1+ # -*- coding: utf-8 -*-
2+ from unittest .mock import MagicMock , Mock , patch
3+
14import pytest
2- from unittest . mock import Mock , MagicMock , patch
5+
36from cpk_lib_python_aws .aws_sso_auditor .auditor import AWSSSOAuditor , NullOutputSink
47from cpk_lib_python_aws .aws_sso_auditor .config import Config
58from cpk_lib_python_aws .aws_sso_auditor .exceptions import AWSSSOAuditorError
69
710
811class TestNullOutputSink :
912 """Test the NullOutputSink class."""
10-
13+
1114 def test_null_output_sink_methods (self ):
1215 """Test that all NullOutputSink methods can be called without error."""
1316 sink = NullOutputSink ()
14-
17+
1518 # All methods should return None and not raise exceptions
1619 assert sink .progress ("test message" ) is None
1720 assert sink .debug_info ("test message" ) is None
@@ -20,8 +23,8 @@ def test_null_output_sink_methods(self):
2023 assert sink .error ("test message" ) is None
2124
2225 """Test the AWSSSOAuditor class."""
23-
24- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
26+
27+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
2528 def test_auditor_initialization_with_default_config (self , mock_aws_manager ):
2629 """Test auditor initialization with default configuration."""
2730 # Mock the AWS client manager
@@ -33,16 +36,16 @@ def test_auditor_initialization_with_default_config(self, mock_aws_manager):
3336 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
3437 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
3538 mock_aws_manager .return_value = mock_manager_instance
36-
39+
3740 auditor = AWSSSOAuditor ()
38-
41+
3942 # Verify initialization
4043 assert auditor .config is not None
4144 assert isinstance (auditor .output_sink , NullOutputSink )
4245 assert auditor .identity_store_id == "d-123456789"
4346 assert auditor .instance_arn == "arn:aws:sso:::instance/ssoins-123456789"
44-
45- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
47+
48+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
4649 def test_auditor_initialization_with_custom_config (self , mock_aws_manager ):
4750 """Test auditor initialization with custom configuration."""
4851 mock_manager_instance = Mock ()
@@ -53,124 +56,128 @@ def test_auditor_initialization_with_custom_config(self, mock_aws_manager):
5356 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
5457 mock_manager_instance .get_client_info .return_value = {"region" : "us-west-2" }
5558 mock_aws_manager .return_value = mock_manager_instance
56-
59+
5760 config = Config (aws_region = "us-west-2" , debug = True )
5861 output_sink = Mock ()
59-
62+
6063 auditor = AWSSSOAuditor (config , output_sink )
61-
64+
6265 assert auditor .config .aws_region == "us-west-2"
6366 assert auditor .config .debug is True
6467 assert auditor .output_sink == output_sink
65-
66- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
68+
69+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
6770 def test_get_permission_sets_for_account_success (self , mock_aws_manager ):
6871 """Test successful retrieval of permission sets for account."""
6972 # Setup mocks
7073 mock_manager_instance = Mock ()
7174 mock_sso_client = Mock ()
7275 mock_paginator = Mock ()
73-
76+
7477 mock_sso_client .get_paginator .return_value = mock_paginator
7578 mock_paginator .paginate .return_value = [
76- {"PermissionSets" : ["arn:aws:sso:::permissionSet/ps-123" , "arn:aws:sso:::permissionSet/ps-456" ]}
79+ {
80+ "PermissionSets" : [
81+ "arn:aws:sso:::permissionSet/ps-123" ,
82+ "arn:aws:sso:::permissionSet/ps-456" ,
83+ ]
84+ }
7785 ]
78-
86+
7987 mock_manager_instance .sso_admin_client = mock_sso_client
8088 mock_manager_instance .identitystore_client = Mock ()
8189 mock_manager_instance .organizations_client = Mock ()
8290 mock_manager_instance .identity_store_id = "d-123456789"
8391 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
8492 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
8593 mock_aws_manager .return_value = mock_manager_instance
86-
94+
8795 auditor = AWSSSOAuditor ()
8896 result = auditor .get_permission_sets_for_account ("123456789012" )
89-
97+
9098 assert len (result ) == 2
9199 assert "arn:aws:sso:::permissionSet/ps-123" in result
92100 assert "arn:aws:sso:::permissionSet/ps-456" in result
93-
94- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
101+
102+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
95103 def test_get_permission_sets_for_account_failure (self , mock_aws_manager ):
96104 """Test handling of errors when retrieving permission sets."""
97105 # Setup mocks to raise exception
98106 mock_manager_instance = Mock ()
99107 mock_sso_client = Mock ()
100108 mock_sso_client .get_paginator .side_effect = Exception ("AWS API Error" )
101-
109+
102110 mock_manager_instance .sso_admin_client = mock_sso_client
103111 mock_manager_instance .identitystore_client = Mock ()
104112 mock_manager_instance .organizations_client = Mock ()
105113 mock_manager_instance .identity_store_id = "d-123456789"
106114 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
107115 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
108116 mock_aws_manager .return_value = mock_manager_instance
109-
117+
110118 auditor = AWSSSOAuditor ()
111119 result = auditor .get_permission_sets_for_account ("123456789012" )
112-
120+
113121 # Should return empty list on error
114122 assert result == []
115-
116- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
123+
124+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
117125 def test_get_group_details_success (self , mock_aws_manager ):
118126 """Test successful retrieval of group details."""
119127 mock_manager_instance = Mock ()
120128 mock_identity_client = Mock ()
121-
129+
122130 mock_identity_client .describe_group .return_value = {
123131 "GroupId" : "group-123" ,
124132 "DisplayName" : "Test Group" ,
125- "Description" : "A test group"
133+ "Description" : "A test group" ,
126134 }
127-
135+
128136 mock_manager_instance .sso_admin_client = Mock ()
129137 mock_manager_instance .identitystore_client = mock_identity_client
130138 mock_manager_instance .organizations_client = Mock ()
131139 mock_manager_instance .identity_store_id = "d-123456789"
132140 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
133141 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
134142 mock_aws_manager .return_value = mock_manager_instance
135-
143+
136144 auditor = AWSSSOAuditor ()
137145 result = auditor .get_group_details ("group-123" )
138-
146+
139147 assert result ["GroupId" ] == "group-123"
140148 assert result ["DisplayName" ] == "Test Group"
141149 assert result ["Description" ] == "A test group"
142-
143- @patch (' cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager'
150+
151+ @patch (" cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager"
144152 def test_get_group_details_failure (self , mock_aws_manager ):
145153 """Test handling of errors when retrieving group details."""
146154 mock_manager_instance = Mock ()
147155 mock_identity_client = Mock ()
148156 mock_identity_client .describe_group .side_effect = Exception ("Group not found" )
149-
157+
150158 mock_manager_instance .sso_admin_client = Mock ()
151159 mock_manager_instance .identitystore_client = mock_identity_client
152160 mock_manager_instance .organizations_client = Mock ()
153161 mock_manager_instance .identity_store_id = "d-123456789"
154162 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
155163 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
156164 mock_aws_manager .return_value = mock_manager_instance
157-
165+
158166 auditor = AWSSSOAuditor ()
159167 result = auditor .get_group_details ("group-123" )
160-
168+
161169 # Should return default values on error
162170 assert result ["GroupId" ] == "group-123"
163171 assert result ["DisplayName" ] == "Unknown"
164172 assert result ["Description" ] == ""
165-
166-
167- @patch ('cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager' )
173+
174+ @patch ("cpk_lib_python_aws.aws_sso_auditor.auditor.AWSClientManager" )
168175 def test_audit_account_basic_flow (self , mock_aws_manager ):
169176 """Test basic audit_account flow with minimal data."""
170177 mock_manager_instance = Mock ()
171178 mock_sso_client = Mock ()
172179 mock_identity_client = Mock ()
173-
180+
174181 # Mock get_all_account_assignments to return empty list
175182 mock_manager_instance .sso_admin_client = mock_sso_client
176183 mock_manager_instance .identitystore_client = mock_identity_client
@@ -179,14 +186,14 @@ def test_audit_account_basic_flow(self, mock_aws_manager):
179186 mock_manager_instance .instance_arn = "arn:aws:sso:::instance/ssoins-123456789"
180187 mock_manager_instance .get_client_info .return_value = {"region" : "us-east-1" }
181188 mock_aws_manager .return_value = mock_manager_instance
182-
189+
183190 auditor = AWSSSOAuditor ()
184-
191+
185192 # Mock the get_permission_sets_for_account to return empty list
186193 auditor .get_permission_sets_for_account = Mock (return_value = [])
187-
194+
188195 result = auditor .audit_account ("123456789012" )
189-
196+
190197 # Verify basic structure
191198 assert "metadata" in result
192199 assert "sso_groups" in result
@@ -195,4 +202,4 @@ def test_audit_account_basic_flow(self, mock_aws_manager):
195202 assert result ["metadata" ]["account_id" ] == "123456789012"
196203 assert result ["summary" ]["total_groups" ] == 0
197204 assert result ["summary" ]["total_permission_sets" ] == 0
198- assert result ["summary" ]["total_assignments" ] == 0
205+ assert result ["summary" ]["total_assignments" ] == 0
0 commit comments