Benjamin_Boenisch/breakpilot-compliance
1
1
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9cf53090eb4325124e75802d0ec9ec10d98341ef
breakpilot-compliance/backend-compliance/tests/test_use_case_registry.py
T
Benjamin Admin e2bc6d02d5 wip(use-case): use_case_registry update + test (salvaged) 
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-06-21 12:40:43 +02:00

172 lines
6.3 KiB
Python
Raw Blame History

"""Tests fuer das Use-Case-Register (Phase 0)."""
from __future__ import annotations
from compliance.data import use_case_registry as reg
def test_keys_unique_and_nonempty():
keys = [uc.key for uc in reg._USE_CASES]
assert len(keys) == len(set(keys))
for uc in reg._USE_CASES:
assert uc.key and uc.label
assert uc.group in reg.USE_CASE_GROUPS
def test_every_use_case_has_a_verification_method_in_taxonomy():
for uc in reg._USE_CASES:
assert uc.verification_methods, uc.key
for m in uc.verification_methods:
assert m in reg.VERIFICATION_METHODS, (uc.key, m)
def test_not_only_document_use_cases():
# Der entscheidende Punkt (User-Vorgabe): >=50% Source-Code/IT-Prozess.
keys = set(reg.REGISTRY)
for k in ("code_security", "network_security", "cra", "isms", "tisax"):
assert k in keys
methods = {m for uc in reg._USE_CASES for m in uc.verification_methods}
assert {"source_code", "network", "it_process"} <= methods
def test_scope_tokens_cover_migration_145():
# Alle bedeutungstragenden Migration-145-scope_doc_type-Werte ('other'
# ausgenommen) sind mindestens einem Use Case zugeordnet.
meaningful = {
"cookie_richtlinie", "dse", "banner_implementation", "cmp_audit",
"tom", "avv", "jc", "impressum", "agb", "widerruf", "process",
"accounting",
}
assert meaningful <= set(reg.scope_token_to_use_cases)
def test_taxonomy_for_prompt_lists_all_enabled():
txt = reg.taxonomy_for_prompt()
for uc in reg.enabled_use_cases():
assert uc.key in txt
for m in reg.VERIFICATION_METHODS:
assert m in txt
def test_validators():
assert reg.is_valid_use_case("impressum")
assert not reg.is_valid_use_case("ghost")
assert reg.is_valid_verification_method("source_code")
assert not reg.is_valid_verification_method("telepathy")
def test_evidence_mapping():
assert reg.evidence_to_verification_method("code") == "source_code"
assert reg.evidence_to_verification_method("code_review") == "source_code"
assert reg.evidence_to_verification_method("process") == "it_process"
assert reg.evidence_to_verification_method("document") == "document"
assert reg.evidence_to_verification_method(None) is None
assert reg.evidence_to_verification_method("xyz") is None
def test_registry_hash_stable_and_hex():
h1 = reg.registry_hash()
assert h1 == reg.registry_hash()
assert len(h1) == 64 and all(c in "0123456789abcdef" for c in h1)
def test_frontend_list_shape():
fl = reg.frontend_list()
assert len(fl) == len(reg.enabled_use_cases())
for e in fl:
assert set(e) == {"key", "label", "group", "verification_methods"}
# ── Seed-Klassifizierung (Phase 1) ──────────────────────────────────
def test_seed_scope_token_to_use_case():
ucs, _ = reg.seed_classify(scopes=["impressum"])
assert "impressum" in ucs
def test_seed_category_to_use_case():
ucs, _ = reg.seed_classify(categories=["network"])
assert "network_security" in ucs
def test_seed_verification_method_from_evidence_and_method():
_, m = reg.seed_classify(etypes=["code"])
assert m == "source_code"
_, m2 = reg.seed_classify(vmethods=["document"])
assert m2 == "document"
_, m3 = reg.seed_classify(etypes=["process"])
assert m3 == "it_process"
def test_seed_multi_label():
# scope 'process' haengt an mehreren Use Cases (dsr/loeschkonzept/dsfa)
ucs, _ = reg.seed_classify(scopes=["process"])
assert len(ucs) >= 2
def test_seed_empty_and_none_safe():
ucs, m = reg.seed_classify(scopes=[None], categories=[None],
vmethods=[None], etypes=[None])
assert ucs == [] and m is None
assert reg.seed_classify() == ([], None)
# ── Deterministischer Regulierung→Use-Case-Mapper ───────────────────
def test_regulation_mapper_known():
cases = {
"OWASP Top 10 (2021)": "code_security",
"NIST SP 800-207 (Zero Trust)": "network_security",
"Cyber Resilience Act (CRA)": "cra",
"DSGVO (EU) 2016/679": "dse",
"EDPB Facial Recognition": "dse", # Leitlinie → Datenschutz
"TKG": "telekommunikation", # Telekom-Recht, NICHT Impressum
"TMG": "impressum", # echtes Impressumsrecht
"TDDDG": "cookie_banner",
"Markets in Crypto-Assets (MiCA)": "mica",
"BGB": "agb",
}
for reg_str, expected in cases.items():
assert reg.use_case_for_regulation(reg_str) == expected, reg_str
def test_regulation_mapper_impressum_misroutes_fixed():
# Phase A: Telekom-/Datenschutz-/Gewerbe-Gesetze duerfen NICHT mehr als
# Impressum durchgehen (Korpus enthaelt kein echtes Impressumsrecht ausser
# TMG/MStV). Siehe Audit 2026-06-09.
assert reg.use_case_for_regulation("Telekommunikationsgesetz Oesterreich") \
== "telekommunikation"
assert reg.use_case_for_regulation("DSK OH Telemedien") == "dse"
assert reg.use_case_for_regulation("Gewerbeordnung (GewO)") == "handelsrecht"
# Die echten Impressum-Quellen bleiben Impressum:
assert reg.use_case_for_regulation("TMG") == "impressum"
assert reg.use_case_for_regulation("AT Mediengesetz") == "impressum"
def test_regulation_mapper_abgb_before_bgb():
# 'ABGB' enthaelt 'bgb' — die abgb-Regel MUSS zuerst greifen.
assert reg.use_case_for_regulation("AT ABGB") == "handelsrecht"
def test_regulation_mapper_unknown_returns_none():
assert reg.use_case_for_regulation("Voellig Unbekanntes Gesetz") is None
assert reg.use_case_for_regulation(None) is None
def test_all_regulation_rules_point_to_valid_use_cases():
for _needle, uc in reg._REGULATION_RULES:
assert uc in reg.REGISTRY, uc
assert reg.REGISTRY[uc].enabled
def test_new_use_cases_eidas_geschaeftsgeheimnis():
# Korpus-Luecken 2026-06-17: eIDAS (VO 910/2014) + GeschGehG als eigene
# Use Cases ingestiert + klassifiziert.
assert reg.is_valid_use_case("eidas")
assert reg.is_valid_use_case("geschaeftsgeheimnis")
assert reg.use_case_for_regulation("eIDAS-Verordnung (EU) Nr. 910/2014") == "eidas"
assert reg.use_case_for_regulation(
"Gesetz zum Schutz von Geschäftsgeheimnissen") == "geschaeftsgeheimnis"
Reference in New Issue View Git Blame Copy Permalink