diff --git a/policies/github/member.rego b/policies/github/member.rego index 09deffd5..898cf093 100644 --- a/policies/github/member.rego +++ b/policies/github/member.rego @@ -15,7 +15,7 @@ package member default organization_has_too_many_admins := true organization_has_too_many_admins := false { - admins := count({member | member := input.members[_]; member.is_admin == true}) + admins := count([member | member := input.members[_]; member.is_admin == true]) admins <= 3 } diff --git a/test/member_test.go b/test/member_test.go index 8d2f79a3..5246ad34 100644 --- a/test/member_test.go +++ b/test/member_test.go @@ -1,10 +1,11 @@ package test import ( - "github.com/Legit-Labs/legitify/internal/common/scm_type" "testing" "time" + "github.com/Legit-Labs/legitify/internal/common/scm_type" + githubcollected "github.com/Legit-Labs/legitify/internal/collected/github" "github.com/Legit-Labs/legitify/internal/common/namespace" ) @@ -84,6 +85,36 @@ func TestMember(t *testing.T) { }, }, }, + { + name: "should find too many admins", + policyName: "organization_has_too_many_admins", + shouldBeViolated: true, + args: memberMockConfiguration{ + hasLastActive: true, + members: []githubcollected.OrganizationMember{ + { + LastActive: int(time.Now().AddDate(0, -1, 0).UnixNano()), + IsAdmin: true, + }, + { + LastActive: int(time.Now().AddDate(0, -1, 0).UnixNano()), + IsAdmin: true, + }, + { + LastActive: int(time.Now().AddDate(0, -1, 0).UnixNano()), + IsAdmin: true, + }, + { + LastActive: int(time.Now().AddDate(0, -1, 0).UnixNano()), + IsAdmin: true, + }, + { + LastActive: int(time.Now().AddDate(0, -1, 0).UnixNano()), + IsAdmin: true, + }, + }, + }, + }, } for _, test := range tests {