Migrate test_api documentation to qa-docs
#2107
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 task
mdengra
force-pushed
the
1796-migrate-doc-api
branch
from
c9b1466
to
8d3dc50
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
As part of epic #1796, this PR adds the missing documentation and migrates the current documentation to the new format used by qa-docs.
The schema used is the one defined in issue #1694
Generated documentation
test_configtest_bruteforce_blocking_system.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the IP blocking feature of the API handled by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#access" ], "tags": [ "api" ], "name": "test_bruteforce_blocking_system.py", "id": 2, "group_id": 0, "tests": [ { "description": "Check if the blocking time for IP addresses detected as brute-force attack works. For this purpose, the test causes an IP blocking, make a request before the blocking time finishes and one after the blocking time.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the IP address is blocked using incorrect credentials.", "Verify that the IP address is still blocked even when using the correct credentials within the blocking time." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "r\"Error obtaining login token\"" ], "tags": [ "brute_force_attack" ], "name": "test_bruteforce_blocking_system", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_bruteforce_blocking_system.yaml
test_cache.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the cache feature of the API handled by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#cache" ], "tags": [ "api" ], "name": "test_cache.py", "id": 3, "group_id": 0, "tests": [ { "description": "Check if the stored response is returned when the cache is enabled. Calls to rules endpoints can be cached. This test verifies if the result of the first call to the rule endpoint is equal to the second call within a period established in the configuration, even though a new file has been created during the process.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the stored response is returned when the cache is enabled." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "Number of rule files (if caching is enabled).", "Number of rule files + 1 (if caching is disabled)." ], "tags": [ "cache" ], "name": "test_cache", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_cache.yaml
test_cors.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'CORS' (Cross-origin resource sharing) feature of the API handled by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#cors", "https://en.wikipedia.org/wiki/Cross-origin_resource_sharing" ], "tags": [ "api" ], "name": "test_cors.py", "id": 4, "group_id": 0, "tests": [ { "description": "Check if expected headers are returned when 'CORS' is enabled. When 'CORS' is enabled, special headers must be returned in case the request origin matches the one established in the 'CORS' configuration of the API.", "wazuh_min_version": "4.2.0", "parameters": [ { "origin": { "type": "set", "brief": "Origin path to be appended as a header in the request." } }, { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that when CORS is enabled, the 'Access-Control-Allow-Origin' header is received.", "Verify that when CORS is enabled, the 'Access-Control-Expose-Headers' header is received.", "Verify that when CORS is enabled, the 'Access-Control-Allow-Credentials' header is received.", "Verify that when CORS is disabled, the 'Access-Control-Allow-Origin' header is not received." ], "input_description": "A test case is contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "r'Access-Control-Allow-Origin'", "r'Access-Control-Expose-Headers'", "r'https://test_url.com'", "r'true'" ], "tags": [ "cors" ], "name": "test_cors", "inputs": [ "get_configuration0-https://test_url.com-tags_to_apply0", "get_configuration0-http://other_url.com-tags_to_apply1" ] } ] }test_cors.yaml
test_DOS_blocking_system.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'DOS' (Denial-of-service attack) blocking feature of the API handled by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#access", "https://en.wikipedia.org/wiki/Denial-of-service_attack" ], "tags": [ "api" ], "name": "test_DOS_blocking_system.py", "id": 1, "group_id": 0, "tests": [ { "description": "Check if the API blocking system for IP addresses detected as 'DOS' attack works. For this purpose, the test causes an IP blocking, makes a request within the same minute, makes a request after the minute.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the IP address is blocked using multiple requests.", "Verify that the IP address is still blocked within the one-minute block time.", "Verify that the IP address is not blocked when expires the blocking time." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "r'429' ('Too Many Requests' HTTP status code)", "r'200' ('OK' HTTP status code)" ], "tags": [ "dos_attack" ], "name": "test_DOS_blocking_system", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_DOS_blocking_system.yaml
test_drop_privileges.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'drop_privileges' setting of the API is working properly. This setting allows the user who starts the 'wazuh-apid' daemon to be different from the 'root' user. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#drop-privileges" ], "tags": [ "api" ], "name": "test_drop_privileges.py", "id": 5, "group_id": 0, "tests": [ { "description": "Check if 'drop_privileges' affects the user of the API process. In this test, the 'PID' of the API process is obtained. After that, it gets the user ('root' or 'wazuh') and checks if it matches the 'drop_privileges' setting.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that when 'drop_privileges' is enabled the user who has started the 'wazuh-apid' daemon is 'wazuh'.", "Verify that when 'drop_privileges' is disabled the user who has started the 'wazuh-apid' daemon is 'root'." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "PID of the 'wazuh-apid' process.", "r'wazuh' (if 'drop_privileges == yes')", "r'root' (if 'drop_privileges == no')" ], "name": "test_drop_privileges", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_drop_privileges.yaml
test_experimental_features.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'experimental_features' setting of the API is working properly. This setting allows users to access API endpoints containing features that are under development. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#drop-privileges" ], "tags": [ "api" ], "name": "test_experimental_features.py", "id": 6, "group_id": 0, "tests": [ { "description": "Check if requests to an experimental API endpoint are allowed according to the configuration. For this purpose, it configures the API to use this functionality and makes requests to it, waiting for a correct response.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that when 'experimental_features' is enabled, it is possible to access experimental API endpoints.", "Verify that when 'experimental_features' is disabled, it is not possible to access experimental API endpoints." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters.", "expected_output": [ "r'200' ('OK' HTTP status code if 'experimental_features == true')", "r'404' ('Forbidden' HTTP status code if 'experimental_features == false')" ], "name": "test_experimental_features", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_experimental_features.yaml
test_host_port.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check that the settings related to the API host address and listening port are working correctly. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#api-configuration-options" ], "tags": [ "api" ], "name": "test_host_port.py", "id": 7, "group_id": 0, "tests": [ { "description": "Check different host and port configurations. For this purpose, apply multiple combinations of host and port, verify that the 'aiohttp' http framework correctly publishes that value in the 'api.log' and check that the request returns the expected one.", "wazuh_min_version": "4.2.0", "parameters": [ { "expected_exception": { "type": "bool", "brief": "True if an exception must be raised, false otherwise." } }, { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the API starts listening on the specified IP address and port.", "Verify that using a valid configuration, the API requests are performed correctly.", "Verify that no unexpected exceptions occur." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters (IP addresses and ports).", "expected_output": [ { "r'.*INFO": "Listening on (.+)..'" }, "r'{host}{port}' ('host' and 'port' are obtained from each test_case.)", "r'200' ('OK' HTTP status code)" ], "name": "test_host_port", "inputs": [ "get_configuration0-False-tags_to_apply0", "get_configuration0-True-tags_to_apply1", "get_configuration1-False-tags_to_apply0", "get_configuration1-True-tags_to_apply1", "get_configuration2-False-tags_to_apply0", "get_configuration2-True-tags_to_apply1", "get_configuration3-False-tags_to_apply0", "get_configuration3-True-tags_to_apply1" ] } ] }test_host_port.yaml
test_https.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check that the API works correctly using the 'HTTPS' protocol. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#https" ], "tags": [ "api" ], "name": "test_https.py", "id": 8, "group_id": 0, "tests": [ { "description": "Check if the API works with 'HTTP' and 'HTTPS' protocols. For this purpose, it configures the API to use both protocols and makes requests to it, waiting for a correct response.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the API requests are made correctly using both 'HTTP' and 'HTTPS' protocols." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters (HTTPS settings).", "expected_output": [ "r'200' ('OK' HTTP status code)" ], "tags": [ "ssl" ], "name": "test_https", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_https.yaml
test_jwt_token_exp_timeout.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'auth_token_exp_timeout' setting of the API is working properly. This setting allows specifying the expiration time of the 'JWT' token used for authentication. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#auth-token-exp-timeout", "https://en.wikipedia.org/wiki/JSON_Web_Token" ], "tags": [ "api" ], "name": "test_jwt_token_exp_timeout.py", "id": 9, "group_id": 0, "tests": [ { "description": "Check if the API 'JWT' token expires after defined time. For this purpose, an expiration time is set for the token, and API requests are made before and after the expiration time, waiting for a valid 'HTTP status code'.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the API requests are successful if the 'JWT' token has not expired and vice versa." ], "input_description": "Different test cases are contained in an external YAML file (conf_exp_timeout.yaml) which includes API configuration parameters (timeouts for token expiration).", "expected_output": [ "r'200' ('OK' HTTP status code if the token has not expired)", "r'401' ('Unauthorized' HTTP status code if the token has expired)" ], "tags": [ "token" ], "name": "test_jwt_token_exp_timeout", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_jwt_token_exp_timeout.yaml
test_logs.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'level' setting of the API is working properly. This setting allows specifying the level of detail (INFO, DEBUG) of the messages written to the 'api.log' file. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#logs" ], "tags": [ "api" ], "name": "test_logs.py", "id": 10, "group_id": 0, "tests": [ { "description": "Check if the logs are saved in the desired path and with desired level. Logs are usually store in '/var/ossec/logs/api.log' and with level 'info'. In this test the API log has a different path and 'debug' level configured. It checks if logs are saved in the new path and with 'debug' level.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } } ], "assertions": [ "Verify that no 'DEBUG' messages are written when the value of the 'level' setting is set to 'info'.", "Verify that 'DEBUG' messages are written when the value of the 'level' setting is set to 'debug'." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters (log paths and log levels).", "expected_output": [ { "r'.*DEBUG": "(.*)'" } ], "tags": [ "logs" ], "name": "test_logs", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_logs.yaml
test_max_upload_size.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'max_upload_size' setting of the API is working properly. This setting allows specifying the size limit of the request body for the API to process. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 2, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html" ], "tags": [ "api" ], "name": "test_max_upload_size.py", "id": 11, "group_id": 0, "tests": [ { "description": "Check if a '413' HTTP status code ('Payload Too Large') is returned if the response body is bigger than the value of the 'max_upload_size' tag. For this purpose, the test will call to a PUT and a POST endpoint specifying a body. If the 'max_upload_size' is 0 (limitless), a '200' HTTP status code ('OK') should be returned. If 'max_upload_size' is not limitless, both PUT and POST endpoints should fail when trying to send a bigger body.", "wazuh_min_version": "4.3.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_required_api_wazuh": { "type": "fixture", "brief": "Restart API-required services and stop them all at the end of the test." } }, { "file_monitoring": { "type": "fixture", "brief": "Handle the monitoring of a specified file." } }, { "daemons_handler": { "type": "fixture", "brief": "Handler of Wazuh daemons." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the 'wazuh-apid' daemon returns a proper HTTP status code depending on the value of the 'max_upload_size' tag and the size of the response body received." ], "input_description": "A test case is (test_upload_size) contained in an external YAML file (wazuh_max_upload_size.yaml) which includes API configuration parameters ('max_upload_size' option).", "expected_output": [ "r'413' ('Payload Too Large' HTTP status code)", "r'200' ('OK' HTTP status code)" ], "name": "test_max_upload_size", "inputs": [ "max_upload_size_0-content_size_100-tags_to_apply0", "max_upload_size_5-content_size_20-tags_to_apply0", "max_upload_size_40-content_size_10-tags_to_apply0", "max_upload_size_40-content_size_500-tags_to_apply0" ] } ] }test_max_upload_size.yaml
test_rbac_mode.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'rbac_mode' (Role-Based Access Control) setting of the API is working properly. This setting allows you to specify the operating mode between 'whitelist mode' and 'blacklist mode'. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#rbac-mode", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_rbac_mode.py", "id": 12, "group_id": 0, "tests": [ { "description": "Check if the 'RBAC' mode selected in 'api.yaml' is applied. This test creates a user without any assigned permission. For this reason, when 'RBAC' is in 'white mode', there is no endpoint that the user can execute, so the 'HTTP status code' must be 403 ('forbidden'). On the other hand, when it is in 'black mode', there is no endpoint that has it denied, so the status code must be 200 ('ok').", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Check that when the value of the 'rbac_mode' setting is set to 'white', the API forbids requests.", "Verify that when the value of the 'rbac_mode' setting is set to 'black', the API requests are performed correctly." ], "input_description": "Different test cases are contained in an external YAML file (conf_mode.yaml) which includes API configuration parameters (rbac operation modes). Two 'SQL' scripts are also used to add (schema_add_user.sql) and remove (schema_delete_user.sql) the testing user.", "expected_output": [ "r'200' ('OK' HTTP status code if 'rbac_white == True')", "r'403' ('Forbidden' HTTP status code if 'rbac_white == False')" ], "tags": [ "rbac" ], "name": "test_rbac_mode", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_rbac_mode.yaml
test_request_timeout.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'request_timeout' setting of the API is working properly. This setting allows specifying the time limit for the API to process a request. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html" ], "tags": [ "api" ], "name": "test_request_timeout.py", "id": 13, "group_id": 0, "tests": [ { "description": "Check if the maximum request time for an API request works. For this purpose, a value of '0' seconds is set for the 'request_timeout' setting, and a request is made to the API, expecting an error in the response.", "wazuh_min_version": "4.3.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request cannot finish successfully, resulting in a timeout error." ], "input_description": "A test case is contained in an external YAML file (conf.yaml) which includes API configuration parameters ('request_timeout' set to '0' seconds).", "expected_output": [ "r'500' ('Internal server error' HTTP status code)", "r'3021' ('timeout error' in the response body)" ], "name": "test_request_timeout", "inputs": [ "get_configuration0-tags_to_apply0" ] } ] }test_request_timeout.yaml
test_use_only_authd.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'use_only_authd' setting of the API is working properly. This setting allows forcing the use of 'wazuh-authd' daemon when registering and removing agents. The Wazuh API is an open source 'RESTful' API that allows for interaction with the Wazuh manager from a web browser, command line tool like 'cURL' or any script or program that can make web requests.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-authd", "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/configuration.html#use-only-authd" ], "tags": [ "api" ], "name": "test_use_only_authd.py", "id": 14, "group_id": 0, "tests": [ { "description": "Check if 'use_only_authd' forces the use of the 'wazuh-authd' daemon when adding an agent. Verify that when 'use_only_authd' option is enabled and the 'wazuh-authd' daemon is stopped, the request made is not completed correctly.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to add the testing agent cannot finish successfully when the 'use_only_authd' setting is enabled but the 'wazuh-authd' daemon is not active.", "Verify that the request to add the testing agent is successfully processed when the 'use_only_authd' setting is disabled.", "Verify that the request to remove the testing agent is processed correctly." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters ('use_only_authd').", "expected_output": [ "r'400' ('Internal server error' HTTP status code if 'use_only_authd == yes' and 'wazuh-authd' is stopped)", "r'200' ('OK' HTTP status code if 'use_only_authd == no')", "r'200' ('OK' HTTP status code if the testing agent is removed successfully)" ], "tags": [ "authd" ], "name": "test_add_agent", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] }, { "description": "Check if 'use_only_authd' forces the use of 'wazuh-authd' daemon when inserting an agent. Verify that when 'use_only_authd' option is enabled and the 'wazuh-authd' daemon is stopped, the request made is not completed correctly.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to insert the testing agent cannot finish successfully when the 'use_only_authd' setting is enabled but the 'wazuh-authd' daemon is not active.", "Verify that the request to insert the testing agent is successfully processed when the 'use_only_authd' setting is disabled." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters ('use_only_authd').", "expected_output": [ "r'400' ('Internal server error' HTTP status code if 'use_only_authd == yes' and 'wazuh-authd' is stopped)", "r'200' ('OK' HTTP status code if 'use_only_authd == no')" ], "tags": [ "authd" ], "name": "test_insert_agent", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] }, { "description": "Check if 'use_only_authd' forces the use of 'wazuh-authd' daemon when quickly inserting an agent. Verify that when 'use_only_authd' option is enabled and the 'wazuh-authd' daemon is stopped, the request made is not completed correctly.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to quickly inserting the testing agent cannot finish successfully when the 'use_only_authd' setting is enabled but the 'wazuh-authd' daemon is not active.", "Verify that the request to quickly inserting the testing agent is successfully processed when the 'use_only_authd' setting is disabled." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters ('use_only_authd').", "expected_output": [ "r'400' ('Internal server error' HTTP status code if 'use_only_authd == yes' and 'wazuh-authd' is stopped)", "r'200' ('OK' HTTP status code if 'use_only_authd == no')" ], "tags": [ "authd" ], "name": "test_insert_quick_agent", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] }, { "description": "Check if 'use_only_authd' forces the use of 'wazuh-authd' daemon when deleting an agent. Verify that when 'use_only_authd' option is enabled and the 'wazuh-authd' daemon is not active, an error is returned. In this test, 'wazuh-authd' daemon is started in order to create an agent before it can be deleted.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "set", "brief": "Run test if match with a configuration identifier, skip otherwise." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_api_environment": { "type": "fixture", "brief": "Configure a custom environment for API testing." } }, { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "wait_for_start": { "type": "fixture", "brief": "Wait until the API starts." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to insert the testing agent is successfully processed.", "Verify that the request to delete the testing agent is successfully processed when the 'use_only_authd' setting is disabled and the 'wazuh-authd' daemon is running.", "Verify that the request to delete the testing agent cannot finish successfully when the 'use_only_authd' setting is enabled and the 'wazuh-authd' daemon is stopped." ], "input_description": "Different test cases are contained in an external YAML file (conf.yaml) which includes API configuration parameters ('use_only_authd').", "expected_output": [ "r'200' ('OK' HTTP status code at inserting the testing agent)", "r '1' (Value of the 'total_affected_items' field in the response body when 'use_only_authd == yes')", "r '1726' (Error code in the response body when 'use_only_authd == yes' and 'wazuh-authd' is stopped)" ], "tags": [ "authd" ], "name": "test_delete_agent", "inputs": [ "get_configuration0-tags_to_apply0", "get_configuration0-tags_to_apply1", "get_configuration1-tags_to_apply0", "get_configuration1-tags_to_apply1" ] } ] }test_use_only_authd.yaml
test_rbactest_add_old_resource.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'RBAC' (Role-Based Access Control) feature of the API is working properly. Specifically, they will verify that when resources are added with the same identifier of previously existing ones, the previous relationships are not maintained. The 'RBAC' capability allows users accessing the API to be assigned a role that will define the privileges they have.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Security", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_add_old_resource.py", "id": 15, "group_id": 0, "tests": [ { "description": "Check if the security relationships of a previous user are maintained in the system after adding a new user with the same ID.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of security relationships along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the testing user information exists.", "Verify that the request to remove the testing agent is successfully processed.", "Verify that the request to add the testing agent is successfully processed.", "Verify that security relationships do not exist between the old and the new user." ], "inputs": [ "The testing 'user_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'user_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the old user.", "r'200' ('OK' HTTP status code at deleting the old user)", "r'200' ('OK' HTTP status code at inserting the old user)" ], "tags": [ "rbac" ], "name": "test_add_old_user" }, { "description": "Check if the security relationships of a previous role are maintained in the system after adding a new role with the same ID.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of security relationships along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the testing role information exists.", "Verify that the request to remove the testing role is successfully processed.", "Verify that the request to add the testing role is successfully processed.", "Verify that security relationships do not exist between the old and the new role." ], "inputs": [ "The testing 'role_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the old role.", "r'200' ('OK' HTTP status code at deleting the old role)", "r'200' ('OK' HTTP status code at inserting the old role)" ], "tags": [ "rbac" ], "name": "test_add_old_role" }, { "description": "Check if the security relationships of a previous policy are maintained in the system after adding a new policy with the same ID.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of security relationships along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the testing policy information exists.", "Verify that the request to remove the testing policy is successfully processed.", "Verify that the request to add the testing policy is successfully processed.", "Verify that security relationships do not exist between the old and the new policy." ], "inputs": [ "The testing 'policy_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'policy_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the old policy.", "r'200' ('OK' HTTP status code at deleting the old policy)", "r'200' ('OK' HTTP status code at inserting the old policy)" ], "tags": [ "rbac" ], "name": "test_add_old_policy" }, { "description": "Check if the security relationships of a previous rule are maintained in the system after adding a new rule with the same ID.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of security relationships along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the testing rule information exists.", "Verify that the request to remove the testing rule is successfully processed.", "Verify that the request to add the testing rule is successfully processed.", "Verify that security relationships do not exist between the old and the new rule." ], "inputs": [ "The testing 'rule_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'rule_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the old rule.", "r'200' ('OK' HTTP status code at deleting the old rule)", "r'200' ('OK' HTTP status code at inserting the old rule)" ], "tags": [ "rbac" ], "name": "test_add_old_rule" } ] }test_add_old_resource.yaml
test_admin_resources.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'RBAC' (Role-Based Access Control) feature of the API is working properly. Specifically, they will verify that the different actions that can be performed with admin resources are working correctly. The 'RBAC' capability allows users accessing the API to be assigned a role that will define the privileges they have.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Security", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_admin_resources.py", "id": 16, "group_id": 0, "tests": [ { "description": "Check if the admin security users can be removed. For this purpose, it tries to delete these users, expecting an error as a response.", "wazuh_min_version": "4.2.0", "parameters": [ { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to collect the admin security users information is done correctly.", "Verify that the request to delete the admin security users is done correctly.", "Verify that admin security users have not been deleted by checking the response of the request." ], "inputs": [ "The data are obtained from within the test." ], "input_description": "From the 'get_admin_resources' function information is obtained to perform the test, concretely the 'admin_ids'.", "expected_output": [ "r'200' ('OK' HTTP status code at collect the admin security users information)", "r'200' ('OK' HTTP status code when trying to delete the admin security users)", "r'1' (Size of the 'failed_items' array from the response body)", "r'5004' (Error code of the 'failed_items[0]' array from the response body)" ], "tags": [ "rbac" ], "name": "test_admin_users" }, { "description": "Check if the admin security roles can be removed. For this purpose, it tries to delete these roles, expecting an error as a response.", "wazuh_min_version": "4.2.0", "parameters": [ { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to collect the admin security roles information is done correctly.", "Verify that the request to delete the admin security roles is done correctly.", "Verify that admin security roles have not been deleted by checking the response of the request." ], "inputs": [ "The data are obtained from within the test." ], "input_description": "From the 'get_admin_resources' function information is obtained to perform the test, concretely the 'role_ids'.", "expected_output": [ "r'200' ('OK' HTTP status code at collect the admin security roles information)", "r'200' ('OK' HTTP status code when trying to delete the admin security roles)", "r'1' (Size of the 'failed_items' array from the response body)", "r'4008' (Error code of the 'failed_items[0]' array from the response body)" ], "tags": [ "rbac" ], "name": "test_admin_roles" }, { "description": "Check if the admin security policies can be removed. For this purpose, it tries to delete these policies, expecting an error as a response.", "wazuh_min_version": "4.2.0", "parameters": [ { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to collect the admin security policies information is done correctly.", "Verify that the request to delete the admin security policies is done correctly.", "Verify that admin security policies have not been deleted by checking the response of the request." ], "inputs": [ "The data are obtained from within the test." ], "input_description": "From the 'get_admin_resources' function information is obtained to perform the test, concretely the 'policy_ids'.", "expected_output": [ "r'200' ('OK' HTTP status code at collect the admin security policies information)", "r'200' ('OK' HTTP status code when trying to delete the admin security policies)", "r'1' (Size of the 'failed_items' array from the response body)", "r'4008' (Error code of the 'failed_items[0]' array from the response body)" ], "tags": [ "rbac" ], "name": "test_admin_policies" }, { "description": "Check if the admin security rules can be removed. For this purpose, it tries to delete these rules, expecting an error as a response.", "wazuh_min_version": "4.2.0", "parameters": [ { "restart_api": { "type": "fixture", "brief": "Reset 'api.log' and start a new monitor." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to collect the admin security rules information is done correctly.", "Verify that the request to delete the admin security rules is done correctly.", "Verify that admin security rules have not been deleted by checking the response of the request." ], "inputs": [ "The data are obtained from within the test." ], "input_description": "From the 'get_admin_resources' function information is obtained to perform the test, concretely the 'rule_ids'.", "expected_output": [ "r'200' ('OK' HTTP status code at collect the admin security rules information)", "r'200' ('OK' HTTP status code when trying to delete the admin security rules)", "r'1' (Size of the 'failed_items' array from the response body)", "r'4008' (Error code of the 'failed_items[0]' array from the response body)" ], "tags": [ "rbac" ], "name": "test_admin_rules" } ] }test_admin_resources.yaml
test_policy_position.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'RBAC' (Role-Based Access Control) feature of the API is working properly. Specifically, they will verify that that the policies are applied to the roles in the right order. The 'RBAC' capability allows users accessing the API to be assigned a role that will define the privileges they have.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Security", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_policy_position.py", "id": 17, "group_id": 0, "tests": [ { "description": "Check if the correct order between role-policy relationships remain after removing some of them and adding others using the 'position' parameter.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "add_new_policies": { "type": "fixture", "brief": "Create new policies and relationships between them and the testing role." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the request to add or delete a role-policy is done correctly.", "Verify that the role-policy positions are kept in order when deleting or adding a role-policy." ], "inputs": [ "The testing 'policy_ids' array as a module variable." ], "input_description": "From the 'add_new_policies', 'remove_role_policy' and 'add_role_policy' fixtures information is obtained to perform the test, concretely the 'policy_ids' array.", "expected_output": [ "r'200' ('OK' HTTP status code when deleting or adding a role-policy)", "An integer array with the role-policy positions." ], "tags": [ "rbac" ], "name": "test_policy_position" } ] }test_policy_position.yaml
test_remove_relationship.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'RBAC' (Role-Based Access Control) feature of the API is working properly. Specifically, they will verify that the different relationships between users-roles-policies can be correctly removed. The 'RBAC' capability allows users accessing the API to be assigned a role that will define the privileges they have.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Security", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_remove_relationship.py", "id": 18, "group_id": 0, "tests": [ { "description": "Check if the user and role still exist after removing their relationship.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the user-role relationship exists.", "Verify that the user-role relationship is removed.", "Verify that the user and the role still exist independently." ], "inputs": [ "The testing 'user_id' as a module attribute.", "The testing 'role_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'user_id' and 'role_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the user-role relationship.", "r'200' ('OK' HTTP status code when deleting the user-role relationship)", "A 'JSON' string in the response body with information of the role.", "A 'JSON' string in the response body with information of the user." ], "tags": [ "rbac" ], "name": "test_remove_user_role_relationship" }, { "description": "Check if the role and policy still exist after removing their relationship.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-policy relationship exists.", "Verify that the role-policy relationship is removed.", "Verify that the role and the policy still exists independently." ], "inputs": [ "The testing 'role_id' as a module attribute.", "The testing 'policy_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id' and 'policy_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-policy relationship.", "r'200' ('OK' HTTP status code when deleting the role-policy relationship)", "A 'JSON' string in the response body with information of the role.", "A 'JSON' string in the response body with information of the policy." ], "tags": [ "rbac" ], "name": "test_remove_role_policy_relationship" }, { "description": "Check if the role and rule still exist after removing their relationship.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-rule relationship exists.", "Verify that the role-rule relationship is removed.", "Verify that the role and the rule still exists independently." ], "inputs": [ "The testing 'role_id' as a module attribute.", "The testing 'rule_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id' and 'rule_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-rule relationship.", "r'200' ('OK' HTTP status code when deleting the role-rule relationship)", "A 'JSON' string in the response body with information of the role.", "A 'JSON' string in the response body with information of the rule." ], "tags": [ "rbac" ], "name": "test_remove_role_rule_relationship" } ] }test_remove_relationship.yaml
test_remove_resource.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "These tests will check if the 'RBAC' (Role-Based Access Control) feature of the API is working properly. Specifically, they will verify that the different security resources (users, roles, policies, and rules) can be correctly removed. The 'RBAC' capability allows users accessing the API to be assigned a role that will define the privileges they have.", "tier": 0, "modules": [ "api" ], "components": [ "manager" ], "daemons": [ "wazuh-apid", "wazuh-analysisd", "wazuh-syscheckd", "wazuh-db" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/api/getting-started.html", "https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Security", "https://en.wikipedia.org/wiki/Role-based_access_control" ], "tags": [ "api" ], "name": "test_remove_resource.py", "id": 19, "group_id": 0, "tests": [ { "description": "Check if relationships between security resources stay the same after removing the linked rule.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-based relationships exist.", "Verify that the request to delete the linked rule is done correctly.", "Verify that the role-based security relationships still exist.", "Verify that the remaining security resources still exist (user, role, and policy).", "Verify that the remaining role-based security relationships still exist." ], "inputs": [ "The testing 'role_id' as a module attribute.", "The testing 'rule_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id' and the 'rule_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-based relationships.", "r'200' ('OK' HTTP status code when deleting the linked rule)" ], "tags": [ "rbac" ], "name": "test_remove_rule" }, { "description": "Check if relationships between security resources stay the same after removing the linked policy.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-based relationships exist.", "Verify that the request to delete the linked policy is done correctly.", "Verify that the role-based security relationships still exist.", "Verify that the remaining security resources still exist (user, role, and rule).", "Verify that the remaining role-based security relationships still exist." ], "inputs": [ "The testing 'role_id' as a module attribute.", "The testing 'policy_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id' and the 'policy_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-based relationships.", "r'200' ('OK' HTTP status code when deleting the linked policy)" ], "tags": [ "rbac" ], "name": "test_remove_policy" }, { "description": "Check if relationships between security resources stay the same after removing the linked user.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-based relationships exist.", "Verify that the request to delete the linked user is done correctly.", "Verify that the role-based security relationships still exist.", "Verify that the remaining security resources still exist (policy, role, and rule).", "Verify that the remaining role-based security relationships still exist." ], "inputs": [ "The testing 'role_id' as a module attribute.", "The testing 'user_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'role_id' and the 'user_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-based relationships.", "r'200' ('OK' HTTP status code when deleting the linked user)" ], "tags": [ "rbac" ], "name": "test_remove_user" }, { "description": "Check if relationships between security resources stay the same after removing the linked role.", "wazuh_min_version": "4.2.0", "parameters": [ { "set_security_resources": { "type": "fixture", "brief": "Creates a set of role-based security resources along with a user for testing." } }, { "get_api_details": { "type": "fixture", "brief": "Get API information." } } ], "assertions": [ "Verify that the role-based relationships exist.", "Verify that the request to delete the linked role is done correctly.", "Verify that the role-based security relationships still exist.", "Verify that the remaining security resources still exist (policy, user, and rule).", "Verify that the remaining role-based security relationships still exist." ], "inputs": [ "The testing 'user_id' as a module attribute.", "The testing 'role_id' as a module attribute." ], "input_description": "From the 'set_security_resources' fixture information is obtained to perform the test, concretely the 'user_id' and the 'role_id'.", "expected_output": [ "A 'JSON' string in the response body with information of the role-based relationships.", "r'200' ('OK' HTTP status code when deleting the linked role)" ], "tags": [ "rbac" ], "name": "test_remove_role" } ] }test_remove_resource.yaml
Tests
pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.python3 DocGenerator.py -s