github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_not_test.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_not_test.go (about)

     1  package parser
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/aquasecurity/defsec/pkg/types"
     7  
     8  	"github.com/aquasecurity/trivy-iac/pkg/scanners/cloudformation/cftypes"
     9  
    10  	"github.com/stretchr/testify/assert"
    11  	"github.com/stretchr/testify/require"
    12  )
    13  
    14  func Test_resolve_not_value(t *testing.T) {
    15  	property1 := &Property{
    16  		ctx:  &FileContext{},
    17  		name: "BucketName",
    18  		rng:  types.NewRange("testfile", 1, 1, "", nil),
    19  		Inner: PropertyInner{
    20  			Type: cftypes.Map,
    21  			Value: map[string]*Property{
    22  				"Fn::Equals": {
    23  					Inner: PropertyInner{
    24  						Type: cftypes.List,
    25  						Value: []*Property{
    26  							{
    27  								Inner: PropertyInner{
    28  									Type:  cftypes.String,
    29  									Value: "foo",
    30  								},
    31  							},
    32  							{
    33  								Inner: PropertyInner{
    34  									Type:  cftypes.String,
    35  									Value: "bar",
    36  								},
    37  							},
    38  						},
    39  					},
    40  				},
    41  			},
    42  		},
    43  	}
    44  
    45  	notProperty := &Property{
    46  		ctx:  &FileContext{},
    47  		name: "BucketName",
    48  		rng:  types.NewRange("testfile", 1, 1, "", nil),
    49  		Inner: PropertyInner{
    50  			Type: cftypes.Map,
    51  			Value: map[string]*Property{
    52  				"Fn::Not": {
    53  					Inner: PropertyInner{
    54  						Type: cftypes.List,
    55  						Value: []*Property{
    56  							property1,
    57  						},
    58  					},
    59  				},
    60  			},
    61  		},
    62  	}
    63  
    64  	resolvedProperty, success := ResolveIntrinsicFunc(notProperty)
    65  	require.True(t, success)
    66  
    67  	assert.True(t, resolvedProperty.IsTrue())
    68  }
    69  
    70  func Test_resolve_not_value_when_true(t *testing.T) {
    71  	property1 := &Property{
    72  		ctx:  &FileContext{},
    73  		name: "BucketName",
    74  		rng:  types.NewRange("testfile", 1, 1, "", nil),
    75  		Inner: PropertyInner{
    76  			Type: cftypes.Map,
    77  			Value: map[string]*Property{
    78  				"Fn::Equals": {
    79  					Inner: PropertyInner{
    80  						Type: cftypes.List,
    81  						Value: []*Property{
    82  							{
    83  								Inner: PropertyInner{
    84  									Type:  cftypes.String,
    85  									Value: "foo",
    86  								},
    87  							},
    88  							{
    89  								Inner: PropertyInner{
    90  									Type:  cftypes.String,
    91  									Value: "foo",
    92  								},
    93  							},
    94  						},
    95  					},
    96  				},
    97  			},
    98  		},
    99  	}
   100  
   101  	notProperty := &Property{
   102  		ctx:  &FileContext{},
   103  		name: "BucketName",
   104  		rng:  types.NewRange("testfile", 1, 1, "", nil),
   105  		Inner: PropertyInner{
   106  			Type: cftypes.Map,
   107  			Value: map[string]*Property{
   108  				"Fn::Not": {
   109  					Inner: PropertyInner{
   110  						Type: cftypes.List,
   111  						Value: []*Property{
   112  							property1,
   113  						},
   114  					},
   115  				},
   116  			},
   117  		},
   118  	}
   119  
   120  	resolvedProperty, success := ResolveIntrinsicFunc(notProperty)
   121  	require.True(t, success)
   122  
   123  	assert.False(t, resolvedProperty.IsTrue())
   124  }