From e24611ae29f2ff21bd71cf22a1053c84c07ad329 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Mon, 6 Nov 2023 11:14:46 -0500 Subject: [PATCH 01/11] first round of cleanup first round of cleanup --- Rego/EXOConfig.rego | 782 +++++++++++++++++++++----------------------- 1 file changed, 375 insertions(+), 407 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index 74f5b00a96..bb3d7e470b 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -7,744 +7,712 @@ import data.report.utils.ReportDetailsBoolean import data.report.utils.Description import data.report.utils.ReportDetailsString -ReportDetailsArray(Status, _, _) := Detail if { - Status == true - Detail := "Requirement met" -} +ReportDetailsArray(true, _, _) := ReportDetailsBoolean(true) if {} -ReportDetailsArray(Status, Array1, Array2) := Detail if { - Status == false +ReportDetailsArray(false, Array1, Array2) := Description(Fraction, "agency domain(s) found in violation:", String) if { Fraction := concat(" of ", [Format(Array1), Format(Array2)]) - String := concat(", ", Array1) - Detail := Description(Fraction, "agency domain(s) found in violation:", String) + String := concat(", ", Array1) } # this should be allowed https://github.com/StyraInc/regal/issues/415 # regal ignore:prefer-set-or-object-rule -AllDomains := {Domain.domain | Domain := input.spf_records[_]} +AllDomains := {Domain.domain | some Domain in input.spf_records} # # MS.EXO.1.1v1 #-- -RemoteDomainsAllowingForwarding[Domain.DomainName] { - Domain := input.remote_domains[_] +RemoteDomainsAllowingForwarding contains Domain.DomainName if { + some Domain in input.remote_domains Domain.AutoForwardEnabled == true } -tests[{ - "PolicyId" : "MS.EXO.1.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-RemoteDomain"], - "ActualValue" : Domains, - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.1.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-RemoteDomain"], + "ActualValue": Domains, + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { Domains := RemoteDomainsAllowingForwarding - ErrorMessage := Description(Format(Domains), "remote domain(s) that allows automatic forwarding:", concat(", ", Domains)) + ErrString := "remote domain(s) that allows automatic forwarding:" + ErrMessage := Description(Format(Domains), ErrString , concat(", ", Domains)) Status := count(Domains) == 0 } + #-- # # MS.EXO.2.1v1 #-- # At this time we are unable to test for X because of Y -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/Not-Implemented", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : NotCheckedDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.2.1v1" - true +tests contains { + "PolicyId": "MS.EXO.2.1v1", + "Criticality": "Shall/Not-Implemented", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": NotCheckedDetails("MS.EXO.2.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.2.2v1 #-- -DomainsWithoutSpf[DNSResponse.domain] { - DNSResponse := input.spf_records[_] - SpfRecords := {Record | Record := DNSResponse.rdata[_]; startswith(Record, "v=spf1 ")} +DomainsWithoutSpf contains DNSResponse.domain if { + some DNSResponse in input.spf_records + SpfRecords := {Record | some Record in DNSResponse.rdata; startswith(Record, "v=spf1 ")} count(SpfRecords) == 0 } -tests[{ - "PolicyId" : "MS.EXO.2.2v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-ScubaSpfRecords", "Get-AcceptedDomain"], - "ActualValue" : Domains, - "ReportDetails" : ReportDetailsArray(Status, Domains, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.2.2v1", + "Criticality": "Shall", + "Commandlet": ["Get-ScubaSpfRecords", "Get-AcceptedDomain"], + "ActualValue": Domains, + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "RequirementMet": Status +} if { Domains := DomainsWithoutSpf Status := count(Domains) == 0 } + #-- # # MS.EXO.3.1v1 #-- -DomainsWithDkim[DkimConfig.Domain] { - DkimConfig := input.dkim_config[_] +DomainsWithDkim contains DkimConfig.Domain if { + some DkimConfig in input.dkim_config DkimConfig.Enabled == true - DkimRecord := input.dkim_records[_] + some DkimRecord in input.dkim_records DkimRecord.domain == DkimConfig.Domain - ValidAnswers := [Answer | Answer := DkimRecord.rdata[_]; startswith(Answer, "v=DKIM1;")] + ValidAnswers := [Answer | some Answer in DkimRecord.rdata; startswith(Answer, "v=DKIM1;")] count(ValidAnswers) > 0 } -tests[{ - "PolicyId" : "MS.EXO.3.1v1", - "Criticality" : "Should", - "Commandlet" : ["Get-DkimSigningConfig", "Get-ScubaDkimRecords", "Get-AcceptedDomain"], - "ActualValue" : [input.dkim_records, input.dkim_config], - "ReportDetails" : ReportDetailsArray(Status, DomainsWithoutDkim, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.3.1v1", + "Criticality": "Should", + "Commandlet": ["Get-DkimSigningConfig", "Get-ScubaDkimRecords", "Get-AcceptedDomain"], + "ActualValue": [input.dkim_records, input.dkim_config], + "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, AllDomains), + "RequirementMet": Status +} if { DomainsWithoutDkim := AllDomains - DomainsWithDkim Status := count(DomainsWithoutDkim) == 0 } + #-- # # MS.EXO.4.1v1 #-- -DomainsWithoutDmarc[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] - ValidAnswers := [Answer | Answer := DmarcRecord.rdata[_]; startswith(Answer, "v=DMARC1;")] +DomainsWithoutDmarc contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records + ValidAnswers := [Answer | some Answer in DmarcRecord.rdata; startswith(Answer, "v=DMARC1;")] count(ValidAnswers) == 0 } -tests[{ - "PolicyId" : "MS.EXO.4.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], - "ActualValue" : input.dmarc_records, - "ReportDetails" : ReportDetailsArray(Status, Domains, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.4.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "ActualValue": input.dmarc_records, + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "RequirementMet": Status +} if { Domains := DomainsWithoutDmarc Status := count(Domains) == 0 } + #-- # # MS.EXO.4.2v1 #-- -DomainsWithoutPreject[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] - ValidAnswers := [Answer | Answer := DmarcRecord.rdata[_]; contains(Answer, "p=reject;")] +DomainsWithoutPreject contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records + ValidAnswers := [Answer | some Answer in DmarcRecord.rdata; contains(Answer, "p=reject;")] count(ValidAnswers) == 0 } -tests[{ - "PolicyId" : "MS.EXO.4.2v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], - "ActualValue" : input.dmarc_records, - "ReportDetails" : ReportDetailsArray(Status, Domains, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.4.2v1", + "Criticality": "Shall", + "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "ActualValue": input.dmarc_records, + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "RequirementMet": Status +} if { Domains := DomainsWithoutPreject Status := count(Domains) == 0 } + #-- # # MS.EXO.4.3v1 #-- -DomainsWithoutDHSContact[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] - Rdata := DmarcRecord.rdata[_] - DmarcFields := split(Rdata, ";") - RuaFields := [Rua | Rua := DmarcFields[_]; contains(Rua, "rua=")] - ValidAnswers := [Answer | Answer := RuaFields[_]; contains(Answer, "mailto:reports@dmarc.cyber.dhs.gov")] +DomainsWithoutDHSContact contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records + some Rdata in DmarcRecord.rdata + RuaFields := [Rua | some Rua in split(Rdata, ";"); contains(Rua, "rua=")] + ValidAnswers := [Answer | some Answer in RuaFields; contains(Answer, "mailto:reports@dmarc.cyber.dhs.gov")] count(ValidAnswers) == 0 } -DomainsWithoutDHSContact[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] +DomainsWithoutDHSContact contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records count(DmarcRecord.rdata) == 0 # failed dns query } -tests[{ - "PolicyId" : "MS.EXO.4.3v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], - "ActualValue" : input.dmarc_records, - "ReportDetails" : ReportDetailsArray(Status, Domains, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.4.3v1", + "Criticality": "Shall", + "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "ActualValue": input.dmarc_records, + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "RequirementMet": Status +} if { Domains := DomainsWithoutDHSContact Status := count(Domains) == 0 } + #-- # # MS.EXO.4.4v1 #-- -DomainsWithoutAgencyContact[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] - Rdata := DmarcRecord.rdata[_] +DomainsWithoutAgencyContact contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records + some Rdata in DmarcRecord.rdata DmarcFields := split(Rdata, ";") - RuaFields := [Rua | Rua := DmarcFields[_]; contains(Rua, "rua=")] - RufFields := [Ruf | Ruf := DmarcFields[_]; contains(Ruf, "ruf=")] + RuaFields := [Rua | some Rua in DmarcFields; contains(Rua, "rua=")] + RufFields := [Ruf | some Ruf in DmarcFields; contains(Ruf, "ruf=")] + # 2 or more emails including reports@dmarc.cyber.dhs.gov checked by policy 4.3 - RuaCountAcceptable := count([Answer | Answer := RuaFields[_]; count(split(Answer, "@")) > 2]) >= 1 + RuaCountAcceptable := count([Answer | some Answer in RuaFields; count(split(Answer, "@")) > 2]) >= 1 + # 1 or more emails - RufCountAcceptable := count([Answer | Answer := RufFields[_]; count(split(Answer, "@")) > 1]) >= 1 + RufCountAcceptable := count([Answer | some Answer in RufFields; count(split(Answer, "@")) > 1]) >= 1 Conditions := [RuaCountAcceptable, RufCountAcceptable] - count([Condition | Condition := Conditions[_]; Condition == false]) > 0 + count([Condition | some Condition in Conditions; Condition == false]) > 0 } -DomainsWithoutAgencyContact[DmarcRecord.domain] { - DmarcRecord := input.dmarc_records[_] +DomainsWithoutAgencyContact contains DmarcRecord.domain if { + some DmarcRecord in input.dmarc_records count(DmarcRecord.rdata) == 0 # failed dns query } -tests[{ - "PolicyId" : "MS.EXO.4.4v1", - "Criticality" : "Should", - "Commandlet" : ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], - "ActualValue" : input.dmarc_records, - "ReportDetails" : ReportDetailsArray(Status, Domains, AllDomains), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.4.4v1", + "Criticality": "Should", + "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "ActualValue": input.dmarc_records, + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "RequirementMet": Status +} if { Domains := DomainsWithoutAgencyContact Status := count(Domains) == 0 } + #-- # # MS.EXO.5.1v1 #-- -SmtpClientAuthEnabled[TransportConfig.Name] { - TransportConfig := input.transport_config[_] +SmtpClientAuthEnabled contains TransportConfig.Name if { + some TransportConfig in input.transport_config TransportConfig.SmtpClientAuthenticationDisabled == false } -tests[{ - "PolicyId" : "MS.EXO.5.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-TransportConfig"], - "ActualValue" : input.transport_config, - "ReportDetails" : ReportDetailsBoolean(Status), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.5.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-TransportConfig"], + "ActualValue": input.transport_config, + "ReportDetails": ReportDetailsBoolean(Status), + "RequirementMet": Status +} if { Status := count(SmtpClientAuthEnabled) == 0 } + #-- # # MS.EXO.6.1v1 #-- -SharingPolicyContactsAllowedAllDomains[SharingPolicy.Name] { - SharingPolicy := input.sharing_policy[_] - Domains := SharingPolicy.Domains[_] +SharingPolicyContactsAllowedAllDomains contains SharingPolicy.Name if { + some SharingPolicy in input.sharing_policy + some Domains in SharingPolicy.Domains contains(Domains, "*") contains(Domains, "Contacts") } -tests[{ - "PolicyId" : "MS.EXO.6.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-SharingPolicy"], - "ActualValue" : input.sharing_policy, - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.6.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-SharingPolicy"], + "ActualValue": input.sharing_policy, + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { ContactsSharingPolicies := SharingPolicyContactsAllowedAllDomains - ErrorMessage := Description(Format(ContactsSharingPolicies), "sharing polic(ies) are sharing contacts folders with all domains by default:", concat(", ", ContactsSharingPolicies)) + ErrString := "sharing polic(ies) are sharing contacts folders with all domains by default:" + ErrMessage := Description(Format(ContactsSharingPolicies), ErrString , concat(", ", ContactsSharingPolicies)) Status := count(ContactsSharingPolicies) == 0 } + #-- # # MS.EXO.6.2v1 #-- -SharingPolicyCalendarAllowedAllDomains[SharingPolicy.Name] { - SharingPolicy := input.sharing_policy[_] - Domains := SharingPolicy.Domains[_] +SharingPolicyCalendarAllowedAllDomains contains SharingPolicy.Name if { + some SharingPolicy in input.sharing_policy + some Domains in SharingPolicy.Domains contains(Domains, "*") contains(Domains, "Calendar") } -tests[{ - "PolicyId" : "MS.EXO.6.2v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-SharingPolicy"], - "ActualValue" : input.sharing_policy, - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.6.2v1", + "Criticality": "Shall", + "Commandlet": ["Get-SharingPolicy"], + "ActualValue": input.sharing_policy, + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { CalendarSharingPolicies := SharingPolicyCalendarAllowedAllDomains - ErrorMessage := Description(Format(CalendarSharingPolicies), "sharing polic(ies) are sharing calendar details with all domains by default:", concat(", ", CalendarSharingPolicies)) + ErrString := "sharing polic(ies) are sharing calendar details with all domains by default:" + ErrMessage := Description(Format(CalendarSharingPolicies), ErrString , concat(", ", CalendarSharingPolicies)) Status := count(CalendarSharingPolicies) == 0 } + #-- # # MS.EXO.7.1v1 #-- -tests[{ - "PolicyId" : "MS.EXO.7.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-TransportRule"], - "ActualValue" : [Rule.FromScope | Rule := Rules[_]], - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.7.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-TransportRule"], + "ActualValue": [Rule.FromScope | some Rule in Rules], + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { Rules := input.transport_rule - ErrorMessage := "No transport rule found that applies warnings to emails received from outside the organization" - EnabledRules := [rule | rule := Rules[_]; rule.State == "Enabled"; rule.Mode == "Enforce"; count(rule.PrependSubject) >=1] + ErrMessage := "No transport rule found that applies warnings to emails received from outside the organization" + EnabledRules := [rule | some rule in Rules; rule.State == "Enabled"; rule.Mode == "Enforce"; count(rule.PrependSubject) >= 1] Conditions := [IsCorrectScope | IsCorrectScope := EnabledRules[_].FromScope == "NotInOrganization"] - Status := count([Condition | Condition := Conditions[_]; Condition == true]) > 0 + Status := count([Condition | some Condition in Conditions; Condition == true]) > 0 } + #-- # # MS.EXO.8.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.8.1v1" - true +tests contains { + "PolicyId": "MS.EXO.8.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.8.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.8.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.8.2v1" - true +tests contains { + "PolicyId": "MS.EXO.8.2v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.8.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.9.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.9.1v1" - true +tests contains { + "PolicyId": "MS.EXO.9.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.9.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.9.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.9.2v1" - true +tests contains { + "PolicyId": "MS.EXO.9.2v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.9.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.9.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.9.3v1" - true +tests contains { + "PolicyId": "MS.EXO.9.3v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.9.3v1"), + "RequirementMet": false } + #-- # # MS.EXO.10.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.10.1v1" - true +tests contains { + "PolicyId": "MS.EXO.10.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.10.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.10.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.10.2v1" - true +tests contains { + "PolicyId": "MS.EXO.10.2v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.10.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.10.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.10.3v1" - true +tests contains { + "PolicyId": "MS.EXO.10.3v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.10.3v1"), + "RequirementMet": false } + #-- # # MS.EXO.11.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.11.1v1" - true +tests contains { + "PolicyId": "MS.EXO.11.1v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.11.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.11.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.11.2v1" - true +tests contains { + "PolicyId": "MS.EXO.11.2v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.11.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.11.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.11.3v1" - true +tests contains { + "PolicyId": "MS.EXO.11.3v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.11.3v1"), + "RequirementMet": false } + #-- # # MS.EXO.12.1v1 #-- -ConnFiltersWithIPAllowList[ConnFilter.Name] { - ConnFilter := input.conn_filter[_] +ConnFiltersWithIPAllowList contains ConnFilter.Name if { + some ConnFilter in input.conn_filter count(ConnFilter.IPAllowList) > 0 } -tests[{ - "PolicyId" : "MS.EXO.12.1v1", - "Criticality" : "Should", - "Commandlet" : ["Get-HostedConnectionFilterPolicy"], - "ActualValue" : input.conn_filter, - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}]{ +tests contains { + "PolicyId": "MS.EXO.12.1v1", + "Criticality": "Should", + "Commandlet": ["Get-HostedConnectionFilterPolicy"], + "ActualValue": input.conn_filter, + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { ConnFilterPolicies := ConnFiltersWithIPAllowList - ErrorMessage := Description(Format(ConnFilterPolicies), "connection filter polic(ies) with an IP allowlist:", concat(", ", ConnFilterPolicies)) + ErrString := "connection filter polic(ies) with an IP allowlist:" + ErrMessage := Description(Format(ConnFilterPolicies), ErrString , concat(", ", ConnFilterPolicies)) Status := count(ConnFilterPolicies) == 0 } + #-- # # MS.EXO.12.2v1 #-- -ConnFiltersWithSafeList[ConnFilter.Name] { - ConnFilter := input.conn_filter[_] +ConnFiltersWithSafeList contains ConnFilter.Name if { + some ConnFilter in input.conn_filter ConnFilter.EnableSafeList == true } -tests[{ - "PolicyId" : "MS.EXO.12.2v1", - "Criticality" : "Should", - "Commandlet" : ["Get-HostedConnectionFilterPolicy"], - "ActualValue" : input.conn_filter, - "ReportDetails" : ReportDetailsString(Status, ErrorMessage), - "RequirementMet" : Status -}]{ +tests contains { + "PolicyId": "MS.EXO.12.2v1", + "Criticality": "Should", + "Commandlet": ["Get-HostedConnectionFilterPolicy"], + "ActualValue": input.conn_filter, + "ReportDetails": ReportDetailsString(Status, ErrMessage), + "RequirementMet": Status +} if { ConnFilterPolicies := ConnFiltersWithSafeList - ErrorMessage := Description(Format(ConnFilterPolicies), "connection filter polic(ies) with a safe list:", concat(", ", ConnFilterPolicies)) + ErrString := "connection filter polic(ies) with a safe list:" + ErrMessage := Description(Format(ConnFilterPolicies), ErrString , concat(", ", ConnFilterPolicies)) Status := count(ConnFilterPolicies) == 0 } + #-- # # MS.EXO.13.1v1 #-- -AuditEnabled[OrgConfig.Name] { - OrgConfig := input.org_config[_] +AuditEnabled contains OrgConfig.Name if { + some OrgConfig in input.org_config OrgConfig.AuditDisabled == true } -tests[{ - "PolicyId" : "MS.EXO.13.1v1", - "Criticality" : "Shall", - "Commandlet" : ["Get-OrganizationConfig"], - "ActualValue" : input.org_config, - "ReportDetails" : ReportDetailsBoolean(Status), - "RequirementMet" : Status -}] { +tests contains { + "PolicyId": "MS.EXO.13.1v1", + "Criticality": "Shall", + "Commandlet": ["Get-OrganizationConfig"], + "ActualValue": input.org_config, + "ReportDetails": ReportDetailsBoolean(Status), + "RequirementMet": Status +} if { Status := count(AuditEnabled) == 0 } + #-- # # MS.EXO.14.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.14.1v1" - true +tests contains { + "PolicyId": "MS.EXO.14.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.14.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.14.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.14.2v1" - true +tests contains { + "PolicyId": "MS.EXO.14.2v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.14.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.14.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.14.3v1" - true +tests contains { + "PolicyId": "MS.EXO.14.3v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.14.3v1"), + "RequirementMet": false } + #-- # # MS.EXO.15.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.15.1v1" - true +tests contains { + "PolicyId": "MS.EXO.15.1v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.15.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.15.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.15.2v1" - true +tests contains { + "PolicyId": "MS.EXO.15.2v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.15.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.15.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.15.3v1" - true +tests contains { + "PolicyId": "MS.EXO.15.3v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.15.3v1"), + "RequirementMet": false } + #-- # # MS.EXO.16.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.16.1v1" - true +tests contains { + "PolicyId": "MS.EXO.16.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.16.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.16.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Should/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.16.2v1" - true +tests contains { + "PolicyId": "MS.EXO.16.2v1", + "Criticality": "Should/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.16.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.17.1v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.17.1v1" - true - +tests contains { + "PolicyId": "MS.EXO.17.1v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.17.1v1"), + "RequirementMet": false } + #-- # # MS.EXO.17.2v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.17.2v1" - true +tests contains { + "PolicyId": "MS.EXO.17.2v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.17.2v1"), + "RequirementMet": false } + #-- # # MS.EXO.17.3v1 #-- # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app -tests[{ - "PolicyId" : PolicyId, - "Criticality" : "Shall/3rd Party", - "Commandlet" : [], - "ActualValue" : [], - "ReportDetails" : DefenderMirrorDetails(PolicyId), - "RequirementMet" : false -}] { - PolicyId := "MS.EXO.17.3v1" - true +tests contains { + "PolicyId": "MS.EXO.17.3v1", + "Criticality": "Shall/3rd Party", + "Commandlet": [], + "ActualValue": [], + "ReportDetails": DefenderMirrorDetails("MS.EXO.17.3v1"), + "RequirementMet": false } + #-- From 8bb2e0a753a8a24120b68c1630fb5267ffb76f49 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Mon, 6 Nov 2023 13:37:27 -0500 Subject: [PATCH 02/11] create helper funtion for conditions filter code create helper funtion for conditions filter code --- Rego/EXOConfig.rego | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index bb3d7e470b..4683e7c248 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -14,6 +14,8 @@ ReportDetailsArray(false, Array1, Array2) := Description(Fraction, "agency domai String := concat(", ", Array1) } +FilterArray(Conditions, Boolean) := [Condition | some Condition in Conditions; Condition == Boolean] + # this should be allowed https://github.com/StyraInc/regal/issues/415 # regal ignore:prefer-set-or-object-rule AllDomains := {Domain.domain | some Domain in input.spf_records} @@ -197,8 +199,11 @@ DomainsWithoutAgencyContact contains DmarcRecord.domain if { # 1 or more emails RufCountAcceptable := count([Answer | some Answer in RufFields; count(split(Answer, "@")) > 1]) >= 1 - Conditions := [RuaCountAcceptable, RufCountAcceptable] - count([Condition | some Condition in Conditions; Condition == false]) > 0 + Conditions := [ + RuaCountAcceptable, + RufCountAcceptable + ] + count(FilterArray(Conditions, false)) > 0 } DomainsWithoutAgencyContact contains DmarcRecord.domain if { @@ -309,9 +314,14 @@ tests contains { } if { Rules := input.transport_rule ErrMessage := "No transport rule found that applies warnings to emails received from outside the organization" - EnabledRules := [rule | some rule in Rules; rule.State == "Enabled"; rule.Mode == "Enforce"; count(rule.PrependSubject) >= 1] + EnabledRules := [ + Rule | some Rule in Rules; + Rule.State == "Enabled"; + Rule.Mode == "Enforce"; + count(Rule.PrependSubject) >= 1 + ] Conditions := [IsCorrectScope | IsCorrectScope := EnabledRules[_].FromScope == "NotInOrganization"] - Status := count([Condition | some Condition in Conditions; Condition == true]) > 0 + Status := count(FilterArray(Conditions, true)) > 0 } #-- From dd3919f57406ccaf312686f5be0fde7c204c645e Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Fri, 10 Nov 2023 14:19:31 -0500 Subject: [PATCH 03/11] add comments pt 1 add comments pt 1 add comments pt 2 add comments pt 2 --- Rego/EXOConfig.rego | 245 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 223 insertions(+), 22 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index 4683e7c248..412e113742 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -9,20 +9,34 @@ import data.report.utils.ReportDetailsString ReportDetailsArray(true, _, _) := ReportDetailsBoolean(true) if {} -ReportDetailsArray(false, Array1, Array2) := Description(Fraction, "agency domain(s) found in violation:", String) if { - Fraction := concat(" of ", [Format(Array1), Format(Array2)]) - String := concat(", ", Array1) +ReportDetailsArray(false, NumeratorArr, DenominatorArr) := ReportStr if { + FractionStr := concat(" of ", [Format(NumeratorArr), Format(DenominatorArr)]) + NumeratorStr := concat(", ", NumeratorArr) + ReportStr := Description(FractionStr, "agency domain(s) found in violation:", NumeratorStr) } FilterArray(Conditions, Boolean) := [Condition | some Condition in Conditions; Condition == Boolean] + +############# +# Constants # +############# + # this should be allowed https://github.com/StyraInc/regal/issues/415 # regal ignore:prefer-set-or-object-rule AllDomains := {Domain.domain | some Domain in input.spf_records} + +############ +# MS.EXO.1 # +############ + # # MS.EXO.1.1v1 #-- + +# Loop through each domain & check if Auto Forwarding is enabled +# If enabled, save the domain in the RemoteDomainsAllowingForwarding array RemoteDomainsAllowingForwarding contains Domain.DomainName if { some Domain in input.remote_domains Domain.AutoForwardEnabled == true @@ -44,10 +58,16 @@ tests contains { #-- + +############ +# MS.EXO.2 # +############ + # # MS.EXO.2.1v1 #-- -# At this time we are unable to test for X because of Y + +# At this time we are unable to test for approved IP addresses for sending mail tests contains { "PolicyId": "MS.EXO.2.1v1", "Criticality": "Shall/Not-Implemented", @@ -62,6 +82,10 @@ tests contains { # # MS.EXO.2.2v1 #-- + +# Loop through domain DNS responses & loop through the policies associated +# with the domain. Save the records that start with string "v=spf1". If +# records does not exist, save domain name in DomainsWithoutSpf array. DomainsWithoutSpf contains DNSResponse.domain if { some DNSResponse in input.spf_records SpfRecords := {Record | some Record in DNSResponse.rdata; startswith(Record, "v=spf1 ")} @@ -71,7 +95,10 @@ DomainsWithoutSpf contains DNSResponse.domain if { tests contains { "PolicyId": "MS.EXO.2.2v1", "Criticality": "Shall", - "Commandlet": ["Get-ScubaSpfRecords", "Get-AcceptedDomain"], + "Commandlet": [ + "Get-ScubaSpfRecords", + "Get-AcceptedDomain" + ], "ActualValue": Domains, "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status @@ -82,12 +109,23 @@ tests contains { #-- + +############ +# MS.EXO.3 # +############ + # # MS.EXO.3.1v1 #-- + +# Loop through domain dkim configuration. If dkim is enabled, +# loop through dkim records. If the record is asscoiated with the same domain +# as the dkim config, loop through the rdata & save the record containing the +# string with "v=DKIM1;". If string exists, save domain name in DomainsWithDkim array. DomainsWithDkim contains DkimConfig.Domain if { some DkimConfig in input.dkim_config DkimConfig.Enabled == true + some DkimRecord in input.dkim_records DkimRecord.domain == DkimConfig.Domain ValidAnswers := [Answer | some Answer in DkimRecord.rdata; startswith(Answer, "v=DKIM1;")] @@ -97,20 +135,37 @@ DomainsWithDkim contains DkimConfig.Domain if { tests contains { "PolicyId": "MS.EXO.3.1v1", "Criticality": "Should", - "Commandlet": ["Get-DkimSigningConfig", "Get-ScubaDkimRecords", "Get-AcceptedDomain"], - "ActualValue": [input.dkim_records, input.dkim_config], + "Commandlet": [ + "Get-DkimSigningConfig", + "Get-ScubaDkimRecords", + "Get-AcceptedDomain" + ], + "ActualValue": [ + input.dkim_records, + input.dkim_config + ], "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, AllDomains), "RequirementMet": Status } if { + # Get domains that are not in DomainsWithDkim array DomainsWithoutDkim := AllDomains - DomainsWithDkim Status := count(DomainsWithoutDkim) == 0 } #-- + +############ +# MS.EXO.4 # +############ + # # MS.EXO.4.1v1 #-- + +# Loop through domain dmarc records. Parse each record's rdata for the +# string with "v=DMARC1;". If string does not exist, save domain name +# in DomainsWithoutDmarc array. DomainsWithoutDmarc contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records ValidAnswers := [Answer | some Answer in DmarcRecord.rdata; startswith(Answer, "v=DMARC1;")] @@ -120,7 +175,10 @@ DomainsWithoutDmarc contains DmarcRecord.domain if { tests contains { "PolicyId": "MS.EXO.4.1v1", "Criticality": "Shall", - "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "Commandlet": [ + "Get-ScubaDmarcRecords", + "Get-AcceptedDomain" + ], "ActualValue": input.dmarc_records, "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status @@ -134,6 +192,10 @@ tests contains { # # MS.EXO.4.2v1 #-- + +# Loop through domain dmarc records. Parse each record's rdata for the +# string with "p=reject;". If string does not exist, save domain name +# in DomainsWithoutPreject array. DomainsWithoutPreject contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records ValidAnswers := [Answer | some Answer in DmarcRecord.rdata; contains(Answer, "p=reject;")] @@ -143,7 +205,10 @@ DomainsWithoutPreject contains DmarcRecord.domain if { tests contains { "PolicyId": "MS.EXO.4.2v1", "Criticality": "Shall", - "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "Commandlet": [ + "Get-ScubaDmarcRecords", + "Get-AcceptedDomain" + ], "ActualValue": input.dmarc_records, "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status @@ -157,6 +222,12 @@ tests contains { # # MS.EXO.4.3v1 #-- + +# Loop through domain dmarc records. Parse each record's rdata & split +# string at ";". Parse the split string for substring that contains "rua=". +# Save substrings in RuaFields & check if "mailto:reports@dmarc.cyber.dhs.gov" +# is contained in RuaFields. Is email does not exist, save domain in +# DomainsWithoutDHSContact array. DomainsWithoutDHSContact contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records some Rdata in DmarcRecord.rdata @@ -165,6 +236,8 @@ DomainsWithoutDHSContact contains DmarcRecord.domain if { count(ValidAnswers) == 0 } +# Loop through domain dmarc records. if rdata does not exist, +# save domain in DomainsWithoutDHSContact array. DomainsWithoutDHSContact contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records count(DmarcRecord.rdata) == 0 # failed dns query @@ -173,7 +246,10 @@ DomainsWithoutDHSContact contains DmarcRecord.domain if { tests contains { "PolicyId": "MS.EXO.4.3v1", "Criticality": "Shall", - "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "Commandlet": [ + "Get-ScubaDmarcRecords", + "Get-AcceptedDomain" + ], "ActualValue": input.dmarc_records, "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status @@ -187,6 +263,17 @@ tests contains { # # MS.EXO.4.4v1 #-- + +# Loop through domain dmarc records. Parse each record's rdata & split +# string at ";". Parse the split string for substring that contains "rua=". +# Save substrings in RuaFields. Parse the split string for substring that +# contains "ruf=". Save substrings in RufFields. Check RuaFields contain 2 +# or more emails by spliting substring at "@" & save boolean result if any +# substrings pass in RuaCountAcceptable. Check RufFields contain 1 or more +# emails by spliting substring at "@" & save boolean result if any +# substrings pass in RufCountAcceptable. If RuaCountAcceptable OR +# RufCountAcceptable failed, save domain name in DomainsWithoutAgencyContact +# array. DomainsWithoutAgencyContact contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records some Rdata in DmarcRecord.rdata @@ -206,6 +293,8 @@ DomainsWithoutAgencyContact contains DmarcRecord.domain if { count(FilterArray(Conditions, false)) > 0 } +# Loop through domain dmarc records. if rdata does not exist, +# save domain in DomainsWithoutDHSContact array. DomainsWithoutAgencyContact contains DmarcRecord.domain if { some DmarcRecord in input.dmarc_records count(DmarcRecord.rdata) == 0 # failed dns query @@ -214,7 +303,10 @@ DomainsWithoutAgencyContact contains DmarcRecord.domain if { tests contains { "PolicyId": "MS.EXO.4.4v1", "Criticality": "Should", - "Commandlet": ["Get-ScubaDmarcRecords", "Get-AcceptedDomain"], + "Commandlet": [ + "Get-ScubaDmarcRecords", + "Get-AcceptedDomain" + ], "ActualValue": input.dmarc_records, "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status @@ -225,10 +317,18 @@ tests contains { #-- + +############ +# MS.EXO.5 # +############ + # # MS.EXO.5.1v1 #-- +# Loop through email config & check if smtp client auth +# is not disabled. If so, save the name in SmtpClientAuthEnabled +# array. SmtpClientAuthEnabled contains TransportConfig.Name if { some TransportConfig in input.transport_config TransportConfig.SmtpClientAuthenticationDisabled == false @@ -247,10 +347,18 @@ tests contains { #-- + +############ +# MS.EXO.6 # +############ + # # MS.EXO.6.1v1 #-- +# Loop through saring policies, then loop through domains in the policy. +# if a domain is "*" & contains "Contacts", save the policy name in +# SharingPolicyContactsAllowedAllDomains array. SharingPolicyContactsAllowedAllDomains contains SharingPolicy.Name if { some SharingPolicy in input.sharing_policy some Domains in SharingPolicy.Domains @@ -278,6 +386,9 @@ tests contains { # MS.EXO.6.2v1 #-- +# Loop through saring policies, then loop through domains in the policy. +# if a domain is "*" & contains "Calendar", save the policy name in +# SharingPolicyCalendarAllowedAllDomains array. SharingPolicyCalendarAllowedAllDomains contains SharingPolicy.Name if { some SharingPolicy in input.sharing_policy some Domains in SharingPolicy.Domains @@ -301,34 +412,50 @@ tests contains { #-- + +############ +# MS.EXO.7 # +############ + # # MS.EXO.7.1v1 #-- + +# Loop through email rules, if rule is: enabled, set to enforce, +# & PrependSubject >= 1, then save rule in EnabledRules +EnabledRules contains Rule if { + Rules := input.transport_rule + some Rule in Rules; + Rule.State == "Enabled"; + Rule.Mode == "Enforce"; + count(Rule.PrependSubject) >= 1 +} + tests contains { "PolicyId": "MS.EXO.7.1v1", "Criticality": "Shall", "Commandlet": ["Get-TransportRule"], - "ActualValue": [Rule.FromScope | some Rule in Rules], + "ActualValue": [Rule.FromScope | some Rule in input.transport_rule], "ReportDetails": ReportDetailsString(Status, ErrMessage), "RequirementMet": Status } if { - Rules := input.transport_rule + ErrMessage := "No transport rule found that applies warnings to emails received from outside the organization" - EnabledRules := [ - Rule | some Rule in Rules; - Rule.State == "Enabled"; - Rule.Mode == "Enforce"; - count(Rule.PrependSubject) >= 1 - ] - Conditions := [IsCorrectScope | IsCorrectScope := EnabledRules[_].FromScope == "NotInOrganization"] + Conditions := [ (Rule.FromScope == "NotInOrganization") | some Rule in EnabledRules] Status := count(FilterArray(Conditions, true)) > 0 } #-- + +############ +# MS.EXO.8 # +############ + # # MS.EXO.8.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.8.1v1", @@ -344,6 +471,7 @@ tests contains { # # MS.EXO.8.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.8.2v1", @@ -356,9 +484,15 @@ tests contains { #-- + +############ +# MS.EXO.9 # +############ + # # MS.EXO.9.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.9.1v1", @@ -374,6 +508,7 @@ tests contains { # # MS.EXO.9.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.9.2v1", @@ -389,6 +524,7 @@ tests contains { # # MS.EXO.9.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.9.3v1", @@ -401,9 +537,15 @@ tests contains { #-- + +############# +# MS.EXO.10 # +############# + # # MS.EXO.10.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.10.1v1", @@ -419,6 +561,7 @@ tests contains { # # MS.EXO.10.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.10.2v1", @@ -434,6 +577,7 @@ tests contains { # # MS.EXO.10.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.10.3v1", @@ -446,9 +590,15 @@ tests contains { #-- + +############# +# MS.EXO.11 # +############# + # # MS.EXO.11.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.11.1v1", @@ -464,6 +614,7 @@ tests contains { # # MS.EXO.11.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.11.2v1", @@ -479,6 +630,7 @@ tests contains { # # MS.EXO.11.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.11.3v1", @@ -491,10 +643,17 @@ tests contains { #-- + +############# +# MS.EXO.12 # +############# + # # MS.EXO.12.1v1 #-- +# Loop thorugh connection filter. If filter has an IP allow +# list, save the filter name to ConnFiltersWithIPAllowList array. ConnFiltersWithIPAllowList contains ConnFilter.Name if { some ConnFilter in input.conn_filter count(ConnFilter.IPAllowList) > 0 @@ -520,6 +679,9 @@ tests contains { # MS.EXO.12.2v1 #-- +# Loop thorugh connection filter. If filter has safe +# list enabled, save filter name to ConnFiltersWithSafeList +# array. ConnFiltersWithSafeList contains ConnFilter.Name if { some ConnFilter in input.conn_filter ConnFilter.EnableSafeList == true @@ -541,10 +703,18 @@ tests contains { #-- + +############# +# MS.EXO.13 # +############# + # # MS.EXO.13.1v1 #-- -AuditEnabled contains OrgConfig.Name if { + +# Loop for organization config. If Audit is disabled, +# Save the config name in AuditDisabled array. +AuditDisabled contains OrgConfig.Name if { some OrgConfig in input.org_config OrgConfig.AuditDisabled == true } @@ -557,14 +727,20 @@ tests contains { "ReportDetails": ReportDetailsBoolean(Status), "RequirementMet": Status } if { - Status := count(AuditEnabled) == 0 + Status := count(AuditDisabled) == 0 } #-- + +############# +# MS.EXO.14 # +############# + # # MS.EXO.14.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.14.1v1", @@ -580,6 +756,7 @@ tests contains { # # MS.EXO.14.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.14.2v1", @@ -595,6 +772,7 @@ tests contains { # # MS.EXO.14.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.14.3v1", @@ -607,9 +785,15 @@ tests contains { #-- + +############# +# MS.EXO.15 # +############# + # # MS.EXO.15.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.15.1v1", @@ -625,6 +809,7 @@ tests contains { # # MS.EXO.15.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.15.2v1", @@ -640,6 +825,7 @@ tests contains { # # MS.EXO.15.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.15.3v1", @@ -652,9 +838,15 @@ tests contains { #-- + +############# +# MS.EXO.16 # +############# + # # MS.EXO.16.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.16.1v1", @@ -670,6 +862,7 @@ tests contains { # # MS.EXO.16.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.16.2v1", @@ -682,9 +875,15 @@ tests contains { #-- + +############# +# MS.EXO.17 # +############# + # # MS.EXO.17.1v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.17.1v1", @@ -700,6 +899,7 @@ tests contains { # # MS.EXO.17.2v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.17.2v1", @@ -715,6 +915,7 @@ tests contains { # # MS.EXO.17.3v1 #-- + # At this time we are unable to test because settings are configured in M365 Defender or using a third-party app tests contains { "PolicyId": "MS.EXO.17.3v1", From ad0913076e9a186e350afb15c3c9dd39b200158e Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Tue, 28 Nov 2023 11:15:57 -0500 Subject: [PATCH 04/11] update syntax for constant update syntax for constant --- Rego/EXOConfig.rego | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index 412e113742..a17157930c 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -24,7 +24,7 @@ FilterArray(Conditions, Boolean) := [Condition | some Condition in Conditions; C # this should be allowed https://github.com/StyraInc/regal/issues/415 # regal ignore:prefer-set-or-object-rule -AllDomains := {Domain.domain | some Domain in input.spf_records} +ALLDOMAINS := {Domain.domain | some Domain in input.spf_records} ############ @@ -100,7 +100,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": Domains, - "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), "RequirementMet": Status } if { Domains := DomainsWithoutSpf @@ -144,11 +144,11 @@ tests contains { input.dkim_records, input.dkim_config ], - "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, AllDomains), + "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, ALLDOMAINS), "RequirementMet": Status } if { # Get domains that are not in DomainsWithDkim array - DomainsWithoutDkim := AllDomains - DomainsWithDkim + DomainsWithoutDkim := ALLDOMAINS - DomainsWithDkim Status := count(DomainsWithoutDkim) == 0 } @@ -180,7 +180,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), "RequirementMet": Status } if { Domains := DomainsWithoutDmarc @@ -210,7 +210,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), "RequirementMet": Status } if { Domains := DomainsWithoutPreject @@ -251,7 +251,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), "RequirementMet": Status } if { Domains := DomainsWithoutDHSContact @@ -308,7 +308,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), + "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), "RequirementMet": Status } if { Domains := DomainsWithoutAgencyContact From fe18d13233c80e0b7253c4b523780063726cb4e0 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Tue, 28 Nov 2023 12:03:16 -0500 Subject: [PATCH 05/11] update for test package update for test package --- Testing/Unit/Rego/EXO/EXOConfig_01_test.rego | 11 ++-- Testing/Unit/Rego/EXO/EXOConfig_02_test.rego | 23 ++++---- Testing/Unit/Rego/EXO/EXOConfig_03_test.rego | 27 ++++----- Testing/Unit/Rego/EXO/EXOConfig_04_test.rego | 59 ++++++++++---------- Testing/Unit/Rego/EXO/EXOConfig_05_test.rego | 7 ++- Testing/Unit/Rego/EXO/EXOConfig_06_test.rego | 11 ++-- Testing/Unit/Rego/EXO/EXOConfig_07_test.rego | 21 +++---- Testing/Unit/Rego/EXO/EXOConfig_08_test.rego | 7 ++- Testing/Unit/Rego/EXO/EXOConfig_09_test.rego | 9 +-- Testing/Unit/Rego/EXO/EXOConfig_10_test.rego | 9 +-- Testing/Unit/Rego/EXO/EXOConfig_11_test.rego | 9 +-- Testing/Unit/Rego/EXO/EXOConfig_12_test.rego | 15 ++--- Testing/Unit/Rego/EXO/EXOConfig_13_test.rego | 7 ++- Testing/Unit/Rego/EXO/EXOConfig_14_test.rego | 9 +-- Testing/Unit/Rego/EXO/EXOConfig_15_test.rego | 9 +-- Testing/Unit/Rego/EXO/EXOConfig_16_test.rego | 7 ++- Testing/Unit/Rego/EXO/EXOConfig_17_test.rego | 9 +-- 17 files changed, 133 insertions(+), 116 deletions(-) diff --git a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego index 333ae32048..33678b6eca 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_AutoForwardEnabled_Correct if { PolicyId := "MS.EXO.1.1v1" - Output := tests with input as { + Output := exo.tests with input as { "remote_domains": [ { "AutoForwardEnabled" : false, @@ -27,7 +28,7 @@ test_AutoForwardEnabled_Correct if { test_AutoForwardEnabled_Incorrect_V1 if { PolicyId := "MS.EXO.1.1v1" - Output := tests with input as { + Output := exo.tests with input as { "remote_domains": [ { "AutoForwardEnabled" : true, @@ -46,7 +47,7 @@ test_AutoForwardEnabled_Incorrect_V1 if { test_AutoForwardEnabled_Incorrect_V2 if { PolicyId := "MS.EXO.1.1v1" - Output := tests with input as { + Output := exo.tests with input as { "remote_domains": [ { "AutoForwardEnabled" : true, @@ -69,7 +70,7 @@ test_AutoForwardEnabled_Incorrect_V2 if { test_AutoForwardEnabled_Incorrect_V3 if { PolicyId := "MS.EXO.1.1v1" - Output := tests with input as { + Output := exo.tests with input as { "remote_domains": [ { "AutoForwardEnabled" : true, diff --git a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego index 10976bb205..4f27acc2ff 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.NotCheckedDetails # @@ -8,7 +9,7 @@ import data.report.utils.NotCheckedDetails test_NotImplemented_Correct if { PolicyId := "MS.EXO.2.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_NotImplemented_Correct if { test_Rdata_Correct if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["v=spf1 "], @@ -43,7 +44,7 @@ test_Rdata_Correct if { test_Rdata_Correct_V2 if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["v=spf1 something"], @@ -62,7 +63,7 @@ test_Rdata_Correct_V2 if { test_Rdata_Incorrect if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["spf1 "], @@ -81,7 +82,7 @@ test_Rdata_Incorrect if { test_Rdata_Incorrect_V2 if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : [""], @@ -100,7 +101,7 @@ test_Rdata_Incorrect_V2 if { test_Rdata_Incorrect_V3 if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["v=spf1 "], @@ -133,10 +134,10 @@ test_Rdata_Incorrect_V3 if { test_Rdata_Multiple_Correct_V1 if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["v=spf1 ", "extra stuff that shouldn't matter"], + "rdata" : ["v=spf1 ", "extra stuff that shouldn't matter"], "domain" : "good.com" }, ] @@ -152,7 +153,7 @@ test_Rdata_Multiple_Correct_V1 if { test_Rdata_Multiple_Correct_V2 if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["extra stuff that shouldn't matter", "v=spf1 "], @@ -171,7 +172,7 @@ test_Rdata_Multiple_Correct_V2 if { test_Rdata_Multiple_Incorrect if { PolicyId := "MS.EXO.2.2v1" - Output := tests with input as { + Output := exo.tests with input as { "spf_records": [ { "rdata" : ["extra stuff that shouldn't matter", "hello world"], diff --git a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego index caee33a896..b4881ec586 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_Enabled_Correct_V1 if { PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -30,7 +31,7 @@ test_Enabled_Correct_V1 if { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] - + count(RuleOutput) == 1 RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "Requirement met" @@ -40,7 +41,7 @@ test_Enabled_Correct_V2 if { # Test with correct default domain PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -84,7 +85,7 @@ test_Enabled_Correct_V3 if { # Test for multiple custom domains PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -128,7 +129,7 @@ test_Enabled_Correct_V4 if { # Test for no custom domains, just the default domain PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -159,10 +160,10 @@ test_Enabled_Correct_V4 if { test_Enabled_Incorrect if { PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : false, + "Enabled" : false, "Domain" : "test.name" } ], @@ -190,7 +191,7 @@ test_Enabled_Incorrect if { test_Rdata_Incorrect if { PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -221,7 +222,7 @@ test_Rdata_Incorrect if { test_Rdata_Incorrect_V2 if { PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -243,7 +244,7 @@ test_Rdata_Incorrect_V2 if { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] - + count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" @@ -252,7 +253,7 @@ test_Rdata_Incorrect_V2 if { test_Enabled_Incorrect_V3 if { PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, @@ -296,7 +297,7 @@ test_Enabled_Incorrect_V4 if { # Test with incorrect default domain PolicyId := "MS.EXO.3.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dkim_config": [ { "Enabled" : true, diff --git a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego index 591ba337f5..f8b5b415ab 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,10 +9,10 @@ import future.keywords test_Rdata_Correct if { PolicyId := "MS.EXO.4.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records":[ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], "domain" : "test.name" } ], @@ -33,7 +34,7 @@ test_Rdata_Correct if { test_Rdata_Incorrect if { PolicyId := "MS.EXO.4.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records":[ { "rdata" : [], @@ -58,7 +59,7 @@ test_Rdata_Incorrect if { test_Rdata_Incorrect_V2 if { PolicyId := "MS.EXO.4.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records":[ { "rdata" : ["v=DMARC1"], @@ -83,10 +84,10 @@ test_Rdata_Incorrect_V2 if { test_Rdata_Incorrect_V3 if { PolicyId := "MS.EXO.4.1v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], "domain" : "test.name" }, { @@ -119,10 +120,10 @@ test_Rdata_Incorrect_V3 if { test_Rdata_Correct_V2 if { PolicyId := "MS.EXO.4.2v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], "domain" : "test.name" } ], @@ -144,10 +145,10 @@ test_Rdata_Correct_V2 if { test_Rdata_Incorrect_V4 if { PolicyId := "MS.EXO.4.2v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=none; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], + "rdata" : ["v=DMARC1; p=none; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], "domain" : "test.name" } ], @@ -169,10 +170,10 @@ test_Rdata_Incorrect_V4 if { test_Rdata_Incorrect_V5 if { PolicyId := "MS.EXO.4.2v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], + "rdata" : ["v=DMARC1; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], "domain" : "test.name" } ], @@ -197,10 +198,10 @@ test_Rdata_Incorrect_V5 if { test_DMARCReport_Correct_V1 if { PolicyId := "MS.EXO.4.3v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], "domain" : "test.name" } ], @@ -222,7 +223,7 @@ test_DMARCReport_Correct_V1 if { test_DMARCReport_Incorrect_V1 if { PolicyId := "MS.EXO.4.3v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100;"], @@ -247,10 +248,10 @@ test_DMARCReport_Incorrect_V1 if { test_DMARCReport_Incorrect_V2 if { PolicyId := "MS.EXO.4.3v1" - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@wrong.address"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@wrong.address"], "domain" : "test.name" } ], @@ -272,7 +273,7 @@ test_DMARCReport_Incorrect_V2 if { test_DMARCReport_Incorrect_V3 if { PolicyId := "MS.EXO.4.3v1" # empty rdata - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : [], @@ -300,10 +301,10 @@ test_DMARCReport_Incorrect_V3 if { test_POC_Correct_V1 if { PolicyId := "MS.EXO.4.4v1" # 2 emails in rua= and 1 in ruf - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov; ruf=agencyemail@hq.dhs.gov"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov; ruf=agencyemail@hq.dhs.gov"], "domain" : "test.name" } ], @@ -325,10 +326,10 @@ test_POC_Correct_V1 if { test_POC_Correct_V1 if { PolicyId := "MS.EXO.4.4v1" # 2+ emails in rua= and 1+ in ruf - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov, mailto:test@example.com; ruf=agencyemail@hq.dhs.gov, test@test.com"], + "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov, mailto:test@example.com; ruf=agencyemail@hq.dhs.gov, test@test.com"], "domain" : "test.name" } ], @@ -350,7 +351,7 @@ test_POC_Correct_V1 if { test_POC_Incorrect_V1 if { PolicyId := "MS.EXO.4.4v1" # Only 1 rua - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov"], @@ -375,7 +376,7 @@ test_POC_Incorrect_V1 if { test_POC_Incorrect_V2 if { PolicyId := "MS.EXO.4.4v1" # Only 2 emails in rua no ruf - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@exo.com"], @@ -400,7 +401,7 @@ test_POC_Incorrect_V2 if { test_POC_Incorrect_V3 if { PolicyId := "MS.EXO.4.4v1" # Only 1 ruf no rua - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=test@exo.com"], @@ -425,7 +426,7 @@ test_POC_Incorrect_V3 if { test_POC_Incorrect_V4 if { PolicyId := "MS.EXO.4.4v1" # 2 domains 1 fails rua/ruf number - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], @@ -458,7 +459,7 @@ test_POC_Incorrect_V4 if { test_POC_Incorrect_V5 if { PolicyId := "MS.EXO.4.4v1" # 2 domains 1 fails rua # of email policy requirement - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], @@ -491,7 +492,7 @@ test_POC_Incorrect_V5 if { test_POC_Incorrect_V5 if { PolicyId := "MS.EXO.4.4v1" # 2 domains 1 domain failed DNS query. Empty rdata - Output := tests with input as { + Output := exo.tests with input as { "dmarc_records": [ { "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], diff --git a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego index f985c4adda..0697e00efa 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_SmtpClientAuthenticationDisabled_Correct if { PolicyId := "MS.EXO.5.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_config": [ { @@ -28,7 +29,7 @@ test_SmtpClientAuthenticationDisabled_Correct if { test_SmtpClientAuthenticationDisabled_Incorrect if { PolicyId := "MS.EXO.5.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_config": [ { "SmtpClientAuthenticationDisabled" : false, diff --git a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego index e339da6bdd..52a2efa8c4 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_Domains_Contacts_Correct if { PolicyId := "MS.EXO.6.1v1" - Output := tests with input as { + Output := exo.tests with input as { "sharing_policy": [ { "Domains" : [ @@ -30,7 +31,7 @@ test_Domains_Contacts_Correct if { test_Domains_Contacts_Incorrect if { PolicyId := "MS.EXO.6.1v1" - Output := tests with input as { + Output := exo.tests with input as { "sharing_policy": [ { "Domains" : [ @@ -60,7 +61,7 @@ test_Domains_Contacts_Incorrect if { test_Domains_Calendar_Correct if { PolicyId := "MS.EXO.6.2v1" - Output := tests with input as { + Output := exo.tests with input as { "sharing_policy": [ { "Domains" : [ @@ -82,7 +83,7 @@ test_Domains_Calendar_Correct if { test_Domains_Calendar_Incorrect if { PolicyId := "MS.EXO.6.2v1" - Output := tests with input as { + Output := exo.tests with input as { "sharing_policy": [ { "Domains" : [ diff --git a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego index 3a95a161fe..0beea62f82 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_FromScope_Correct if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "NotInOrganization", @@ -29,7 +30,7 @@ test_FromScope_Correct if { test_FromScope_IncorrectV1 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "", @@ -50,7 +51,7 @@ test_FromScope_IncorrectV1 if { test_FromScope_IncorrectV2 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "NotInOrganization", @@ -71,7 +72,7 @@ test_FromScope_IncorrectV2 if { test_FromScope_IncorrectV3 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "", @@ -92,7 +93,7 @@ test_FromScope_IncorrectV3 if { test_FromScope_IncorrectV4 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "NotInOrganization", @@ -113,7 +114,7 @@ test_FromScope_IncorrectV4 if { test_FromScope_Multiple_Correct if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "", @@ -152,7 +153,7 @@ test_FromScope_Multiple_Correct if { test_FromScope_Multiple_Incorrect if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "", @@ -203,7 +204,7 @@ test_FromScope_Multiple_Incorrect if { test_PrependSubject_IncorrectV1 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "NotInOrganization", @@ -224,7 +225,7 @@ test_PrependSubject_IncorrectV1 if { test_PrependSubject_IncorrectV2 if { PolicyId := "MS.EXO.7.1v1" - Output := tests with input as { + Output := exo.tests with input as { "transport_rule": [ { "FromScope" : "NotInOrganization", diff --git a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego index 25614ae0f5..e794af6ce0 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.8.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -22,7 +23,7 @@ test_3rdParty_Correct_V1 if { #-- test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.8.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego index dc4e86bda4..97c681381b 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.9.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.9.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -37,7 +38,7 @@ test_3rdParty_Correct_V2 if { #-- test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.9.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego index d31a9a38d7..26c286aa57 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.10.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.10.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -38,7 +39,7 @@ test_3rdParty_Correct_V2 if { test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.10.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego index e231bfd236..7f24555c2a 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.11.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.11.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -38,7 +39,7 @@ test_3rdParty_Correct_V2 if { test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.11.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego index 447513baac..486671942a 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_IPAllowList_Correct_V1 if { PolicyId := "MS.EXO.12.1v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { "IPAllowList" : [], @@ -28,7 +29,7 @@ test_IPAllowList_Correct_V1 if { test_IPAllowList_Correct_V2 if { PolicyId := "MS.EXO.12.1v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { @@ -49,7 +50,7 @@ test_IPAllowList_Correct_V2 if { test_IPAllowList_Incorrect if { PolicyId := "MS.EXO.12.1v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { "IPAllowList" : ["trust.me.please"], @@ -72,7 +73,7 @@ test_IPAllowList_Incorrect if { test_EnableSafeList_Correct_V1 if { PolicyId := "MS.EXO.12.2v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { "IPAllowList" : [], @@ -92,7 +93,7 @@ test_EnableSafeList_Correct_V1 if { test_EnableSafeList_Incorrect_V1 if { PolicyId := "MS.EXO.12.2v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { "IPAllowList" : [], @@ -112,7 +113,7 @@ test_EnableSafeList_Incorrect_V1 if { test_EnableSafeList_Correct_V2 if { PolicyId := "MS.EXO.12.2v1" - Output := tests with input as { + Output := exo.tests with input as { "conn_filter": [ { "IPAllowList" : ["this.shouldnt.matter"], diff --git a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego index 093ebb0225..d83953ac4d 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo # @@ -8,7 +9,7 @@ import future.keywords test_AuditDisabled_Correct if { PolicyId := "MS.EXO.13.1v1" - Output := tests with input as { + Output := exo.tests with input as { "org_config": [ { @@ -29,7 +30,7 @@ test_AuditDisabled_Correct if { test_AuditDisabled_Incorrect if { PolicyId := "MS.EXO.13.1v1" - Output := tests with input as { + Output := exo.tests with input as { "org_config": [ { "AuditDisabled" : true, diff --git a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego index bea7f176b6..c544451fd4 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.14.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.14.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -38,7 +39,7 @@ test_3rdParty_Correct_V2 if { test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.14.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego index 3fde7bc27c..c2699ff823 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.15.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.15.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -38,7 +39,7 @@ test_3rdParty_Correct_V2 if { test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.15.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego index 85fad12cb8..ec53710b8d 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.16.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.16.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] diff --git a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego index 6af91fd238..af45ad64d4 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego @@ -1,5 +1,6 @@ -package exo +package exo_test import future.keywords +import data.exo import data.report.utils.DefenderMirrorDetails # @@ -8,7 +9,7 @@ import data.report.utils.DefenderMirrorDetails test_3rdParty_Correct_V1 if { PolicyId := "MS.EXO.17.1v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -23,7 +24,7 @@ test_3rdParty_Correct_V1 if { test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.17.2v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] @@ -38,7 +39,7 @@ test_3rdParty_Correct_V2 if { test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.17.3v1" - Output := tests with input as { } + Output := exo.tests with input as { } RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] From e42ec006e9f955b5030d20a27471774ef2f581fe Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Thu, 30 Nov 2023 16:04:18 -0500 Subject: [PATCH 06/11] fix policy indicated comments fix policy indicated comments --- Rego/EXOConfig.rego | 39 +------------------- Testing/Unit/Rego/EXO/EXOConfig_01_test.rego | 1 + Testing/Unit/Rego/EXO/EXOConfig_02_test.rego | 5 ++- Testing/Unit/Rego/EXO/EXOConfig_03_test.rego | 3 +- Testing/Unit/Rego/EXO/EXOConfig_04_test.rego | 6 ++- Testing/Unit/Rego/EXO/EXOConfig_05_test.rego | 3 +- Testing/Unit/Rego/EXO/EXOConfig_06_test.rego | 3 +- Testing/Unit/Rego/EXO/EXOConfig_07_test.rego | 3 +- Testing/Unit/Rego/EXO/EXOConfig_08_test.rego | 5 ++- Testing/Unit/Rego/EXO/EXOConfig_09_test.rego | 6 ++- Testing/Unit/Rego/EXO/EXOConfig_10_test.rego | 6 ++- Testing/Unit/Rego/EXO/EXOConfig_11_test.rego | 4 ++ Testing/Unit/Rego/EXO/EXOConfig_12_test.rego | 4 +- Testing/Unit/Rego/EXO/EXOConfig_13_test.rego | 3 +- Testing/Unit/Rego/EXO/EXOConfig_14_test.rego | 6 ++- Testing/Unit/Rego/EXO/EXOConfig_15_test.rego | 6 ++- Testing/Unit/Rego/EXO/EXOConfig_16_test.rego | 5 ++- Testing/Unit/Rego/EXO/EXOConfig_17_test.rego | 6 ++- 18 files changed, 61 insertions(+), 53 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index a17157930c..e420408763 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -55,7 +55,6 @@ tests contains { ErrMessage := Description(Format(Domains), ErrString , concat(", ", Domains)) Status := count(Domains) == 0 } - #-- @@ -76,7 +75,6 @@ tests contains { "ReportDetails": NotCheckedDetails("MS.EXO.2.1v1"), "RequirementMet": false } - #-- # @@ -106,7 +104,6 @@ tests contains { Domains := DomainsWithoutSpf Status := count(Domains) == 0 } - #-- @@ -151,7 +148,6 @@ tests contains { DomainsWithoutDkim := ALLDOMAINS - DomainsWithDkim Status := count(DomainsWithoutDkim) == 0 } - #-- @@ -186,7 +182,6 @@ tests contains { Domains := DomainsWithoutDmarc Status := count(Domains) == 0 } - #-- # @@ -216,7 +211,6 @@ tests contains { Domains := DomainsWithoutPreject Status := count(Domains) == 0 } - #-- # @@ -257,7 +251,6 @@ tests contains { Domains := DomainsWithoutDHSContact Status := count(Domains) == 0 } - #-- # @@ -314,7 +307,6 @@ tests contains { Domains := DomainsWithoutAgencyContact Status := count(Domains) == 0 } - #-- @@ -344,7 +336,6 @@ tests contains { } if { Status := count(SmtpClientAuthEnabled) == 0 } - #-- @@ -379,7 +370,6 @@ tests contains { ErrMessage := Description(Format(ContactsSharingPolicies), ErrString , concat(", ", ContactsSharingPolicies)) Status := count(ContactsSharingPolicies) == 0 } - #-- # @@ -409,7 +399,6 @@ tests contains { ErrMessage := Description(Format(CalendarSharingPolicies), ErrString , concat(", ", CalendarSharingPolicies)) Status := count(CalendarSharingPolicies) == 0 } - #-- @@ -444,7 +433,6 @@ tests contains { Conditions := [ (Rule.FromScope == "NotInOrganization") | some Rule in EnabledRules] Status := count(FilterArray(Conditions, true)) > 0 } - #-- @@ -465,7 +453,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.8.1v1"), "RequirementMet": false } - #-- # @@ -481,7 +468,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.8.2v1"), "RequirementMet": false } - #-- @@ -502,7 +488,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.9.1v1"), "RequirementMet": false } - #-- # @@ -518,7 +503,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.9.2v1"), "RequirementMet": false } - #-- # @@ -534,7 +518,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.9.3v1"), "RequirementMet": false } - #-- @@ -555,7 +538,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.10.1v1"), "RequirementMet": false } - #-- # @@ -571,7 +553,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.10.2v1"), "RequirementMet": false } - #-- # @@ -587,7 +568,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.10.3v1"), "RequirementMet": false } - #-- @@ -608,7 +588,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.11.1v1"), "RequirementMet": false } - #-- # @@ -624,7 +603,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.11.2v1"), "RequirementMet": false } - #-- # @@ -640,7 +618,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.11.3v1"), "RequirementMet": false } - #-- @@ -672,7 +649,6 @@ tests contains { ErrMessage := Description(Format(ConnFilterPolicies), ErrString , concat(", ", ConnFilterPolicies)) Status := count(ConnFilterPolicies) == 0 } - #-- # @@ -700,7 +676,6 @@ tests contains { ErrMessage := Description(Format(ConnFilterPolicies), ErrString , concat(", ", ConnFilterPolicies)) Status := count(ConnFilterPolicies) == 0 } - #-- @@ -729,7 +704,6 @@ tests contains { } if { Status := count(AuditDisabled) == 0 } - #-- @@ -750,7 +724,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.14.1v1"), "RequirementMet": false } - #-- # @@ -766,7 +739,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.14.2v1"), "RequirementMet": false } - #-- # @@ -782,7 +754,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.14.3v1"), "RequirementMet": false } - #-- @@ -803,7 +774,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.15.1v1"), "RequirementMet": false } - #-- # @@ -819,7 +789,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.15.2v1"), "RequirementMet": false } - #-- # @@ -835,7 +804,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.15.3v1"), "RequirementMet": false } - #-- @@ -856,7 +824,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.16.1v1"), "RequirementMet": false } - #-- # @@ -872,7 +839,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.16.2v1"), "RequirementMet": false } - #-- @@ -893,7 +859,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.17.1v1"), "RequirementMet": false } - #-- # @@ -909,7 +874,6 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.17.2v1"), "RequirementMet": false } - #-- # @@ -925,5 +889,4 @@ tests contains { "ReportDetails": DefenderMirrorDetails("MS.EXO.17.3v1"), "RequirementMet": false } - -#-- +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego index 33678b6eca..598bd1c3f1 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego @@ -93,3 +93,4 @@ test_AutoForwardEnabled_Incorrect_V3 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" } +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego index 4f27acc2ff..25c5d96422 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.NotCheckedDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_NotImplemented_Correct if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == NotCheckedDetails(PolicyId) } +#-- # # Policy 2 @@ -186,4 +188,5 @@ test_Rdata_Multiple_Incorrect if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: bad.com" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego index b4881ec586..5bdfe5026c 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego @@ -335,4 +335,5 @@ test_Enabled_Incorrect_V4 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.onmicrosoft.com" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego index f8b5b415ab..4773c59059 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego @@ -113,6 +113,7 @@ test_Rdata_Incorrect_V3 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: bad.name" } +#-- # # Policy 2 @@ -191,6 +192,7 @@ test_Rdata_Incorrect_V5 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +#-- # # Policy 3 @@ -294,6 +296,7 @@ test_DMARCReport_Incorrect_V3 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +#-- # # Policy 4 @@ -520,4 +523,5 @@ test_POC_Incorrect_V5 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego index 0697e00efa..d266c7dd50 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego @@ -43,4 +43,5 @@ test_SmtpClientAuthenticationDisabled_Incorrect if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "Requirement not met" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego index 52a2efa8c4..a367e64fba 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego @@ -100,4 +100,5 @@ test_Domains_Calendar_Incorrect if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 sharing polic(ies) are sharing calendar details with all domains by default: A" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego index 0beea62f82..9bb994b01f 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego @@ -241,4 +241,5 @@ test_PrependSubject_IncorrectV2 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego index e794af6ce0..6c2c93286a 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -30,4 +32,5 @@ test_3rdParty_Correct_V2 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego index 97c681381b..652107a221 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -45,4 +48,5 @@ test_3rdParty_Correct_V3 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego index 26c286aa57..6fc7094a58 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -46,4 +49,5 @@ test_3rdParty_Correct_V3 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego index 7f24555c2a..d1aa741ba5 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -47,3 +50,4 @@ test_3rdParty_Correct_V3 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego index 486671942a..fe14673d0a 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego @@ -66,6 +66,7 @@ test_IPAllowList_Incorrect if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "1 connection filter polic(ies) with an IP allowlist: A" } +#-- # # Policy 2 @@ -128,4 +129,5 @@ test_EnableSafeList_Correct_V2 if { count(RuleOutput) == 1 RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "Requirement met" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego index d83953ac4d..e3297630fb 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego @@ -45,4 +45,5 @@ test_AuditDisabled_Incorrect if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == "Requirement not met" -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego index c544451fd4..a9560bfdd3 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -46,4 +49,5 @@ test_3rdParty_Correct_V3 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego index c2699ff823..32b7258898 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -46,4 +49,5 @@ test_3rdParty_Correct_V3 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego index ec53710b8d..65c4709323 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -31,4 +33,5 @@ test_3rdParty_Correct_V2 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego index af45ad64d4..76ad3e07df 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego @@ -3,6 +3,7 @@ import future.keywords import data.exo import data.report.utils.DefenderMirrorDetails + # # Policy 1 #-- @@ -17,6 +18,7 @@ test_3rdParty_Correct_V1 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 2 @@ -32,6 +34,7 @@ test_3rdParty_Correct_V2 if { not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } +#-- # # Policy 3 @@ -46,4 +49,5 @@ test_3rdParty_Correct_V3 if { count(RuleOutput) == 1 not RuleOutput[0].RequirementMet RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) -} \ No newline at end of file +} +#-- \ No newline at end of file From ff637d3973e49b87f5d44d6da4116f19babca807 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Fri, 1 Dec 2023 12:20:45 -0500 Subject: [PATCH 07/11] fix json formatting & rego formatting fix json formatting & rego formatting --- Testing/Unit/Rego/EXO/EXOConfig_01_test.rego | 44 +-- Testing/Unit/Rego/EXO/EXOConfig_02_test.rego | 105 ++++-- Testing/Unit/Rego/EXO/EXOConfig_03_test.rego | 248 +++++++----- Testing/Unit/Rego/EXO/EXOConfig_04_test.rego | 378 ++++++++++++------- Testing/Unit/Rego/EXO/EXOConfig_05_test.rego | 21 +- Testing/Unit/Rego/EXO/EXOConfig_06_test.rego | 28 +- Testing/Unit/Rego/EXO/EXOConfig_07_test.rego | 138 +++---- Testing/Unit/Rego/EXO/EXOConfig_08_test.rego | 8 +- Testing/Unit/Rego/EXO/EXOConfig_09_test.rego | 12 +- Testing/Unit/Rego/EXO/EXOConfig_10_test.rego | 12 +- Testing/Unit/Rego/EXO/EXOConfig_11_test.rego | 12 +- Testing/Unit/Rego/EXO/EXOConfig_12_test.rego | 58 +-- Testing/Unit/Rego/EXO/EXOConfig_13_test.rego | 23 +- Testing/Unit/Rego/EXO/EXOConfig_14_test.rego | 12 +- Testing/Unit/Rego/EXO/EXOConfig_15_test.rego | 12 +- Testing/Unit/Rego/EXO/EXOConfig_16_test.rego | 8 +- Testing/Unit/Rego/EXO/EXOConfig_17_test.rego | 12 +- 17 files changed, 649 insertions(+), 482 deletions(-) diff --git a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego index 598bd1c3f1..b871eeb8d4 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego @@ -12,16 +12,16 @@ test_AutoForwardEnabled_Correct if { Output := exo.tests with input as { "remote_domains": [ { - "AutoForwardEnabled" : false, - "DomainName" : "Test name" + "AutoForwardEnabled": false, + "DomainName": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -31,16 +31,16 @@ test_AutoForwardEnabled_Incorrect_V1 if { Output := exo.tests with input as { "remote_domains": [ { - "AutoForwardEnabled" : true, - "DomainName" : "Test name" + "AutoForwardEnabled": true, + "DomainName": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 remote domain(s) that allows automatic forwarding: Test name" } @@ -50,20 +50,20 @@ test_AutoForwardEnabled_Incorrect_V2 if { Output := exo.tests with input as { "remote_domains": [ { - "AutoForwardEnabled" : true, - "DomainName" : "Test name" + "AutoForwardEnabled": true, + "DomainName": "Test name" }, { - "AutoForwardEnabled" : true, - "DomainName" : "Test name 2" + "AutoForwardEnabled": true, + "DomainName": "Test name 2" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" } @@ -73,24 +73,24 @@ test_AutoForwardEnabled_Incorrect_V3 if { Output := exo.tests with input as { "remote_domains": [ { - "AutoForwardEnabled" : true, - "DomainName" : "Test name" + "AutoForwardEnabled": true, + "DomainName": "Test name" }, { - "AutoForwardEnabled" : true, - "DomainName" : "Test name 2" + "AutoForwardEnabled": true, + "DomainName": "Test name 2" }, { - "AutoForwardEnabled" : false, - "DomainName" : "Test name 3" + "AutoForwardEnabled": false, + "DomainName": "Test name 3" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego index 25c5d96422..60bbd44ded 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego @@ -12,10 +12,10 @@ test_NotImplemented_Correct if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == NotCheckedDetails(PolicyId) } #-- @@ -29,17 +29,19 @@ test_Rdata_Correct if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["v=spf1 "], - "domain" : "Test name" + "rdata": [ + "v=spf1 " + ], + "domain": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -49,16 +51,18 @@ test_Rdata_Correct_V2 if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["v=spf1 something"], - "domain" : "Test name" + "rdata": [ + "v=spf1 something" + ], + "domain": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -68,16 +72,18 @@ test_Rdata_Incorrect if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "Test name" + "rdata": [ + "spf1 " + ], + "domain": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: Test name" } @@ -87,16 +93,18 @@ test_Rdata_Incorrect_V2 if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : [""], - "domain" : "Test name" + "rdata": [ + "" + ], + "domain": "Test name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: Test name" } @@ -106,24 +114,30 @@ test_Rdata_Incorrect_V3 if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["v=spf1 "], - "domain" : "good.com" + "rdata": [ + "v=spf1 " + ], + "domain": "good.com" }, { - "rdata" : [""], - "domain" : "bad.com" + "rdata": [ + "" + ], + "domain": "bad.com" }, { - "rdata" : [""], - "domain" : "2bad.com" + "rdata": [ + "" + ], + "domain": "2bad.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false contains(RuleOutput[0].ReportDetails, "2 of 3 agency domain(s) found in violation: ") startswith(RuleOutput[0].ReportDetails, "2 of 3 agency domain(s) found in violation: ") contains(RuleOutput[0].ReportDetails, "bad.com") # I'm not sure @@ -139,16 +153,19 @@ test_Rdata_Multiple_Correct_V1 if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["v=spf1 ", "extra stuff that shouldn't matter"], - "domain" : "good.com" - }, + "rdata": [ + "v=spf1 ", + "extra stuff that shouldn't matter" + ], + "domain": "good.com" + } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -158,16 +175,19 @@ test_Rdata_Multiple_Correct_V2 if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["extra stuff that shouldn't matter", "v=spf1 "], - "domain" : "good.com" - }, + "rdata": [ + "extra stuff that shouldn't matter", + "v=spf1 " + ], + "domain": "good.com" + } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -177,16 +197,19 @@ test_Rdata_Multiple_Incorrect if { Output := exo.tests with input as { "spf_records": [ { - "rdata" : ["extra stuff that shouldn't matter", "hello world"], - "domain" : "bad.com" - }, + "rdata": [ + "extra stuff that shouldn't matter", + "hello world" + ], + "domain": "bad.com" + } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: bad.com" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego index 5bdfe5026c..175cf6f476 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego @@ -12,148 +12,172 @@ test_Enabled_Correct_V1 if { Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# Test with correct default domain test_Enabled_Correct_V2 if { - # Test with correct default domain PolicyId := "MS.EXO.3.1v1" Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" }, { - "Enabled" : true, - "Domain" : "example.onmicrosoft.com" + "Enabled": true, + "Domain": "example.onmicrosoft.com" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" }, { - "rdata" : ["v=DKIM1;"], - "domain" : "example.onmicrosoft.com" + "rdata": [ + "v=DKIM1;" + ], + "domain": "example.onmicrosoft.com" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "example.onmicrosoft.com" + "rdata": [ + "spf1 " + ], + "domain": "example.onmicrosoft.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# Test for multiple custom domains test_Enabled_Correct_V3 if { - # Test for multiple custom domains PolicyId := "MS.EXO.3.1v1" Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" }, { - "Enabled" : true, - "Domain" : "test2.name" + "Enabled": true, + "Domain": "test2.name" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" }, { - "rdata" : ["v=DKIM1;"], - "domain" : "test2.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test2.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "test2.name" + "rdata": [ + "spf1 " + ], + "domain": "test2.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# Test for no custom domains, just the default domain test_Enabled_Correct_V4 if { - # Test for no custom domains, just the default domain PolicyId := "MS.EXO.3.1v1" Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "example.onmicrosoft.com" + "Enabled": true, + "Domain": "example.onmicrosoft.com" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "example.onmicrosoft.com" + "rdata": [ + "v=DKIM1;" + ], + "domain": "example.onmicrosoft.com" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "example.onmicrosoft.com" + "rdata": [ + "spf1 " + ], + "domain": "example.onmicrosoft.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -163,28 +187,32 @@ test_Enabled_Incorrect if { Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : false, - "Domain" : "test.name" + "Enabled": false, + "Domain": "test.name" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -194,28 +222,30 @@ test_Rdata_Incorrect if { Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" } ], "dkim_records": [ { - "rdata" : [], - "domain" : "test.name" + "rdata": [], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -225,28 +255,32 @@ test_Rdata_Incorrect_V2 if { Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" } ], "dkim_records": [ { - "rdata" : ["Hello World"], - "domain" : "test.name" + "rdata": [ + "Hello World" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -256,84 +290,98 @@ test_Enabled_Incorrect_V3 if { Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" }, { - "Enabled" : false, - "Domain" : "test2.name" + "Enabled": false, + "Domain": "test2.name" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" }, { - "rdata" : ["v=DKIM1;"], - "domain" : "test2.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test2.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "test2.name" + "rdata": [ + "spf1 " + ], + "domain": "test2.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: test2.name" } +# Test with incorrect default domain test_Enabled_Incorrect_V4 if { - # Test with incorrect default domain PolicyId := "MS.EXO.3.1v1" Output := exo.tests with input as { "dkim_config": [ { - "Enabled" : true, - "Domain" : "test.name" + "Enabled": true, + "Domain": "test.name" }, { - "Enabled" : false, - "Domain" : "example.onmicrosoft.com" + "Enabled": false, + "Domain": "example.onmicrosoft.com" } ], "dkim_records": [ { - "rdata" : ["v=DKIM1;"], - "domain" : "test.name" + "rdata": [ + "v=DKIM1;" + ], + "domain": "test.name" }, { - "rdata" : [], - "domain" : "example.onmicrosoft.com" # this should fail + "rdata": [], + "domain": "example.onmicrosoft.com" # this should fail } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "example.onmicrosoft.com" + "rdata": [ + "spf1 " + ], + "domain": "example.onmicrosoft.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.onmicrosoft.com" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego index 4773c59059..e25f58f8f8 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego @@ -10,24 +10,28 @@ test_Rdata_Correct if { PolicyId := "MS.EXO.4.1v1" Output := exo.tests with input as { - "dmarc_records":[ + "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -35,24 +39,26 @@ test_Rdata_Incorrect if { PolicyId := "MS.EXO.4.1v1" Output := exo.tests with input as { - "dmarc_records":[ + "dmarc_records": [ { - "rdata" : [], - "domain" : "test.name" + "rdata": [], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -60,24 +66,28 @@ test_Rdata_Incorrect_V2 if { PolicyId := "MS.EXO.4.1v1" Output := exo.tests with input as { - "dmarc_records":[ + "dmarc_records": [ { - "rdata" : ["v=DMARC1"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -87,30 +97,36 @@ test_Rdata_Incorrect_V3 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "test.name" }, { - "rdata" : [], - "domain" : "bad.name" + "rdata": [], + "domain": "bad.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "bad.name" + "rdata": [ + "spf1 " + ], + "domain": "bad.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: bad.name" } #-- @@ -124,22 +140,26 @@ test_Rdata_Correct_V2 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -149,22 +169,26 @@ test_Rdata_Incorrect_V4 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=none; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=none; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -174,22 +198,26 @@ test_Rdata_Incorrect_V5 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; mailto:reports@dmarc.cyber.dhs.gov mailto:jsmith@dhs.gov mailto:jsomething@dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } #-- @@ -203,22 +231,26 @@ test_DMARCReport_Correct_V1 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -228,22 +260,26 @@ test_DMARCReport_Incorrect_V1 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100;"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100;" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } @@ -253,47 +289,54 @@ test_DMARCReport_Incorrect_V2 if { Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@wrong.address"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@wrong.address" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +# empty rdata test_DMARCReport_Incorrect_V3 if { PolicyId := "MS.EXO.4.3v1" - # empty rdata + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : [], - "domain" : "test.name" + "rdata": [], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } #-- @@ -301,227 +344,278 @@ test_DMARCReport_Incorrect_V3 if { # # Policy 4 #-- + +# 2 emails in rua= and 1 in ruf test_POC_Correct_V1 if { PolicyId := "MS.EXO.4.4v1" - # 2 emails in rua= and 1 in ruf + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov; ruf=agencyemail@hq.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov; ruf=agencyemail@hq.dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# 2+ emails in rua= and 1+ in ruf test_POC_Correct_V1 if { PolicyId := "MS.EXO.4.4v1" - # 2+ emails in rua= and 1+ in ruf + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov, mailto:test@example.com; ruf=agencyemail@hq.dhs.gov, test@test.com"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:DMARC@hq.dhs.gov, mailto:reports@dmarc.cyber.dhs.gov, mailto:test@example.com; ruf=agencyemail@hq.dhs.gov, test@test.com" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# Only 1 rua test_POC_Incorrect_V1 if { PolicyId := "MS.EXO.4.4v1" - # Only 1 rua + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +# Only 2 emails in rua no ruf test_POC_Incorrect_V2 if { PolicyId := "MS.EXO.4.4v1" - # Only 2 emails in rua no ruf + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@exo.com"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@exo.com" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +# Only 1 ruf no rua test_POC_Incorrect_V3 if { PolicyId := "MS.EXO.4.4v1" - # Only 1 ruf no rua + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=test@exo.com"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=test@exo.com" + ], + "domain": "test.name" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" } +# 2 domains 1 fails rua/ruf number test_POC_Incorrect_V4 if { PolicyId := "MS.EXO.4.4v1" - # 2 domains 1 fails rua/ruf number + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name" + ], + "domain": "test.name" }, { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov"], - "domain" : "example.com" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov" + ], + "domain": "example.com" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "example.com" + "rdata": [ + "spf1 " + ], + "domain": "example.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" } +# 2 domains 1 fails rua # of email policy requirement test_POC_Incorrect_V5 if { PolicyId := "MS.EXO.4.4v1" - # 2 domains 1 fails rua # of email policy requirement + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name" + ], + "domain": "test.name" }, { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov; ruf=test@exo.com"], - "domain" : "example.com" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov; ruf=test@exo.com" + ], + "domain": "example.com" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "example.com" + "rdata": [ + "spf1 " + ], + "domain": "example.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" } +# 2 domains 1 domain failed DNS query. Empty rdata test_POC_Incorrect_V5 if { PolicyId := "MS.EXO.4.4v1" - # 2 domains 1 domain failed DNS query. Empty rdata + Output := exo.tests with input as { "dmarc_records": [ { - "rdata" : ["v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name"], - "domain" : "test.name" + "rdata": [ + "v=DMARC1; p=reject; pct=100; rua=mailto:reports@dmarc.cyber.dhs.gov, test@test.name ruf=test2@test.name" + ], + "domain": "test.name" }, { - "rdata" : [], - "domain" : "example.com" + "rdata": [], + "domain": "example.com" } ], "spf_records": [ { - "rdata" : ["spf1 "], - "domain" : "test.name" + "rdata": [ + "spf1 " + ], + "domain": "test.name" }, { - "rdata" : ["spf1 "], - "domain" : "example.com" + "rdata": [ + "spf1 " + ], + "domain": "example.com" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego index d266c7dd50..f4041f0afe 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego @@ -10,19 +10,18 @@ test_SmtpClientAuthenticationDisabled_Correct if { PolicyId := "MS.EXO.5.1v1" Output := exo.tests with input as { - "transport_config": - [ + "transport_config": [ { - "SmtpClientAuthenticationDisabled" : true, - "Name":"A" - }, + "SmtpClientAuthenticationDisabled": true, + "Name": "A" + } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -32,16 +31,16 @@ test_SmtpClientAuthenticationDisabled_Incorrect if { Output := exo.tests with input as { "transport_config": [ { - "SmtpClientAuthenticationDisabled" : false, - "Name" : "A" + "SmtpClientAuthenticationDisabled": false, + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "Requirement not met" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego index a367e64fba..9ab9cea721 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego @@ -12,19 +12,19 @@ test_Domains_Contacts_Correct if { Output := exo.tests with input as { "sharing_policy": [ { - "Domains" : [ + "Domains": [ "domain1", "domain2" ], - "Name":"A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -34,7 +34,7 @@ test_Domains_Contacts_Incorrect if { Output := exo.tests with input as { "sharing_policy": [ { - "Domains" : [ + "Domains": [ "*:ContactsSharing", "domain1:CalendarSharingFreeBusyDetail" ], @@ -43,10 +43,10 @@ test_Domains_Contacts_Incorrect if { ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 sharing polic(ies) are sharing contacts folders with all domains by default: A" # print(count(RuleOutput)==1) @@ -64,19 +64,19 @@ test_Domains_Calendar_Correct if { Output := exo.tests with input as { "sharing_policy": [ { - "Domains" : [ + "Domains": [ "domain1", "domain2" ], - "Name":"A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -86,7 +86,7 @@ test_Domains_Calendar_Incorrect if { Output := exo.tests with input as { "sharing_policy": [ { - "Domains" : [ + "Domains": [ "*:CalendarSharingFreeBusyDetail", "domain1:ContactsSharing" ], @@ -95,10 +95,10 @@ test_Domains_Calendar_Incorrect if { ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 sharing polic(ies) are sharing calendar details with all domains by default: A" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego index 9bb994b01f..1134d048dd 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego @@ -12,18 +12,18 @@ test_FromScope_Correct if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode" : "Enforce", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "Enforce", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -33,18 +33,18 @@ test_FromScope_IncorrectV1 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "", - "State" : "Enabled", - "Mode" : "Audit", + "FromScope": "", + "State": "Enabled", + "Mode": "Audit", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -54,18 +54,18 @@ test_FromScope_IncorrectV2 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "NotInOrganization", - "State" : "Disabled", - "Mode" : "Audit", + "FromScope": "NotInOrganization", + "State": "Disabled", + "Mode": "Audit", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -75,18 +75,18 @@ test_FromScope_IncorrectV3 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "", - "State" : "Enabled", - "Mode" : "AuditAndNotify", + "FromScope": "", + "State": "Enabled", + "Mode": "AuditAndNotify", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -96,18 +96,18 @@ test_FromScope_IncorrectV4 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "NotInOrganization", - "State" : "Disabled", - "Mode" : "AuditAndNotify", + "FromScope": "NotInOrganization", + "State": "Disabled", + "Mode": "AuditAndNotify", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -117,36 +117,36 @@ test_FromScope_Multiple_Correct if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "", - "State" : "Disabled", - "Mode" : "Enforce", + "FromScope": "", + "State": "Disabled", + "Mode": "Enforce", "PrependSubject": "External" }, { - "FromScope" : "", - "State" : "Enabled", - "Mode" : "Audit", + "FromScope": "", + "State": "Enabled", + "Mode": "Audit", "PrependSubject": "External" }, { - "FromScope" : "", - "State" : "Enabled", - "Mode" : "AuditAndNotify", + "FromScope": "", + "State": "Enabled", + "Mode": "AuditAndNotify", "PrependSubject": "External" }, { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode" : "Enforce", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "Enforce", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -156,48 +156,48 @@ test_FromScope_Multiple_Incorrect if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "", - "State" : "Enabled", - "Mode":"Enforce", + "FromScope": "", + "State": "Enabled", + "Mode": "Enforce", "PrependSubject": "External" }, { - "FromScope" : "Hello there", - "State" : "Enabled", - "Mode":"Audit", + "FromScope": "Hello there", + "State": "Enabled", + "Mode": "Audit", "PrependSubject": "External" }, { - "FromScope" : "Hello there", - "State" : "Enabled", - "Mode":"AuditAndNotify", + "FromScope": "Hello there", + "State": "Enabled", + "Mode": "AuditAndNotify", "PrependSubject": "External" }, { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode":"Audit", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "Audit", "PrependSubject": "External" }, { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode":"AuditAndNotify", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "AuditAndNotify", "PrependSubject": "External" }, { - "FromScope" : "NotInOrganization", - "State" : "Disabled", - "Mode":"Enforce", + "FromScope": "NotInOrganization", + "State": "Disabled", + "Mode": "Enforce", "PrependSubject": "External" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -207,18 +207,18 @@ test_PrependSubject_IncorrectV1 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode" : "Enforce", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "Enforce", "PrependSubject": null } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } @@ -228,18 +228,18 @@ test_PrependSubject_IncorrectV2 if { Output := exo.tests with input as { "transport_rule": [ { - "FromScope" : "NotInOrganization", - "State" : "Enabled", - "Mode" : "Enforce", + "FromScope": "NotInOrganization", + "State": "Enabled", + "Mode": "Enforce", "PrependSubject": "" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego index 6c2c93286a..948acba943 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -27,10 +27,10 @@ test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.8.2v1" Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego index 652107a221..34c46aa3e4 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -43,10 +43,10 @@ test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.9.3v1" Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego index 6fc7094a58..44cb610406 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -44,10 +44,10 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego index d1aa741ba5..6ee2fc3e22 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -44,10 +44,10 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego index fe14673d0a..e37893ec38 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego @@ -12,38 +12,38 @@ test_IPAllowList_Correct_V1 if { Output := exo.tests with input as { "conn_filter": [ { - "IPAllowList" : [], + "IPAllowList": [], "EnableSafeList": false, - "Name":"A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } +# it shouldn't matter that safe list is enabled test_IPAllowList_Correct_V2 if { PolicyId := "MS.EXO.12.1v1" Output := exo.tests with input as { - "conn_filter": - [ + "conn_filter": [ { - "IPAllowList" : [], + "IPAllowList": [], "EnableSafeList": true, - "Name":"A" - } # it shouldn't matter that safe list is enabled + "Name": "A" + } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -53,17 +53,19 @@ test_IPAllowList_Incorrect if { Output := exo.tests with input as { "conn_filter": [ { - "IPAllowList" : ["trust.me.please"], + "IPAllowList": [ + "trust.me.please" + ], "EnableSafeList": false, - "Name" : "A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 connection filter polic(ies) with an IP allowlist: A" } #-- @@ -77,17 +79,17 @@ test_EnableSafeList_Correct_V1 if { Output := exo.tests with input as { "conn_filter": [ { - "IPAllowList" : [], + "IPAllowList": [], "EnableSafeList": false, - "Name":"A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -97,17 +99,17 @@ test_EnableSafeList_Incorrect_V1 if { Output := exo.tests with input as { "conn_filter": [ { - "IPAllowList" : [], + "IPAllowList": [], "EnableSafeList": true, - "Name" : "A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "1 connection filter polic(ies) with a safe list: A" } @@ -117,17 +119,19 @@ test_EnableSafeList_Correct_V2 if { Output := exo.tests with input as { "conn_filter": [ { - "IPAllowList" : ["this.shouldnt.matter"], + "IPAllowList": [ + "this.shouldnt.matter" + ], "EnableSafeList": false, - "Name":"A" + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego index e3297630fb..e1bce63d6e 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego @@ -10,20 +10,19 @@ test_AuditDisabled_Correct if { PolicyId := "MS.EXO.13.1v1" Output := exo.tests with input as { - "org_config": - [ + "org_config": [ { - "AuditDisabled" : false, - "Identity" : "Test name", - "Name":"A" + "AuditDisabled": false, + "Identity": "Test name", + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == true RuleOutput[0].ReportDetails == "Requirement met" } @@ -33,17 +32,17 @@ test_AuditDisabled_Incorrect if { Output := exo.tests with input as { "org_config": [ { - "AuditDisabled" : true, - "Identity" : "Test name", - "Name" : "A" + "AuditDisabled": true, + "Identity": "Test name", + "Name": "A" } ] } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == "Requirement not met" } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego index a9560bfdd3..71dc62bf6c 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -44,10 +44,10 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego index 32b7258898..fac64dad7e 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -44,10 +44,10 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego index 65c4709323..1738868a83 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego index 76ad3e07df..c90ef67112 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego @@ -12,10 +12,10 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -28,10 +28,10 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- @@ -44,10 +44,10 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | Result = Output[_]; Result.PolicyId == PolicyId] + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] count(RuleOutput) == 1 - not RuleOutput[0].RequirementMet + RuleOutput[0].RequirementMet == false RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) } #-- \ No newline at end of file From bdc6413c9b3e4bdc42be63a070ae7b0791ceddc7 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Mon, 4 Dec 2023 10:38:33 -0500 Subject: [PATCH 08/11] refactor out duplicate code in tests refactor out duplicate code in tests --- Testing/Unit/Rego/EXO/EXOConfig_01_test.rego | 55 +++--- Testing/Unit/Rego/EXO/EXOConfig_02_test.rego | 90 ++++----- Testing/Unit/Rego/EXO/EXOConfig_03_test.rego | 99 ++++------ Testing/Unit/Rego/EXO/EXOConfig_04_test.rego | 190 ++++++------------- Testing/Unit/Rego/EXO/EXOConfig_05_test.rego | 38 ++-- Testing/Unit/Rego/EXO/EXOConfig_06_test.rego | 54 +++--- Testing/Unit/Rego/EXO/EXOConfig_07_test.rego | 107 ++++------- Testing/Unit/Rego/EXO/EXOConfig_08_test.rego | 33 +++- Testing/Unit/Rego/EXO/EXOConfig_09_test.rego | 39 ++-- Testing/Unit/Rego/EXO/EXOConfig_10_test.rego | 39 ++-- Testing/Unit/Rego/EXO/EXOConfig_11_test.rego | 39 ++-- Testing/Unit/Rego/EXO/EXOConfig_12_test.rego | 70 +++---- Testing/Unit/Rego/EXO/EXOConfig_13_test.rego | 36 ++-- Testing/Unit/Rego/EXO/EXOConfig_14_test.rego | 39 ++-- Testing/Unit/Rego/EXO/EXOConfig_15_test.rego | 39 ++-- Testing/Unit/Rego/EXO/EXOConfig_16_test.rego | 34 ++-- Testing/Unit/Rego/EXO/EXOConfig_17_test.rego | 39 ++-- 17 files changed, 483 insertions(+), 557 deletions(-) diff --git a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego index b871eeb8d4..5a84595283 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_01_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_AutoForwardEnabled_Correct if { - PolicyId := "MS.EXO.1.1v1" - Output := exo.tests with input as { "remote_domains": [ { @@ -18,16 +36,10 @@ test_AutoForwardEnabled_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.1.1v1", Output, PASS) == true } test_AutoForwardEnabled_Incorrect_V1 if { - PolicyId := "MS.EXO.1.1v1" - Output := exo.tests with input as { "remote_domains": [ { @@ -37,16 +49,11 @@ test_AutoForwardEnabled_Incorrect_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 remote domain(s) that allows automatic forwarding: Test name" + ReportDetailString := "1 remote domain(s) that allows automatic forwarding: Test name" + IncorrectTestResult("MS.EXO.1.1v1", Output, ReportDetailString) == true } test_AutoForwardEnabled_Incorrect_V2 if { - PolicyId := "MS.EXO.1.1v1" - Output := exo.tests with input as { "remote_domains": [ { @@ -60,16 +67,11 @@ test_AutoForwardEnabled_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" + ReportDetailString := "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" + IncorrectTestResult("MS.EXO.1.1v1", Output, ReportDetailString) == true } test_AutoForwardEnabled_Incorrect_V3 if { - PolicyId := "MS.EXO.1.1v1" - Output := exo.tests with input as { "remote_domains": [ { @@ -87,10 +89,7 @@ test_AutoForwardEnabled_Incorrect_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" + ReportDetailString := "2 remote domain(s) that allows automatic forwarding: Test name, Test name 2" + IncorrectTestResult("MS.EXO.1.1v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego index 60bbd44ded..17ca94be16 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_02_test.rego @@ -2,6 +2,26 @@ package exo_test import future.keywords import data.exo import data.report.utils.NotCheckedDetails +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # @@ -12,20 +32,15 @@ test_NotImplemented_Correct if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == NotCheckedDetails(PolicyId) + ReportDetailString := NotCheckedDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- # # Policy 2 #-- -test_Rdata_Correct if { - PolicyId := "MS.EXO.2.2v1" - +test_Rdata_Correct_V1 if { Output := exo.tests with input as { "spf_records": [ { @@ -38,16 +53,10 @@ test_Rdata_Correct if { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.2.2v1", Output, PASS) == true } test_Rdata_Correct_V2 if { - PolicyId := "MS.EXO.2.2v1" - Output := exo.tests with input as { "spf_records": [ { @@ -59,16 +68,10 @@ test_Rdata_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.2.2v1", Output, PASS) == true } -test_Rdata_Incorrect if { - PolicyId := "MS.EXO.2.2v1" - +test_Rdata_Incorrect_V1 if { Output := exo.tests with input as { "spf_records": [ { @@ -80,16 +83,11 @@ test_Rdata_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: Test name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: Test name" + IncorrectTestResult("MS.EXO.2.2v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V2 if { - PolicyId := "MS.EXO.2.2v1" - Output := exo.tests with input as { "spf_records": [ { @@ -101,11 +99,8 @@ test_Rdata_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: Test name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: Test name" + IncorrectTestResult("MS.EXO.2.2v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V3 if { @@ -148,8 +143,6 @@ test_Rdata_Incorrect_V3 if { } test_Rdata_Multiple_Correct_V1 if { - PolicyId := "MS.EXO.2.2v1" - Output := exo.tests with input as { "spf_records": [ { @@ -162,16 +155,10 @@ test_Rdata_Multiple_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.2.2v1", Output, PASS) == true } test_Rdata_Multiple_Correct_V2 if { - PolicyId := "MS.EXO.2.2v1" - Output := exo.tests with input as { "spf_records": [ { @@ -184,16 +171,10 @@ test_Rdata_Multiple_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.2.2v1", Output, PASS) == true } test_Rdata_Multiple_Incorrect if { - PolicyId := "MS.EXO.2.2v1" - Output := exo.tests with input as { "spf_records": [ { @@ -206,10 +187,7 @@ test_Rdata_Multiple_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: bad.com" + ReportDetailString := "1 of 1 agency domain(s) found in violation: bad.com" + IncorrectTestResult("MS.EXO.2.2v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego index 175cf6f476..88f65d0c4b 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_03_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_Enabled_Correct_V1 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -34,17 +52,11 @@ test_Enabled_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.3.1v1", Output, PASS) == true } # Test with correct default domain test_Enabled_Correct_V2 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -86,17 +98,11 @@ test_Enabled_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.3.1v1", Output, PASS) == true } # Test for multiple custom domains test_Enabled_Correct_V3 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -138,17 +144,11 @@ test_Enabled_Correct_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.3.1v1", Output, PASS) == true } # Test for no custom domains, just the default domain test_Enabled_Correct_V4 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -174,16 +174,10 @@ test_Enabled_Correct_V4 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.3.1v1", Output, PASS) == true } test_Enabled_Incorrect if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -209,16 +203,11 @@ test_Enabled_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.3.1v1", Output, ReportDetailString) == true } -test_Rdata_Incorrect if { - PolicyId := "MS.EXO.3.1v1" - +test_Rdata_Incorrect_V1 if { Output := exo.tests with input as { "dkim_config": [ { @@ -242,16 +231,11 @@ test_Rdata_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.3.1v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V2 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -277,16 +261,11 @@ test_Rdata_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.3.1v1", Output, ReportDetailString) == true } test_Enabled_Incorrect_V3 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -328,17 +307,12 @@ test_Enabled_Incorrect_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: test2.name" + ReportDetailString := "1 of 2 agency domain(s) found in violation: test2.name" + IncorrectTestResult("MS.EXO.3.1v1", Output, ReportDetailString) == true } # Test with incorrect default domain test_Enabled_Incorrect_V4 if { - PolicyId := "MS.EXO.3.1v1" - Output := exo.tests with input as { "dkim_config": [ { @@ -378,10 +352,7 @@ test_Enabled_Incorrect_V4 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.onmicrosoft.com" + ReportDetailString := "1 of 2 agency domain(s) found in violation: example.onmicrosoft.com" + IncorrectTestResult("MS.EXO.3.1v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego index e25f58f8f8..898393eecc 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_04_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_Rdata_Correct if { - PolicyId := "MS.EXO.4.1v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -28,16 +46,10 @@ test_Rdata_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.4.1v1", Output, PASS) == true } -test_Rdata_Incorrect if { - PolicyId := "MS.EXO.4.1v1" - +test_Rdata_Incorrect_V1 if { Output := exo.tests with input as { "dmarc_records": [ { @@ -55,16 +67,11 @@ test_Rdata_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.1v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V2 if { - PolicyId := "MS.EXO.4.1v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -84,16 +91,11 @@ test_Rdata_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.1v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V3 if { - PolicyId := "MS.EXO.4.1v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -123,11 +125,8 @@ test_Rdata_Incorrect_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: bad.name" + ReportDetailString := "1 of 2 agency domain(s) found in violation: bad.name" + IncorrectTestResult("MS.EXO.4.1v1", Output, ReportDetailString) == true } #-- @@ -135,8 +134,6 @@ test_Rdata_Incorrect_V3 if { # Policy 2 #-- test_Rdata_Correct_V2 if { - PolicyId := "MS.EXO.4.2v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -156,16 +153,10 @@ test_Rdata_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.4.2v1", Output, PASS) == true } test_Rdata_Incorrect_V4 if { - PolicyId := "MS.EXO.4.2v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -185,16 +176,11 @@ test_Rdata_Incorrect_V4 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.2v1", Output, ReportDetailString) == true } test_Rdata_Incorrect_V5 if { - PolicyId := "MS.EXO.4.2v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -214,11 +200,8 @@ test_Rdata_Incorrect_V5 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.2v1", Output, ReportDetailString) == true } #-- @@ -226,8 +209,6 @@ test_Rdata_Incorrect_V5 if { # Policy 3 #-- test_DMARCReport_Correct_V1 if { - PolicyId := "MS.EXO.4.3v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -247,16 +228,10 @@ test_DMARCReport_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.4.3v1", Output, PASS) == true } test_DMARCReport_Incorrect_V1 if { - PolicyId := "MS.EXO.4.3v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -276,16 +251,11 @@ test_DMARCReport_Incorrect_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.3v1", Output, ReportDetailString) == true } test_DMARCReport_Incorrect_V2 if { - PolicyId := "MS.EXO.4.3v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -305,17 +275,12 @@ test_DMARCReport_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.3v1", Output, ReportDetailString) == true } # empty rdata test_DMARCReport_Incorrect_V3 if { - PolicyId := "MS.EXO.4.3v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -333,11 +298,8 @@ test_DMARCReport_Incorrect_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.3v1", Output, ReportDetailString) == true } #-- @@ -347,8 +309,6 @@ test_DMARCReport_Incorrect_V3 if { # 2 emails in rua= and 1 in ruf test_POC_Correct_V1 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -368,17 +328,11 @@ test_POC_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.4.4v1", Output, PASS) == true } # 2+ emails in rua= and 1+ in ruf test_POC_Correct_V1 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -398,17 +352,11 @@ test_POC_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.4.4v1", Output, PASS) == true } # Only 1 rua test_POC_Incorrect_V1 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -428,17 +376,12 @@ test_POC_Incorrect_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } # Only 2 emails in rua no ruf test_POC_Incorrect_V2 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -458,17 +401,12 @@ test_POC_Incorrect_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } # Only 1 ruf no rua test_POC_Incorrect_V3 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -488,17 +426,12 @@ test_POC_Incorrect_V3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 1 agency domain(s) found in violation: test.name" + ReportDetailString := "1 of 1 agency domain(s) found in violation: test.name" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } # 2 domains 1 fails rua/ruf number test_POC_Incorrect_V4 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -530,17 +463,12 @@ test_POC_Incorrect_V4 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" + ReportDetailString := "1 of 2 agency domain(s) found in violation: example.com" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } # 2 domains 1 fails rua # of email policy requirement test_POC_Incorrect_V5 if { - PolicyId := "MS.EXO.4.4v1" - Output := exo.tests with input as { "dmarc_records": [ { @@ -572,17 +500,12 @@ test_POC_Incorrect_V5 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" + ReportDetailString := "1 of 2 agency domain(s) found in violation: example.com" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } # 2 domains 1 domain failed DNS query. Empty rdata -test_POC_Incorrect_V5 if { - PolicyId := "MS.EXO.4.4v1" - +test_POC_Incorrect_V6 if { Output := exo.tests with input as { "dmarc_records": [ { @@ -612,10 +535,7 @@ test_POC_Incorrect_V5 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 of 2 agency domain(s) found in violation: example.com" + ReportDetailString := "1 of 2 agency domain(s) found in violation: example.com" + IncorrectTestResult("MS.EXO.4.4v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego index f4041f0afe..7c5c63cd2d 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_05_test.rego @@ -1,14 +1,34 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +FAIL := ReportDetailsBoolean(false) + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_SmtpClientAuthenticationDisabled_Correct if { - PolicyId := "MS.EXO.5.1v1" - Output := exo.tests with input as { "transport_config": [ { @@ -18,16 +38,10 @@ test_SmtpClientAuthenticationDisabled_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.5.1v1", Output, PASS) == true } test_SmtpClientAuthenticationDisabled_Incorrect if { - PolicyId := "MS.EXO.5.1v1" - Output := exo.tests with input as { "transport_config": [ { @@ -37,10 +51,6 @@ test_SmtpClientAuthenticationDisabled_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "Requirement not met" + IncorrectTestResult("MS.EXO.5.1v1", Output, FAIL) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego index 9ab9cea721..4340f370f6 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_06_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_Domains_Contacts_Correct if { - PolicyId := "MS.EXO.6.1v1" - Output := exo.tests with input as { "sharing_policy": [ { @@ -21,16 +39,10 @@ test_Domains_Contacts_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.6.1v1", Output, PASS) == true } test_Domains_Contacts_Incorrect if { - PolicyId := "MS.EXO.6.1v1" - Output := exo.tests with input as { "sharing_policy": [ { @@ -43,11 +55,8 @@ test_Domains_Contacts_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 sharing polic(ies) are sharing contacts folders with all domains by default: A" + ReportDetailString := "1 sharing polic(ies) are sharing contacts folders with all domains by default: A" + IncorrectTestResult("MS.EXO.6.1v1", Output, ReportDetailString) == true # print(count(RuleOutput)==1) # notror := RuleOutput[0].RequirementMet @@ -59,8 +68,6 @@ test_Domains_Contacts_Incorrect if { # Policy 2 #-- test_Domains_Calendar_Correct if { - PolicyId := "MS.EXO.6.2v1" - Output := exo.tests with input as { "sharing_policy": [ { @@ -73,16 +80,10 @@ test_Domains_Calendar_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.6.2v1", Output, PASS) == true } test_Domains_Calendar_Incorrect if { - PolicyId := "MS.EXO.6.2v1" - Output := exo.tests with input as { "sharing_policy": [ { @@ -95,10 +96,7 @@ test_Domains_Calendar_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 sharing polic(ies) are sharing calendar details with all domains by default: A" + ReportDetailString := "1 sharing polic(ies) are sharing calendar details with all domains by default: A" + IncorrectTestResult("MS.EXO.6.2v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego index 1134d048dd..c26da403d2 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_07_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_FromScope_Correct if { - PolicyId := "MS.EXO.7.1v1" - Output := exo.tests with input as { "transport_rule": [ { @@ -20,16 +38,10 @@ test_FromScope_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.7.1v1", Output, PASS) == true } -test_FromScope_IncorrectV1 if { - PolicyId := "MS.EXO.7.1v1" - +test_FromScope_Incorrect_V1 if { Output := exo.tests with input as { "transport_rule": [ { @@ -41,16 +53,11 @@ test_FromScope_IncorrectV1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } -test_FromScope_IncorrectV2 if { - PolicyId := "MS.EXO.7.1v1" - +test_FromScope_Incorrect_V2 if { Output := exo.tests with input as { "transport_rule": [ { @@ -62,16 +69,11 @@ test_FromScope_IncorrectV2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } -test_FromScope_IncorrectV3 if { - PolicyId := "MS.EXO.7.1v1" - +test_FromScope_Incorrect_V3 if { Output := exo.tests with input as { "transport_rule": [ { @@ -83,16 +85,11 @@ test_FromScope_IncorrectV3 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } -test_FromScope_IncorrectV4 if { - PolicyId := "MS.EXO.7.1v1" - +test_FromScope_Incorrect_V4 if { Output := exo.tests with input as { "transport_rule": [ { @@ -104,16 +101,11 @@ test_FromScope_IncorrectV4 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } test_FromScope_Multiple_Correct if { - PolicyId := "MS.EXO.7.1v1" - Output := exo.tests with input as { "transport_rule": [ { @@ -143,16 +135,10 @@ test_FromScope_Multiple_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.7.1v1", Output, PASS) == true } test_FromScope_Multiple_Incorrect if { - PolicyId := "MS.EXO.7.1v1" - Output := exo.tests with input as { "transport_rule": [ { @@ -194,16 +180,11 @@ test_FromScope_Multiple_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } test_PrependSubject_IncorrectV1 if { - PolicyId := "MS.EXO.7.1v1" - Output := exo.tests with input as { "transport_rule": [ { @@ -215,16 +196,11 @@ test_PrependSubject_IncorrectV1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } test_PrependSubject_IncorrectV2 if { - PolicyId := "MS.EXO.7.1v1" - Output := exo.tests with input as { "transport_rule": [ { @@ -236,10 +212,7 @@ test_PrependSubject_IncorrectV2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "No transport rule found that applies warnings to emails received from outside the organization" + ReportDetailString := "No transport rule found that applies warnings to emails received from outside the organization" + IncorrectTestResult("MS.EXO.7.1v1", Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego index 948acba943..d59b47a991 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -25,12 +40,10 @@ test_3rdParty_Correct_V1 if { #-- test_3rdParty_Correct_V2 if { PolicyId := "MS.EXO.8.2v1" - Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + Output := exo.tests with input as { } - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego index 34c46aa3e4..f4e74474dd 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -43,10 +55,7 @@ test_3rdParty_Correct_V3 if { PolicyId := "MS.EXO.9.3v1" Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego index 44cb610406..a92d9351ba 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -44,10 +56,7 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego index 6ee2fc3e22..8aac6e87dd 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -44,10 +56,7 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego index e37893ec38..5127b96111 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_12_test.rego @@ -1,14 +1,32 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_IPAllowList_Correct_V1 if { - PolicyId := "MS.EXO.12.1v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -19,17 +37,11 @@ test_IPAllowList_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.12.1v1", Output, PASS) == true } # it shouldn't matter that safe list is enabled test_IPAllowList_Correct_V2 if { - PolicyId := "MS.EXO.12.1v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -40,16 +52,10 @@ test_IPAllowList_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.12.1v1", Output, PASS) == true } test_IPAllowList_Incorrect if { - PolicyId := "MS.EXO.12.1v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -62,11 +68,8 @@ test_IPAllowList_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 connection filter polic(ies) with an IP allowlist: A" + ReportDetailString := "1 connection filter polic(ies) with an IP allowlist: A" + IncorrectTestResult("MS.EXO.12.1v1", Output, ReportDetailString) == true } #-- @@ -74,8 +77,6 @@ test_IPAllowList_Incorrect if { # Policy 2 #-- test_EnableSafeList_Correct_V1 if { - PolicyId := "MS.EXO.12.2v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -86,16 +87,10 @@ test_EnableSafeList_Correct_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.12.2v1", Output, PASS) == true } test_EnableSafeList_Incorrect_V1 if { - PolicyId := "MS.EXO.12.2v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -106,16 +101,11 @@ test_EnableSafeList_Incorrect_V1 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "1 connection filter polic(ies) with a safe list: A" + ReportDetailString := "1 connection filter polic(ies) with a safe list: A" + IncorrectTestResult("MS.EXO.12.2v1", Output, ReportDetailString) == true } test_EnableSafeList_Correct_V2 if { - PolicyId := "MS.EXO.12.2v1" - Output := exo.tests with input as { "conn_filter": [ { @@ -128,10 +118,6 @@ test_EnableSafeList_Correct_V2 if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.12.2v1", Output, PASS) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego index e1bce63d6e..45f7ecbeda 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego @@ -1,14 +1,34 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean + + +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +FAIL := ReportDetailsBoolean(false) + +PASS := ReportDetailsBoolean(true) # # Policy 1 #-- test_AuditDisabled_Correct if { - PolicyId := "MS.EXO.13.1v1" - Output := exo.tests with input as { "org_config": [ { @@ -19,11 +39,7 @@ test_AuditDisabled_Correct if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == true - RuleOutput[0].ReportDetails == "Requirement met" + CorrectTestResult("MS.EXO.13.1v1", Output, PASS) == true } test_AuditDisabled_Incorrect if { @@ -39,10 +55,6 @@ test_AuditDisabled_Incorrect if { ] } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == "Requirement not met" + IncorrectTestResult("MS.EXO.13.1v1", Output, FAIL) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego index 71dc62bf6c..88c96b4dcb 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -44,10 +56,7 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego index fac64dad7e..e7b5d27136 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -44,10 +56,7 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego index 1738868a83..d5a590eba7 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -24,14 +39,11 @@ test_3rdParty_Correct_V1 if { # Policy 2 #-- test_3rdParty_Correct_V2 if { - PolicyId := "MS.EXO.16.1v1" + PolicyId := "MS.EXO.16.2v1" Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file diff --git a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego index c90ef67112..ef257e811e 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego @@ -1,9 +1,27 @@ package exo_test import future.keywords import data.exo +import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails +CorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == true + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + +IncorrectTestResult(PolicyId, Output, ReportDetailString) := true if { + RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] + + count(RuleOutput) == 1 + RuleOutput[0].RequirementMet == false + RuleOutput[0].ReportDetails == ReportDetailString +} else := false + + # # Policy 1 #-- @@ -12,11 +30,8 @@ test_3rdParty_Correct_V1 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -28,11 +43,8 @@ test_3rdParty_Correct_V2 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- @@ -44,10 +56,7 @@ test_3rdParty_Correct_V3 if { Output := exo.tests with input as { } - RuleOutput := [Result | some Result in Output; Result.PolicyId == PolicyId] - - count(RuleOutput) == 1 - RuleOutput[0].RequirementMet == false - RuleOutput[0].ReportDetails == DefenderMirrorDetails(PolicyId) + ReportDetailString := DefenderMirrorDetails(PolicyId) + IncorrectTestResult(PolicyId, Output, ReportDetailString) == true } #-- \ No newline at end of file From 6e757ce53ad2a32bf5bdfcc6c4186ac7ce7e51d8 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Thu, 7 Dec 2023 13:07:13 -0500 Subject: [PATCH 09/11] remove unused imports remove unused imports --- Testing/Unit/Rego/EXO/EXOConfig_08_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_09_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_10_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_11_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_14_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_15_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_16_test.rego | 1 - Testing/Unit/Rego/EXO/EXOConfig_17_test.rego | 1 - 8 files changed, 8 deletions(-) diff --git a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego index d59b47a991..d0c93a6784 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_08_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego index f4e74474dd..3542f75d35 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_09_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego index a92d9351ba..86a50072af 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_10_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego index 8aac6e87dd..da50ada91e 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_11_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego index 88c96b4dcb..b1d124935b 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_14_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego index e7b5d27136..ce699b04e8 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_15_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego index d5a590eba7..cba5fc8985 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_16_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails diff --git a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego index ef257e811e..2f38052866 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_17_test.rego @@ -1,7 +1,6 @@ package exo_test import future.keywords import data.exo -import data.report.utils.ReportDetailsBoolean import data.report.utils.DefenderMirrorDetails From 4fbce583003714ee183589bcebdbbdbd0c557602 Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Thu, 7 Dec 2023 13:08:36 -0500 Subject: [PATCH 10/11] remove unused var remove unused var --- Testing/Unit/Rego/EXO/EXOConfig_13_test.rego | 2 -- 1 file changed, 2 deletions(-) diff --git a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego index 45f7ecbeda..0ee8786c8e 100644 --- a/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego +++ b/Testing/Unit/Rego/EXO/EXOConfig_13_test.rego @@ -43,8 +43,6 @@ test_AuditDisabled_Correct if { } test_AuditDisabled_Incorrect if { - PolicyId := "MS.EXO.13.1v1" - Output := exo.tests with input as { "org_config": [ { From 6c2f63fe739ea401dbaf2a25f80cad2cb32551df Mon Sep 17 00:00:00 2001 From: Sloane4 Date: Tue, 12 Dec 2023 14:14:38 -0500 Subject: [PATCH 11/11] remove constant --- Rego/EXOConfig.rego | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/Rego/EXOConfig.rego b/Rego/EXOConfig.rego index e420408763..e08a2767ed 100644 --- a/Rego/EXOConfig.rego +++ b/Rego/EXOConfig.rego @@ -17,14 +17,9 @@ ReportDetailsArray(false, NumeratorArr, DenominatorArr) := ReportStr if { FilterArray(Conditions, Boolean) := [Condition | some Condition in Conditions; Condition == Boolean] - -############# -# Constants # -############# - # this should be allowed https://github.com/StyraInc/regal/issues/415 # regal ignore:prefer-set-or-object-rule -ALLDOMAINS := {Domain.domain | some Domain in input.spf_records} +AllDomains := {Domain.domain | some Domain in input.spf_records} ############ @@ -98,7 +93,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": Domains, - "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status } if { Domains := DomainsWithoutSpf @@ -141,11 +136,11 @@ tests contains { input.dkim_records, input.dkim_config ], - "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, DomainsWithoutDkim, AllDomains), "RequirementMet": Status } if { # Get domains that are not in DomainsWithDkim array - DomainsWithoutDkim := ALLDOMAINS - DomainsWithDkim + DomainsWithoutDkim := AllDomains - DomainsWithDkim Status := count(DomainsWithoutDkim) == 0 } #-- @@ -176,7 +171,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status } if { Domains := DomainsWithoutDmarc @@ -205,7 +200,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status } if { Domains := DomainsWithoutPreject @@ -245,7 +240,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status } if { Domains := DomainsWithoutDHSContact @@ -301,7 +296,7 @@ tests contains { "Get-AcceptedDomain" ], "ActualValue": input.dmarc_records, - "ReportDetails": ReportDetailsArray(Status, Domains, ALLDOMAINS), + "ReportDetails": ReportDetailsArray(Status, Domains, AllDomains), "RequirementMet": Status } if { Domains := DomainsWithoutAgencyContact