feat: add security group to the incident channel (#332)

Update the `/incident` command so the `Security` user group members are added to the incident channel when created.
cds-snc · Dec 7, 2023 · 69f238a · 69f238a
1 parent 6a0fd4c
commit 69f238a
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 9 deletions.
diff --git a/app/commands/incident.py b/app/commands/incident.py
@@ -17,6 +17,7 @@
 i18n.set("fallback", "en-US")
 
 INCIDENT_CHANNEL = os.environ.get("INCIDENT_CHANNEL")
+SLACK_SECURITY_USER_GROUP_ID = os.environ.get("SLACK_SECURITY_USER_GROUP_ID")
 
 
 def handle_incident_action_buttons(client, ack, body, logger):
@@ -298,17 +299,22 @@ def submit(ack, view, say, body, client, logger):
     say(text=text, channel=channel_id)
 
     # Reminder to brief up
-    text = ":one: Is this a `cybersecurity incident`? Please initiate the briefing process for CCCS and TBS OCIO Cyber"
+    text = ":alphabet-yellow-question: Is this a `cybersecurity incident` (secret/data leak, account compromise, attack)? Please initiate the briefing process for CCCS and TBS OCIO Cyber."
     say(text=text, channel=channel_id)
 
     # Reminder to stop planned testing
-    text = ":two: Is there active `penetration or performance testing`? Please stop it immediately"
+    text = ":alphabet-yellow-question: Is someone `penetration or performance testing`? Please stop it to make your life easier."
     say(text=text, channel=channel_id)
 
     # Invite oncall to channel
     for user in oncall:
         client.conversations_invite(channel=channel_id, users=user["id"])
 
+    # Invite the @security users to channel
+    response = client.usergroups_users_list(usergroup=SLACK_SECURITY_USER_GROUP_ID)
+    if response.get("ok"):
+        client.conversations_invite(channel=channel_id, users=response["users"])
+
     text = "Run `/sre incident roles` to assign roles to the incident"
     say(text=text, channel=channel_id)
 

diff --git a/app/pytest.ini b/app/pytest.ini
@@ -12,6 +12,7 @@ env =
     SENTINEL_CUSTOMER_ID = "SENTINEL_CUSTOMER_ID"
     SENTINEL_LOG_TYPE = "SENTINEL_LOG_TYPE"
     SENTINEL_SHARED_KEY = "SENTINEL_SHARED_KEY"
+    SLACK_SECURITY_USER_GROUP_ID = "SLACK_SECURITY_USER_GROUP_ID"
     AWS_ORG_ACCOUNT_ROLE_ARN = "AWS_ORG_ACCOUNT_ROLE_ARN"
     AWS_LOGGING_ACCOUNT_ROLE_ARN = "AWS_LOGGING_ACCOUNT_ROLE_ARN"
     AWS_AUDIT_ACCOUNT_ROLE_ARN = "AWS_AUDIT_ACCOUNT_ROLE_ARN"

diff --git a/app/tests/commands/test_incident.py b/app/tests/commands/test_incident.py
@@ -2,7 +2,7 @@
 
 from commands import incident
 
-from unittest.mock import MagicMock, patch
+from unittest.mock import call, MagicMock, patch
 
 DATE = datetime.datetime.now().strftime("%Y-%m-%d")
 
@@ -555,10 +555,15 @@ def test_incident_submit_adds_creator_to_channel(
     client.conversations_create.return_value = {
         "channel": {"id": "channel_id", "name": "channel_name"}
     }
+    client.usergroups_users_list.return_value = {
+        "ok": False,
+    }
     client.users_lookupByEmail.return_value = {"ok": False, "error": "users_not_found"}
     incident.submit(ack, view, say, body, client, logger)
-    client.conversations_invite.assert_called_with(
-        channel="channel_id", users="creator_user_id"
+    client.conversations_invite.assert_has_calls(
+        [
+            call(channel="channel_id", users="creator_user_id"),
+        ]
     )
 
 
@@ -696,14 +701,24 @@ def test_incident_submit_pulls_oncall_people_into_the_channel(
     logger = MagicMock()
     view = helper_generate_view()
     say = MagicMock()
-    body = {"user": {"id": "user_id"}, "trigger_id": "trigger_id", "view": view}
+    body = {"user": {"id": "creator_user_id"}, "trigger_id": "trigger_id", "view": view}
     client = MagicMock()
     client.conversations_create.return_value = {
         "channel": {"id": "channel_id", "name": "channel_name"}
     }
     client.users_lookupByEmail.return_value = {
         "ok": True,
-        "user": {"id": "user_id", "profile": {"display_name_normalized": "name"}},
+        "user": {
+            "id": "on_call_user_id",
+            "profile": {"display_name_normalized": "name"},
+        },
+    }
+    client.usergroups_users_list.return_value = {
+        "ok": True,
+        "users": [
+            "security_user_id_1",
+            "security_user_id_2",
+        ],
     }
 
     mock_create_new_incident.return_value = "id"
@@ -714,8 +729,15 @@ def test_incident_submit_pulls_oncall_people_into_the_channel(
     incident.submit(ack, view, say, body, client, logger)
     mock_get_on_call_users.assert_called_once_with("oncall")
     client.users_lookupByEmail.assert_any_call(email="email")
-    client.conversations_invite.assert_called_with(
-        channel="channel_id", users="user_id"
+    client.usergroups_users_list(usergroup="SLACK_SECURITY_USER_GROUP_ID")
+    client.conversations_invite.assert_has_calls(
+        [
+            call(channel="channel_id", users="creator_user_id"),
+            call(channel="channel_id", users="on_call_user_id"),
+            call(
+                channel="channel_id", users=["security_user_id_1", "security_user_id_2"]
+            ),
+        ]
     )