Ejemplo n.º 1
0
def test_add_update_unique_node_with_diff_properties_status_opened():
    """Test add/update security node with opended status (closed_at should not come in query)."""
    pcve = IngestionData(_get_sample_payload_status_opened())
    se = pcve.security_event
    g = Traversel()
    g.add_update_unique_node_with_diff_properties(pcve.security_event, pcve.updated_security_event).next()

    assert ("g.V().has('url', '{san_url}')"
            ".fold()"
            ".coalesce(unfold()"
            ".property('vertex_label', '{vertex_label}')"
            ".property('status', '{e_status}')"
            ".property('title', '{san_title}')"
            ".property('body', '{san_body}')"
            ".property('updated_at', {updated_at})"
            ".property('ecosystem', '{e_ecosystem}')"
            ".property('probable_cve', '{probable_cve}')"
            ".property('cves', '{cve1}')"
            ".property('updated_date', {updated_date})"
            ".property('updated_yearmonth', {updated_yearmonth})"
            ".property('updated_year', {updated_year})"
            ", "
            "addV('security_event')"
            ".property('vertex_label', '{vertex_label}')"
            ".property('event_type', '{e_event_type}')"
            ".property('url', '{san_url}')"
            ".property('api_url', '{san_api_url}')"
            ".property('status', '{e_status}')"
            ".property('title', '{san_title}')"
            ".property('body', '{san_body}')"
            ".property('event_id', '{event_id}')"
            ".property('created_at', {created_at})"
            ".property('updated_at', {updated_at})"
            ".property('repo_name', '{repo_name}')"
            ".property('repo_path', '{san_repo_path}')"
            ".property('ecosystem', '{e_ecosystem}')"
            ".property('creator_name', '{creator_name}')"
            ".property('creator_url', '{san_creator_url}')"
            ".property('probable_cve', '{probable_cve}')"
            ".property('cves', '{cve1}')"
            ".property('updated_date', {updated_date})"
            ".property('updated_yearmonth', {updated_yearmonth})"
            ".property('updated_year', {updated_year})"
            ".property('feedback_count', {feedback_count})"
            ".property('overall_feedback', '{e_overall_feedback}')"
            ").next()".format(e_status=se.status.value, e_event_type=se.event_type.value,
                              e_ecosystem=se.ecosystem.value, e_overall_feedback=se.overall_feedback.value,
                              san_url=sanitize(se.url), san_api_url=sanitize(se.api_url),
                              san_creator_url=sanitize(se.creator_url), san_repo_path=sanitize(se.repo_path),
                              san_title=sanitize(se.title), san_body=sanitize(se.body), cve1=se.cves.pop(),
                              **pcve.security_event.__dict__) == str(g))
Ejemplo n.º 2
0
def _get_security_event_query_filters(args: Dict) -> str:
    assert 'updated_at' in get_type_hints(SecurityEvent)
    query = []

    ecosystem = args['ecosystem']
    query.append('''has('ecosystem', '{ecosystem}')'''.format(ecosystem=EcosystemType[ecosystem].value))

    # will retrive only probable cve data
    query.append('''has('probable_cve', 1)''')

    repo = args['repo']
    if isinstance(repo, list) and len(repo) > 0:
        repo = sanitize(repo)
        query.append('''has('repo_name', within({repo}))'''.format(repo=repo))

    updated_dates = args['updated_date']
    if isinstance(updated_dates, list) and len(updated_dates) > 0:
        query.append('''has('updated_date', within({updated_dates}))'''.format(updated_dates=updated_dates))

    updated_yearmonth = args['updated_yearmonth']
    if isinstance(updated_yearmonth, list) and len(updated_yearmonth) > 0:
        query.append('''has('updated_yearmonth', within({updated_yearmonth}))'''
                     .format(updated_yearmonth=updated_yearmonth))

    return _identity_or_conditional(query)
Ejemplo n.º 3
0
def test_drop_out_edge_with_primary_key():
    """Test for drop out edge."""
    g = Traversel()
    feedback = Feedback(author="test", feedback_type=FeedBackType.POSITIVE, comments="test comment",
                        feedback_url="https://api.github.com/repos/org25/repo10/issues/10")
    g.drop_out_edge(feedback)
    assert ("g.V()"
            ".has('author', '{author}')"
            ".has('feedback_url', '{feedback_url}')"
            ".outE().drop().iterate()"
            .format(author=feedback.author, feedback_url=sanitize(feedback.feedback_url)) == str(g))
Ejemplo n.º 4
0
def test_add_feedback_test():
    """Test feedback query string."""
    feedback_data = {
        "author": "test",
        "comments": "test comment",
        "url": "https://github.com/spf13/cobra/issues/988",
        "feedback_type": "POSITIVE"
    }
    edge_label = 'reinforces' if feedback_data[
        'feedback_type'] == 'POSITIVE' else 'weakens'

    feedback_query = _get_feedback_query(feedback_data)
    feedback_query_single_line = "".join(
        feedback_query.replace(" ", "").splitlines())

    expected_query = '''
            g.V().has('author', '{author}').has('feedback_url', '{url}').outE().drop().iterate();
            g.V().has('url', '{url}')
            .and(V().has('author', '{author}').has('feedback_url', '{url}')
            .fold().coalesce(unfold(), addV('feedback')).property('vertex_label', 'feedback')
            .property('author', '{author}').property('feedback_type', '{feedback_type}')
            .property('feedback_url', '{url}').property('comments', '{comments}'))
            .V().has('author', '{author}').has('feedback_url', '{url}').as('reinforces')
            .V().has('url', '{url}').coalesce(__.inE('{edge_label}').where(outV().as('{edge_label}'))
            , addE('{edge_label}').from('{edge_label}')).next();
            result = g.V().has('url','{url}')
            .union(inE().count(), inE().hasLabel('reinforces').count(), inE().hasLabel('weakens').count()).toList();
            g.V().has('url', '{url}')
            .property('feedback_count', result[0])
            .property('overall_feedback', result[1]==result[2] ? 'neutral' :
                (result[2] > result[1] ? 'negative': 'positive'));'''\
        .format(author=feedback_data['author'], comments=sanitize(feedback_data['comments']),
                url=sanitize(feedback_data['url']), edge_label=edge_label, feedback_type=FeedBackType.POSITIVE.value)
    expected_query_single_line = "".join(
        expected_query.replace(" ", "").splitlines())

    assert (feedback_query_single_line == expected_query_single_line)
Ejemplo n.º 5
0
def test_query_string():
    """Test case to check query string generation."""
    expected_query = '''
                g.V()
                .has('ecosystem', '{ecosystem}')
                .has('probable_cve', 1)
                .has('repo_name', within({repo_name}))
                .has('updated_date', within({updated_date}))
                .has('updated_yearmonth', within({updated_yearmonth}))
             .as('security_event').select('security_event')
             .by(valueMap())'''\
        .format(ecosystem=EcosystemType[args['ecosystem']].value, repo_name=sanitize(args['repo']),
                updated_date=args['updated_date'], updated_yearmonth=args['updated_yearmonth'])
    expected_query_single_line = "".join(
        expected_query.replace(" ", "").splitlines())

    query = _query_template().format(
        security_event_query=_get_security_event_query_filters(args))
    query_single_line = "".join(query.replace(" ", "").splitlines())

    assert (query_single_line == expected_query_single_line)
Ejemplo n.º 6
0
def get_feedback(payload):
    """Get the feedbacks for a given security url."""
    query = _get_feedback_teamplate().format(url=sanitize(payload['url']))
    return execute_query(query)['result']['data']
Ejemplo n.º 7
0
def _update_security_event(url: str) -> str:
    return _update_security_event_template().format(url=sanitize(url))
Ejemplo n.º 8
0
def test_string_sanitization_with_empty():
    """Test Empty String."""
    assert sanitize('') == ''
Ejemplo n.º 9
0
def test_string_sanitization_with_special_char_list_1():
    """Test with special character in list."""
    assert sanitize(['foo)"bar', 'b b']) == "'foo%29%22bar', 'b%20b'"
Ejemplo n.º 10
0
def test_string_sanitization_with_a_list():
    """Test with normal list."""
    assert sanitize(['a', 'b']) == "'a', 'b'"
Ejemplo n.º 11
0
def test_string_sanitization_with_empty_list():
    """Test with Empty list."""
    assert sanitize([]) == ''
Ejemplo n.º 12
0
def test_string_sanitization_with_special_chars():
    """Test Special characters."""
    assert sanitize('foo)"bar') == 'foo%29%22bar'
Ejemplo n.º 13
0
def test_string_sanitization_with_normal_chars():
    """Test normal characters."""
    assert sanitize('foo') == 'foo'
Ejemplo n.º 14
0
def test_string_sanitization_with_none():
    """Test None."""
    with pytest.raises(Exception) as exception:
        sanitize(None)
    assert "Unexpected type" in str(exception.value)
Ejemplo n.º 15
0
def get_security_event_by_url(data, url):
    """Get security events by url."""
    return next(x for x in data if x["url"][0] == sanitize(url))
Ejemplo n.º 16
0
 def _value_encoding(val):
     if type(val) in (int, float):  # pylint: disable=unidiomatic-typecheck
         return "{}".format(str(val))
     if isinstance(val, Enum):
         return Traversel._value_encoding(val.value)
     return "'{}'".format(sanitize(str(val)))
Ejemplo n.º 17
0
def test_string_sanitization_with_none_list():
    """Test with None list."""
    with pytest.raises(Exception):
        sanitize([None])