"""Tests for the coarse CRA prioritisation (P0 floor + weighted tier + quick wins).""" from compliance.services.cra_finding_mapper import ScannerFinding, assess_findings def test_safety_impact_forces_p0(): a = assess_findings([ScannerFinding(id="s", title="TLS 1.0", cwe="CWE-319", severity="medium", safety_impact=True)]) m = a.mapped[0] assert m.priority_tier == "P0" assert "Personenschaden" in m.priority_reason def test_exploited_forces_p0(): a = assess_findings([ScannerFinding(id="e", title="outdated dep", category="dependency", severity="medium", exploited=True)]) assert a.mapped[0].priority_tier == "P0" def test_critical_is_p0(): a = assess_findings([ScannerFinding(id="c", title="default password", cwe="CWE-259", severity="critical")]) assert a.mapped[0].priority_tier == "P0" def test_weights_order_the_discretionary_tier(): findings = [ ScannerFinding(id="log", title="no security logging", cwe="CWE-778", severity="high"), # monitoring ScannerFinding(id="mfa", title="missing authentication", cwe="CWE-306", severity="high"), # access ] a = assess_findings(findings, weights={"access": "high", "monitoring": "low"}) order = [m.finding_id for m in a.mapped] assert order.index("mfa") < order.index("log") assert a.mapped[0].priority_tier != "P0" # neither is a floor finding def test_quick_win_flag_and_view(): a = assess_findings([ScannerFinding(id="tls", title="TLS 1.0", cwe="CWE-319", severity="high")]) m = a.mapped[0] assert m.primary_requirement == "CRA-AI-15" # effort 2 days assert m.quick_win is True assert "tls" in a.quick_wins def test_p0_sorts_above_discretionary(): findings = [ ScannerFinding(id="low", title="missing logging", cwe="CWE-778", severity="low"), # P3 ScannerFinding(id="crit", title="default password", cwe="CWE-259", severity="critical"), # P0 ] a = assess_findings(findings) assert a.mapped[0].finding_id == "crit" def test_objectives_exposed(): a = assess_findings([]) assert a.objectives == ["access", "data", "network_api", "supply_updates", "monitoring"]