def test_create_pv_nodes_fail(mock_bg, mock_gp):
"""Test CVEPut.create_pv_nodes() fail."""
mock_gp.return_value = 'query'
mock_bg.return_value = (False, {'error': 'something happened'})
cve = CVEPut(valid_put_input)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 0
assert successfull_create is False
def test_put_process_cve_fail(mock_gremlin, mock_pv):
"""Test the CVEPut.process() success."""
mock_pv.return_value = [], True, {}
mock_gremlin.side_effect = [RequestsMockResponse({}, 200),
RequestsMockResponse({}, 200),
RequestsMockResponse({}, 500),
RequestsMockResponse({}, 200)]
cve = CVEPut(valid_put_input)
cve.process()
def test_create_pv_nodes(mock_bg, mock_gp):
"""Test CVEPut.create_pv_nodes()."""
mock_gp.return_value = 'query'
mock_bg.return_value = True, {}
cve = CVEPut(valid_put_input)
nodes, successfull_create = cve.create_pv_nodes()
assert len(nodes) == 2
assert successfull_create is True
assert ('pypi', 'numpy', '10.0') in nodes
assert ('pypi', 'numpy', '11.0') in nodes
def test_create_pv_nodes(mock_bg, mock_gp):
"""Test CVEPut.create_pv_nodes()."""
mock_gp.return_value = "query pkg.property('latest_version', '1.2.3');"
mock_bg.return_value = True, {}
cve = CVEPut(valid_put_input)
nodes, successfull_create, aff = cve.create_pv_nodes()
assert len(nodes) == 2
assert successfull_create is True
assert ('pypi', 'numpy', '10.0') in nodes
assert ('pypi', 'numpy', '11.0') in nodes
assert aff['numpy']['ecosystem'] == "pypi"
assert aff['numpy']['latest_version'] == "1.2.3"
def test_cve_put_get_qstring_for_cve_node():
"""Test CVEPut.get_qstring_for_cve_node()."""
cve = CVEPut(valid_put_input)
query_str, bindings_dict = cve.get_qstring_for_cve_node()
assert query_str.startswith(cve_node_replace_script_template)
json_payload = cve.prepare_payload(query_str, bindings_dict)
assert 'bindings' in json_payload
bindings = json_payload['bindings']
assert 'cve_id' in bindings
assert bindings['cve_id']
assert 'description' in bindings
assert bindings['description']
assert 'cvss_v2' in bindings
assert bindings['cvss_v2']
assert 'modified_date' in bindings
assert bindings['modified_date']
def cves_put_delete():
"""Put or delete CVE nodes.
Missing EPVs will be created.
"""
payload = request.get_json(silent=True)
try:
if request.method == 'PUT':
cve = CVEPut(payload)
elif request.method == 'DELETE':
cve = CVEDelete(payload)
else:
# this should never happen
return flask.jsonify({'error': 'method not allowed'}), 405
except ValueError as e:
return flask.jsonify({'error': str(e)}), 400
try:
cve.process()
except ValueError as e:
return flask.jsonify({'error': str(e)}), 500
return flask.jsonify({}), 200
def test_put_process_epv_fail(mock_pv):
"""Test the CVEPut.process() fail."""
mock_pv.return_value = [], False, {}
cve = CVEPut(valid_put_input)
cve.process()
def test_cve_put_get_qstrings_for_edges():
"""Test CVEPut.get_qstrings_for_edges()."""
cve = CVEPut(valid_put_input)
results = cve.get_qstrings_for_edges()
assert len(results) == 2 # 2 edges as the CVE affects 2 versions
def test_cve_put_creation():
"""Test CVEPut input validation."""
assert CVEPut(valid_put_input)
with pytest.raises(ValueError):
CVEPut(invalid_put_input)
