feat: implemented new Report Definitions API endpoint (#82)

alannix-lw · web-flow · commit 491925118464 · 2022-08-22T21:35:55.000-04:00
diff --git a/laceworksdk/api/__init__.py b/laceworksdk/api/__init__.py
@@ -40,6 +40,7 @@
 from .v2.organization_info import OrganizationInfoAPI
 from .v2.policies import PoliciesAPI
 from .v2.queries import QueriesAPI
+from .v2.report_definitions import ReportDefinitionsAPI
 from .v2.report_rules import ReportRulesAPI
 from .v2.reports import ReportsAPI
 from .v2.resource_groups import ResourceGroupsAPI
@@ -161,6 +162,7 @@ def __init__(self,
         self.policies = PoliciesAPI(self._session)
         self.queries = QueriesAPI(self._session)
         self.recommendations = RecommendationsAPI(self._session)
+        self.report_definitions = ReportDefinitionsAPI(self._session)
         self.report_rules = ReportRulesAPI(self._session)
         self.reports = ReportsAPI(self._session)
         self.resource_groups = ResourceGroupsAPI(self._session)
diff --git a/laceworksdk/api/base_endpoint.py b/laceworksdk/api/base_endpoint.py
@@ -24,23 +24,15 @@ def build_dict_from_items(self, *dicts, **items):
         """
         A method to build a dictionary based on inputs, pruning items that are None.
 
-        :raises KeyError: In case there is a duplicate key name in the dictionary.
         :returns: A single dict built from the input.
         """
 
         dict_list = list(dicts)
         dict_list.append(items)
         result = {}
 
-        for d in dict_list:
-            for key, value in d.items():
-                camel_key = self._convert_lower_camel_case(key)
-                if value is None:
-                    continue
-                if camel_key in result.keys():
-                    raise KeyError(f"Attempted to insert duplicate key '{camel_key}'")
-
-                result[camel_key] = value
+        for dictionary in dict_list:
+            result = {**result, **self._convert_dictionary(dictionary, list(result.keys()))}
 
         return result
 
@@ -84,6 +76,31 @@ def _convert_lower_camel_case(param_name):
 
         return f"{first_word}{word_string}"
 
+    def _convert_dictionary(self, dictionary, existing_keys):
+        """
+        Iteratively process a dictionary to convert it to expected JSON
+
+        :raises KeyError: In case there is a duplicate key name in the dictionary.
+        :returns: A single dictionary of lowerCamelCase key/value pairs.
+        """
+
+        result = {}
+
+        for key, value in dictionary.items():
+            camel_key = self._convert_lower_camel_case(key)
+
+            if value is None:
+                continue
+            if camel_key in existing_keys:
+                raise KeyError(f"Attempted to insert duplicate key '{camel_key}'")
+            if isinstance(value, dict):
+                value = self._convert_dictionary(value, [])
+
+            existing_keys.append(camel_key)
+            result[camel_key] = value
+
+        return result
+
     def _get_schema(self, subtype=None):
         """
         Get the schema for the current object type.
diff --git a/laceworksdk/api/v2/report_definitions.py b/laceworksdk/api/v2/report_definitions.py
@@ -0,0 +1,182 @@
+# -*- coding: utf-8 -*-
+"""
+Lacework ReportDefinitions API wrapper.
+"""
+
+from laceworksdk.api.crud_endpoint import CrudEndpoint
+
+
+class ReportDefinitionsAPI(CrudEndpoint):
+
+    def __init__(self, session):
+        """
+        Initializes the ReportDefinitionsAPI object.
+
+        :param session: An instance of the HttpSession class
+
+        :return ReportDefinitionsAPI object.
+        """
+
+        super().__init__(session, "ReportDefinitions")
+
+    def create(self,
+               report_name,
+               report_type,
+               sub_report_type,
+               report_definition,
+               props,
+               alert_channels,
+               distribution_type,
+               frequency,
+               **request_params):
+        """
+        A method to create a new ReportDefinitions object.
+
+        :param report_name: A string representing the name of the report definition.
+        :param report_type: A string representing the type of the report definition.
+        :param sub_report_name: A string representing the sub-type of the report definition.
+            ("AWS", "GCP", "Azure")
+        :param report_definition: An object representing the the report definition.
+            obj:
+                :param sections: An array of objects representing the sections of the report definition.
+                    :param category: A string representing the section's category.
+                    :param title: A string representing the section's title.
+                    :param policies: An array of strings representing the section's policies.
+                :param overrides: An array of objects representing the overrides of the report definition.
+                    :param title: A string representing the policy's title.
+                    :param policy: A string representing the policy ID.
+        :param props: An object representing metadata about the report definition.
+            obj:
+                :param engine: A string representing the evaluation engine used for the report.
+                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
+                :param resource_groups: An array of strings representing resource group IDs.
+        :param alert_channels: An array of strings representing the alert channels for report distribution.
+        :param distribution_type: A string representing the report format.
+            ("csv", "html", "pdf")
+        :param frequency: A string representing the frequency of report distribution.
+            ("daily", "weekly")
+        :param request_params: Additional request parameters.
+            (provides support for parameters that may be added in the future)
+
+        :return response json
+        """
+
+        return super().create(
+            report_name=report_name,
+            report_type=report_type,
+            sub_report_type=sub_report_type,
+            report_definition=report_definition,
+            props=props,
+            alert_channels=alert_channels,
+            distribution_type=distribution_type,
+            frequency=frequency,
+            **request_params
+        )
+
+    def get(self,
+            id=None):
+        """
+        A method to get ReportDefinitions objects.
+
+        :param id: A string representing the object ID.
+
+        :return response json
+        """
+
+        return super().get(id=id)
+
+    def get_by_id(self,
+                  id):
+        """
+        A method to get a ReportDefinitions object by ID.
+
+        :param id: A string representing the object ID.
+
+        :return response json
+        """
+
+        return self.get(id=id)
+
+    def search(self, **request_params):
+        """
+        A method to 'pass' when attempting to search ReportDefinitions objects.
+
+        Search functionality is not yet implemented for Alert Profiles.
+        """
+        pass
+
+    def update(self,
+               id,
+               report_name,
+               report_type,
+               sub_report_type,
+               report_definition,
+               props=None,
+               alert_channels=None,
+               distribution_type=None,
+               frequency=None,
+               update_type=None,
+               **request_params):
+        """
+        A method to update an ReportDefinitions object.
+
+        :param id: A string representing the object ID.
+        :param report_name: A string representing the name of the report definition.
+        :param report_type: A string representing the type of the report definition.
+        :param sub_report_name: A string representing the sub-type of the report definition.
+            ("AWS", "GCP", "Azure")
+        :param report_definition: An object representing the the report definition.
+            obj:
+                :param sections: An array of objects representing the sections of the report definition.
+                    :param category: A string representing the section's category.
+                    :param title: A string representing the section's title.
+                    :param policies: An array of strings representing the section's policies.
+                :param overrides: An array of objects representing the overrides of the report definition.
+                    :param title: A string representing the policy's title.
+                    :param policy: A string representing the policy ID.
+        :param props: An object representing metadata about the report definition.
+            obj:
+                :param engine: A string representing the evaluation engine used for the report.
+                :param integrations: An array of strings representing integrations (e.g. AWS Account IDs)
+                :param resource_groups: An array of strings representing resource group IDs.
+        :param alert_channels: An array of strings representing the alert channels for report distribution.
+        :param distribution_type: A string representing the report format.
+            ("csv", "html", "pdf")
+        :param frequency: A string representing the frequency of report distribution.
+            ("daily", "weekly")
+        :param update_type: A string representing the type of update for the report definition.
+            ("Update", "Revert")
+        :param request_params: Additional request parameters.
+            (provides support for parameters that may be added in the future)
+
+        :return response json
+        """
+
+        json = self.build_dict_from_items(
+            report_name=report_name,
+            report_type=report_type,
+            sub_report_type=sub_report_type,
+            report_definition=report_definition,
+            props=props,
+            alert_channels=alert_channels,
+            distribution_type=distribution_type,
+            frequency=frequency,
+            update_type=update_type,
+            **request_params
+        )
+
+        response = self._session.put(self.build_url(id=id), json=json)
+
+        return response.json()
+
+    def delete(self,
+               id):
+        """
+        A method to delete a ReportDefinitions object.
+
+        :param guid: A string representing the object ID.
+
+        :return response json
+        """
+
+        return super().delete(id=id)
diff --git a/tests/api/v2/test_report_definitions.py b/tests/api/v2/test_report_definitions.py
@@ -0,0 +1,109 @@
+# -*- coding: utf-8 -*-
+"""
+Test suite for the community-developed Python SDK for interacting with Lacework APIs.
+"""
+
+import random
+
+import pytest
+
+from laceworksdk.api.v2.report_definitions import ReportDefinitionsAPI
+from tests.api.test_crud_endpoint import CrudEndpoint
+
+
+# Tests
+
+@pytest.fixture(scope="module")
+def api_object(api):
+    return api.report_definitions
+
+
+@pytest.fixture(scope="module")
+def aws_account(api):
+    cloud_accounts = api.cloud_accounts.get_by_type("AwsCfg")
+
+    if len(cloud_accounts["data"]):
+        aws_role = random.choice(cloud_accounts["data"])["data"]["crossAccountCredentials"]["roleArn"]
+        aws_account = aws_role.split(":")[4]
+        return aws_account
+
+
+@pytest.fixture(scope="module")
+def api_object_create_body(random_text, aws_resource_group_guid, email_alert_channel_guid):
+    return {
+        "report_name": f"Test_{random_text}_Report",
+        "report_type": "COMPLIANCE",
+        "sub_report_type": "AWS",
+        "report_definition": {
+            "sections": [
+                {
+                    "category": "1",
+                    "title": "Critical policies collection",
+                    "policies": [
+                        "AWS_CIS_1_1"
+                    ]
+                }
+            ],
+            "overrides": [
+                {
+                    "title": "Non `root` user authentication violation",
+                    "policy": "AWS_CIS_1_1"
+                }
+            ]
+        },
+        "props": {
+            "resourceGroups": [
+                aws_resource_group_guid
+            ]
+        },
+        "alert_channels": [
+            email_alert_channel_guid
+        ],
+        "distribution_type": "pdf",
+        "frequency": "daily"
+    }
+
+
+@pytest.fixture(scope="module")
+def api_object_update_body(random_text):
+    return {
+        "report_name": f"Test_{random_text}_Report",
+        "report_type": "COMPLIANCE",
+        "sub_report_type": "AWS",
+        "report_definition": {
+            "sections": [
+                {
+                    "category": "1",
+                    "title": "Critical policies collection",
+                    "policies": [
+                        "AWS_CIS_1_1"
+                    ]
+                }
+            ],
+            "overrides": [
+                {
+                    "title": "Non `root` user authentication violation",
+                    "policy": "AWS_CIS_1_1"
+                }
+            ]
+        },
+        "frequency": "weekly",
+        "update_type": "Update"
+    }
+
+
+@pytest.mark.flaky_test
+class TestAlertProfiles(CrudEndpoint):
+
+    OBJECT_ID_NAME = "reportDefinitionGuid"
+    OBJECT_TYPE = ReportDefinitionsAPI
+    OBJECT_PARAM_EXCEPTIONS = ["alerts"]
+
+    def test_api_search(self):
+        """
+        Search is unavailable for this endpoint.
+        """
+        pass
+
+    def test_api_get_by_id(self, api_object):
+        self._get_object_classifier_test(api_object, "id", self.OBJECT_ID_NAME)
