Add test for ckl severity (#6666)

em-c-rod · DMedina6 · web-flow · commit 595f2cefddb9 · 2025-03-05T11:29:20.000-06:00
* add test to describe the ckl severity on output

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* add severity tag in sample triple overlay profile json

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* clarify comments in test file

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* lint

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* move severity test into reverse mapper test file, remove a duplicate test, and refactor test file

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* add severity tags to other controls in the test file and remove unused function

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

* add convenience saveCklOutput function in test file and refactor loadfile function name

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;

---------

Signed-off-by: Emily Rodriguez &lt;erodriguez92@gatech.edu&gt;
Co-authored-by: DMedina6 &lt;158589619+DMedina6@users.noreply.github.com&gt;
diff --git a/libs/hdf-converters/sample_jsons/attestations/triple_overlay_profile_sample.json b/libs/hdf-converters/sample_jsons/attestations/triple_overlay_profile_sample.json
@@ -967,6 +967,7 @@
                         }
                     ],
                     "tags": {
+                        "severity": "medium",
                         "gtitle": "SRG-APP-000516-DB-999900",
                         "gid": "V-61409",
                         "rid": "SV-75899r1_rule",
@@ -1022,6 +1023,7 @@
                     "impact": 0.5,
                     "refs": [],
                     "tags": {
+                        "severity": "medium",
                         "gtitle": "SRG-APP-000516-DB-999900",
                         "gid": "V-61449",
                         "rid": "SV-75939r3_rule",
@@ -1081,6 +1083,7 @@
                         }
                     ],
                     "tags": {
+                        "severity": "medium",
                         "gtitle": "SRG-APP-000133-DB-000179",
                         "gid": "V-61867",
                         "rid": "SV-76357r2_rule",
@@ -1136,6 +1139,7 @@
                     "impact": 0.5,
                     "refs": [],
                     "tags": {
+                        "severity": "medium",
                         "gtitle": "SRG-APP-000098-DB-000042",
                         "gid": "V-61635",
                         "rid": "SV-76125r1_rule",
@@ -1196,6 +1200,7 @@
                     "impact": 0.5,
                     "refs": [],
                     "tags": {
+                        "severity": "medium",
                         "gtitle": "SRG-APP-000141-DB-000090",
                         "gid": "V-61677",
                         "rid": "SV-76167r3_rule",
diff --git a/libs/hdf-converters/test/mappers/reverse/checklist_reverse_mapper.spec.ts b/libs/hdf-converters/test/mappers/reverse/checklist_reverse_mapper.spec.ts
@@ -1,167 +1,157 @@
 import fs from 'fs';
 import {ChecklistResults} from '../../../src/ckl-mapper/checklist-mapper';
+import {Stigdata, Checklist} from '../../../src/ckl-mapper/checklistJsonix';
 import {replaceCKLVersion} from '../../utils';
 import {InvalidChecklistMetadataException} from '../../../src/ckl-mapper/checklist-metadata-utils';
 
 describe('previously_checklist_converted_hdf_to_checklist', () => {
   it('Successfully converts HDF to Checklist', () => {
-    const mapper = new ChecklistResults(
-      JSON.parse(
-        fs.readFileSync(
-          'sample_jsons/checklist_mapper/checklist-RHEL8V1R3-hdf.json',
-          {encoding: 'utf-8'}
-        )
-      )
+    const hdfData = loadJsonFile(
+      'sample_jsons/checklist_mapper/checklist-RHEL8V1R3-hdf.json'
     );
-
-    // fs.writeFileSync(
-    //   'sample_jsons/checklist_mapper/converted-RHEL8V1R3.ckl',
-    //   mapper.toCkl()
-    // );
-
+    const mapper = new ChecklistResults(hdfData);
     const expected = fs.readFileSync(
       'sample_jsons/checklist_mapper/converted-RHEL8V1R3.ckl',
       'utf-8'
     );
     const converted = mapper.toCkl();
-
     expect(converted).toEqual(replaceCKLVersion(expected));
   });
-});
 
-describe('previously_checklist_converted_hdf_to_checklist', () => {
   it('Successfully converts HDF with multiple stigs to Checklist', () => {
-    const mapper = new ChecklistResults(
-      JSON.parse(
-        fs.readFileSync(
-          'sample_jsons/checklist_mapper/three_stig_checklist-hdf.json',
-          {encoding: 'utf-8'}
-        )
-      )
+    const hdfData = loadJsonFile(
+      'sample_jsons/checklist_mapper/three_stig_checklist-hdf.json'
     );
-
-    // fs.writeFileSync(
-    //   'sample_jsons/checklist_mapper/converted-three-stig-checklist.ckl',
-    //   mapper.toCkl()
-    // );
-
+    const mapper = new ChecklistResults(hdfData);
     const expected = fs.readFileSync(
       'sample_jsons/checklist_mapper/converted-three-stig-checklist.ckl',
       'utf-8'
     );
     const converted = mapper.toCkl();
-
     expect(converted).toEqual(replaceCKLVersion(expected));
   });
 });
 
 describe('non_checklist_converted_hdf_to_checklist', () => {
   it('Successfully converts HDF to Checklist', () => {
-    const mapper = new ChecklistResults(
-      JSON.parse(
-        fs.readFileSync('sample_jsons/nessus_mapper/nessus-hdf-10.0.0.3.json', {
-          encoding: 'utf-8'
-        })
-      )
+    const hdfData = loadJsonFile(
+      'sample_jsons/nessus_mapper/nessus-hdf-10.0.0.3.json'
     );
-
-    // fs.writeFileSync(
-    //   'sample_jsons/checklist_mapper/converted-nessus.ckl',
-    //   mapper.toCkl()
-    // );
-
+    const mapper = new ChecklistResults(hdfData);
     const expected = fs.readFileSync(
       'sample_jsons/checklist_mapper/converted-nessus.ckl',
       'utf-8'
     );
     const converted = mapper.toCkl();
-
     expect(converted).toEqual(replaceCKLVersion(expected));
   });
 });
 
 describe('Small RHEL8 HDF file', () => {
   it('can be successfully converted from HDF to Checklist', () => {
-    const mapper = new ChecklistResults(
-      JSON.parse(
-        fs.readFileSync(
-          'sample_jsons/attestations/rhel8_sample_oneOfEachControlStatus.json',
-          {
-            encoding: 'utf-8'
-          }
-        )
-      )
+    const hdfData = loadJsonFile(
+      'sample_jsons/attestations/rhel8_sample_oneOfEachControlStatus.json'
     );
-
-    // fs.writeFileSync(
-    //   'sample_jsons/checklist_mapper/converted-rhel8_sample_oneOfEachControlStatus.ckl',
-    //   mapper.toCkl()
-    // );
-
+    const mapper = new ChecklistResults(hdfData);
     const expected = fs.readFileSync(
       'sample_jsons/checklist_mapper/converted-rhel8_sample_oneOfEachControlStatus.ckl',
       'utf-8'
     );
     const converted = mapper.toCkl();
-
     expect(converted).toEqual(replaceCKLVersion(expected));
   });
 });
 
 describe('Small RHEL 7 with severity and severity override tags', () => {
   it('can be successfully converted from HDF to Checklist', () => {
-    const mapper = new ChecklistResults(
-      JSON.parse(
-        fs.readFileSync(
-          'sample_jsons/checklist_mapper/sample_input_report/RHEL7_overrides_hdf.json',
-          {
-            encoding: 'utf-8'
-          }
-        )
-      )
+    const hdfData = loadJsonFile(
+      'sample_jsons/checklist_mapper/sample_input_report/RHEL7_overrides_hdf.json'
     );
-
-    // fs.writeFileSync(
-    //   'sample_jsons/checklist_mapper/converted-rhel7_overrides.ckl',
-    //   mapper.toCkl()
-    // );
-
+    const mapper = new ChecklistResults(hdfData);
     const expected = fs.readFileSync(
       'sample_jsons/checklist_mapper/converted-rhel7_overrides.ckl',
       'utf-8'
     );
     const converted = mapper.toCkl();
-
     expect(converted).toEqual(replaceCKLVersion(expected));
   });
 });
 
 describe('hdf_profile_with_invalid_metadata', () => {
   it('Throws InvalidChecklistFormatException when trying to convert to checklist with invalid metadata', () => {
-    // ensures that checklist metadata is being validated
-    const fileContents = JSON.parse(
-      fs.readFileSync(
-        'sample_jsons/checklist_mapper/sample_input_report/invalid_metadata.json',
-        {encoding: 'utf-8'}
-      )
+    const fileContents = loadJsonFile(
+      'sample_jsons/checklist_mapper/sample_input_report/invalid_metadata.json'
     );
     expect(() => new ChecklistResults(fileContents)).toThrowError(
       InvalidChecklistMetadataException
     );
   });
 });
 
-describe('hdf_profile_with_invalid_metadata', () => {
-  it('Throws InvalidChecklistFormatException when trying to convert to checklist with invalid metadata', () => {
-    // ensures that checklist metadata is being validated
-    const fileContents = JSON.parse(
-      fs.readFileSync(
-        'sample_jsons/checklist_mapper/sample_input_report/invalid_metadata.json',
-        {encoding: 'utf-8'}
-      )
-    );
-    expect(() => new ChecklistResults(fileContents)).toThrowError(
-      InvalidChecklistMetadataException
+describe('checklist_mapper_severity_mapping', () => {
+  it('Maps control V-61867 to correct severity category', () => {
+    const hdfData = loadJsonFile(
+      'sample_jsons/attestations/triple_overlay_profile_sample.json'
     );
+    const mapper = new ChecklistResults(hdfData);
+    const jsonixData = mapper.getJsonix();
+    const severity = extractSeverity(jsonixData, 2, 1);
+    const status = extractStatus(jsonixData, 2);
+    expect(severity).toBe('medium');
+    expect(status).toBe('Not_Applicable');
   });
 });
+
+/**
+ * Load and parse the file.
+ * @param filePath Path to the file.
+ * @returns Parsed data.
+ */
+function loadJsonFile(filePath: string): any {
+  return JSON.parse(fs.readFileSync(filePath, {encoding: 'utf-8'}));
+}
+/**
+ * Extract the severity string for a specific control from the mapper.
+ * @param jsonixData Checklist data in jsonix format.
+ * @param vulnIndex Index of the vulnerability in the list.
+ * @param stigdataIndex Index of the stigdata element.
+ * @returns Severity string.
+ */
+function extractSeverity(
+  jsonixData: Checklist,
+  vulnIndex: number,
+  stigdataIndex: number
+): string | undefined {
+  const istig = (jsonixData?.value as Stigdata)?.stigs?.istig[0];
+  const vuln = istig?.vuln[vulnIndex];
+  const stigdataElement = vuln?.stigdata[stigdataIndex];
+  return stigdataElement?.attributedata ?? undefined;
+}
+/**
+ * Extract the status string for a specific control from the mapper.
+ * @param jsonixData Checklist data in jsonix format.
+ * @param vulnIndex Index of the vulnerability in the list.
+ * @returns Status string.
+ */
+function extractStatus(
+  jsonixData: Checklist,
+  vulnIndex: number
+): string | undefined {
+  const istig = (jsonixData?.value as Stigdata)?.stigs?.istig[0];
+  const vuln = istig?.vuln[vulnIndex];
+  const status = vuln?.status;
+  return status;
+}
+/**
+ * Save the CKL output to a file.
+ * In the case that the expected output changes, the schema changes, or additional tests are created,
+ * this function can be used as a convenience to update the expected output.
+ * NOTE: Only use this function to generate the expected output once. Do not overwrite the expected output every time a test runs.
+ * @param mapper ChecklistResults instance.
+ * @param outputPath Path to save the CKL output.
+ */
+// eslint-disable-next-line @typescript-eslint/no-unused-vars
+function saveCklOutput(mapper: ChecklistResults, outputPath: string): void {
+  const cklOutput = mapper.toCkl();
+  fs.writeFileSync(outputPath, cklOutput);
+}
