Bug/resource extract auditing #51
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
lcarcaramo
reviewed
Nov 27, 2023
lcarcaramo
reviewed
Nov 27, 2023
lcarcaramo
reviewed
Nov 27, 2023
lcarcaramo
reviewed
Nov 27, 2023
ElijahSwiftIBM
added a commit
that referenced
this pull request
Jan 8, 2024
Change audit rules doc to match new functional structure from PR #51 Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
lcarcaramo
reviewed
Jan 9, 2024
lcarcaramo
reviewed
Jan 9, 2024
lcarcaramo
reviewed
Jan 16, 2024
tests/resource/resource_log_samples/alter_resource_alter_audit_by_audit_alter_access_error.log
Outdated
Show resolved
Hide resolved
lcarcaramo
reviewed
Jan 16, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 18, 2024
lcarcaramo
reviewed
Jan 24, 2024
lcarcaramo
reviewed
Jan 24, 2024
ElijahSwiftIBM
added a commit
that referenced
this pull request
Jan 25, 2024
Change audit rules doc to match new functional structure from PR #51 Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
Fix bug on general resource extract of auditing rules. Add Settrs and Gettrs to fine-tune general resource profile auditing rules. Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-Added unit testing for 19 new Getter and Setter functions -Includes new category "compound" setters for multi-operation -Added logging of steps dictionary to debug logging Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-Draft of restructuring audit rules getters and settrs -needs some new unit tests for "new" functionality (clear by access level) -needs documentation changes -first we need to see if this is fixed Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-remove clear_audit_by x functions -remove steps dictionary from debug logging -remove instances of extracts within the steps dictionaries Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-Update branch from main -add "testuser" to tests Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-Redesign test architecture of RACF audit rules "compound settrs" for new code format -Each function is tested for one arg, multiple args, all args and no args to hit all code paths -Change clear all audit rules to remove all audit rules -change test names -move compound settr test into settrs tests -remove logging dependency for "compound" settrs testing by mocking extract calls Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
various naming changes and refactoring for code to trigger value error in `by_attempt` functions Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
Refactor code to validate the access levels specified in `by_attempt` audit functions. Change `ValueError` message text raised by these functions. Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
-Catch misc debug prints -Change to 1.0b4 -Add unit testing for get_audit_rules edge cases -refactor some audit rules code Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
ElijahSwiftIBM
force-pushed
the
bug/resource_extract_auditing
branch
from
997aa67 to
caefa89
Compare
-Add ValueError for duplicate attempt types -Change unit testing to add coverage Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
lcarcaramo
reviewed
Jan 29, 2024
lcarcaramo
reviewed
Jan 29, 2024
lcarcaramo
reviewed
Jan 29, 2024
lcarcaramo
reviewed
Jan 29, 2024
Refactor code and change wording associated with ValueError for duplicate values in `by_attempt` function. Change `alter_audit_rules` functions to use `get_audit_rules` and mock `get_audit_rules` call rather than `extract` as `_get_field` doesn't work in `generate_requests_only` mode. Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
remove debug print Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
lcarcaramo
reviewed
Jan 30, 2024
lcarcaramo
reviewed
Jan 30, 2024
Change audit_by to audit_rules_by Remove EXTRACT_PROFILE from get_audit_rules testing Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
Change test variables to address E501 errors. Signed-off-by: Elijah Swift <elijah.swift@ibm.com>
lcarcaramo
approved these changes
Jan 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
💡 Issue Reference
Issue: #40
💻 What does this address?
Audit rules were not properly handled by General Resource profile extract. There can be multiple entries in this category.
Additionally, new features were added to manipulate these audit rules to provide smoother test interfaces and future use of these traits.
📟 Implementation Details
Logic was changed in general resource profile extract to break apart multi-entry sections that present like Auditing Rules.
Added several getters and setters including new compound setters that use information obtained in an extract to apply proper traits in an alter.
📋 Is there a test case?
I edited existing test cases for profile extract to use an audit rules value that would have failed in the previous implementation.
New test cases were added for the getters and setters including a new test case type that leverages debug logging as the compound setters needed to verify both request building and result parsing while mocking in the initial extract request, so the conventional architecture of generaterequestonly could not fully satisfy this.