -1) - self.assertEqual(server_query.dstPort, db.port) - self.assertEqual(server_query.controls.isEncrypted, db.controls.isEncrypted) - self.assertEqual( - server_query.controls.authenticatesDestination, server.controls.authenticatesDestination - ) - self.assertEqual(server_query.protocol, db.protocol) - self.assertTrue(server.data.issubset(server_query.data)) - - self.assertEqual(result.srcPort, db.port) - self.assertEqual(result.dstPort, -1) - self.assertEqual(result.controls.isEncrypted, db.controls.isEncrypted) - self.assertEqual(result.controls.authenticatesDestination, False) - self.assertEqual(result.protocol, db.protocol) - self.assertTrue(db.data.issubset(result.data)) - self.assertListEqual(db.assumptions, []) - - self.assertEqual(resp_get.srcPort, server.port) - self.assertEqual(resp_get.dstPort, -1) - self.assertEqual(resp_get.controls.isEncrypted, server.controls.isEncrypted) - self.assertEqual(resp_get.controls.authenticatesDestination, False) - self.assertEqual(resp_get.protocol, server.protocol) - self.assertTrue(server.data.issubset(resp_get.data)) - self.assertListEqual(resp_get.assumptions, [test_assumption]) - - self.assertEqual(req_post.srcPort, -1) - self.assertEqual(req_post.dstPort, server.port) - self.assertEqual(req_post.controls.isEncrypted, server.controls.isEncrypted) - self.assertEqual( - req_post.controls.authenticatesDestination, user.controls.authenticatesDestination - ) - self.assertEqual(req_post.protocol, server.protocol) - self.assertTrue(user.data.issubset(req_post.data)) - - self.assertEqual(resp_post.srcPort, server.port) - self.assertEqual(resp_post.dstPort, -1) - self.assertEqual(resp_post.controls.isEncrypted, server.controls.isEncrypted) - self.assertEqual(resp_post.controls.authenticatesDestination, False) - self.assertEqual(resp_post.protocol, server.protocol) - self.assertTrue(server.data.issubset(resp_post.data)) - self.assertListEqual(resp_post.assumptions, [test_assumption_exclude]) - self.assertSetEqual(resp_post.assumptions[0].exclude, test_assumption_exclude.exclude) - - self.assertListEqual(server.inputs, [req_get, req_post]) - self.assertListEqual(server.outputs, [server_query]) - self.assertListEqual(worker.inputs, []) - self.assertListEqual(worker.outputs, [worker_query]) - - self.assertListEqual(cookie.carriedBy, [req_get, req_post]) - self.assertSetEqual(set(cookie.processedBy), set([user, server])) - self.assertIn(cookie, req_get.data) - self.assertSetEqual( - set([d.name for d in req_post.data]), set([cookie.name, "HTTP", "JSON"]) - ) - - -class TestMethod(unittest.TestCase): + assert tm.check() + assert req_get.srcPort == -1 + assert req_get.dstPort == server.port + assert req_get.controls.isEncrypted == server.controls.isEncrypted + assert req_get.controls.authenticatesDestination == user.controls.authenticatesDestination + assert req_get.protocol == server.protocol + assert user.data.issubset(req_get.data) + assert server_query.srcPort == -1 + assert server_query.dstPort == db.port + assert server_query.controls.isEncrypted == db.controls.isEncrypted + assert server_query.controls.authenticatesDestination == server.controls.authenticatesDestination + assert server_query.protocol == db.protocol + assert server.data.issubset(server_query.data) + assert result.srcPort == db.port + assert result.dstPort == -1 + assert result.controls.isEncrypted == db.controls.isEncrypted + assert result.controls.authenticatesDestination is False + assert result.protocol == db.protocol + assert db.data.issubset(result.data) + assert db.assumptions == [] + assert resp_get.srcPort == server.port + assert resp_get.dstPort == -1 + assert resp_get.controls.isEncrypted == server.controls.isEncrypted + assert resp_get.controls.authenticatesDestination is False + assert resp_get.protocol == server.protocol + assert server.data.issubset(resp_get.data) + assert resp_get.assumptions == [test_assumption] + assert req_post.srcPort == -1 + assert req_post.dstPort == server.port + assert req_post.controls.isEncrypted == server.controls.isEncrypted + assert req_post.controls.authenticatesDestination == user.controls.authenticatesDestination + assert req_post.protocol == server.protocol + assert user.data.issubset(req_post.data) + assert resp_post.srcPort == server.port + assert resp_post.dstPort == -1 + assert resp_post.controls.isEncrypted == server.controls.isEncrypted + assert resp_post.controls.authenticatesDestination is False + assert resp_post.protocol == server.protocol + assert server.data.issubset(resp_post.data) + assert resp_post.assumptions == [test_assumption_exclude] + assert resp_post.assumptions[0].exclude == set(test_assumption_exclude.exclude) + assert server.inputs == [req_get, req_post] + assert server.outputs == [server_query] + assert worker.inputs == [] + assert worker.outputs == [worker_query] + assert cookie.carriedBy == [req_get, req_post] + assert set(cookie.processedBy) == set([user, server]) + assert cookie in req_get.data + assert set([d.name for d in req_post.data]) == set([cookie.name, "HTTP", "JSON"]) + +class TestMethod: def test_defaults(self): tm = TM("my test tm", description="aa", isOrdered=True) - internet = Boundary("Internet") cloud = Boundary("Cloud") - user = Actor("User", inBoundary=internet) server = Server("Server") db = Datastore("DB", inBoundary=cloud) db.type = DatastoreType.SQL func = Datastore("Lambda function", inBoundary=cloud) - request = Dataflow(user, server, "request") response = Dataflow(server, user, "response", isResponse=True) user_query = Dataflow(user, db, "user query") server_query = Dataflow(server, db, "server query") func_query = Dataflow(func, db, "func query") - default_target = ["Actor", "Boundary", "Dataflow", "Datastore", "Server"] testCases = [ {"target": server, "condition": "target.oneOf(Server, Datastore)"}, @@ -235,21 +198,12 @@ def test_defaults(self): "for f in target.outputs)", }, ] - - self.assertTrue(tm.check()) - + assert tm.check() for case in testCases: t = Threat(SID="", target=default_target, condition=case["condition"]) - self.assertTrue( - t.apply(case["target"]), - "Failed to match {} against {}".format( - case["target"], - case["condition"], - ), - ) + assert t.apply(case["target"]), f"Failed to match {case['target']} against {case['condition']}" - -class TestFunction(unittest.TestCase): +class TestFunction: def test_encode_threat_data(self): findings = [ Finding( @@ -271,17 +225,16 @@ def test_encode_threat_data(self): ) ] encoded_findings = encode_threat_data(findings) - - self.assertEqual(len(encoded_findings), 2) - self.assertEqual(encoded_findings[0].description, "A test description") - self.assertEqual(encoded_findings[0].severity, "High") - self.assertEqual(encoded_findings[0].id, "1") - self.assertEqual(encoded_findings[0].threat_id, "INP01") - self.assertEqual(encoded_findings[0].cvss, "9.876") - self.assertEqual(encoded_findings[0].response, "A test response") - self.assertEqual(encoded_findings[1].description, "An escape test <script>") - self.assertEqual(encoded_findings[1].severity, "Medium") - self.assertEqual(encoded_findings[1].id, "2") - self.assertEqual(encoded_findings[1].threat_id, "INP02") - self.assertEqual(encoded_findings[1].cvss, "1.234") - self.assertEqual(encoded_findings[1].response, "A test response") + assert len(encoded_findings) == 2 + assert encoded_findings[0].description == "A test description" + assert encoded_findings[0].severity == "High" + assert encoded_findings[0].id == "1" + assert encoded_findings[0].threat_id == "INP01" + assert encoded_findings[0].cvss == "9.876" + assert encoded_findings[0].response == "A test response" + assert encoded_findings[1].description == "An escape test <script>" + assert encoded_findings[1].severity == "Medium" + assert encoded_findings[1].id == "2" + assert encoded_findings[1].threat_id == "INP02" + assert encoded_findings[1].cvss == "1.234" + assert encoded_findings[1].response == "A test response" diff --git a/tests/test_pytmfunc.py b/tests/test_pytmfunc.py index f94d042c..c6ece694 100644 --- a/tests/test_pytmfunc.py +++ b/tests/test_pytmfunc.py @@ -2,8 +2,8 @@ import os import random import re -import unittest import tempfile +import pytest from contextlib import redirect_stdout from pytm import ( @@ -36,9 +36,9 @@ ) as threat_file: threats = {t["SID"]: Threat(**t) for t in json.load(threat_file)} -output_path=tempfile.gettempdir() +output_path = tempfile.gettempdir() -class TestTM(unittest.TestCase): +class TestTM: def test_seq(self): random.seed(0) dir_path = os.path.dirname(os.path.realpath(__file__)) @@ -59,11 +59,9 @@ def test_seq(self): Dataflow(db, web, "Retrieve comments") Dataflow(web, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.seq() - - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_seq_unused(self): random.seed(0) @@ -85,11 +83,9 @@ def test_seq_unused(self): Dataflow(db, web, "Retrieve comments") Dataflow(web, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.seq() - - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_dfd(self): dir_path = os.path.dirname(os.path.realpath(__file__)) @@ -121,11 +117,10 @@ def test_dfd(self): Dataflow(web, gw, "Response") Dataflow(gw, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.dfd() - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_dfd_colormap(self): dir_path = os.path.dirname(os.path.realpath(__file__)) @@ -157,12 +152,11 @@ def test_dfd_colormap(self): Dataflow(web, gw, "Response") Dataflow(gw, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() tm.resolve() output = tm.dfd(colormap=True) - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_dfd_duplicates_ignore(self): dir_path = os.path.dirname(os.path.realpath(__file__)) @@ -194,11 +188,10 @@ def test_dfd_duplicates_ignore(self): Dataflow(web, gw, "Response") Dataflow(gw, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.dfd() - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_dfd_duplicates_raise(self): random.seed(0) @@ -223,7 +216,7 @@ def test_dfd_duplicates_raise(self): "and Server(Web Server): Dataflow(User enters comments (*)) " "is same as Dataflow(User views comments)" ) - with self.assertRaisesRegex(ValueError, e): + with pytest.raises(ValueError, match=e): tm.check() def test_exclude_threats_ignore(self): @@ -240,13 +233,13 @@ def test_exclude_threats_ignore(self): web = Server("Web") web.sanitizesInput = False web.encodesOutput = False - self.assertTrue(threats[excluded_threat].apply(web)) - self.assertTrue(threats[remaining_threat].apply(web)) + assert threats[excluded_threat].apply(web) + assert threats[remaining_threat].apply(web) tm.resolve() - self.assertNotIn(excluded_threat, [t.threat_id for t in tm.findings]) - self.assertIn(remaining_threat, [t.threat_id for t in tm.findings]) + assert excluded_threat not in [t.threat_id for t in tm.findings] + assert remaining_threat in [t.threat_id for t in tm.findings] def test_resolve(self): random.seed(0) @@ -270,18 +263,21 @@ def test_resolve(self): ] tm.resolve() - self.maxDiff = None - self.assertEqual( - [f.threat_id for f in tm.findings], - ["Server", "Datastore", "Dataflow", "Dataflow", "Dataflow", "Dataflow"], - ) - self.assertEqual([f.threat_id for f in user.findings], []) - self.assertEqual([f.threat_id for f in web.findings], ["Server"]) - self.assertEqual([f.threat_id for f in db.findings], ["Datastore"]) - self.assertEqual([f.threat_id for f in req.findings], ["Dataflow"]) - self.assertEqual([f.threat_id for f in query.findings], ["Dataflow"]) - self.assertEqual([f.threat_id for f in results.findings], ["Dataflow"]) - self.assertEqual([f.threat_id for f in resp.findings], ["Dataflow"]) + assert [f.threat_id for f in tm.findings] == [ + "Server", + "Datastore", + "Dataflow", + "Dataflow", + "Dataflow", + "Dataflow", + ] + assert [f.threat_id for f in user.findings] == [] + assert [f.threat_id for f in web.findings] == ["Server"] + assert [f.threat_id for f in db.findings] == ["Datastore"] + assert [f.threat_id for f in req.findings] == ["Dataflow"] + assert [f.threat_id for f in query.findings] == ["Dataflow"] + assert [f.threat_id for f in results.findings] == ["Dataflow"] + assert [f.threat_id for f in resp.findings] == ["Dataflow"] def test_overrides(self): random.seed(0) @@ -324,26 +320,13 @@ def test_overrides(self): ] tm.resolve() - self.maxDiff = None - self.assertEqual( - [f.threat_id for f in tm.findings], - ["Server", "Datastore"], - ) - self.assertEqual( - [f.response for f in web.findings], ["mitigated by adding TLS"] - ) - self.assertEqual( - [f.cvss for f in web.findings], - ["1.234"], - ) - self.assertEqual( - [f.response for f in db.findings], - ["accepted since inside the trust boundary"], - ) - self.assertEqual( - [f.cvss for f in db.findings], - ["9.876"], - ) + assert [f.threat_id for f in tm.findings] == ["Server", "Datastore"] + assert [f.response for f in web.findings] == ["mitigated by adding TLS"] + assert [f.cvss for f in web.findings] == ["1.234"] + assert [f.response for f in db.findings] == [ + "accepted since inside the trust boundary" + ] + assert [f.cvss for f in db.findings] == ["9.876"] def test_json_dumps(self): random.seed(0) @@ -375,14 +358,13 @@ def test_json_dumps(self): Dataflow(web, user, "Show comments (*)") Dataflow(worker, db, "Query for tasks") - self.assertTrue(tm.check()) + assert tm.check() output = json.dumps(tm, default=to_serializable, sort_keys=True, indent=4) with open(os.path.join(output_path, "output_current.json"), "w") as x: x.write(output) - self.maxDiff = None - self.assertEqual(output, expected) + assert output == expected def test_json_loads(self): random.seed(0) @@ -392,27 +374,21 @@ def test_json_loads(self): TM.reset() tm = loads(contents) - self.assertTrue(tm.check()) - - self.maxDiff = None - self.assertEqual([b.name for b in tm._boundaries], ["Internet", "Server/DB"]) - self.assertEqual( - [e.name for e in tm._elements], - [ - "Internet", - "Server/DB", - "User", - "Web Server", - "SQL Database", - "Request", - "Insert", - "Select", - "Response", - ], - ) - self.assertEqual( - [f.name for f in tm._flows], ["Request", "Insert", "Select", "Response"] - ) + assert tm.check() + + assert [b.name for b in tm._boundaries] == ["Internet", "Server/DB"] + assert [e.name for e in tm._elements] == [ + "Internet", + "Server/DB", + "User", + "Web Server", + "SQL Database", + "Request", + "Insert", + "Select", + "Response", + ] + assert [f.name for f in tm._flows] == ["Request", "Insert", "Select", "Response"] def test_report(self): random.seed(0) @@ -445,14 +421,13 @@ def test_report(self): Dataflow(web, user, "Show comments (*)") Dataflow(worker, db, "Query for tasks") - self.assertTrue(tm.check()) + assert tm.check() output = tm.report("docs/basic_template.md") with open(os.path.join(output_path, "output_current.md"), "w") as x: x.write(output) - self.maxDiff = None - self.assertEqual(output.strip(), expected.strip()) + assert output.strip() == expected.strip() def test_multilevel_dfd(self): random.seed(0) @@ -481,12 +456,11 @@ def test_multilevel_dfd(self): Dataflow(db, web, "Retrieve comments") Dataflow(web, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.dfd(levels={0}) with open(os.path.join(output_path, "0.txt"), "w") as x: x.write(output) - self.maxDiff = None - self.assertEqual(output, level_0) + assert output == level_0 TM.reset() tm = TM("my test tm", description="aaa") @@ -501,12 +475,11 @@ def test_multilevel_dfd(self): Dataflow(db, web, "Retrieve comments") Dataflow(web, user, "Show comments (*)") - self.assertTrue(tm.check()) + assert tm.check() output = tm.dfd(levels={1}) with open(os.path.join(output_path, "1.txt"), "w") as x: x.write(output) - self.maxDiff = None - self.assertEqual(output, level_1) + assert output == level_1 def test_element_assumptions(self): web = Server("Web Server") @@ -514,14 +487,14 @@ def test_element_assumptions(self): assumption2 = Assumption("Assumption 2", exclude=["INP03"]) web.assumptions = [assumption1, assumption2] - self.assertEqual(len(web.assumptions), 2) - self.assertEqual(web.assumptions[0].name, "Assumption 1") - self.assertSetEqual(web.assumptions[0].exclude, {"INP01", "INP02"}) - self.assertEqual(web.assumptions[1].name, "Assumption 2") - self.assertSetEqual(web.assumptions[1].exclude, {"INP03"}) + assert len(web.assumptions) == 2 + assert web.assumptions[0].name == "Assumption 1" + assert web.assumptions[0].exclude == {"INP01", "INP02"} + assert web.assumptions[1].name == "Assumption 2" + assert web.assumptions[1].exclude == {"INP03"} # Test adding an invalid assumption - with self.assertRaises(ValueError): + with pytest.raises(ValueError): web.assumptions = [assumption1, "Invalid Assumption"] def test_exclude_threats_by_assumptions(self): @@ -535,11 +508,11 @@ def test_exclude_threats_by_assumptions(self): tm = TM("Test TM") tm.resolve() - self.assertNotIn("INP03", [f.threat_id for f in web.findings]) - self.assertIn("INP03", [f.threat_id for f in tm.excluded_findings]) + assert "INP03" not in [f.threat_id for f in web.findings] + assert "INP03" in [f.threat_id for f in tm.excluded_findings] -class Testpytm(unittest.TestCase): +class Testpytm: # Test for all the threats in threats.py - test Threat.apply() function def test_INP01(self): @@ -552,21 +525,21 @@ def test_INP01(self): process1.controls.sanitizesInput = False process1.controls.checksInputBounds = False threat = threats["INP01"] - self.assertTrue(threat.apply(lambda1)) - self.assertTrue(threat.apply(process1)) + assert threat.apply(lambda1) + assert threat.apply(process1) def test_INP02(self): process1 = Process("myprocess") process1.controls.checksInputBounds = False threat = threats["INP02"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP03(self): web = Server("Web") web.controls.sanitizesInput = False web.controls.encodesOutput = False threat = threats["INP03"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR01(self): user = Actor("User") @@ -579,8 +552,8 @@ def test_CR01(self): user_to_web.usesVPN = False user_to_web.usesSessionTokens = True threat = threats["CR01"] - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(web) + assert threat.apply(user_to_web) def test_INP04(self): web = Server("Web Server") @@ -588,7 +561,7 @@ def test_INP04(self): web.controls.validatesHeaders = False web.protocol = "HTTP" threat = threats["INP04"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR02(self): user = Actor("User") @@ -603,14 +576,14 @@ def test_CR02(self): user_to_web.controls.validatesInput = False user_to_web.usesSessionTokens = True threat = threats["CR02"] - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(web) + assert threat.apply(user_to_web) def test_INP05(self): web = Server("Web Server") web.controls.validatesInput = False threat = threats["INP05"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP06(self): web = Server("Web Server") @@ -618,7 +591,7 @@ def test_INP06(self): web.controls.sanitizesInput = False web.controls.validatesInput = False threat = threats["INP06"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_SC01(self): process1 = Process("Process1") @@ -626,20 +599,20 @@ def test_SC01(self): json = Data(name="JSON", description="some JSON data", format="JSON") process1.data = json threat = threats["SC01"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_LB01(self): process1 = Process("Process1") + lambda1 = Lambda("Lambda1") process1.implementsAPI = True process1.controls.validatesInput = False process1.controls.sanitizesInput = False - lambda1 = Lambda("Lambda1") lambda1.implementsAPI = True lambda1.controls.validatesInput = False lambda1.controls.sanitizesInput = False threat = threats["LB01"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_AA01(self): process1 = Process("Process1") @@ -647,8 +620,8 @@ def test_AA01(self): process1.authenticatesSource = False web.authenticatesSource = False threat = threats["AA01"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(web) def test_DS01(self): web = Server("Web Server") @@ -656,78 +629,77 @@ def test_DS01(self): web.controls.validatesInput = False web.controls.encodesOutput = False threat = threats["DS01"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_DE01(self): + # Default case + user = Actor("User") + web = Server("Web Server") + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.protocol = "HTTP" + threat = threats["DE01"] + assert threat.apply(user_to_web) + + # Success case + user = Actor("User") + web = Server("Web Server") + web.minTLSVersion = TLSVersion.TLSv12 + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.tlsVersion = TLSVersion.TLSv13 + user_to_web.controls.isEncrypted = True + user_to_web.controls.authenticatesDestination = True + user_to_web.controls.checksDestinationRevocation = True + threat = threats["DE01"] + assert not threat.apply(user_to_web) + + # Dataflow TLS below minimum version + user = Actor("User") + web = Server("Web Server") + web.minTLSVersion = TLSVersion.TLSv12 + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.tlsVersion = TLSVersion.TLSv11 + user_to_web.controls.isEncrypted = True + user_to_web.controls.authenticatesDestination = True + user_to_web.controls.checksDestinationRevocation = True + threat = threats["DE01"] + assert threat.apply(user_to_web) + + # Dataflow doesn't authenticate destination + user = Actor("User") + web = Server("Web Server") + web.minTLSVersion = TLSVersion.TLSv12 + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.tlsVersion = TLSVersion.TLSv13 + user_to_web.controls.isEncrypted = True + user_to_web.controls.authenticatesDestination = False + user_to_web.controls.checksDestinationRevocation = True + threat = threats["DE01"] + assert threat.apply(user_to_web) + + # Dataflow doesn't check destination revocation + user = Actor("User") + web = Server("Web Server") + web.minTLSVersion = TLSVersion.TLSv12 + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.tlsVersion = TLSVersion.TLSv13 + user_to_web.controls.isEncrypted = True + user_to_web.controls.authenticatesDestination = True + user_to_web.controls.checksDestinationRevocation = False + threat = threats["DE01"] + assert threat.apply(user_to_web) - with self.subTest("Default case"): - user = Actor("User") - web = Server("Web Server") - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.protocol = "HTTP" - threat = threats["DE01"] - self.assertTrue(threat.apply(user_to_web)) - - with self.subTest("Success case"): - user = Actor("User") - web = Server("Web Server") - web.minTLSVersion = TLSVersion.TLSv12 - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.tlsVersion = TLSVersion.TLSv13 - user_to_web.controls.isEncrypted = True - user_to_web.controls.authenticatesDestination = True - user_to_web.controls.checksDestinationRevocation = True - threat = threats["DE01"] - self.assertFalse(threat.apply(user_to_web)) - - with self.subTest("Dataflow TLS below minimum version"): - user = Actor("User") - web = Server("Web Server") - web.minTLSVersion = TLSVersion.TLSv12 - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.tlsVersion = TLSVersion.TLSv11 - user_to_web.controls.isEncrypted = True - user_to_web.controls.authenticatesDestination = True - user_to_web.controls.checksDestinationRevocation = True - threat = threats["DE01"] - self.assertTrue(threat.apply(user_to_web)) - - with self.subTest("Dataflow doesn't authenticate destination"): - user = Actor("User") - web = Server("Web Server") - web.minTLSVersion = TLSVersion.TLSv12 - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.tlsVersion = TLSVersion.TLSv13 - user_to_web.controls.isEncrypted = True - user_to_web.controls.authenticatesDestination = False - user_to_web.controls.checksDestinationRevocation = True - threat = threats["DE01"] - self.assertTrue(threat.apply(user_to_web)) - - with self.subTest("Dataflow doesn't check destination revocation"): - user = Actor("User") - web = Server("Web Server") - web.minTLSVersion = TLSVersion.TLSv12 - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.tlsVersion = TLSVersion.TLSv13 - user_to_web.controls.isEncrypted = True - user_to_web.controls.authenticatesDestination = True - user_to_web.controls.checksDestinationRevocation = False - threat = threats["DE01"] - self.assertTrue(threat.apply(user_to_web)) - - with self.subTest("Dataflow is response"): - user = Actor("User") - web = Server("Web Server") - web.minTLSVersion = TLSVersion.TLSv12 - user_to_web = Dataflow(user, web, "User enters comments (*)") - user_to_web.isResponse = True - user_to_web.tlsVersion = TLSVersion.TLSv13 - user_to_web.controls.isEncrypted = True - user_to_web.controls.authenticatesDestination = False - user_to_web.controls.checksDestinationRevocation = False - threat = threats["DE01"] - self.assertFalse(threat.apply(user_to_web)) + # Dataflow is response + user = Actor("User") + web = Server("Web Server") + web.minTLSVersion = TLSVersion.TLSv12 + user_to_web = Dataflow(user, web, "User enters comments (*)") + user_to_web.isResponse = True + user_to_web.tlsVersion = TLSVersion.TLSv13 + user_to_web.controls.isEncrypted = True + user_to_web.controls.authenticatesDestination = False + user_to_web.controls.checksDestinationRevocation = False + threat = threats["DE01"] + assert not threat.apply(user_to_web) def test_DE02(self): web = Server("Web Server") @@ -737,8 +709,8 @@ def test_DE02(self): process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["DE02"] - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(process1)) + assert threat.apply(web) + assert threat.apply(process1) def test_API01(self): process1 = Process("Process1") @@ -746,8 +718,8 @@ def test_API01(self): process1.implementsAPI = True lambda1.implementsAPI = True threat = threats["API01"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_AC01(self): web = Server("Web Server") @@ -760,21 +732,21 @@ def test_AC01(self): db.controls.hasAccessControl = False db.controls.authorizesSource = False threat = threats["AC01"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(db)) + assert threat.apply(process1) + assert threat.apply(web) + assert threat.apply(db) def test_INP07(self): process1 = Process("Process1") process1.controls.usesSecureFunctions = False threat = threats["INP07"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC02(self): db = Datastore("DB") db.isShared = True threat = threats["AC02"] - self.assertTrue(threat.apply(db)) + assert threat.apply(db) def test_DO01(self): process1 = Process("Process1") @@ -783,15 +755,15 @@ def test_DO01(self): process1.controls.isResilient = False web.handlesResourceConsumption = True threat = threats["DO01"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(web) def test_HA01(self): web = Server("Web Server") web.controls.validatesInput = False web.controls.sanitizesInput = False threat = threats["HA01"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC03(self): process1 = Process("Process1") @@ -805,8 +777,8 @@ def test_AC03(self): lambda1.controls.validatesInput = False lambda1.controls.authorizesSource = False threat = threats["AC03"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_DO02(self): process1 = Process("Process1") @@ -818,10 +790,10 @@ def test_DO02(self): web.controls.handlesResourceConsumption = False db.controls.handlesResourceConsumption = False threat = threats["DO02"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(db)) + assert threat.apply(process1) + assert threat.apply(lambda1) + assert threat.apply(web) + assert threat.apply(db) def test_DS02(self): process1 = Process("Process1") @@ -829,8 +801,8 @@ def test_DS02(self): process1.environment = "Production" lambda1.environment = "Production" threat = threats["DS02"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_INP08(self): process1 = Process("Process1") @@ -843,28 +815,28 @@ def test_INP08(self): web.controls.validatesInput = False web.controls.sanitizesInput = False threat = threats["INP08"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(lambda1) + assert threat.apply(web) def test_INP09(self): web = Server("Web Server") web.controls.validatesInput = False threat = threats["INP09"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP10(self): web = Server("Web Server") web.controls.validatesInput = False threat = threats["INP10"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP11(self): web = Server("Web Server") web.controls.validatesInput = False web.controls.sanitizesInput = False threat = threats["INP11"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP12(self): process1 = Process("Process1") @@ -874,8 +846,8 @@ def test_INP12(self): lambda1.controls.checksInputBounds = False lambda1.controls.validatesInput = False threat = threats["INP12"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_AC04(self): user = Actor("User") @@ -885,7 +857,7 @@ def test_AC04(self): user_to_web.data = xml user_to_web.authorizesSource = False threat = threats["AC04"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_DO03(self): user = Actor("User") @@ -895,7 +867,7 @@ def test_DO03(self): xml = Data(name="user to web data", description="textual", format="XML") user_to_web.data = xml threat = threats["DO03"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_AC05(self): process1 = Process("Process1") @@ -905,7 +877,7 @@ def test_AC05(self): proc_to_web.protocol = "HTTPS" proc_to_web.controls.isEncrypted = True threat = threats["AC05"] - self.assertTrue(threat.apply(proc_to_web)) + assert threat.apply(proc_to_web) def test_INP13(self): process1 = Process("Process1") @@ -913,8 +885,8 @@ def test_INP13(self): process1.controls.validatesInput = False lambda1.controls.validatesInput = False threat = threats["INP13"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_INP14(self): process1 = Process("Process1") @@ -924,9 +896,9 @@ def test_INP14(self): lambda1.controls.validatesInput = False web.controls.validatesInput = False threat = threats["INP14"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(lambda1) + assert threat.apply(web) def test_DE03(self): user = Actor("User") @@ -936,7 +908,7 @@ def test_DE03(self): user_to_web.controls.isEncrypted = False user_to_web.usesVPN = False threat = threats["DE03"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_CR03(self): process1 = Process("Process1") @@ -944,8 +916,8 @@ def test_CR03(self): process1.implementsAuthenticationScheme = False web.implementsAuthenticationScheme = False threat = threats["CR03"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(web) def test_API02(self): process1 = Process("Process1") @@ -955,27 +927,27 @@ def test_API02(self): lambda1.implementsAPI = True lambda1.controls.validatesInput = False threat = threats["API02"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_HA02(self): EE = ExternalEntity("EE") EE.hasPhysicalAccess = True threat = threats["HA02"] - self.assertTrue(threat.apply(EE)) + assert threat.apply(EE) def test_DS03(self): web = Server("Web Server") web.isHardened = False threat = threats["DS03"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC06(self): web = Server("Web Server") web.isHardened = False web.controls.hasAccessControl = False threat = threats["AC06"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_HA03(self): web = Server("Web Server") @@ -983,47 +955,47 @@ def test_HA03(self): web.controls.encodesOutput = False web.isHardened = False threat = threats["HA03"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_SC02(self): web = Server("Web Server") web.controls.validatesInput = False web.controls.encodesOutput = False threat = threats["SC02"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC07(self): web = Server("Web Server") web.controls.hasAccessControl = False threat = threats["AC07"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP15(self): web = Server("Web Server") web.protocol = "IMAP" web.controls.sanitizesInput = False threat = threats["INP15"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_HA04(self): EE = ExternalEntity("ee") EE.hasPhysicalAccess = True threat = threats["HA04"] - self.assertTrue(threat.apply(EE)) + assert threat.apply(EE) def test_SC03(self): web = Server("Web Server") - web.controls.validatesInput = False web.controls.sanitizesInput = False - web.controls.hasAccessControl = False + web.controls.validatesInput = False + web.controls.encodesOutput = False threat = threats["SC03"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP16(self): web = Server("Web Server") web.controls.validatesInput = False threat = threats["INP16"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AA02(self): web = Server("Web Server") @@ -1031,15 +1003,15 @@ def test_AA02(self): web.authenticatesSource = False process1.authenticatesSource = False threat = threats["AA02"] - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(process1)) + assert threat.apply(web) + assert threat.apply(process1) def test_CR04(self): web = Server("Web Server") web.usesSessionTokens = True web.implementsNonce = False threat = threats["CR04"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_DO04(self): user = Actor("User") @@ -1050,7 +1022,7 @@ def test_DO04(self): user_to_web.data = xml user_to_web.handlesResources = False threat = threats["DO04"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_DS04(self): web = Server("Web Server") @@ -1058,7 +1030,7 @@ def test_DS04(self): web.controls.validatesInput = False web.controls.sanitizesInput = False threat = threats["DS04"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_SC04(self): web = Server("Web Server") @@ -1066,7 +1038,7 @@ def test_SC04(self): web.controls.validatesInput = False web.controls.encodesOutput = False threat = threats["SC04"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR05(self): web = Server("Web Server") @@ -1076,20 +1048,20 @@ def test_CR05(self): db.controls.usesEncryptionAlgorithm != "RSA" db.controls.usesEncryptionAlgorithm != "AES" threat = threats["CR05"] - self.assertTrue(threat.apply(web)) - self.assertTrue(threat.apply(db)) + assert threat.apply(web) + assert threat.apply(db) def test_AC08(self): web = Server("Web Server") web.controls.hasAccessControl = False threat = threats["AC08"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_DS05(self): web = Server("Web Server") web.usesCache = True threat = threats["DS05"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_DS06(self): threat = threats["DS06"] @@ -1108,43 +1080,43 @@ def create_dataflow( flow_.data = Data("Data", classification=data) return flow_ - with self.subTest("Doesn't apply unless dataflow has data defined"): - dataflow = create_dataflow(define_data=False) - self.assertFalse(threat.apply(dataflow)) + # Doesn't apply unless dataflow has data defined + dataflow = create_dataflow(define_data=False) + assert not threat.apply(dataflow) - with self.subTest("Data classification equals sink, source and dataflow"): - dataflow = create_dataflow() - self.assertFalse(threat.apply(dataflow)) + # Data classification equals sink, source and dataflow + dataflow = create_dataflow() + assert not threat.apply(dataflow) - with self.subTest("Data classification is less than sink, source and dataflow"): - dataflow = create_dataflow(data=Classification.PUBLIC) - self.assertFalse(threat.apply(dataflow)) + # Data classification is less than sink, source and dataflow + dataflow = create_dataflow(data=Classification.PUBLIC) + assert not threat.apply(dataflow) - with self.subTest("Data classification exceeds source"): - dataflow = create_dataflow(source=Classification.PUBLIC) - self.assertTrue(threat.apply(dataflow)) + # Data classification exceeds source + dataflow = create_dataflow(source=Classification.PUBLIC) + assert threat.apply(dataflow) - with self.subTest("Data classification exceeds sink"): - dataflow = create_dataflow(sink=Classification.PUBLIC) - self.assertTrue(threat.apply(dataflow)) + # Data classification exceeds sink + dataflow = create_dataflow(sink=Classification.PUBLIC) + assert threat.apply(dataflow) - with self.subTest("Data classification exceeds dataflow"): - dataflow = create_dataflow(dataflow=Classification.PUBLIC) - self.assertTrue(threat.apply(dataflow)) + # Data classification exceeds dataflow + dataflow = create_dataflow(dataflow=Classification.PUBLIC) + assert threat.apply(dataflow) def test_SC05(self): web = Server("Web Server") web.providesIntegrity = False web.controls.usesCodeSigning = False threat = threats["SC05"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP17(self): web = Server("Web Server") web.controls.validatesContentType = False web.invokesScriptFilters = False threat = threats["INP17"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AA03(self): web = Server("Web Server") @@ -1152,21 +1124,21 @@ def test_AA03(self): web.authenticatesSource = False web.controls.usesStrongSessionIdentifiers = False threat = threats["AA03"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC09(self): web = Server("Web Server") web.controls.hasAccessControl = False web.authorizesSource = False threat = threats["AC09"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP18(self): web = Server("Web Server") web.controls.sanitizesInput = False web.controls.encodesOutput = False threat = threats["INP18"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR06(self): user = Actor("User") @@ -1177,7 +1149,7 @@ def test_CR06(self): user_to_web.implementsAuthenticationScheme = False user_to_web.authorizesSource = False threat = threats["CR06"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_AC10(self): user = Actor("User") @@ -1191,7 +1163,7 @@ def test_AC10(self): user_to_web.tlsVersion = TLSVersion.SSLv3 web.inputs = [user_to_web] threat = threats["AC10"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR07(self): user = Actor("User") @@ -1201,7 +1173,7 @@ def test_CR07(self): xml = Data(name="user to web data", description="textual", format="XML") user_to_web.data = xml threat = threats["CR07"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_AA04(self): web = Server("Web Server") @@ -1209,7 +1181,7 @@ def test_AA04(self): web.providesIntegrity = False web.authorizesSource = False threat = threats["AA04"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_CR08(self): user = Actor("User") @@ -1220,40 +1192,40 @@ def test_CR08(self): user_to_web.controls.isEncrypted = True user_to_web.tlsVersion = TLSVersion.SSLv3 threat = threats["CR08"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_INP19(self): web = Server("Web Server") web.usesXMLParser = False web.disablesDTD = False threat = threats["INP19"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP20(self): process1 = Process("process") process1.disablesiFrames = False threat = threats["INP20"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC11(self): web = Server("Web Server") web.controls.usesStrongSessionIdentifiers = False threat = threats["AC11"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP21(self): web = Server("Web Server") web.usesXMLParser = False web.disablesDTD = False threat = threats["INP21"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP22(self): web = Server("Web Server") web.usesXMLParser = False web.disablesDTD = False threat = threats["INP22"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP23(self): process1 = Process("Process") @@ -1261,7 +1233,7 @@ def test_INP23(self): process1.controls.sanitizesInput = False process1.controls.validatesInput = False threat = threats["INP23"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_DO05(self): web = Server("Web Server") @@ -1269,21 +1241,21 @@ def test_DO05(self): web.controls.sanitizesInput = False web.usesXMLParser = True threat = threats["DO05"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC12(self): process1 = Process("Process") process1.hasAccessControl = False process1.controls.implementsPOLP = False threat = threats["AC12"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC13(self): process1 = Process("Process") process1.hasAccessControl = False process1.controls.implementsPOLP = False threat = threats["AC13"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC14(self): process1 = Process("Process") @@ -1291,7 +1263,7 @@ def test_AC14(self): process1.usesEnvironmentVariables = False process1.controls.validatesInput = False threat = threats["AC14"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP24(self): process1 = Process("Process") @@ -1301,8 +1273,8 @@ def test_INP24(self): lambda1.controls.checksInputBounds = False lambda1.controls.validatesInput = False threat = threats["INP24"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_INP25(self): process1 = Process("Process") @@ -1312,8 +1284,8 @@ def test_INP25(self): lambda1.controls.validatesInput = False lambda1.controls.sanitizesInput = False threat = threats["INP25"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_INP26(self): process1 = Process("Process") @@ -1323,15 +1295,15 @@ def test_INP26(self): lambda1.controls.validatesInput = False lambda1.controls.sanitizesInput = False threat = threats["INP26"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(lambda1)) + assert threat.apply(process1) + assert threat.apply(lambda1) def test_INP27(self): process1 = Process("Process") process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP27"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP28(self): web = Server("Web Server") @@ -1343,8 +1315,8 @@ def test_INP28(self): process1.controls.sanitizesInput = False process1.controls.encodesOutput = False threat = threats["INP28"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(web) def test_INP29(self): web = Server("Web Server") @@ -1356,15 +1328,15 @@ def test_INP29(self): process1.controls.sanitizesInput = False process1.controls.encodesOutput = False threat = threats["INP29"] - self.assertTrue(threat.apply(process1)) - self.assertTrue(threat.apply(web)) + assert threat.apply(process1) + assert threat.apply(web) def test_INP30(self): process1 = Process("Process") process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP30"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP31(self): process1 = Process("Process") @@ -1372,7 +1344,7 @@ def test_INP31(self): process1.controls.sanitizesInput = False process1.controls.usesParameterizedInput = False threat = threats["INP31"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP32(self): process1 = Process("Process") @@ -1380,54 +1352,54 @@ def test_INP32(self): process1.controls.sanitizesInput = False process1.controls.encodesOutput = False threat = threats["INP32"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP33(self): process1 = Process("Process") process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP33"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP34(self): web = Server("web") web.controls.checksInputBounds = False threat = threats["INP34"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP35(self): process1 = Process("Process") process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP35"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_DE04(self): data = Datastore("DB") data.controls.validatesInput = False data.controls.implementsPOLP = False threat = threats["DE04"] - self.assertTrue(threat.apply(data)) + assert threat.apply(data) def test_AC15(self): process1 = Process("Process") process1.controls.implementsPOLP = False threat = threats["AC15"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP36(self): web = Server("web") web.implementsStrictHTTPValidation = False web.controls.encodesHeaders = False threat = threats["INP36"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP37(self): web = Server("web") web.implementsStrictHTTPValidation = False web.controls.encodesHeaders = False threat = threats["INP37"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP38(self): process1 = Process("Process") @@ -1435,14 +1407,14 @@ def test_INP38(self): process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP38"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC16(self): web = Server("web") web.controls.usesStrongSessionIdentifiers = False web.controls.encryptsCookies = False threat = threats["AC16"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_INP39(self): process1 = Process("Process") @@ -1450,7 +1422,7 @@ def test_INP39(self): process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP39"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP40(self): process1 = Process("Process") @@ -1458,13 +1430,13 @@ def test_INP40(self): process1.controls.sanitizesInput = False process1.controls.validatesInput = False threat = threats["INP40"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC17(self): web = Server("web") web.controls.usesStrongSessionIdentifiers = False threat = threats["AC17"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC18(self): process1 = Process("Process") @@ -1472,36 +1444,36 @@ def test_AC18(self): process1.controls.encryptsCookies = False process1.controls.definesConnectionTimeout = False threat = threats["AC18"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_INP41(self): process1 = Process("Process") process1.controls.validatesInput = False process1.controls.sanitizesInput = False threat = threats["INP41"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC19(self): web = Server("web") web.usesSessionTokens = True web.implementsNonce = False threat = threats["AC19"] - self.assertTrue(threat.apply(web)) + assert threat.apply(web) def test_AC20(self): process1 = Process("Process") - process1.controlsdefinesConnectionTimeout = False + process1.controls.definesConnectionTimeout = False process1.controls.usesMFA = False process1.controls.encryptsSessionData = False threat = threats["AC20"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC21(self): process1 = Process("Process") process1.implementsCSRFToken = False process1.verifySessionIdentifiers = False threat = threats["AC21"] - self.assertTrue(threat.apply(process1)) + assert threat.apply(process1) def test_AC23(self): user = Actor("User") @@ -1513,7 +1485,7 @@ def test_AC23(self): user_to_web.protocol = "HTTPS" user_to_web.controls.isEncrypted = True threat = threats["AC23"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_AC24(self): user = Actor("User") @@ -1525,7 +1497,7 @@ def test_AC24(self): user_to_web.protocol = "HTTPS" user_to_web.controls.isEncrypted = True threat = threats["AC24"] - self.assertTrue(threat.apply(user_to_web)) + assert threat.apply(user_to_web) def test_DR01(self): web = Server("Web Server") @@ -1534,4 +1506,4 @@ def test_DR01(self): insert.data = Data("ssn", isPII=True, isStored=True) insert.controls.isEncrypted = False threat = threats["DR01"] - self.assertTrue(threat.apply(insert)) + assert threat.apply(insert) diff --git a/tests/test_sql_dump.py b/tests/test_sql_dump.py new file mode 100644 index 00000000..7056e2d5 --- /dev/null +++ b/tests/test_sql_dump.py @@ -0,0 +1,72 @@ +import random +import sqlite3 +from pathlib import Path + +import pytest + +from pytm import Boundary, Server, Threat, TM + + +@pytest.fixture +def sample_tm(): + TM.reset() + random.seed(0) + tm = TM("sql dump tm", description="desc") + + internet = Boundary("Internet") + server_db = Boundary("Server/DB", inBoundary=internet) + Server("Web Server", inBoundary=server_db) + + TM._threats = [ + Threat( + SID="SRV001", + description="Server threat", + severity="High", + target="Server", + ) + ] + + tm.resolve() + assert tm.findings, "Expected at least one finding for sqlDump tests" + return tm + + +def _open_connection(tmp_path: Path) -> sqlite3.Connection: + db_path = tmp_path / "sqldump" / "test.db" + return sqlite3.connect(db_path) + + +def test_sql_dump_creates_serialized_columns(sample_tm, tmp_path, monkeypatch): + monkeypatch.chdir(tmp_path) + + sample_tm.sqlDump("test.db") + + with _open_connection(tmp_path) as conn: + column_names = { + column_info[1].lower() + for column_info in conn.execute("PRAGMA table_info(Boundary)") + } + + assert {"name", "inscope", "inboundary"}.issubset(column_names) + + +def test_sql_dump_persists_element_and_finding_data(sample_tm, tmp_path, monkeypatch): + monkeypatch.chdir(tmp_path) + + sample_tm.sqlDump("test.db") + + with _open_connection(tmp_path) as conn: + boundary_rows = conn.execute( + "SELECT name, inBoundary FROM Boundary ORDER BY id" + ).fetchall() + server_rows = conn.execute( + "SELECT name, inBoundary FROM Server ORDER BY id" + ).fetchall() + finding_rows = conn.execute( + "SELECT threat_id FROM Finding ORDER BY id" + ).fetchall() + + assert ("Internet", None) in boundary_rows + assert ("Server/DB", "Internet") in boundary_rows + assert ("Web Server", "Server/DB") in server_rows + assert [row[0] for row in finding_rows] == ["SRV001"] \ No newline at end of file