Moved ZT models to own folder and added documentation

monkey/monkey_island/cc/models/zero_trust/event.py

@@ -6,11 +6,22 @@ from common.data.zero_trust_consts import EVENT_TYPES
 
 
 class Event(EmbeddedDocument):
+    """
+    This model represents a single event within a Finding (it is an EmbeddedDocument within Finding). It is meant to
+    hold a detail of the Finding.
+
+    This class has 2 main section:
+        *   The schema section defines the DB fields in the document. This is the data of the object.
+        *   The logic section defines complex questions we can ask about a single document which are asked multiple
+            times, or complex action we will perform - somewhat like an API.
+    """
+    # SCHEMA
     timestamp = DateTimeField(required=True)
     title = StringField(required=True)
     message = StringField()
     event_type = StringField(required=True, choices=EVENT_TYPES)
 
+    # LOGIC
     @staticmethod
     def create_event(title, message, event_type):
         event = Event(

monkey/monkey_island/cc/models/zero_trust/finding.py

@@ -1,3 +1,4 @@
+# coding=utf-8
 """
 Define a Document Schema for Zero Trust findings.
 """
@@ -7,11 +8,21 @@ from mongoengine import Document, StringField, EmbeddedDocumentListField
 from common.data.zero_trust_consts import ORDERED_TEST_STATUSES, TESTS, TESTS_MAP, TEST_EXPLANATION_KEY, PILLARS_KEY
 # Dummy import for mongoengine.
 # noinspection PyUnresolvedReferences
-from event import Event
+from monkey_island.cc.models.zero_trust.event import Event
 
 
 class Finding(Document):
     """
+    This model represents a Zero-Trust finding: A result of a test the monkey/island might perform to see if a
+    specific directive of zero trust is upheld or broken.
+
+    Findings might be
+        Negative ❌
+            Conclusive, meaning that we are sure that something is wrong (example: segmentation issue).
+            Inconclusive, meaning that we need the user to check something himself (example: 2FA logs, AV missing).
+        Positive ✔
+            Conclusive, meaning that we are sure that something is correct (example: Monkey failed exploiting).
+
     This class has 2 main section:
         *   The schema section defines the DB fields in the document. This is the data of the object.
         *   The logic section defines complex questions we can ask about a single document which are asked multiple

monkey/monkey_island/cc/models/zero_trust/test_event.py

@@ -1,7 +1,7 @@
 from mongoengine import ValidationError
 
 from common.data.zero_trust_consts import EVENT_TYPE_ISLAND
-from monkey_island.cc.models.event import Event
+from monkey_island.cc.models.zero_trust.event import Event
 from monkey_island.cc.testing.IslandTestCase import IslandTestCase
 
 

monkey/monkey_island/cc/models/zero_trust/test_finding.py

@@ -1,8 +1,8 @@
 from mongoengine import ValidationError
 
 from common.data.zero_trust_consts import *
-from finding import Finding
+from monkey_island.cc.models.zero_trust.finding import Finding
-from monkey_island.cc.models.event import Event
+from monkey_island.cc.models.zero_trust.event import Event
 from monkey_island.cc.testing.IslandTestCase import IslandTestCase
 
 

monkey/monkey_island/cc/services/reporting/test_zeroTrustService.py

@@ -1,9 +1,7 @@
-from unittest import TestCase
-
 from monkey_island.cc.services.reporting.zero_trust_service import ZeroTrustService
 
 from common.data.zero_trust_consts import *
-from monkey_island.cc.models.finding import Finding
+from monkey_island.cc.models.zero_trust.finding import Finding
 from monkey_island.cc.testing.IslandTestCase import IslandTestCase
 
 

monkey/monkey_island/cc/services/reporting/zero_trust_service.py

@@ -1,6 +1,6 @@
 import json
 from common.data.zero_trust_consts import *
-from monkey_island.cc.models.finding import Finding
+from monkey_island.cc.models.zero_trust.finding import Finding
 
 
 class ZeroTrustService(object):

monkey/monkey_island/cc/services/telemetry/zero_trust_tests/antivirus_existence.py

@@ -3,8 +3,8 @@ import json
 from common.data.zero_trust_consts import EVENT_TYPE_MONKEY_LOCAL, EVENT_TYPE_ISLAND, \
     STATUS_POSITIVE, STATUS_CONCLUSIVE, TEST_ENDPOINT_SECURITY_EXISTS
 from monkey_island.cc.models import Monkey
-from monkey_island.cc.models.event import Event
+from monkey_island.cc.models.zero_trust.event import Event
-from monkey_island.cc.models.finding import Finding
+from monkey_island.cc.models.zero_trust.finding import Finding
 
 ANTI_VIRUS_KNOWN_PROCESS_NAMES = [
     u"AvastSvc.exe",

monkey/monkey_island/cc/testing/IslandTestCase.py

@@ -1,7 +1,7 @@
 import unittest
 from monkey_island.cc.environment.environment import env
 from monkey_island.cc.models import Monkey
-from monkey_island.cc.models.finding import Finding
+from monkey_island.cc.models.zero_trust.finding import Finding
 
 
 class IslandTestCase(unittest.TestCase):