Skip to content

001_0003 - SecurityChecks

Ensure security rules are active

Set Security check to production in Project Security

Metadata

authors:
- Xiwen Cheng <x@cinaq.com>
category: Security
input: Security$ProjectSecurity.yaml
rulename: SecurityChecks
rulenumber: '001_0003'
scope: package
severity: HIGH

Description

Any serious app needs entity access security configured

Remediation

Set Security check to production in Project Security

Test cases

package app.mendix.project_settings.security_checks
import rego.v1

# Test cases
test_allow if {
    allow with input as {
        "CheckSecurity": true,
        "SecurityLevel": "CheckEverything",
    }
}
test_no_allow_1 if {
    not allow with input as {
        "CheckSecurity": false,
        "SecurityLevel": "CheckEverything",
    }
}
test_no_allow_2 if {
    not allow with input as {
        "CheckSecurity": true,
        "SecurityLevel": "unknown",
    }
}