feat(gcp): resolve comments

prowler-cloud · Oct 11, 2024 · 4dd9c73 · 4dd9c73
1 parent 8414f41
commit 4dd9c73
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 7 deletions.
diff --git a/prowler/providers/gcp/exceptions/exceptions.py b/prowler/providers/gcp/exceptions/exceptions.py
@@ -37,7 +37,7 @@ class GCPBaseException(ProwlerException):
             "message": "Error loading static credentials",
             "remediation": "Check the credentials and ensure they are properly set up. client_id, client_secret and refresh_token are required.",
         },
-        (1933, "GCPNotValidProviderIdError"): {
+        (1933, "GCPInvalidAccountCredentials"): {
             "message": "Provider does not match with the expected project_id",
             "remediation": "Check the provider and ensure it matches the expected project_id.",
         },
@@ -120,7 +120,7 @@ def __init__(self, file=None, original_exception=None, message=None):
         )
 
 
-class GCPNotValidProviderIdError(GCPBaseException):
+class GCPInvalidAccountCredentials(GCPBaseException):
     def __init__(self, file=None, original_exception=None, message=None):
         super().__init__(
             1933, file=file, original_exception=original_exception, message=message

diff --git a/prowler/providers/gcp/gcp_provider.py b/prowler/providers/gcp/gcp_provider.py
@@ -19,9 +19,9 @@
     GCPCloudResourceManagerAPINotUsedError,
     GCPGetProjectError,
     GCPHTTPError,
+    GCPInvalidAccountCredentials,
     GCPLoadCredentialsFromDictError,
     GCPNoAccesibleProjectsError,
-    GCPNotValidProviderIdError,
     GCPSetUpSessionError,
     GCPStaticCredentialsError,
     GCPTestConnectionError,
@@ -367,7 +367,7 @@ def test_connection(
                 raise http_error
             return Connection(error=http_error)
         # Exceptions from validating Provider ID
-        except GCPNotValidProviderIdError as not_valid_provider_id_error:
+        except GCPInvalidAccountCredentials as not_valid_provider_id_error:
             logger.critical(str(not_valid_provider_id_error))
             if raise_on_exception:
                 raise not_valid_provider_id_error
@@ -563,13 +563,13 @@ def validate_project_id(provider_id: str, credentials: str = None) -> bool:
             bool
 
         Raises:
-            GCPNotValidProviderIdError if the provider ID does not match with the expected project_id
+            GCPInvalidAccountCredentials if the provider ID does not match with the expected project_id
         """
 
         available_projects = GcpProvider.get_projects(credentials=credentials)
 
         if provider_id not in available_projects:
-            raise GCPNotValidProviderIdError(
+            raise GCPInvalidAccountCredentials(
                 file=__file__,
                 message="The provider ID does not match with the expected project_id.",
             )

diff --git a/tests/providers/gcp/gcp_provider_test.py b/tests/providers/gcp/gcp_provider_test.py
@@ -11,7 +11,11 @@
     default_fixer_config_file_path,
     load_and_validate_config_file,
 )
-from prowler.providers.gcp.exceptions.exceptions import GCPTestConnectionError
+from prowler.providers.common.models import Connection
+from prowler.providers.gcp.exceptions.exceptions import (
+    GCPInvalidAccountCredentials,
+    GCPTestConnectionError,
+)
 from prowler.providers.gcp.gcp_provider import GcpProvider
 from prowler.providers.gcp.models import GCPIdentityInfo, GCPProject
 
@@ -538,3 +542,54 @@ def test_test_connection_with_exception(self):
                 )
             assert e.type == GCPTestConnectionError
             assert "Test exception" in e.value.args[0]
+
+    def test_test_connection_valid_project_id(self):
+        project_id = "test-project-id"
+        mocked_service = MagicMock()
+
+        mocked_service.projects.get.return_value = MagicMock(
+            execute=MagicMock(return_value={"projectId": project_id})
+        )
+
+        with patch(
+            "prowler.providers.gcp.gcp_provider.GcpProvider.setup_session",
+            return_value=(None, project_id),
+        ), patch(
+            "prowler.providers.gcp.gcp_provider.discovery.build",
+            return_value=mocked_service,
+        ):
+            output = GcpProvider.test_connection(
+                client_id="test-client-id",
+                client_secret="test-client-secret",
+                refresh_token="test-refresh-token",
+                provider_id=project_id,
+            )
+            assert Connection(is_connected=True, error=None) == output
+
+    def test_test_connection_invalid_project_id(self):
+        project_id = "test-project-id"
+        mocked_service = MagicMock()
+
+        mocked_service.projects.get.return_value = MagicMock(
+            execute=MagicMock(return_value={"projectId": project_id})
+        )
+
+        with patch(
+            "prowler.providers.gcp.gcp_provider.GcpProvider.setup_session",
+            return_value=(None, project_id),
+        ), patch(
+            "prowler.providers.gcp.gcp_provider.discovery.build",
+            return_value=mocked_service,
+        ):
+            with pytest.raises(Exception) as e:
+                GcpProvider.test_connection(
+                    client_id="test-client-id",
+                    client_secret="test-client-secret",
+                    refresh_token="test-refresh-token",
+                    provider_id="test-provider-id-invalid",
+                )
+            assert e.type == GCPInvalidAccountCredentials
+            assert (
+                "The provider ID does not match with the expected project_id"
+                in e.value.args[0]
+            )