From a339dafcc692553497a9d4f304195b48bba99f10 Mon Sep 17 00:00:00 2001
From: Daniel Barranquero <74871504+danibarranqueroo@users.noreply.github.com>
Date: Thu, 7 Nov 2024 14:21:49 +0100
Subject: [PATCH] fix(guardduty): fix `guardduty_is_enabled_fixer` test (#5668)

---
 .../guardduty_is_enabled_fixer_test.py        | 84 ++++++++++++++++---
 1 file changed, 71 insertions(+), 13 deletions(-)

diff --git a/tests/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled_fixer_test.py b/tests/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled_fixer_test.py
index 2765af10663..8a7e3f4eb69 100644
--- a/tests/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled_fixer_test.py
+++ b/tests/providers/aws/services/guardduty/guardduty_is_enabled/guardduty_is_enabled_fixer_test.py
@@ -1,35 +1,93 @@
 from unittest import mock
 from uuid import uuid4
 
+import botocore
+import botocore.client
 from moto import mock_aws
 
 from tests.providers.aws.utils import (
-    AWS_ACCOUNT_ARN,
     AWS_ACCOUNT_NUMBER,
     AWS_REGION_EU_WEST_1,
+    set_mocked_aws_provider,
 )
 
 DETECTOR_ID = str(uuid4())
 DETECTOR_ARN = f"arn:aws:guardduty:{AWS_REGION_EU_WEST_1}:{AWS_ACCOUNT_NUMBER}:detector/{DETECTOR_ID}"
 
+mock_make_api_call = botocore.client.BaseClient._make_api_call
+
+
+def mock_make_api_call_create_detector_success(self, operation_name, kwarg):
+    if operation_name == "CreateDetector":
+        return {"DetectorId": DETECTOR_ID}
+    elif operation_name == "GetDetector":
+        return {"Status": "ENABLED"}
+    return mock_make_api_call(self, operation_name, kwarg)
+
+
+def mock_make_api_call_create_detector_failure(self, operation_name, kwarg):
+    if operation_name == "CreateDetector":
+        raise botocore.exceptions.ClientError(
+            {
+                "Error": {
+                    "Code": "AccessDeniedException",
+                    "Message": "User: arn:aws:iam::012345678901:user/test is not authorized to perform: guardduty:CreateDetector",
+                }
+            },
+            "CreateDetector",
+        )
+    return mock_make_api_call(self, operation_name, kwarg)
+
 
 class Test_guardduty_is_enabled_fixer:
     @mock_aws
     def test_guardduty_is_enabled_fixer(self):
-        regional_client = mock.MagicMock()
-        guardduty_client = mock.MagicMock
-        guardduty_client.region = AWS_REGION_EU_WEST_1
-        guardduty_client.detectors = []
-        guardduty_client.audited_account_arn = AWS_ACCOUNT_ARN
-        regional_client.create_detector.return_value = None
-        guardduty_client.regional_clients = {AWS_REGION_EU_WEST_1: regional_client}
+        with mock.patch(
+            "botocore.client.BaseClient._make_api_call",
+            new=mock_make_api_call_create_detector_success,
+        ):
+
+            from prowler.providers.aws.services.guardduty.guardduty_service import (
+                GuardDuty,
+            )
+
+            aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1])
+
+            with mock.patch(
+                "prowler.providers.common.provider.Provider.get_global_provider",
+                return_value=aws_provider,
+            ), mock.patch(
+                "prowler.providers.aws.services.guardduty.guardduty_is_enabled.guardduty_is_enabled_fixer.guardduty_client",
+                new=GuardDuty(aws_provider),
+            ):
+                from prowler.providers.aws.services.guardduty.guardduty_is_enabled.guardduty_is_enabled_fixer import (
+                    fixer,
+                )
+
+                assert fixer(AWS_REGION_EU_WEST_1)
 
+    @mock_aws
+    def test_guardduty_is_enabled_fixer_failure(self):
         with mock.patch(
-            "prowler.providers.aws.services.guardduty.guardduty_service.GuardDuty",
-            guardduty_client,
+            "botocore.client.BaseClient._make_api_call",
+            new=mock_make_api_call_create_detector_failure,
         ):
-            from prowler.providers.aws.services.guardduty.guardduty_is_enabled.guardduty_is_enabled_fixer import (
-                fixer,
+
+            from prowler.providers.aws.services.guardduty.guardduty_service import (
+                GuardDuty,
             )
 
-            assert fixer(AWS_REGION_EU_WEST_1)
+            aws_provider = set_mocked_aws_provider([AWS_REGION_EU_WEST_1])
+
+            with mock.patch(
+                "prowler.providers.common.provider.Provider.get_global_provider",
+                return_value=aws_provider,
+            ), mock.patch(
+                "prowler.providers.aws.services.guardduty.guardduty_is_enabled.guardduty_is_enabled_fixer.guardduty_client",
+                new=GuardDuty(aws_provider),
+            ):
+                from prowler.providers.aws.services.guardduty.guardduty_is_enabled.guardduty_is_enabled_fixer import (
+                    fixer,
+                )
+
+                assert not fixer(AWS_REGION_EU_WEST_1)