wazuh · snaow · Nov 2, 2021 · Oct 25, 2021
diff --git a/tests/integration/test_api/conftest.py b/tests/integration/test_api/conftest.py
@@ -88,7 +88,6 @@ def restart_api(get_configuration, request):
         control_service('start', daemon=process_name)
 
 
-
 @pytest.fixture(scope='module')
 def wait_for_start(get_configuration, request):
     # Wait for API to start

diff --git a/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py b/tests/integration/test_api/test_config/test_DOS_blocking_system/test_DOS_blocking_system.py
@@ -1,7 +1,61 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the 'DOS' (Denial-of-service attack) blocking feature of the API handled
+       by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API
+       that allows for interaction with the Wazuh manager from a web browser, command line tool
+       like 'cURL' or any script or program that can make web requests.
+
+tier: 0
+
+modules:
+    - api
+
+components:
+    - manager
+
+daemons:
+    - wazuh-apid
+    - wazuh-analysisd
+    - wazuh-syscheckd
+    - wazuh-db
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/api/getting-started.html
+    - https://documentation.wazuh.com/current/user-manual/api/configuration.html#access
+    - https://en.wikipedia.org/wiki/Denial-of-service_attack
+
+tags:
+    - api
+'''
 import os
 import time
 
@@ -37,15 +91,48 @@ def get_configuration(request):
 @pytest.mark.filterwarnings('ignore::urllib3.exceptions.InsecureRequestWarning')
 def test_DOS_blocking_system(tags_to_apply, get_configuration, configure_api_environment, restart_api,
                              wait_for_start, get_api_details):
-    """Check the correct functionality of the DOS blocking system.
-
-    Provoke a block, make a request within the same minute, make a request after the minute.
-
-    Parameters
-    ----------
-    tags_to_apply : set
-        Run test if match with a configuration identifier, skip otherwise.
-    """
+    '''
+    description: Check if the API blocking system for IP addresses detected as 'DOS' attack works.
+                 For this purpose, the test causes an IP blocking, makes a request within
+                 the same minute, makes a request after the minute.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - tags_to_apply:
+            type: set
+            brief: Run test if match with a configuration identifier, skip otherwise.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_api_environment:
+            type: fixture
+            brief: Configure a custom environment for API testing.
+        - restart_api:
+            type: fixture
+            brief: Reset 'api.log' and start a new monitor.
+        - wait_for_start:
+            type: fixture
+            brief: Wait until the API starts.
+        - get_api_details:
+            type: fixture
+            brief: Get API information.
+
+    assertions:
+        - Verify that the IP address is blocked using multiple requests.
+        - Verify that the IP address is still blocked within the one-minute block time.
+        - Verify that the IP address is not blocked when expires the blocking time.
+
+    input_description: Different test cases are contained in an external YAML file (conf.yaml)
+                       which includes API configuration parameters.
+
+    expected_output:
+        - r'429' ('Too Many Requests' HTTP status code)
+        - r'200' ('OK' HTTP status code)
+
+    tags:
+        - dos_attack
+    '''
     check_apply_test(tags_to_apply, get_configuration['tags'])
     max_request_per_minute = get_configuration['configuration']['access']['max_request_per_minute']
     api_details = get_api_details()
@@ -58,12 +145,14 @@ def test_DOS_blocking_system(tags_to_apply, get_configuration, configure_api_env
     # Request within the same minute
     get_response = requests.get(api_details['base_url'], headers=api_details['auth_headers'], verify=False)
     assert get_response.status_code == 429, f'Expected status code was 429, ' \
-                                            f'but {get_response.status_code} was returned. \nFull response: {get_response.text}'
+                                            f'but {get_response.status_code} was returned. ' \
+                                            f'\nFull response: {get_response.text}'
 
     # Request after the minute.
     time.sleep(60)  # 60 = 1 minute
     get_response = requests.get(api_details['base_url'], headers=api_details['auth_headers'], verify=False)
 
     # After blocking time, status code will be 200 again
     assert get_response.status_code == 200, f'Expected status code was 200, ' \
-                                            f'but {get_response.status_code} was returned. \nFull response: {get_response.text}'
+                                            f'but {get_response.status_code} was returned. ' \
+                                            f'\nFull response: {get_response.text}'
diff --git a/...n/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py b/...n/test_api/test_config/test_bruteforce_blocking_system/test_bruteforce_blocking_system.py
@@ -1,7 +1,60 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: These tests will check if the IP blocking feature of the API handled by the 'wazuh-apid' daemon
+       is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction
+       with the Wazuh manager from a web browser, command line tool like 'cURL' or any script
+       or program that can make web requests.
+
+tier: 0
+
+modules:
+    - api
+
+components:
+    - manager
+
+daemons:
+    - wazuh-apid
+    - wazuh-analysisd
+    - wazuh-syscheckd
+    - wazuh-db
+
+os_platform:
+    - linux
+
+os_version:
+    - Arch Linux
+    - Amazon Linux 2
+    - Amazon Linux 1
+    - CentOS 8
+    - CentOS 7
+    - CentOS 6
+    - Ubuntu Focal
+    - Ubuntu Bionic
+    - Ubuntu Xenial
+    - Ubuntu Trusty
+    - Debian Buster
+    - Debian Stretch
+    - Debian Jessie
+    - Debian Wheezy
+    - Red Hat 8
+    - Red Hat 7
+    - Red Hat 6
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/api/getting-started.html
+    - https://documentation.wazuh.com/current/user-manual/api/configuration.html#access
+
+tags:
+    - api
+'''
 import os
 import time
 
@@ -36,16 +89,47 @@ def get_configuration(request):
 @pytest.mark.filterwarnings('ignore::urllib3.exceptions.InsecureRequestWarning')
 def test_bruteforce_blocking_system(tags_to_apply, get_configuration, configure_api_environment, restart_api,
                                     wait_for_start, get_api_details):
-    """Check that the blocking time for IPs detected as brute-force attack works.
-
-    Provoke a block, make a request before the blocking
-    time finishes and one after the blocking time.
-
-    Parameters
-    ----------
-    tags_to_apply : set
-        Run test if match with a configuration identifier, skip otherwise.
-    """
+    '''
+    description: Check if the blocking time for IP addresses detected as brute-force attack works.
+                 For this purpose, the test causes an IP blocking, make a request before
+                 the blocking time finishes and one after the blocking time.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - tags_to_apply:
+            type: set
+            brief: Run test if match with a configuration identifier, skip otherwise.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_api_environment:
+            type: fixture
+            brief: Configure a custom environment for API testing.
+        - restart_api:
+            type: fixture
+            brief: Reset 'api.log' and start a new monitor.
+        - wait_for_start:
+            type: fixture
+            brief: Wait until the API starts.
+        - get_api_details:
+            type: fixture
+            brief: Get API information.
+
+    assertions:
+        - Verify that the IP address is blocked using incorrect credentials.
+        - Verify that the IP address is still blocked even when using
+          the correct credentials within the blocking time.
+
+    input_description: Different test cases are contained in an external YAML file (conf.yaml)
+                       which includes API configuration parameters.
+
+    expected_output:
+        - r"Error obtaining login token"
+
+    tags:
+        - brute_force_attack
+    '''
     check_apply_test(tags_to_apply, get_configuration['tags'])
     block_time = get_configuration['configuration']['access']['block_time']
     max_login_attempts = get_configuration['configuration']['access']['max_login_attempts']

diff --git a/tests/integration/test_api/test_config/test_cache/test_cache.py b/tests/integration/test_api/test_config/test_cache/test_cache.py
@@ -7,8 +7,10 @@
 
 type: integration
 
-brief: These tests will check if the cache feature of the API handled
-       by the `wazuh-apid` daemon is working properly.
+brief: These tests will check if the cache feature of the API handled by the 'wazuh-apid' daemon
+       is working properly. The Wazuh API is an open source 'RESTful' API that allows for interaction
+       with the Wazuh manager from a web browser, command line tool like 'cURL' or any script
+       or program that can make web requests.
 
 tier: 0
 
@@ -18,8 +20,6 @@
 components:
     - manager
 
-path: tests/integration/test_api/test_config/test_cache/test_cache.py
-
 daemons:
     - wazuh-apid
     - wazuh-analysisd
@@ -114,7 +114,7 @@ def test_cache(tags_to_apply, get_configuration, configure_api_environment, rest
                  a period established in the configuration, even though a new file
                  has been created during the process.
 
-    wazuh_min_version: 4.2
+    wazuh_min_version: 4.2.0
 
     parameters:
         - tags_to_apply:
@@ -128,7 +128,7 @@ def test_cache(tags_to_apply, get_configuration, configure_api_environment, rest
             brief: Configure a custom environment for API testing.
         - restart_api:
             type: fixture
-            brief: Reset `api.log` and start a new monitor.
+            brief: Reset 'api.log' and start a new monitor.
         - wait_for_start:
             type: fixture
             brief: Wait until the API starts.
@@ -139,7 +139,7 @@ def test_cache(tags_to_apply, get_configuration, configure_api_environment, rest
     assertions:
         - Verify that the stored response is returned when the cache is enabled.
 
-    input_description: Different test cases are contained in an external `YAML` file (conf.yaml)
+    input_description: Different test cases are contained in an external YAML file (conf.yaml)
                        which includes API configuration parameters.
 
     expected_output:

diff --git a/tests/integration/test_api/test_config/test_cors/test_cors.py b/tests/integration/test_api/test_config/test_cors/test_cors.py
@@ -7,8 +7,11 @@
 
 type: integration
 
-brief: These tests will check if the CORS (Cross-origin resource sharing) feature
-       of the API handled by the `wazuh-apid` daemon is working properly.
+brief:
+    These tests will check if the 'CORS' (Cross-origin resource sharing) feature of the API handled
+    by the 'wazuh-apid' daemon is working properly. The Wazuh API is an open source 'RESTful' API
+    that allows for interaction with the Wazuh manager from a web browser, command line tool
+    like 'cURL' or any script or program that can make web requests.
 
 tier: 0
 
@@ -18,8 +21,6 @@
 components:
     - manager
 
-path: tests/integration/test_api/test_config/test_cors/test_cors.py
-
 daemons:
     - wazuh-apid
     - wazuh-analysisd
@@ -92,12 +93,12 @@ def get_configuration(request):
 def test_cors(origin, tags_to_apply, get_configuration, configure_api_environment,
               restart_api, wait_for_start, get_api_details):
     '''
-    description: Check if expected headers are returned when CORS is enabled.
-                 When CORS is enabled, special headers must be returned in case the
-                 request origin matches the one established in the CORS configuration
+    description: Check if expected headers are returned when 'CORS' is enabled.
+                 When 'CORS' is enabled, special headers must be returned in case the
+                 request origin matches the one established in the 'CORS' configuration
                  of the API.
 
-    wazuh_min_version: 4.2
+    wazuh_min_version: 4.2.0
 
     parameters:
         - origin:
@@ -114,7 +115,7 @@ def test_cors(origin, tags_to_apply, get_configuration, configure_api_environmen
             brief: Configure a custom environment for API testing.
         - restart_api:
             type: fixture
-            brief: Reset `api.log` and start a new monitor.
+            brief: Reset 'api.log' and start a new monitor.
         - wait_for_start:
             type: fixture
             brief: Wait until the API starts.
@@ -123,12 +124,12 @@ def test_cors(origin, tags_to_apply, get_configuration, configure_api_environmen
             brief: Get API information.
 
     assertions:
-        - Verify that when CORS is enabled, the `Access-Control-Allow-Origin` header is received.
-        - Verify that when CORS is enabled, the `Access-Control-Expose-Headers` header is received.
-        - Verify that when CORS is enabled, the `Access-Control-Allow-Credentials` header is received.
-        - Verify that when CORS is disabled, the `Access-Control-Allow-Origin` header is not received.
+        - Verify that when CORS is enabled, the 'Access-Control-Allow-Origin' header is received.
+        - Verify that when CORS is enabled, the 'Access-Control-Expose-Headers' header is received.
+        - Verify that when CORS is enabled, the 'Access-Control-Allow-Credentials' header is received.
+        - Verify that when CORS is disabled, the 'Access-Control-Allow-Origin' header is not received.
 
-    input_description: A test case is contained in an external `YAML` file (conf.yaml)
+    input_description: A test case is contained in an external YAML file (conf.yaml)
                        which includes API configuration parameters.
 
     expected_output: