def test_snyk_cve_put_get_qstring_for_cve_node():
"""Test SnykCVEPut.get_qstring_for_cve_node()."""
cve = SnykCVEPut(valid_snyk_put_input)
vulns = valid_snyk_put_input['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
json_payload = cve.prepare_payload(query_str, bindings_dict)
assert 'bindings' in json_payload
bindings = json_payload['bindings']
assert 'snyk_vuln_id' in bindings
assert bindings['snyk_vuln_id']
assert 'description' in bindings
assert bindings['description']
assert 'cvss_score' in bindings
assert bindings['cvss_score']
assert 'modified_date' in bindings
assert bindings['modified_date']
assert 'snyk_pvt_vul' in bindings
assert bindings['snyk_pvt_vul']
cve = SnykCVEPut(valid_snyk_put_input3)
vulns = valid_snyk_put_input3['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
assert 'package_name' in query_str
assert 'vuln_commit_date_rules' in query_str
assert 'module_name' in query_str
cve = SnykCVEPut(valid_snyk_put_input4)
vulns = valid_snyk_put_input4['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
assert 'package_name' in query_str
assert 'vuln_commit_date_rules' in query_str
assert 'module_name' in query_str
def test_snyk_create_pv_nodes_fail(mock_bg, mock_gp):
"""Test SnykCVEPut.create_pv_nodes() fail."""
mock_gp.return_value = 'query'
mock_bg.return_value = (False, {'error': 'something happened'})
cve = SnykCVEPut(valid_snyk_put_input)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 0
assert successfull_create is False
def test_snyk_put_process_epv_fail(mock_pv):
"""Test the SnykCVEPut.process() fail."""
mock_pv.return_value = [], False, {}
cve = SnykCVEPut(valid_snyk_put_input)
try:
cve.process()
except InternalServerError as e:
assert "CVEIngestionError" in str(e)
def test_snyk_create_pv_nodes(mock_bg, mock_gp, util):
"""Test SnykCVEPut.create_pv_nodes()."""
mock_gp.return_value = "query pkg.property('latest_version', '1.2.3');"
mock_bg.return_value = True, {}
util.return_value = "Success"
cve = SnykCVEPut(valid_snyk_put_input)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 3
assert successfull_create is True
assert ('pypi', 'numpy', '1.1') in nodes
assert ('pypi', 'numpy', '1.2') in nodes
assert ('pypi', 'numpy', '1.3') in nodes
assert 'numpy' not in aff
assert len(aff) == 0
cve = SnykCVEPut(valid_snyk_put_input2)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 4
assert successfull_create is True
assert aff['numpy']['latest_version'] == "1.4"
assert aff['numpy']['ecosystem'] == "pypi"
assert 'latest_non_cve_version' not in aff['numpy']
cve = SnykCVEPut(valid_snyk_put_input3)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 5
assert successfull_create is True
assert ('golang', 'some_golang_pkg', '1.4') in nodes
assert 'some_golang_pkg' not in aff
assert len(aff) == 0
def test_snyk_put_process_cve_fail(mock_gremlin, mock_pv):
"""Test the SnykCVEPut.process() success."""
mock_pv.return_value = [], True, {}
mock_gremlin.side_effect = [
RequestsMockResponse({}, 200),
RequestsMockResponse({}, 200),
RequestsMockResponse({}, 500),
RequestsMockResponse({}, 200)
]
cve = SnykCVEPut(valid_snyk_put_input)
cve.process()
def test_snyk_put_process_cve_fail(mock_gremlin, mock_pv):
"""Test the SnykCVEPut.process() success."""
mock_pv.return_value = [], True, {}
mock_gremlin.side_effect = [RequestsMockResponse({}, 200),
RequestsMockResponse({}, 200),
RequestsMockResponse({}, 500),
RequestsMockResponse({}, 200)]
cve = SnykCVEPut(valid_snyk_put_input)
try:
cve.process()
except InternalServerError as e:
assert "Snyk CVEIngestionError - While creating CVE edges." in str(e)
def test_snyk_create_pv_nodes(mock_bg, mock_gp):
"""Test SnykCVEPut.create_pv_nodes()."""
mock_gp.return_value = "query pkg.property('latest_version', '1.2.3');"
mock_bg.return_value = True, {}
cve = SnykCVEPut(valid_snyk_put_input)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 3
assert successfull_create is True
assert ('pypi', 'numpy', '1.1') in nodes
assert ('pypi', 'numpy', '1.2') in nodes
assert ('pypi', 'numpy', '1.3') in nodes
assert aff['numpy']['ecosystem'] == "pypi"
assert aff['numpy']['latest_version'] == "1.2.3"
def test_snyk_cve_put_get_qstring_for_cve_node():
"""Test SnykCVEPut.get_qstring_for_cve_node()."""
cve = SnykCVEPut(valid_snyk_put_input)
vulns = valid_snyk_put_input['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
json_payload = cve.prepare_payload(query_str, bindings_dict)
assert 'bindings' in json_payload
bindings = json_payload['bindings']
assert 'snyk_vuln_id' in bindings
assert bindings['snyk_vuln_id']
assert 'description' in bindings
assert bindings['description']
assert 'cvss_score' in bindings
assert bindings['cvss_score']
assert 'modified_date' in bindings
assert bindings['modified_date']
assert 'snyk_pvt_vul' in bindings
assert bindings['snyk_pvt_vul']
assert 'cves1' in bindings
assert bindings['cves1'] == 'CVE-99'
assert 'cwe1' in bindings
assert bindings['cwe1'] == 'CWS-99'
assert 'fixedIn1' in bindings
assert bindings['fixedIn1']
assert 'fixedIn2' in bindings
assert bindings['fixedIn2']
assert 'vuln_ver' in bindings
assert 'pkg_name' in bindings
assert bindings['pkg_name'] == "numpy"
assert bindings['vuln_ver'] == "1.1,1.2,1.3"
cve = SnykCVEPut(valid_snyk_put_input3)
vulns = valid_snyk_put_input3['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
assert 'package_name' in query_str
assert 'vuln_commit_date_rules' in query_str
assert 'module_name' in query_str
cve = SnykCVEPut(valid_snyk_put_input4)
vulns = valid_snyk_put_input4['vulnerabilities']
query_str, bindings_dict = cve.get_qstring_for_cve_node(vulns[0])
assert 'package_name' in query_str
assert 'vuln_commit_date_rules' in query_str
assert 'module_name' in query_str
assert 'mod1' in query_str
assert 'mod1' in bindings_dict
assert bindings_dict['mod1']
def test_snyk_cve_put_get_qstring_for_cve_node():
"""Test SnykCVEPut.get_qstring_for_cve_node()."""
cve = SnykCVEPut(valid_snyk_put_input)
query_str, bindings_dict = cve.get_qstring_for_cve_node()
json_payload = cve.prepare_payload(query_str, bindings_dict)
assert 'bindings' in json_payload
bindings = json_payload['bindings']
assert 'snyk_vuln_id' in bindings
assert bindings['snyk_vuln_id']
assert 'description' in bindings
assert bindings['description']
assert 'cvss_score' in bindings
assert bindings['cvss_score']
assert 'modified_date' in bindings
assert bindings['modified_date']
assert 'snyk_pvt_vul' in bindings
assert bindings['snyk_pvt_vul']
def snyk_cves_put_delete():
"""Put or delete Snyk CVE nodes.
Missing EPVs will be created.
"""
payload = request.get_json(silent=True)
try:
if request.method == 'PUT':
cve = SnykCVEPut(payload)
elif request.method == 'DELETE':
cve = SnykCVEDelete(payload)
else:
# this should never happen
return flask.jsonify({'error': 'method not allowed'}), 405
except ValueError as e:
return flask.jsonify({'error': str(e)}), 400
try:
cve.process()
except ValueError as e:
return flask.jsonify({'error': str(e)}), 500
return flask.jsonify({}), 200
def test_snyk_cve_put_creation():
"""Test SnykCVEPut input validation."""
assert SnykCVEPut(valid_snyk_put_input)
with pytest.raises(ValueError):
SnykCVEPut(invalid_snyk_put_input)
def test_snyk_put_process_epv_fail(mock_pv):
"""Test the SnykCVEPut.process() fail."""
mock_pv.return_value = [], False, {}
cve = SnykCVEPut(valid_snyk_put_input)
cve.process()
def test_snyk_cve_put_get_qstrings_for_edges():
"""Test SnykCVEPut.get_qstrings_for_edges()."""
cve = SnykCVEPut(valid_snyk_put_input)
results = cve.get_qstrings_for_edges()
assert len(results) == 3 # 3 edges as the CVE affects 3 versions