class TestCveAPI(TestBase):
"""Test CveAPI class."""
cve = None
@pytest.fixture(autouse=True)
def setup_api(self, load_cache):
"""Set CveAPI object"""
# WORKAROUND: tzinfo from date is lost after loading YAML
cve_detail = self.cache.cve_detail["CVE-2016-0634"]
cve_detail_list = list(cve_detail)
cve_detail_list[CVE_MODIFIED_DATE] = cve_detail[
CVE_MODIFIED_DATE].replace(tzinfo=pytz.utc)
cve_detail_list[CVE_PUBLISHED_DATE] = cve_detail[
CVE_PUBLISHED_DATE].replace(tzinfo=pytz.utc)
self.cache.cve_detail["CVE-2016-0634"] = cve_detail_list
# make cve_detail without CVE_MODIFIED_DATE
cve_detail2 = self.cache.cve_detail["CVE-2016-0634"]
cve_detail_list2 = list(cve_detail2)
cve_detail_list2[CVE_MODIFIED_DATE] = None
self.cache.cve_detail["CVE-W/O-MODIFIED"] = cve_detail_list2
# Initialize CveAPI
self.cve = CveAPI(self.cache)
def test_regex(self):
"""Test finding CVEs by correct regex."""
assert self.cve.find_cves_by_regex("CVE-2018-5750") == [
"CVE-2018-5750"
]
assert "CVE-2018-5750" in self.cve.find_cves_by_regex("CVE-2018-5.*")
assert len(self.cve.find_cves_by_regex("CVE-2018-5.*")) > 1
def test_wrong_regex(self):
"""Test CVE API with wrong regex."""
with pytest.raises(Exception) as context:
self.cve.find_cves_by_regex("*")
assert "nothing to repeat" in str(context)
def test_missing_required(self):
"""Test CVE API without required property 'cve_list'."""
with pytest.raises(Exception) as context:
self.cve.process_list(api_version=1, data=CVE_JSON_BAD)
assert "'cve_list' is a required property" in str(context)
def test_empty_json(self):
"""Test CVE API with empty JSON."""
with pytest.raises(Exception) as context:
self.cve.process_list(api_version=1, data=CVE_JSON_EMPTY)
assert "'cve_list' is a required property" in str(context)
def test_empty_cve_list(self):
"""Test CVE API with with empty 'cve_list' property."""
response = self.cve.process_list(api_version=1,
data=CVE_JSON_EMPTY_CVE)
assert response == EMPTY_RESPONSE
def test_non_existing_cve(self):
"""Test CVE API response with non-existing CVE."""
response = self.cve.process_list(api_version=1,
data=CVE_JSON_NON_EXIST)
assert response == EMPTY_RESPONSE
def test_schema(self):
"""Test CVE API response schema."""
response = self.cve.process_list(api_version=1, data=CVE_JSON)
assert schemas.cves_schema.validate(response)
def test_cve_response(self):
"""Test if CVE API response is correct for correct JSON."""
response = self.cve.process_list(api_version=1, data=CVE_JSON)
cve, = response["cve_list"].items()
assert cve[0] == CVE_JSON["cve_list"][0]
assert tools.match(CORRECT_RESPONSE, cve[1]) is True
@pytest.mark.skip(
"Blocked by https://github.com/RedHatInsights/vmaas/issues/419")
def test_modified_since(self):
"""Test CVE API with 'modified_since' property."""
cve = CVE_JSON.copy()
cve["modified_since"] = str(
datetime.datetime.now().replace(tzinfo=pytz.UTC))
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True
# without modified date
cve["cve_list"] = ["CVE-W/O-MODIFIED"]
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True
class TestCveAPI(TestBase):
"""Test CveAPI class."""
cve = None
@pytest.fixture(autouse=True)
def setup_api(self, load_cache):
"""Set CveAPI object"""
# WORKAROUND: tzinfo from date is lost after loading YAML
cve_detail = self.cache.cve_detail[CVE_NAME]
cve_detail_list = list(cve_detail)
cve_detail_list[CVE_MODIFIED_DATE] = cve_detail[
CVE_MODIFIED_DATE].replace(tzinfo=pytz.utc)
cve_detail_list[CVE_PUBLISHED_DATE] = cve_detail[
CVE_PUBLISHED_DATE].replace(tzinfo=pytz.utc)
self.cache.cve_detail[CVE_NAME] = cve_detail_list
# make cve_detail without CVE_MODIFIED_DATE
cve_detail2 = self.cache.cve_detail[CVE_NAME]
cve_detail_list2 = list(cve_detail2)
cve_detail_list2[CVE_MODIFIED_DATE] = None
self.cache.cve_detail["CVE-W/O-MODIFIED"] = cve_detail_list2
# Initialize CveAPI
self.cve = CveAPI(self.cache)
def test_regex(self):
"""Test finding CVEs by correct regex."""
assert self.cve.find_cves_by_regex(CVE_NAME) == [CVE_NAME]
assert self.cve.find_cves_by_regex("CVE-2014-.*") == [CVE_NAME]
def test_wrong_regex(self):
"""Test CVE API with wrong regex."""
with pytest.raises(Exception) as context:
self.cve.find_cves_by_regex("*")
assert "nothing to repeat" in str(context)
def test_missing_required(self):
"""Test CVE API without required property 'cve_list'."""
with pytest.raises(Exception) as context:
self.cve.process_list(api_version=1, data=CVE_JSON_BAD)
assert "'cve_list' is a required property" in str(context)
def test_empty_json(self):
"""Test CVE API with empty JSON."""
with pytest.raises(Exception) as context:
self.cve.process_list(api_version=1, data=CVE_JSON_EMPTY)
assert "'cve_list' is a required property" in str(context)
def test_empty_cve_list(self):
"""Test CVE API with with empty 'cve_list' property."""
response = self.cve.process_list(api_version=1,
data=CVE_JSON_EMPTY_CVE)
assert response == EMPTY_RESPONSE
def test_non_existing_cve(self):
"""Test CVE API response with non-existing CVE."""
response = self.cve.process_list(api_version=1,
data=CVE_JSON_NON_EXIST)
assert response == EMPTY_RESPONSE
def test_cve_response(self):
"""Test if CVE API response is correct for correct JSON."""
response = self.cve.process_list(api_version=1, data=CVE_JSON)
assert schemas.cves_schema.validate(response)
assert CVE_NAME in response["cve_list"]
assert tools.match(CORRECT_RESPONSE,
response["cve_list"][CVE_NAME]) is True
def test_modified_since(self):
"""Test CVE API with 'modified_since' property."""
cve = CVE_JSON.copy()
cve["modified_since"] = str(
datetime.datetime.now().replace(tzinfo=pytz.UTC))
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True
# without modified date
cve["cve_list"] = ["CVE-W/O-MODIFIED"]
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True
def test_published_since(self):
"""Test CVE API with 'published_since' property. """
cve = CVE_JSON_PUBLISHED.copy()
cve["published_since"] = str(
datetime.datetime.now().replace(tzinfo=pytz.UTC))
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True
# correct date since publish of dummy cve
cve["published_since"] = "2013-01-01T00:00:00+02:00"
response = self.cve.process_list(api_version=1, data=cve)
assert response["cve_list"][CVE_NAME]["synopsis"] == CVE_NAME
# without published date
cve["cve_list"] = ["CVE-W/O-PUBLISHED"]
response = self.cve.process_list(api_version=1, data=cve)
assert tools.match(EMPTY_RESPONSE, response) is True