Summary of What Needs to be Done:
Add unit tests for build_alert_payload in backend/secuscan/notification_service.py. This function builds a redacted JSON-serializable alert payload from a finding and notification rule dict. It currently has no direct unit tests.
The function:
- Extracts and parses
metadata_json from the finding dict (redacts on parse failure)
- Builds a structured payload with rule metadata and finding fields
- Applies
redact_dict to the final payload before returning
Changes that Need to be Made:
Create testing/backend/unit/test_notification_service_build_alert_payload.py with the following test cases:
test_builds_payload_with_all_fields: finding and rule dicts with all standard keys produce expected payload shape and values
test_missing_metadata_json_produces_empty_metadata: finding without metadata_json key results in metadata={}
test_invalid_metadata_json_falls_back_to_raw_string: metadata_json="not-json" is caught by try/except and stored as {"raw": "not-json"}
test_non_string_metadata_json_raises_type_error_and_falls_back: metadata_json=123 raises TypeError caught by the except clause
test_missing_finding_fields_produce_none_in_payload: missing task_id, plugin_id, description etc. appear as None in payload
test_redact_dict_is_called_on_result: the returned dict should have no plain-text secrets — patch redact_dict and verify it is called once
test_rule_channel_type_is_included: verify rule.channel_type is present in the payload rule section
Import build_alert_payload from backend.secuscan.notification_service. The redact_dict and redact_inputs imports from the same module should be patched in the appropriate test.
Impact that it would Provide:
- Reliability: ensures alert payloads are correctly structured for webhook/email delivery
- Regression safety: prevents schema breakage when finding/rule field names change
- Coverage: the function handles error paths (bad JSON, missing fields) that are not exercised anywhere else
Note: This task is being handled by tmdeveloper007 — please assign to that account when picking it up.
Summary of What Needs to be Done:
Add unit tests for
build_alert_payloadinbackend/secuscan/notification_service.py. This function builds a redacted JSON-serializable alert payload from a finding and notification rule dict. It currently has no direct unit tests.The function:
metadata_jsonfrom the finding dict (redacts on parse failure)redact_dictto the final payload before returningChanges that Need to be Made:
Create
testing/backend/unit/test_notification_service_build_alert_payload.pywith the following test cases:test_builds_payload_with_all_fields: finding and rule dicts with all standard keys produce expected payload shape and valuestest_missing_metadata_json_produces_empty_metadata: finding withoutmetadata_jsonkey results inmetadata={}test_invalid_metadata_json_falls_back_to_raw_string:metadata_json="not-json"is caught by try/except and stored as{"raw": "not-json"}test_non_string_metadata_json_raises_type_error_and_falls_back:metadata_json=123raisesTypeErrorcaught by the except clausetest_missing_finding_fields_produce_none_in_payload: missingtask_id,plugin_id,descriptionetc. appear asNonein payloadtest_redact_dict_is_called_on_result: the returned dict should have no plain-text secrets — patchredact_dictand verify it is called oncetest_rule_channel_type_is_included: verifyrule.channel_typeis present in the payload rule sectionImport
build_alert_payloadfrombackend.secuscan.notification_service. Theredact_dictandredact_inputsimports from the same module should be patched in the appropriate test.Impact that it would Provide:
Note: This task is being handled by tmdeveloper007 — please assign to that account when picking it up.