Add an ID translation test for the OVAL object model

ComplianceAsCode · Nov 21, 2023 · 2394b67 · 2394b67
1 parent 5aaf914
commit 2394b67
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 0 deletions.
diff --git a/tests/unit/ssg-module/data/draft_oval.xml b/tests/unit/ssg-module/data/draft_oval.xml
@@ -1,9 +1,16 @@
 <?xml version="1.0"?>
 <ns0:oval_definitions xmlns:ns0="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:ns2="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:ns3="http://oval.mitre.org/XMLSchema/oval-definitions-5#independent" xmlns:ns4="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:ns5="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://oval.mitre.org/XMLSchema/oval-common-5 oval-common-schema.xsd         http://oval.mitre.org/XMLSchema/oval-definitions-5 oval-definitions-schema.xsd         http://oval.mitre.org/XMLSchema/oval-definitions-5#independent independent-definitions-schema.xsd         http://oval.mitre.org/XMLSchema/oval-definitions-5#unix unix-definitions-schema.xsd         http://oval.mitre.org/XMLSchema/oval-definitions-5#linux linux-definitions-schema.xsd">
+  <ns0:generator>
+    <ns2:product_name>Script combine_ovals.py from SCAP Security Guide</ns2:product_name>
+    <ns2:product_version>ssg: [0, 1, 71], python: 3.11.6</ns2:product_version>
+    <ns2:schema_version>5.11</ns2:schema_version>
+    <ns2:timestamp>2023-11-20T17:39:53</ns2:timestamp>
+  </ns0:generator>
   <ns0:definitions>
     <ns0:definition class="compliance" id="kerberos_disable_no_keytab" version="1">
       <ns0:metadata>
         <ns0:title>Disable Kerberos by removing host keytab</ns0:title>
+        <ns0:description>description is required</ns0:description>
       </ns0:metadata>
       <ns0:criteria>
         <ns0:criterion test_ref="test_kerberos_disable_no_keytab" comment="Restrict Kerberos operation by removing keytab files"/>

diff --git a/tests/unit/ssg-module/test_id_translate.py b/tests/unit/ssg-module/test_id_translate.py
@@ -5,6 +5,7 @@
 import xml.etree.ElementTree as ET
 
 import ssg.id_translate
+from ssg.oval_object_model import load_oval_document
 from ssg.constants import XCCDF12_NS, oval_namespace, ocil_namespace
 
 DATADIR = os.path.abspath(os.path.join(os.path.dirname(__file__), "data"))
@@ -110,6 +111,27 @@ def _parse_interesting_ids(oval_tree):
 
 
 def test_idtranslator_translate_oval_ids(idtranslator, oval_tree):
+    expected_definition_id = "oval:ssg-kerberos_disable_no_keytab:def:1"
+    expected_test_id = "oval:ssg-test_kerberos_disable_no_keytab:tst:1"
+    expected_object_id = "oval:ssg-obj_kerberos_disable_no_keytab:obj:1"
+    expected_state_id = "oval:ssg-filter_ssh_key_owner_root:ste:1"
+    oval_document = load_oval_document(oval_tree)
+    new_oval_document = idtranslator.translate_oval_document(oval_document)
+    new_tree = new_oval_document.get_xml_element()
+    real = _parse_interesting_ids(new_tree)
+    assert real.definition_id == expected_definition_id
+    assert real.criterion_test_ref == expected_test_id
+    assert real.criterion_test_ref == real.test_id
+    assert real.test_id == expected_test_id
+    assert real.object_ref == expected_object_id
+    assert real.object_ref == real.object_id
+    assert real.object_id == expected_object_id
+    assert real.filter_ref == expected_state_id
+    assert real.filter_ref == real.state_id
+    assert real.state_id == expected_state_id
+
+
+def test_idtranslator_translate_oval_ids_using_oval_object_model(idtranslator, oval_tree):
     expected_definition_id = "oval:ssg-kerberos_disable_no_keytab:def:1"
     expected_test_id = "oval:ssg-test_kerberos_disable_no_keytab:tst:1"
     expected_object_id = "oval:ssg-obj_kerberos_disable_no_keytab:obj:1"