github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_or_test.go (about) 1 package parser 2 3 import ( 4 "testing" 5 6 "github.com/aquasecurity/defsec/pkg/types" 7 8 "github.com/aquasecurity/trivy-iac/pkg/scanners/cloudformation/cftypes" 9 10 "github.com/stretchr/testify/assert" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func Test_resolve_or_value(t *testing.T) { 15 property1 := &Property{ 16 ctx: &FileContext{}, 17 name: "BucketName", 18 rng: types.NewRange("testfile", 1, 1, "", nil), 19 Inner: PropertyInner{ 20 Type: cftypes.Map, 21 Value: map[string]*Property{ 22 "Fn::Equals": { 23 Inner: PropertyInner{ 24 Type: cftypes.List, 25 Value: []*Property{ 26 { 27 Inner: PropertyInner{ 28 Type: cftypes.String, 29 Value: "foo", 30 }, 31 }, 32 { 33 Inner: PropertyInner{ 34 Type: cftypes.String, 35 Value: "bar", 36 }, 37 }, 38 }, 39 }, 40 }, 41 }, 42 }, 43 } 44 45 property2 := &Property{ 46 ctx: &FileContext{}, 47 name: "BucketName", 48 rng: types.NewRange("testfile", 1, 1, "", nil), 49 Inner: PropertyInner{ 50 Type: cftypes.Map, 51 Value: map[string]*Property{ 52 "Fn::Equals": { 53 Inner: PropertyInner{ 54 Type: cftypes.List, 55 Value: []*Property{ 56 { 57 Inner: PropertyInner{ 58 Type: cftypes.String, 59 Value: "foo", 60 }, 61 }, 62 { 63 Inner: PropertyInner{ 64 Type: cftypes.String, 65 Value: "foo", 66 }, 67 }, 68 }, 69 }, 70 }, 71 }, 72 }, 73 } 74 orProperty := &Property{ 75 ctx: &FileContext{}, 76 name: "BucketName", 77 rng: types.NewRange("testfile", 1, 1, "", nil), 78 Inner: PropertyInner{ 79 Type: cftypes.Map, 80 Value: map[string]*Property{ 81 "Fn::Or": { 82 Inner: PropertyInner{ 83 Type: cftypes.List, 84 Value: []*Property{ 85 property1, 86 property2, 87 }, 88 }, 89 }, 90 }, 91 }, 92 } 93 94 resolvedProperty, success := ResolveIntrinsicFunc(orProperty) 95 require.True(t, success) 96 97 assert.True(t, resolvedProperty.IsTrue()) 98 } 99 100 func Test_resolve_or_value_when_neither_true(t *testing.T) { 101 property1 := &Property{ 102 ctx: &FileContext{}, 103 name: "BucketName", 104 rng: types.NewRange("testfile", 1, 1, "", nil), 105 Inner: PropertyInner{ 106 Type: cftypes.Map, 107 Value: map[string]*Property{ 108 "Fn::Equals": { 109 Inner: PropertyInner{ 110 Type: cftypes.List, 111 Value: []*Property{ 112 { 113 Inner: PropertyInner{ 114 Type: cftypes.String, 115 Value: "foo", 116 }, 117 }, 118 { 119 Inner: PropertyInner{ 120 Type: cftypes.String, 121 Value: "bar", 122 }, 123 }, 124 }, 125 }, 126 }, 127 }, 128 }, 129 } 130 131 property2 := &Property{ 132 ctx: &FileContext{}, 133 name: "BucketName", 134 rng: types.NewRange("testfile", 1, 1, "", nil), 135 Inner: PropertyInner{ 136 Type: cftypes.Map, 137 Value: map[string]*Property{ 138 "Fn::Equals": { 139 Inner: PropertyInner{ 140 Type: cftypes.List, 141 Value: []*Property{ 142 { 143 Inner: PropertyInner{ 144 Type: cftypes.String, 145 Value: "bar", 146 }, 147 }, 148 { 149 Inner: PropertyInner{ 150 Type: cftypes.String, 151 Value: "foo", 152 }, 153 }, 154 }, 155 }, 156 }, 157 }, 158 }, 159 } 160 orProperty := &Property{ 161 ctx: &FileContext{}, 162 name: "BucketName", 163 rng: types.NewRange("testfile", 1, 1, "", nil), 164 Inner: PropertyInner{ 165 Type: cftypes.Map, 166 Value: map[string]*Property{ 167 "Fn::Or": { 168 Inner: PropertyInner{ 169 Type: cftypes.List, 170 Value: []*Property{ 171 property1, 172 property2, 173 }, 174 }, 175 }, 176 }, 177 }, 178 } 179 180 resolvedProperty, success := ResolveIntrinsicFunc(orProperty) 181 require.True(t, success) 182 183 assert.False(t, resolvedProperty.IsTrue()) 184 }