def test_old_results_have_subset_of_new_results(self):
secretA = self.get_secret()
secretB = self.get_secret()
modified_secretA = secretA.copy()
modified_secretA['is_secret'] = True
assert merge_results(
{
'filenameA': [
secretA,
secretB,
],
},
{
'filenameA': [
modified_secretA,
],
},
) == {
'filenameA': [
modified_secretA,
secretB,
],
}
def test_old_results_have_shifted_subset(self):
secretA = self.get_secret()
secretA['is_secret'] = False
secretB = self.get_secret()
secretC = self.get_secret()
secretD = self.get_secret()
modified_secretB = secretB.copy()
modified_secretB['is_secret'] = True
modified_secretC = secretC.copy()
modified_secretC['is_secret'] = False
assert merge_results(
{
'filename': [
secretA,
secretB,
secretC,
secretD,
],
},
{
'filename': [
modified_secretB,
modified_secretC,
],
},
) == {
'filename': [
modified_secretB,
modified_secretC,
],
}
def test_old_results_have_subset_of_new_results(self):
secretA = self.get_secret()
secretB = self.get_secret()
modified_secretA = secretA.copy()
modified_secretA['is_secret'] = True
assert merge_results(
{
'filenameA': [
secretA,
secretB,
],
},
{
'filenameA': [
modified_secretA,
],
},
) == {
'filenameA': [
modified_secretA,
secretB,
],
}
def test_new_results_has_nothing(self):
old_result = {
'filenameA': [
self.get_secret(),
],
}
assert merge_results(old_result, {}) == {}
def test_new_results_has_nothing(self):
old_result = {
'filenameA': [
self.get_secret(),
],
}
assert merge_results(old_result, {}) == old_result
def test_old_results_completely_overriden(self):
secretA = self.get_secret()
secretB = self.get_secret()
assert merge_results(
{
'filenameA': [secretA],
},
{
'filenameA': [secretB],
},
) == {
'filenameA': [secretB],
}
def test_old_results_completely_overriden(self):
secretA = self.get_secret()
secretB = self.get_secret()
assert merge_results(
{
'filenameA': [secretA],
},
{
'filenameA': [secretB],
},
) == {
'filenameA': [secretB],
}
def test_old_results_have_diff_type_will_carry_over(self):
secretA = self.get_secret()
secretA['type'] = 'different type'
secretB = self.get_secret()
assert merge_results(
{
'filenameA': [
secretA,
],
},
{
'filenameA': [
secretA,
secretB,
],
},
) == {
'filenameA': [
secretA,
secretB,
],
}
def test_old_results_have_shifted_subset(self):
secretA = self.get_secret()
secretA['is_secret'] = False
secretB = self.get_secret()
secretC = self.get_secret()
secretD = self.get_secret()
modified_secretB = secretB.copy()
modified_secretB['is_secret'] = True
modified_secretC = secretC.copy()
modified_secretC['is_secret'] = False
assert merge_results(
{
'filename': [
secretA,
secretB,
secretC,
secretD,
],
},
{
'filename': [
modified_secretB,
modified_secretC,
],
},
) == {
'filename': [
secretA,
modified_secretB,
modified_secretC,
secretD,
],
}
def audit_baseline(baseline_filename):
original_baseline = _get_baseline_from_file(baseline_filename)
if not original_baseline:
return
files_removed = _remove_nonexistent_files_from_baseline(original_baseline)
all_secrets = list(_secret_generator(original_baseline))
secrets_with_choices = [
(filename, secret) for filename, secret in all_secrets
if 'is_secret' not in secret
]
total_choices = len(secrets_with_choices)
secret_iterator = BidirectionalIterator(secrets_with_choices)
current_secret_index = 0
for filename, secret in secret_iterator:
_clear_screen()
current_secret_index += 1
try:
_print_context(
filename=filename,
secret=secret,
count=current_secret_index,
total=total_choices,
plugins_used=original_baseline['plugins_used'],
custom_plugin_paths=original_baseline['custom_plugin_paths'],
)
decision = _get_user_decision(can_step_back=secret_iterator.can_step_back())
except SecretNotFoundOnSpecifiedLineError:
decision = _get_user_decision(
prompt_secret_decision=False,
can_step_back=secret_iterator.can_step_back(),
)
if decision == 'q':
print('Quitting...')
break
if decision == 'b':
current_secret_index -= 2
secret_iterator.step_back_on_next_iteration()
_handle_user_decision(decision, secret)
if current_secret_index == 0 and not files_removed:
print('Nothing to audit!')
return
print('Saving progress...')
results = defaultdict(list)
for filename, secret in all_secrets:
results[filename].append(secret)
original_baseline['results'] = merge_results(
original_baseline['results'],
dict(results),
)
write_baseline_to_file(
filename=baseline_filename,
data=original_baseline,
)