CalejoControl/tests/unit/test_compliance_audit.py

"""
Unit tests for compliance audit components.
"""

import pytest
from unittest.mock import Mock, patch
from datetime import datetime, timezone

from src.core.compliance_audit import (
    ComplianceAuditLogger, AuditEventType, AuditSeverity
)
from config.settings import settings


class TestComplianceAuditLogger:
    """Test cases for ComplianceAuditLogger."""
    
    def setup_method(self):
        """Set up test fixtures."""
        self.mock_db_client = Mock()
        self.audit_logger = ComplianceAuditLogger(self.mock_db_client)
        
        # Mock settings
        self.original_audit_enabled = settings.audit_log_enabled
        settings.audit_log_enabled = True
    
    def teardown_method(self):
        """Clean up test fixtures."""
        # Restore original settings
        settings.audit_log_enabled = self.original_audit_enabled
    
    def test_initialization(self):
        """Test initialization of ComplianceAuditLogger."""
        assert self.audit_logger.db_client == self.mock_db_client
        assert self.audit_logger.logger is not None
    
    def test_log_compliance_event_success(self):
        """Test successful logging of compliance event."""
        event_type = AuditEventType.USER_LOGIN
        severity = AuditSeverity.LOW
        user_id = "test_user"
        ip_address = "192.168.1.100"
        
        with patch.object(self.audit_logger.logger, 'info') as mock_log:
            self.audit_logger.log_compliance_event(
                event_type=event_type,
                severity=severity,
                user_id=user_id,
                ip_address=ip_address,
                action="login",
                resource="system",
                result="success"
            )
        
        # Verify structured logging
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == "user_login"
        assert call_args["severity"] == "low"
        assert call_args["user_id"] == "test_user"
        assert call_args["ip_address"] == "192.168.1.100"
        
        # Verify database logging
        self.mock_db_client.execute.assert_called_once()
    
    def test_log_compliance_event_database_disabled(self):
        """Test logging when database audit is disabled."""
        settings.audit_log_enabled = False
        
        with patch.object(self.audit_logger.logger, 'info') as mock_log:
            self.audit_logger.log_compliance_event(
                event_type=AuditEventType.USER_LOGIN,
                severity=AuditSeverity.LOW,
                user_id="test_user"
            )
        
        # Verify structured logging still occurs
        mock_log.assert_called_once()
        
        # Verify database logging is skipped
        self.mock_db_client.execute.assert_not_called()
    
    def test_log_compliance_event_database_error(self):
        """Test logging when database operation fails."""
        # Mock database error
        self.mock_db_client.execute.side_effect = Exception("Database error")
        
        with patch.object(self.audit_logger.logger, 'error') as mock_error_log:
            self.audit_logger.log_compliance_event(
                event_type=AuditEventType.USER_LOGIN,
                severity=AuditSeverity.LOW,
                user_id="test_user"
            )
        
        # Verify error logging
        mock_error_log.assert_called_once()
        call_args = mock_error_log.call_args[1]
        assert "Database error" in call_args["error"]
        assert call_args["event_type"] == "user_login"
    
    def test_log_user_authentication_success(self):
        """Test logging successful user authentication."""
        user_id = "test_user"
        ip_address = "192.168.1.100"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_user_authentication(
                user_id=user_id,
                result="success",
                ip_address=ip_address
            )
        
        # Verify the correct event type and severity
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.USER_LOGIN
        assert call_args["severity"] == AuditSeverity.LOW
        assert call_args["user_id"] == user_id
        assert call_args["ip_address"] == ip_address
        assert call_args["result"] == "success"
    
    def test_log_user_authentication_failure(self):
        """Test logging failed user authentication."""
        user_id = "test_user"
        ip_address = "192.168.1.100"
        reason = "Invalid credentials"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_user_authentication(
                user_id=user_id,
                result="failure",
                ip_address=ip_address,
                reason=reason
            )
        
        # Verify the correct event type and severity
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.INVALID_AUTHENTICATION
        assert call_args["severity"] == AuditSeverity.HIGH
        assert call_args["reason"] == reason
    
    def test_log_access_control_granted(self):
        """Test logging granted access control."""
        user_id = "test_user"
        action = "read"
        resource = "station_data"
        ip_address = "192.168.1.100"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_access_control(
                user_id=user_id,
                action=action,
                resource=resource,
                result="granted",
                ip_address=ip_address
            )
        
        # Verify the correct event type
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.DATA_READ
        assert call_args["severity"] == AuditSeverity.MEDIUM
    
    def test_log_access_control_denied(self):
        """Test logging denied access control."""
        user_id = "test_user"
        action = "write"
        resource = "system_config"
        ip_address = "192.168.1.100"
        reason = "Insufficient permissions"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_access_control(
                user_id=user_id,
                action=action,
                resource=resource,
                result="denied",
                ip_address=ip_address,
                reason=reason
            )
        
        # Verify the correct event type and severity
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.ACCESS_DENIED
        assert call_args["severity"] == AuditSeverity.HIGH
        assert call_args["reason"] == reason
    
    def test_log_control_operation_setpoint_change(self):
        """Test logging setpoint change operation."""
        user_id = "operator_user"
        station_id = "station_001"
        action = "setpoint_change"
        resource = "pump_speed"
        ip_address = "192.168.1.100"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_control_operation(
                user_id=user_id,
                station_id=station_id,
                pump_id=None,
                action=action,
                resource=resource,
                result="success",
                ip_address=ip_address
            )
        
        # Verify the correct event type and severity
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.SETPOINT_CHANGED
        assert call_args["severity"] == AuditSeverity.HIGH
        assert call_args["station_id"] == station_id
    
    def test_log_control_operation_emergency_stop(self):
        """Test logging emergency stop operation."""
        user_id = "operator_user"
        station_id = "station_001"
        action = "emergency_stop"
        resource = "system"
        ip_address = "192.168.1.100"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_control_operation(
                user_id=user_id,
                station_id=station_id,
                pump_id="pump_001",
                action=action,
                resource=resource,
                result="success",
                ip_address=ip_address
            )
        
        # Verify the correct event type and severity
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.EMERGENCY_STOP_ACTIVATED
        assert call_args["severity"] == AuditSeverity.CRITICAL
        assert call_args["pump_id"] == "pump_001"
    
    def test_log_security_event(self):
        """Test logging security events."""
        event_type = AuditEventType.CERTIFICATE_EXPIRED
        severity = AuditSeverity.HIGH
        user_id = "system"
        station_id = "station_001"
        reason = "TLS certificate expired"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            self.audit_logger.log_security_event(
                event_type=event_type,
                severity=severity,
                user_id=user_id,
                station_id=station_id,
                reason=reason
            )
        
        # Verify the correct parameters
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == event_type
        assert call_args["severity"] == severity
        assert call_args["user_id"] == user_id
        assert call_args["station_id"] == station_id
        assert call_args["reason"] == reason
    
    def test_get_audit_trail_success(self):
        """Test successful retrieval of audit trail."""
        # Mock database result
        mock_result = [
            {"event_type": "user_login", "user_id": "test_user"},
            {"event_type": "data_read", "user_id": "test_user"}
        ]
        self.mock_db_client.fetch_all.return_value = mock_result
        
        start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)
        end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)
        user_id = "test_user"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            result = self.audit_logger.get_audit_trail(
                start_time=start_time,
                end_time=end_time,
                user_id=user_id
            )
        
        # Verify database query
        self.mock_db_client.fetch_all.assert_called_once()
        
        # Verify audit trail access logging
        mock_log.assert_called_once()
        call_args = mock_log.call_args[1]
        assert call_args["event_type"] == AuditEventType.AUDIT_LOG_ACCESSED
        assert call_args["user_id"] == user_id
        
        # Verify result
        assert result == mock_result
    
    def test_get_audit_trail_error(self):
        """Test audit trail retrieval with error."""
        # Mock database error
        self.mock_db_client.fetch_all.side_effect = Exception("Query failed")
        
        with patch.object(self.audit_logger.logger, 'error') as mock_error_log:
            result = self.audit_logger.get_audit_trail()
        
        # Verify error logging
        mock_error_log.assert_called_once()
        
        # Verify empty result
        assert result == []
    
    def test_generate_compliance_report_success(self):
        """Test successful compliance report generation."""
        # Mock database result
        mock_result = [
            {"event_type": "user_login", "severity": "low", "count": 10, "unique_users": 2},
            {"event_type": "access_denied", "severity": "high", "count": 2, "unique_users": 1}
        ]
        self.mock_db_client.fetch_all.return_value = mock_result
        
        start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)
        end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)
        compliance_standard = "IEC_62443"
        
        with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:
            report = self.audit_logger.generate_compliance_report(
                start_time=start_time,
                end_time=end_time,
                compliance_standard=compliance_standard
            )
        
        # Verify database query
        self.mock_db_client.fetch_all.assert_called_once()
        
        # Verify compliance report logging
        mock_log.assert_called_once()
        
        # Verify report structure
        assert report["compliance_standard"] == compliance_standard
        assert report["summary"]["total_events"] == 12
        assert report["summary"]["unique_users"] == 3
        assert report["summary"]["event_types"] == 2
        assert report["events_by_type"] == mock_result
    
    def test_generate_compliance_report_error(self):
        """Test compliance report generation with error."""
        # Mock database error
        self.mock_db_client.fetch_all.side_effect = Exception("Report generation failed")
        
        start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)
        end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)
        compliance_standard = "ISO_27001"
        
        with patch.object(self.audit_logger.logger, 'error') as mock_error_log:
            report = self.audit_logger.generate_compliance_report(
                start_time=start_time,
                end_time=end_time,
                compliance_standard=compliance_standard
            )
        
        # Verify error logging
        mock_error_log.assert_called_once()
        
        # Verify error result
        assert "error" in report
        assert "Report generation failed" in report["error"]
Phase 4: Complete Security Layer Implementation - Implemented JWT-based authentication with bcrypt password hashing - Added role-based access control (RBAC) with four user roles - Created TLS/SSL encryption with certificate management - Enhanced audit logging for IEC 62443, ISO 27001, and NIS2 compliance - Added comprehensive security tests (56 tests passing) - Updated REST API with authentication and permission checks - Added security settings to configuration Co-authored-by: openhands <openhands@all-hands.dev> 2025-10-27 20:07:37 +00:00			`"""`
			`Unit tests for compliance audit components.`
			`"""`

			`import pytest`
			`from unittest.mock import Mock, patch`
			`from datetime import datetime, timezone`

			`from src.core.compliance_audit import (`
			`ComplianceAuditLogger, AuditEventType, AuditSeverity`
			`)`
			`from config.settings import settings`


			`class TestComplianceAuditLogger:`
			`"""Test cases for ComplianceAuditLogger."""`

			`def setup_method(self):`
			`"""Set up test fixtures."""`
			`self.mock_db_client = Mock()`
			`self.audit_logger = ComplianceAuditLogger(self.mock_db_client)`

			`# Mock settings`
			`self.original_audit_enabled = settings.audit_log_enabled`
			`settings.audit_log_enabled = True`

			`def teardown_method(self):`
			`"""Clean up test fixtures."""`
			`# Restore original settings`
			`settings.audit_log_enabled = self.original_audit_enabled`

			`def test_initialization(self):`
			`"""Test initialization of ComplianceAuditLogger."""`
			`assert self.audit_logger.db_client == self.mock_db_client`
			`assert self.audit_logger.logger is not None`

			`def test_log_compliance_event_success(self):`
			`"""Test successful logging of compliance event."""`
			`event_type = AuditEventType.USER_LOGIN`
			`severity = AuditSeverity.LOW`
			`user_id = "test_user"`
			`ip_address = "192.168.1.100"`

			`with patch.object(self.audit_logger.logger, 'info') as mock_log:`
			`self.audit_logger.log_compliance_event(`
			`event_type=event_type,`
			`severity=severity,`
			`user_id=user_id,`
			`ip_address=ip_address,`
			`action="login",`
			`resource="system",`
			`result="success"`
			`)`

			`# Verify structured logging`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == "user_login"`
			`assert call_args["severity"] == "low"`
			`assert call_args["user_id"] == "test_user"`
			`assert call_args["ip_address"] == "192.168.1.100"`

			`# Verify database logging`
			`self.mock_db_client.execute.assert_called_once()`

			`def test_log_compliance_event_database_disabled(self):`
			`"""Test logging when database audit is disabled."""`
			`settings.audit_log_enabled = False`

			`with patch.object(self.audit_logger.logger, 'info') as mock_log:`
			`self.audit_logger.log_compliance_event(`
			`event_type=AuditEventType.USER_LOGIN,`
			`severity=AuditSeverity.LOW,`
			`user_id="test_user"`
			`)`

			`# Verify structured logging still occurs`
			`mock_log.assert_called_once()`

			`# Verify database logging is skipped`
			`self.mock_db_client.execute.assert_not_called()`

			`def test_log_compliance_event_database_error(self):`
			`"""Test logging when database operation fails."""`
			`# Mock database error`
			`self.mock_db_client.execute.side_effect = Exception("Database error")`

			`with patch.object(self.audit_logger.logger, 'error') as mock_error_log:`
			`self.audit_logger.log_compliance_event(`
			`event_type=AuditEventType.USER_LOGIN,`
			`severity=AuditSeverity.LOW,`
			`user_id="test_user"`
			`)`

			`# Verify error logging`
			`mock_error_log.assert_called_once()`
			`call_args = mock_error_log.call_args[1]`
			`assert "Database error" in call_args["error"]`
			`assert call_args["event_type"] == "user_login"`

			`def test_log_user_authentication_success(self):`
			`"""Test logging successful user authentication."""`
			`user_id = "test_user"`
			`ip_address = "192.168.1.100"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_user_authentication(`
			`user_id=user_id,`
			`result="success",`
			`ip_address=ip_address`
			`)`

			`# Verify the correct event type and severity`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.USER_LOGIN`
			`assert call_args["severity"] == AuditSeverity.LOW`
			`assert call_args["user_id"] == user_id`
			`assert call_args["ip_address"] == ip_address`
			`assert call_args["result"] == "success"`

			`def test_log_user_authentication_failure(self):`
			`"""Test logging failed user authentication."""`
			`user_id = "test_user"`
			`ip_address = "192.168.1.100"`
			`reason = "Invalid credentials"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_user_authentication(`
			`user_id=user_id,`
			`result="failure",`
			`ip_address=ip_address,`
			`reason=reason`
			`)`

			`# Verify the correct event type and severity`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.INVALID_AUTHENTICATION`
			`assert call_args["severity"] == AuditSeverity.HIGH`
			`assert call_args["reason"] == reason`

			`def test_log_access_control_granted(self):`
			`"""Test logging granted access control."""`
			`user_id = "test_user"`
			`action = "read"`
			`resource = "station_data"`
			`ip_address = "192.168.1.100"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_access_control(`
			`user_id=user_id,`
			`action=action,`
			`resource=resource,`
			`result="granted",`
			`ip_address=ip_address`
			`)`

			`# Verify the correct event type`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.DATA_READ`
			`assert call_args["severity"] == AuditSeverity.MEDIUM`

			`def test_log_access_control_denied(self):`
			`"""Test logging denied access control."""`
			`user_id = "test_user"`
			`action = "write"`
			`resource = "system_config"`
			`ip_address = "192.168.1.100"`
			`reason = "Insufficient permissions"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_access_control(`
			`user_id=user_id,`
			`action=action,`
			`resource=resource,`
			`result="denied",`
			`ip_address=ip_address,`
			`reason=reason`
			`)`

			`# Verify the correct event type and severity`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.ACCESS_DENIED`
			`assert call_args["severity"] == AuditSeverity.HIGH`
			`assert call_args["reason"] == reason`

			`def test_log_control_operation_setpoint_change(self):`
			`"""Test logging setpoint change operation."""`
			`user_id = "operator_user"`
			`station_id = "station_001"`
			`action = "setpoint_change"`
			`resource = "pump_speed"`
			`ip_address = "192.168.1.100"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_control_operation(`
			`user_id=user_id,`
			`station_id=station_id,`
			`pump_id=None,`
			`action=action,`
			`resource=resource,`
			`result="success",`
			`ip_address=ip_address`
			`)`

			`# Verify the correct event type and severity`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.SETPOINT_CHANGED`
			`assert call_args["severity"] == AuditSeverity.HIGH`
			`assert call_args["station_id"] == station_id`

			`def test_log_control_operation_emergency_stop(self):`
			`"""Test logging emergency stop operation."""`
			`user_id = "operator_user"`
			`station_id = "station_001"`
			`action = "emergency_stop"`
			`resource = "system"`
			`ip_address = "192.168.1.100"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_control_operation(`
			`user_id=user_id,`
			`station_id=station_id,`
			`pump_id="pump_001",`
			`action=action,`
			`resource=resource,`
			`result="success",`
			`ip_address=ip_address`
			`)`

			`# Verify the correct event type and severity`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.EMERGENCY_STOP_ACTIVATED`
			`assert call_args["severity"] == AuditSeverity.CRITICAL`
			`assert call_args["pump_id"] == "pump_001"`

			`def test_log_security_event(self):`
			`"""Test logging security events."""`
			`event_type = AuditEventType.CERTIFICATE_EXPIRED`
			`severity = AuditSeverity.HIGH`
			`user_id = "system"`
			`station_id = "station_001"`
			`reason = "TLS certificate expired"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`self.audit_logger.log_security_event(`
			`event_type=event_type,`
			`severity=severity,`
			`user_id=user_id,`
			`station_id=station_id,`
			`reason=reason`
			`)`

			`# Verify the correct parameters`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == event_type`
			`assert call_args["severity"] == severity`
			`assert call_args["user_id"] == user_id`
			`assert call_args["station_id"] == station_id`
			`assert call_args["reason"] == reason`

			`def test_get_audit_trail_success(self):`
			`"""Test successful retrieval of audit trail."""`
			`# Mock database result`
			`mock_result = [`
			`{"event_type": "user_login", "user_id": "test_user"},`
			`{"event_type": "data_read", "user_id": "test_user"}`
			`]`
			`self.mock_db_client.fetch_all.return_value = mock_result`

			`start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)`
			`end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)`
			`user_id = "test_user"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`result = self.audit_logger.get_audit_trail(`
			`start_time=start_time,`
			`end_time=end_time,`
			`user_id=user_id`
			`)`

			`# Verify database query`
			`self.mock_db_client.fetch_all.assert_called_once()`

			`# Verify audit trail access logging`
			`mock_log.assert_called_once()`
			`call_args = mock_log.call_args[1]`
			`assert call_args["event_type"] == AuditEventType.AUDIT_LOG_ACCESSED`
			`assert call_args["user_id"] == user_id`

			`# Verify result`
			`assert result == mock_result`

			`def test_get_audit_trail_error(self):`
			`"""Test audit trail retrieval with error."""`
			`# Mock database error`
			`self.mock_db_client.fetch_all.side_effect = Exception("Query failed")`

			`with patch.object(self.audit_logger.logger, 'error') as mock_error_log:`
			`result = self.audit_logger.get_audit_trail()`

			`# Verify error logging`
			`mock_error_log.assert_called_once()`

			`# Verify empty result`
			`assert result == []`

			`def test_generate_compliance_report_success(self):`
			`"""Test successful compliance report generation."""`
			`# Mock database result`
			`mock_result = [`
			`{"event_type": "user_login", "severity": "low", "count": 10, "unique_users": 2},`
			`{"event_type": "access_denied", "severity": "high", "count": 2, "unique_users": 1}`
			`]`
			`self.mock_db_client.fetch_all.return_value = mock_result`

			`start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)`
			`end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)`
			`compliance_standard = "IEC_62443"`

			`with patch.object(self.audit_logger, 'log_compliance_event') as mock_log:`
			`report = self.audit_logger.generate_compliance_report(`
			`start_time=start_time,`
			`end_time=end_time,`
			`compliance_standard=compliance_standard`
			`)`

			`# Verify database query`
			`self.mock_db_client.fetch_all.assert_called_once()`

			`# Verify compliance report logging`
			`mock_log.assert_called_once()`

			`# Verify report structure`
			`assert report["compliance_standard"] == compliance_standard`
			`assert report["summary"]["total_events"] == 12`
			`assert report["summary"]["unique_users"] == 3`
			`assert report["summary"]["event_types"] == 2`
			`assert report["events_by_type"] == mock_result`

			`def test_generate_compliance_report_error(self):`
			`"""Test compliance report generation with error."""`
			`# Mock database error`
			`self.mock_db_client.fetch_all.side_effect = Exception("Report generation failed")`

			`start_time = datetime(2024, 1, 1, tzinfo=timezone.utc)`
			`end_time = datetime(2024, 1, 31, tzinfo=timezone.utc)`
			`compliance_standard = "ISO_27001"`

			`with patch.object(self.audit_logger.logger, 'error') as mock_error_log:`
			`report = self.audit_logger.generate_compliance_report(`
			`start_time=start_time,`
			`end_time=end_time,`
			`compliance_standard=compliance_standard`
			`)`

			`# Verify error logging`
			`mock_error_log.assert_called_once()`

			`# Verify error result`
			`assert "error" in report`
			`assert "Report generation failed" in report["error"]`