Update test cases to check the status mapping

I only chose the one scenario from group [1] and group [2]. Why I haven't tested all the mappings: 1. The test data, profile, catalog and cac control file are shared with other cases. 2. That's according to the the test method, Equivalence Partitioning Sampling. The mappings are as follows: [1]OscalStatus.IMPLEMENTED: [INHERENTLY_MET, DOCUMENTATION, AUTOMATED, SUPPORTED] [2]OscalStatus.ALTERNATIVE: [DOES_NOT_MEET, MANUAL, PLANNED] [3]OscalStatus.PARTIAL: [PARTIAL] [4]OscalStatus.NOT_APPLICABLE: [NOT_APPLICABLE] [5]OscalStatus.PLANNED: [PLANNED] Signed-off-by: Sophia Wang <huiwang@redhat.com>
complytime · Jan 26, 2025 · d76749d · d76749d
1 parent 71db968
commit d76749d
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 31 deletions.
diff --git a/tests/data/content_dir/controls/abcd-levels.yml b/tests/data/content_dir/controls/abcd-levels.yml
@@ -69,35 +69,18 @@ controls:
       - var_system_crypto_policy=future
 
   - id: AC-1
-    status: not applicable
+    status: automated
     notes: |-
       Section a: AC-1(a) is an organizational control outside the scope of OpenShift configuration.
 
       Section b: AC-1(b) is an organizational control outside the scope of OpenShift configuration.
     rules: []
-    description: "The organization:\n a. Develops, documents, and disseminates to [Assignment:\
-      \ organization-defined personnel or roles]:\n   1. An access control policy that\
-      \ addresses purpose, scope, roles, responsibilities, management commitment, coordination\
-      \ among organizational entities, and compliance; and\n   2. Procedures to facilitate\
-      \ the implementation of the access control policy and associated access controls;\
-      \ and\n b. Reviews and updates the current:\n   1. Access control policy [Assignment:\
-      \ organization-defined frequency]; and\n   2. Access control procedures [Assignment:\
-      \ organization-defined frequency].\n\nSupplemental Guidance: This control addresses\
-      \ the establishment of policy and procedures for the effective implementation\
-      \ of selected security controls and control enhancements in the AC family. Policy\
-      \ and procedures reflect applicable federal laws, Executive Orders, directives,\
-      \ regulations, policies, standards, and guidance. Security program policies and\
-      \ procedures at the organization level may make the need for system-specific policies\
-      \ and procedures unnecessary. The policy can be included as part of the general\
-      \ information security policy for organizations or conversely, can be represented\
-      \ by multiple policies reflecting the complex nature of certain organizations.\
-      \ The procedures can be established for the security program in general and for\
-      \ particular information systems, if needed. \n\nThe organizational risk management\
-      \ strategy is a key factor in establishing policy and procedures. Related control:\
-      \ PM-9.\nControl Enhancements: None.\nReferences: NIST Special Publications 800-12,\
-      \ 800-100.\n\nAC-1 (b) (1) [at least annually] \nAC-1 (b) (2) [at least annually\
-      \ or whenever a significant change occurs]"
     title: >-
       AC-1 - ACCESS CONTROL POLICY AND PROCEDURES
     levels:
-      - low
+      - low
+
+  - id: AC-2
+    status: manual
+    levels:
+      - medium
diff --git a/tests/trestlebot/cli/test_sync_cac_content_cmd.py b/tests/trestlebot/cli/test_sync_cac_content_cmd.py
@@ -149,13 +149,15 @@ def test_sync_product(tmp_repo: Tuple[str, Repo]) -> None:
     assert set_params_dict["var_sshd_set_keepalive"] == ["1"]
     assert set_params_dict["var_system_crypto_policy"] == ["fips"]
     # Test the control status is populated to implemented_requirements
-    prop_names = []
-    for prop in ci.implemented_requirements[0].props:
-        prop_names.append(prop.name)
-        if prop.name == "implementation-status":
-            value = prop.value
-    assert "implementation-status" in prop_names
-    assert value == "not-applicable"
+    for implemented_req in ci.implemented_requirements:
+        for prop in implemented_req.props:
+            if prop.name == "implementation-status":
+                # Check mapping OscalStatus.IMPLEMENTED:CacStatus.AUTOMATED
+                if implemented_req.control_id == "ac-1":
+                    assert prop.value == "implemented"
+                # Check mapping OscalStatus.ALTERNATIVE:CacStatus.MANUAL
+                if implemented_req.control_id == "ac-2":
+                    assert prop.value == "alternative"
 
 
 def test_sync_product_create_validation_component(tmp_repo: Tuple[str, Repo]) -> None: