From 224b0c55ed7a4a55ddc500cd447efef989618b74 Mon Sep 17 00:00:00 2001 From: Alden Hilton Date: Wed, 3 Jan 2024 11:30:12 -0800 Subject: [PATCH] Ensure test names are unique --- .../commoncontrols/commoncontrols03_test.rego | 2 +- .../commoncontrols/commoncontrols04_test.rego | 2 +- Testing/RegoTests/drive/drive01_test.rego | 101 ++--- Testing/RegoTests/drive/drive02_test.rego | 72 ++-- Testing/RegoTests/drive/drive05_test.rego | 2 +- Testing/RegoTests/gmail/gmail05_test.rego | 406 +----------------- Testing/RegoTests/gmail/gmail06_test.rego | 4 +- Testing/RegoTests/gmail/gmail07_test.rego | 2 +- Testing/RegoTests/gmail/gmail09_test.rego | 2 +- Testing/RegoTests/groups/groups07_test.rego | 6 +- 10 files changed, 109 insertions(+), 490 deletions(-) diff --git a/Testing/RegoTests/commoncontrols/commoncontrols03_test.rego b/Testing/RegoTests/commoncontrols/commoncontrols03_test.rego index 71be89eb..55a47f41 100644 --- a/Testing/RegoTests/commoncontrols/commoncontrols03_test.rego +++ b/Testing/RegoTests/commoncontrols/commoncontrols03_test.rego @@ -250,7 +250,7 @@ test_SSO_Incorrect_V4 if { "is non-compliant; manual check recommended." ])} -test_SSO_Incorrect_V4 if { +test_SSO_Incorrect_V5 if { # Test multiple OUs PolicyId := "GWS.COMMONCONTROLS.3.1v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/commoncontrols/commoncontrols04_test.rego b/Testing/RegoTests/commoncontrols/commoncontrols04_test.rego index 183a76f9..6d453d15 100644 --- a/Testing/RegoTests/commoncontrols/commoncontrols04_test.rego +++ b/Testing/RegoTests/commoncontrols/commoncontrols04_test.rego @@ -319,7 +319,7 @@ test_Limit_Incorrect_V4 if { "is non-compliant; manual check recommended." ])} -test_Limit_Incorrect_V4 if { +test_Limit_Incorrect_V5 if { # Test no relevant events in top-level OU PolicyId := "GWS.COMMONCONTROLS.4.1v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/drive/drive01_test.rego b/Testing/RegoTests/drive/drive01_test.rego index 4de668ca..d0226086 100644 --- a/Testing/RegoTests/drive/drive01_test.rego +++ b/Testing/RegoTests/drive/drive01_test.rego @@ -275,11 +275,12 @@ test_Sharing_Incorrect_V5 if { "is non-compliant; manual check recommended." ]) } +#-- # # GWS.DRIVEDOCS.1.2v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_Receiving_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -307,7 +308,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_Receiving_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -345,7 +346,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_Receiving_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -383,7 +384,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_Receiving_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -415,7 +416,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_Receiving_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -443,7 +444,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_Receiving_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -481,7 +482,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_Receiving_Incorrect_V4 if { # Test sharing setting when there are multiple OUs, top OU is compliant but secondary isn't PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -519,7 +520,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_Receiving_Incorrect_V5 if { # Test sharing setting when top level OU is not present PolicyId := "GWS.DRIVEDOCS.1.2v0.1" Output := tests with input as { @@ -554,7 +555,7 @@ test_SharingChecker_Incorrect_V5 if { # # GWS.DRIVEDOCS.1.3v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_Warnings_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -582,7 +583,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_Warnings_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -620,7 +621,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_Warningsr_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -658,7 +659,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_Warnings_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -690,7 +691,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_Warnings_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -718,7 +719,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_Warningsr_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -756,7 +757,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_Warnings_Incorrect_V4 if { # Test sharing setting when Top OU is correct but not secondary OU PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -794,7 +795,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_Warnings_Incorrect_V5 if { # Test sharing setting when Top OU is not present PolicyId := "GWS.DRIVEDOCS.1.3v0.1" Output := tests with input as { @@ -829,7 +830,7 @@ test_SharingChecker_Incorrect_V5 if { # # GWS.DRIVEDOCS.1.4v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_NonGoogle_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -857,7 +858,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_NonGoogle_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -895,7 +896,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_NonGoogle_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -933,7 +934,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_NonGoogle_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -965,7 +966,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_NonGoogle_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -993,7 +994,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_NonGoogle_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -1031,7 +1032,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_NonGoogle_Incorrect_V4 if { # Test sharing setting when Top OU is correct but not secondary OU PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -1069,7 +1070,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_NonGoogle_Incorrect_V5 if { # Test sharing setting when Top OU is not present PolicyId := "GWS.DRIVEDOCS.1.4v0.1" Output := tests with input as { @@ -1104,7 +1105,7 @@ test_SharingChecker_Incorrect_V5 if { # # GWS.DRIVEDOCS.1.5v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_Link_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1132,7 +1133,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_Link_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1170,7 +1171,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_Link_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1208,7 +1209,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_Link_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1240,7 +1241,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_Link_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1268,7 +1269,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_Link_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1306,7 +1307,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_Link_Incorrect_V4 if { # Test sharing setting when Top OU is correct but not secondary OU PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1344,7 +1345,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_Link_Incorrect_V5 if { # Test sharing setting when Top OU is not present PolicyId := "GWS.DRIVEDOCS.1.5v0.1" Output := tests with input as { @@ -1375,10 +1376,11 @@ test_SharingChecker_Incorrect_V5 if { "is non-compliant; manual check recommended." ]) } +#-- + # # GWS.DRIVEDOCS.1.6v0.1 #-- - test_SharingChecker_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.6v0.1" @@ -1654,7 +1656,7 @@ test_SharingChecker_Incorrect_V5 if { # # GWS.DRIVEDOCS.1.7v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_CrossDomain_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1682,7 +1684,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_CrossDomain_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1720,7 +1722,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_CrossDomain_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1758,7 +1760,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_CrossDomain_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1790,7 +1792,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_CrossDomain_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1818,7 +1820,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_CrossDomain_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1856,7 +1858,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_CrossDomain_Incorrect_V4 if { # Test sharing setting when Top OU is correct but not secondary OU PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1894,7 +1896,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_CrossDomain_Incorrect_V5 if { # Test sharing setting when Top OU is not present PolicyId := "GWS.DRIVEDOCS.1.7v0.1" Output := tests with input as { @@ -1925,11 +1927,12 @@ test_SharingChecker_Incorrect_V5 if { "is non-compliant; manual check recommended." ]) } +#-- # # GWS.DRIVEDOCS.1.8v0.1 #-- -test_SharingChecker_Correct_V1 if { +test_Default_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -1957,7 +1960,7 @@ test_SharingChecker_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V2 if { +test_Default_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -1995,7 +1998,7 @@ test_SharingChecker_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Correct_V3 if { +test_Default_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -2033,7 +2036,7 @@ test_SharingChecker_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SharingChecker_Incorrect_V1 if { +test_Default_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -2065,7 +2068,7 @@ test_SharingChecker_Incorrect_V1 if { ]) } -test_SharingChecker_Incorrect_V2 if { +test_Default_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -2093,7 +2096,7 @@ test_SharingChecker_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V3 if { +test_Default_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -2131,7 +2134,7 @@ test_SharingChecker_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_SharingChecker_Incorrect_V4 if { +test_Default_Incorrect_V4 if { # Test sharing setting when Top OU is correct but not secondary OU PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { @@ -2169,7 +2172,7 @@ test_SharingChecker_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_SharingChecker_Incorrect_V5 if { +test_Default_Incorrect_V5 if { # Test sharing setting when Top OU is not present PolicyId := "GWS.DRIVEDOCS.1.8v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/drive/drive02_test.rego b/Testing/RegoTests/drive/drive02_test.rego index 85f04b29..f61ec950 100644 --- a/Testing/RegoTests/drive/drive02_test.rego +++ b/Testing/RegoTests/drive/drive02_test.rego @@ -277,9 +277,9 @@ test_Sharing_Incorrect_V5 if { } # -# Baseline 2.2 - Policy 2 +# GWS.DRIVEDOCS.2.2v0.1 #-- -test_Sharing_Correct_V1 if { +test_Managers_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -307,7 +307,7 @@ test_Sharing_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V2 if { +test_Managers_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -345,7 +345,7 @@ test_Sharing_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V3 if { +test_Managers_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -383,7 +383,7 @@ test_Sharing_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Incorrect_V1 if { +test_Managers_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -415,7 +415,7 @@ test_Sharing_Incorrect_V1 if { ]) } -test_Sharing_Incorrect_V2 if { +test_Managers_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -443,7 +443,7 @@ test_Sharing_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V3 if { +test_Managers_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -481,7 +481,7 @@ test_Sharing_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V4 if { +test_Managers_Incorrect_V4 if { # Test sharing setting when top OU is correct but secondary isn't PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -519,7 +519,7 @@ test_Sharing_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_Sharing_Incorrect_V5 if { +test_Managers_Incorrect_V5 if { # Test sharing setting when top OU is missing PolicyId := "GWS.DRIVEDOCS.2.2v0.1" Output := tests with input as { @@ -552,9 +552,9 @@ test_Sharing_Incorrect_V5 if { } # -# Baseline 2.2 - Policy 3 +# GWS.DRIVEDOCS.2.3v0.1 #-- -test_Sharing_Correct_V1 if { +test_Outside_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -585,7 +585,7 @@ test_Sharing_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V2 if { +test_Outside_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -629,7 +629,7 @@ test_Sharing_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V3 if { +test_Outside_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -673,7 +673,7 @@ test_Sharing_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Incorrect_V1 if { +test_Outside_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -705,7 +705,7 @@ test_Sharing_Incorrect_V1 if { ]) } -test_Sharing_Incorrect_V2 if { +test_Outside_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -736,7 +736,7 @@ test_Sharing_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V3 if { +test_Outside_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -780,7 +780,7 @@ test_Sharing_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V4 if { +test_Outside_Incorrect_V4 if { # Test sharing setting when top OU is correct but secondary isn't PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -824,7 +824,7 @@ test_Sharing_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_Sharing_Incorrect_V5 if { +test_Outside_Incorrect_V5 if { # Test sharing setting when top OU is missing PolicyId := "GWS.DRIVEDOCS.2.3v0.1" Output := tests with input as { @@ -860,9 +860,9 @@ test_Sharing_Incorrect_V5 if { } # -# Baseline 2.2 - Policy 4 +# GWS.DRIVEDOCS.2.4v0.1 #-- -test_Sharing_Correct_V1 if { +test_SharedDrive_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -893,7 +893,7 @@ test_Sharing_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V2 if { +test_SharedDrive_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -937,7 +937,7 @@ test_Sharing_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V3 if { +test_SharedDrive_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -981,7 +981,7 @@ test_Sharing_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Incorrect_V1 if { +test_SharedDrive_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -1013,7 +1013,7 @@ test_Sharing_Incorrect_V1 if { ]) } -test_Sharing_Incorrect_V2 if { +test_SharedDrive_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -1044,7 +1044,7 @@ test_Sharing_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V3 if { +test_SharedDrive_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -1088,7 +1088,7 @@ test_Sharing_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V4 if { +test_SharedDrive_Incorrect_V4 if { # Test sharing setting when top OU is correct but secondary isn't PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -1132,7 +1132,7 @@ test_Sharing_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_Sharing_Incorrect_V5 if { +test_SharedDrive_Incorrect_V5 if { # Test sharing setting when top OU is missing PolicyId := "GWS.DRIVEDOCS.2.4v0.1" Output := tests with input as { @@ -1168,9 +1168,9 @@ test_Sharing_Incorrect_V5 if { } # -# Baseline 2.2 - Policy 5 +# GWS.DRIVEDOCS.2.5v0.1 #-- -test_Sharing_Correct_V1 if { +test_Viewers_Correct_V1 if { # Test sharing setting when there's only one event PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1198,7 +1198,7 @@ test_Sharing_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V2 if { +test_Viewers_Correct_V2 if { # Test sharing setting when there's multiple events and the most most recent is correct PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1236,7 +1236,7 @@ test_Sharing_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Correct_V3 if { +test_Viewers_Correct_V3 if { # Test sharing setting when there's multiple OUs PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1274,7 +1274,7 @@ test_Sharing_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_Sharing_Incorrect_V1 if { +test_Viewers_Incorrect_V1 if { # Test sharing setting when there are no relevant events PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1306,7 +1306,7 @@ test_Sharing_Incorrect_V1 if { ]) } -test_Sharing_Incorrect_V2 if { +test_Viewers_Incorrect_V2 if { # Test sharing setting when there's only one event and it's wrong PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1334,7 +1334,7 @@ test_Sharing_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V3 if { +test_Viewers_Incorrect_V3 if { # Test sharing setting when there are multiple events and the most recent is wrong PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1372,7 +1372,7 @@ test_Sharing_Incorrect_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_Sharing_Incorrect_V4 if { +test_Viewers_Incorrect_V4 if { # Test sharing setting when top OU is correct but secondary isn't PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { @@ -1410,7 +1410,7 @@ test_Sharing_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_Sharing_Incorrect_V5 if { +test_Viewers_Incorrect_V5 if { # Test sharing setting when top OU is missing PolicyId := "GWS.DRIVEDOCS.2.5v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/drive/drive05_test.rego b/Testing/RegoTests/drive/drive05_test.rego index d2fca602..510495b7 100644 --- a/Testing/RegoTests/drive/drive05_test.rego +++ b/Testing/RegoTests/drive/drive05_test.rego @@ -244,7 +244,7 @@ test_Sharing_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Secondary OU." } -test_Sharing_Incorrect_V4 if { +test_Sharing_Incorrect_V5 if { # Test sharing setting when top level OU is missing PolicyId := "GWS.DRIVEDOCS.5.1v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/gmail/gmail05_test.rego b/Testing/RegoTests/gmail/gmail05_test.rego index e07cd878..3b06cdd1 100644 --- a/Testing/RegoTests/gmail/gmail05_test.rego +++ b/Testing/RegoTests/gmail/gmail05_test.rego @@ -2,143 +2,10 @@ package gmail import future.keywords # -# GWS.GMAIL.5.2v0.1 +# GWS.GMAIL.5.1v0.1 #-- -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Correct_V1 if { - # Test Attachment Protections when there's only one event - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement met in all OUs." -} -test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V2 if { - # Test Attachment Protections when there's multiple events and the most recent is correct - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - }, - { - "id": {"time": "2021-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "false"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement met in all OUs." -} - -test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V3 if { - # Test Attachment Protections when there's correct events in multiple OUs - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - }, - { - "id": {"time": "2022-12-21T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Secondary OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "Test Top-Level OU" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement met in all OUs." -} - -test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Correct_V4 if { +test_Encrypted_Correct_V1 if { # Test inheritance PolicyId := "GWS.GMAIL.5.1v0.1" Output := tests with input as { @@ -198,123 +65,8 @@ test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Correct_V4 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V1 if { - # Test Attachment Protections when there are no relevant events - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - {"name": "SETTING_NAME", "value": "Something else"}, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet - RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == concat("", [ - "No relevant event in the current logs for the top-level OU, Test Top-Level OU. ", - "While we are unable to determine the state from the logs, the default setting ", - "is non-compliant; manual check recommended." - ]) -} - -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V2 if { - # Test Attachment Protections when there's only one event and it's wrong - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "false"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." -} - -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V3 if { - # Test Attachment Protections when there are multiple events and the most recent is wrong - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "false"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - }, - { - "id": {"time": "2021-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - }, - } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." -} - -test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Incorrect_V4 if { +test_Encrypted_Incorrect_V1 if { # Test Attachment Protections when there's only one event and it's wrong PolicyId := "GWS.GMAIL.5.1v0.1" Output := tests with input as { @@ -346,7 +98,7 @@ test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Incorrect_V4 if { RuleOutput[0].ReportDetails == "Requirement failed in Secondary OU." } -test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Incorrect_V5 if { +test_Encrypted_Incorrect_V2 if { # Test Attachment Protections when there are multiple events and the most recent is wrong PolicyId := "GWS.GMAIL.5.1v0.1" Output := tests with input as { @@ -393,11 +145,10 @@ test_AttachmentProtectionEncryptedAttachmentsUntrustedSenders_Incorrect_V5 if { } #-- - # # GWS.GMAIL.5.2v0.1 #-- -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Correct_V1 if { +test_Scripts_Correct_V1 if { # Test Attachment Protections when there's only one event PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -431,7 +182,7 @@ test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Correct_V1 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V2 if { +test_Scripts_Correct_V2 if { # Test Attachment Protections when there's multiple events and the most recent is correct PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -481,7 +232,7 @@ test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V3 if { +test_Scripts_Correct_V3 if { # Test Attachment Protections when there's correct events in multiple OUs PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -531,57 +282,7 @@ test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_AttachmentProetectionAttachmentsScriptsUntrustedSenders_Correct_V4 if { - # Test Attachment Protections when there's correct events in multiple OUs - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - }, - { - "id": {"time": "2022-12-21T00:02:28.672Z"}, - "events": [{ - "name": "DELETE_APPLICATION_SETTING", - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "ORG_UNIT_NAME", "value": "Secondary OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "Test Top-Level OU" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement met in all OUs." -} - -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V1 if { +test_Scripts_Incorrect_V1 if { # Test Attachment Protections when there are no relevant events PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -613,7 +314,7 @@ test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V1 if { ]) } -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V2 if { +test_Scripts_Incorrect_V2 if { # Test Attachment Protections when there's only one event and it's wrong PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -647,7 +348,7 @@ test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V3 if { +test_Scripts_Incorrect_V3 if { # Test Attachment Protections when there are multiple events and the most recent is wrong PolicyId := "GWS.GMAIL.5.2v0.1" Output := tests with input as { @@ -696,96 +397,11 @@ test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V3 if { not RuleOutput[0].NoSuchEvent RuleOutput[0].ReportDetails == "Requirement failed in Test Top-Level OU." } - -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V4 if { - # Test Attachment Protections when there's only one event and it's wrong - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "false"}, - {"name": "ORG_UNIT_NAME", "value": "Secondary OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "" - } - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement failed in Secondary OU." -} - -test_AttachmentProtectionAttachmentsScriptsUntrustedSenders_Incorrect_V5 if { - # Test Attachment Protections when there are multiple events and the most recent is wrong - PolicyId := "GWS.GMAIL.5.2v0.1" - Output := tests with input as { - "gmail_logs": {"items": [ - { - "id": {"time": "2022-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "false"}, - {"name": "ORG_UNIT_NAME", "value": "Secondary OU"}, - ] - }] - }, - { - "id": {"time": "2021-12-20T00:02:28.672Z"}, - "events": [{ - "parameters": [ - { - "name": "SETTING_NAME", - "value": concat("", [ - "Attachment safety Enable: protect against attachments with scripts from untrusted ", - "senders" - ]) - }, - {"name": "NEW_VALUE", "value": "true"}, - {"name": "ORG_UNIT_NAME", "value": "Test Top-Level OU"}, - ] - }] - } - ]}, - "tenant_info": { - "topLevelOU": "Test Top-Level OU" - }, - } - - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet - not RuleOutput[0].NoSuchEvent - RuleOutput[0].ReportDetails == "Requirement failed in Secondary OU." -} - +#-- # # GWS.GMAIL.5.3v0.1 #-- - test_AttachmentProtectionAnomalousAttachment_Correct_V1 if { # Test Attachment Protections when there's only one event PolicyId := "GWS.GMAIL.5.3v0.1" diff --git a/Testing/RegoTests/gmail/gmail06_test.rego b/Testing/RegoTests/gmail/gmail06_test.rego index a35b541a..b0f81c24 100644 --- a/Testing/RegoTests/gmail/gmail06_test.rego +++ b/Testing/RegoTests/gmail/gmail06_test.rego @@ -714,7 +714,7 @@ test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V2 if { +test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V3 if { # Test Links and External Images Protections when there's multiple events and the most recent is correct PolicyId := "GWS.GMAIL.6.3v0.1" Output := tests with input as { @@ -765,7 +765,7 @@ test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V2 if { } -test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V3 if { +test_LinksExternalImagesProtectionWarningLinksUntrustedDomains_Correct_V4 if { # Test Links and External Images Protections when there's multiple events and the most recent is correct PolicyId := "GWS.GMAIL.6.3v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/gmail/gmail07_test.rego b/Testing/RegoTests/gmail/gmail07_test.rego index f89f06df..13835e63 100644 --- a/Testing/RegoTests/gmail/gmail07_test.rego +++ b/Testing/RegoTests/gmail/gmail07_test.rego @@ -1270,7 +1270,7 @@ test_SpoofingAuthenticationProtectionUnauthenticatedEmail_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_SpoofingAuthenticationProtectionUnauthenticatedEmail_Correct_V3 if { +test_SpoofingAuthenticationProtectionUnauthenticatedEmail_Correct_V4 if { # Test Spoofing and Authentication Protections when there's correct events in multiple OUs PolicyId := "GWS.GMAIL.7.4v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/gmail/gmail09_test.rego b/Testing/RegoTests/gmail/gmail09_test.rego index 497338af..59086abf 100644 --- a/Testing/RegoTests/gmail/gmail09_test.rego +++ b/Testing/RegoTests/gmail/gmail09_test.rego @@ -419,7 +419,7 @@ test_PopAccess_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement met in all OUs." } -test_PopAccess_Correct_V3 if { +test_PopAccess_Correct_V4 if { # Test POP Access when there's correct events in multiple OUs PolicyId := "GWS.GMAIL.9.2v0.1" Output := tests with input as { diff --git a/Testing/RegoTests/groups/groups07_test.rego b/Testing/RegoTests/groups/groups07_test.rego index 5a24bb20..c54d3102 100644 --- a/Testing/RegoTests/groups/groups07_test.rego +++ b/Testing/RegoTests/groups/groups07_test.rego @@ -110,7 +110,7 @@ test_Group_Incorrect_V1 if { RuleOutput[0].ReportDetails == "Requirement failed in Group 1." } -test_Group_Correct_V2 if { +test_Group_Incorrect_V2 if { # Test multiple groups where 1 is incorrect PolicyId := "GWS.GROUPS.7.1v0.1" Output := tests with input as { @@ -147,7 +147,7 @@ test_Group_Correct_V2 if { RuleOutput[0].ReportDetails == "Requirement failed in Group 2." } -test_Group_Correct_V3 if { +test_Group_Incorrect_V3 if { # Test multiple groups where both are incorrect PolicyId := "GWS.GROUPS.7.1v0.1" Output := tests with input as { @@ -184,7 +184,7 @@ test_Group_Correct_V3 if { RuleOutput[0].ReportDetails == "Requirement failed in Group 1, Group 2." } -test_Group_Correct_V3 if { +test_Group_Incorrect_V4 if { # Test multiple groups where both are incorrect in multiple ways PolicyId := "GWS.GROUPS.7.1v0.1" Output := tests with input as {