001_0002 - DemoUsersDisabled

Business apps should disable demo users

Disable demo users in Project Security

Metadata

authors:
- Xiwen Cheng <x@cinaq.com>
category: Security
input: Security$ProjectSecurity.yaml
rulename: DemoUsersDisabled
rulenumber: '001_0002'
scope: package
severity: HIGH

Description

No demo users

Remediation

Disable demo users in Project Security

Test cases

package app.mendix.project_settings.demo_users_disabled
import rego.v1

# Test cases
test_allow if {
    allow with input as {"EnableDemoUsers": false}
}
test_no_allow if {
    not allow with input as {"EnableDemoUsers": true}
}