Fix SCA checks query with condition field #18434

GGP1 · 2023-08-15T16:16:37Z

Related issue
Closes #18314

Description

Overwrites the _pass_filter method on WazuhDBQuerySCACheckIDs to avoid skipping filters that have the field condition and the value all.

To do this, I added the field value to _pass_filter because overwriting the method to just return False would cause an undesired behavior when receiving queries to any other field with the value all.

For example, policy_id=all would return results with a policy_id equal to all instead of all of them (expected behaviour, as in all the other endpoints).

Logs/Alerts example

/sca/001/checks/cis_ubuntu20-04?q=condition=all

{
    "data": {
        "affected_items": [
            ...
        ],
        "total_affected_items": 169,
        "total_failed_items": 0,
        "failed_items": []
    },
    "message": "All selected sca/policy information was returned",
    "error": 0
}

Tests

test_sca_endpoints.tavern.yaml

(venv) gasti@pop-os:~/work/wazuh/api/test/integration$ pytest -vv test_sca_endpoints.tavern.yaml
======================================================== test session starts ========================================================
platform linux -- Python 3.9.16, pytest-7.3.1, pluggy-1.0.0 -- /home/gasti/work/wazuh/venv/bin/python
cachedir: .pytest_cache
metadata: {'Python': '3.9.16', 'Platform': 'Linux-6.2.0-76060200-generic-x86_64-with-glibc2.35', 'Packages': {'pytest': '7.3.1', 'pluggy': '1.0.0'}, 'Plugins': {'asyncio': '0.18.1', 'tavern': '1.23.5', 'trio': '0.7.0', 'html': '2.1.1', 'aiohttp': '1.0.4', 'metadata': '3.0.0'}}
rootdir: /home/gasti/work/wazuh/api/test/integration
configfile: pytest.ini
plugins: asyncio-0.18.1, tavern-1.23.5, trio-0.7.0, html-2.1.1, aiohttp-1.0.4, metadata-3.0.0
asyncio: mode=auto
collected 46 items                                                                                                                  

test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} for agents with Wazuh version >=4.2.0 (001) and <4.2.0 (006) PASSED       [  2%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[policy_id] PASSED                             [  4%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[name] PASSED                                  [  6%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[description] PASSED                           [  8%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[references] PASSED                            [ 10%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[pass] PASSED                                  [ 13%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[fail] PASSED                                  [ 15%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[score] PASSED                                 [ 17%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[invalid] PASSED                               [ 19%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[total_checks] PASSED                          [ 21%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[hash_file] PASSED                             [ 23%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[end_scan] PASSED                              [ 26%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized)[start_scan] PASSED                            [ 28%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[policy_id] PASSED                [ 30%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[name] PASSED                     [ 32%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[description] PASSED              [ 34%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[references] PASSED               [ 36%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[pass] PASSED                     [ 39%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[fail] PASSED                     [ 41%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[score] PASSED                    [ 43%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[invalid] PASSED                  [ 45%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[total_checks] PASSED             [ 47%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[hash_file] PASSED                [ 50%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[end_scan] PASSED                 [ 52%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id} using select (parametrized) and distinct[start_scan] PASSED               [ 54%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} PASSED                                                 [ 56%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id}?remediation XPASS                                      [ 58%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[policy_id] PASSED [ 60%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[remediation] PASSED [ 63%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[condition] PASSED [ 65%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[rules.rule] PASSED [ 67%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[rationale] PASSED [ 69%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[id] PASSED [ 71%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[command] PASSED [ 73%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[title] PASSED [ 76%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[reason] PASSED [ 78%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[description] PASSED [ 80%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[registry] PASSED [ 82%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[process] PASSED [ 84%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[rules.type] PASSED [ 86%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[file] PASSED [ 89%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[compliance.value] PASSED [ 91%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[directory] PASSED [ 93%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[result] PASSED [ 95%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[compliance.key] PASSED [ 97%]
test_sca_endpoints.tavern.yaml::GET /sca/{agent_id}/checks/{policy_id} using select and select + distinct (parametrized)[references] PASSED [100%]

======================================= 45 passed, 1 xpassed, 2 warnings in 455.21s (0:07:35) =======================================

fdalmaup

LGTM!

GGP1 self-assigned this Aug 15, 2023

Add field parameter to skip filters based on fields and values

0d15f61

GGP1 force-pushed the fix/18314-query-all-condition branch from 11d9fef to 0d15f61 Compare August 31, 2023 16:09

GGP1 changed the base branch from master to 4.5.3 August 31, 2023 16:09

fdalmaup self-requested a review September 4, 2023 11:35

fdalmaup approved these changes Sep 4, 2023

View reviewed changes

Selutario approved these changes Sep 15, 2023

View reviewed changes

Selutario merged commit 7766059 into 4.5.3 Sep 15, 2023
49 checks passed

Selutario deleted the fix/18314-query-all-condition branch September 15, 2023 08:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix SCA checks query with condition field #18434

Fix SCA checks query with condition field #18434

GGP1 commented Aug 15, 2023 •

edited

fdalmaup left a comment

Fix SCA checks query with condition field #18434

Fix SCA checks query with condition field #18434

Conversation

GGP1 commented Aug 15, 2023 • edited

Description

Logs/Alerts example

Tests

fdalmaup left a comment

Choose a reason for hiding this comment

GGP1 commented Aug 15, 2023 •

edited