def test_report(self, cx_klass): self.mock_return_json.return_value = BUG_BAR_CSS cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') self.assertEqual(EXPECTED_REPORT, cx_report.report) self.assertEqual({'Checkmarx': set()}, cx_report.new_items)
def test_report_not_in_bug_bar(self, cx_klass): self.mock_return_json.return_value = BUG_BAR_SQLI cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') self.assertEqual([], cx_report.report) self.assertEqual({'Checkmarx': {'Reflected_XSS_All_Clients'}}, cx_report.new_items)
def test_report_with_lower_risk_rating(self, cx_klass): self.mock_return_json.return_value = BUG_BAR_CSS_CRITICAL_RISK cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') report = cx_report.report self.assertNotEqual(report, []) for _ in report: self.assertEqual(_['Issue Severity'], 'Critical')
def test_report_not_an_issue(self, cx_klass): new_bug_bar = copy.deepcopy(BUG_BAR_CSS) new_bug_bar['Cross-site Scripting (XSS)']['is_issue'] = 'FALSE' self.mock_return_json.return_value = new_bug_bar cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') self.assertEqual([], cx_report.report) self.assertEqual({'Checkmarx': set()}, cx_report.new_items)
def test_report_git(self, cx_klass): self.mock_return_json.return_value = BUG_BAR_CSS cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') expected = copy.deepcopy(EXPECTED_REPORT) for _ in expected: _['Instances'] = \ 'File ' \ 'https://github.com/myrepo/blob/develop/code/src/MyApp.Api.Web/Controllers/ArticlesController.cs' self.assertEqual(expected, cx_report.report) self.assertEqual({'Checkmarx': set()}, cx_report.new_items)
def test_report_bug_bar_desc_csharp(self, cx_klass): # possible languages in CX: javascript ; csharp; java; scala expected = "test custom description" expected_rec = "test custom rec" test = copy.deepcopy(BUG_BAR_CSS) test["Cross-site Scripting (XSS)"]['description'] = { "csharp": expected } test["Cross-site Scripting (XSS)"]['recommendation'] = { "csharp": expected_rec } self.mock_return_json.return_value = test cx_report = CheckmarxReport.CheckmarxReport( os.path.dirname(os.path.abspath(__file__)) + '/checkmarx_report.xml') item = cx_report.report[0] self.assertIn(expected, item['Description']) self.assertEqual(expected_rec, item['Recommendations'])