def test_create_new_component(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.POST,
url=self.MYURL + "resource/api/components",
json={
# server returns complete component, here we only mock a part of it
'name': 'NewComponent',
'_links': {
'self': {
'href': self.MYURL+'resource/api/components/2402'
}
}
},
match=[
responses.json_params_matcher({
"name": "NewComponent",
"componentType": "OSS",
"description": "Illustrative example component",
"homepage": "https://www.github.com/NewComponent"
})
]
)
lib.create_new_component(
name="NewComponent",
component_type="OSS",
description="Illustrative example component",
homepage="https://www.github.com/NewComponent"
)
def test_create_new_component_fail(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.POST,
url=self.MYURL + "resource/api/components",
json={
"timestamp": "2020-12-12T19:15:18.702505Z",
"error": "Conflict",
"message": "sw360 component with name \'NewComponent\' already exists."
},
status=409,
match=[
responses.json_params_matcher({
"name": "NewComponent",
"componentType": "OSS",
"description": "Illustrative example component",
"homepage": "https://www.github.com/NewComponent"
})
]
)
with self.assertRaises(SW360Error) as context:
lib.create_new_component(
name="NewComponent",
component_type="OSS",
description="Illustrative example component",
homepage="https://www.github.com/NewComponent"
)
self.assertEqual(409, context.exception.response.status_code)
def test_update_component_external_id_no_extids_yet(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/components/bc75c910ca9866886cb4d7b3a301061f", # noqa
body='{"name": "debootstrap", "componentType": "OSS"}', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
# add fresh id
responses.add(
responses.PATCH,
url=self.MYURL + "resource/api/components/bc75c910ca9866886cb4d7b3a301061f",
body="4",
match=[
responses.json_params_matcher({"externalIds": {"package-url": "pkg:deb/debian/debootstrap?type=source"}}) # noqa
]
)
lib.update_component_external_id(
"package-url",
"pkg:deb/debian/debootstrap?type=source",
"bc75c910ca9866886cb4d7b3a301061f")
def test_api_get_raw(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/projects/123X",
body='{"name": "My Testproject"}',
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
p_raw = lib.api_get_raw(self.MYURL + "resource/api/projects/123X")
p = json.loads(p_raw)
self.assertEqual("My Testproject", p["name"])
def test_get_project(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/projects/123",
body='{"name": "My Testproject"}',
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
p = lib.get_project("123")
self.assertEqual("My Testproject", p["name"])
self.assertIsNotNone(lib.session)
lib.close_api()
self.assertIsNone(lib.session)
def test_update_component_external_id_no_exist(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/components/bc75c910ca9866886cb4d7b3a301061f", # noqa
body='{"name": "debootstrap", "componentType": "OSS", "externalIds": {"already-existing": "must-be-kept"}}', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
# assure patch request doesn't happen if deleting non-existent id
responses.add(
responses.PATCH,
url=self.MYURL + "resource/api/components/bc75c910ca9866886cb4d7b3a301061f",
body="4",
match=[
responses.json_params_matcher(
{
"externalIds": {"xxx": "pkg:deb/debian/debootstrap?type=source"}
}
)
]
)
lib.update_component_external_id(
"package-url",
"",
"bc75c910ca9866886cb4d7b3a301061f",
update_mode="delete")
def test_create_new_release(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.POST,
url=self.MYURL + "resource/api/releases",
json={
# server returns complete release, here we only mock a part of it
"name": "NewComponent", "version": "1.0.0",
"_links": {
"sw360:component": {"href": self.MYURL+'resource/api/components/9876'},
"self": {"href": self.MYURL+'resource/api/releases/2403'}
}
},
match=[
responses.json_params_matcher({
"name": "NewComponent", "version": "1.0.0",
"componentId": "9876"
})
],
)
lib.create_new_release("NewComponent", "1.0.0", "9876")
def test_api_get_raw_error(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/projects/123456X",
body='{"timestamp":"2020-11-13T17:39:28.689358Z","status":404,"error":"Not Found","message":"Requested Project Not Found"}', # noqa
status=404,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
with self.assertRaises(SW360Error) as context:
lib.api_get_raw(self.MYURL + "resource/api/projects/123456X")
self.assertEqual(404, context.exception.response.status_code)
self.assertEqual("Not Found", context.exception.details["error"])
self.assertEqual("Requested Project Not Found", context.exception.details["message"])
def test_api_get_raw_error_string(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/projects/123456X",
body='Error-String',
status=404,
content_type="text/plain",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
with self.assertRaises(SW360Error) as context:
lib.api_get_raw(self.MYURL + "resource/api/projects/123456X")
self.assertEqual(404, context.exception.response.status_code)
self.assertEqual("Error-String", context.exception.response.text)
def test_create_new_vendor_fail(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.POST,
url=self.MYURL + "resource/api/vendors",
body='{"status": "success"}',
status=403,
match=[
responses.json_params_matcher({
"url": "https://github.com/tngraf",
"shortName": "tngraf",
"fullName": "Thomas Graf"
})
],
content_type="application/hal+json"
)
vendor = {}
vendor["url"] = "https://github.com/tngraf"
vendor["shortName"] = "tngraf"
vendor["fullName"] = "Thomas Graf"
with self.assertRaises(SW360Error) as context:
lib.create_new_vendor(vendor)
self.assertEqual(403, context.exception.response.status_code)
def test_constructor(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
self.assertEqual(self.MYURL, lib.url)
expected_header = {"Authorization": "Token " + self.MYTOKEN}
self.assertEqual(expected_header, lib.api_headers)
lib = SW360(self.MYURL, self.MYTOKEN, True)
self.assertEqual(self.MYURL, lib.url)
expected_header = {"Authorization": "Bearer " + self.MYTOKEN}
self.assertEqual(expected_header, lib.api_headers)
# check for trailing slash
lib = SW360("https://my.server.com", self.MYTOKEN, False)
self.assertEqual(self.MYURL, lib.url)
def test_update_release_external_id_add_fresh_id(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/releases/123", # noqa
body='{"name": "Tethys.Logging", "version": "1.4.0", "externalIds": {"already-existing": "must-be-kept"}}', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
# add fresh id
responses.add(
responses.PATCH,
url=self.MYURL + "resource/api/releases/123",
body="4",
match=[
responses.json_params_matcher({"externalIds": {"already-existing": "must-be-kept", "package-url": "pkg:deb/debian/debootstrap?type=source"}}) # noqa
]
)
lib.update_release_external_id(
"package-url",
"pkg:deb/debian/debootstrap?type=source",
"123")
def test_download_component_attachment(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/components/1234/attachments/5678",
body='xxxx',
status=200,
content_type="application/text",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
tmpdir = tempfile.mkdtemp()
filename = os.path.join(tmpdir, "test_attachment.txt")
if os.path.exists(filename):
os.remove(filename)
self.assertFalse(os.path.exists(filename))
lib.download_component_attachment(filename, "1234", "5678")
self.assertTrue(os.path.exists(filename))
os.remove(filename)
os.removedirs(tmpdir)
def test_dump_rest_call_to_file(self):
FILENAME = "delete_me.txt"
if os.path.isfile(FILENAME):
os.remove(FILENAME)
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = False
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/projects/123X",
body='{"name": "My Testproject"}',
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
lib.api_get_raw(self.MYURL + "resource/api/projects/123X")
def test_create_new_release_already_exists(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.POST,
url=self.MYURL + "resource/api/releases",
json={
"timestamp": "2020-12-13T13:44:08.349752Z", "status": 409,
"error": "Conflict", "message": "sw360 release with name ... already exists."
},
status=409,
match=[
responses.json_params_matcher({
"name": "NewComponent", "version": "1.0.0",
"componentId": "9876"
})
],
)
with self.assertRaises(SW360Error) as context:
lib.create_new_release("NewComponent", "1.0.0", "9876")
self.assertEqual(409, context.exception.response.status_code)
self.assertEqual(409, context.exception.details["status"])
self.assertEqual("Conflict", context.exception.details["error"])
def test_get_all_vulnerabilities(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL + "resource/api/vulnerabilities",
body='{"_embedded" : {"sw360:vulnerabilities" : [\
{"externalId" : "123", "title" : "Title of vulnerability 12345",\
"_links" : {"self" : {"href" : "https://sw360.org/api/vulnerabilities/123" } } },\
{"externalId" : "7543", "title" : "Title of vulnerability 7854",\
"_links" : {"self" : {"href" : "https://sw360.org/api/vulnerabilities/7543" } } }\
]},\
"_links" : {"curies" : [ {"href" : "https://sw360.org/docs/{rel}.html",\
"name" : "sw360", "templated" : true } ] } }',
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
data = lib.get_all_vulnerabilities()
self.assertIsNotNone(data)
self.assertTrue("_embedded" in data)
self.assertTrue("sw360:vulnerabilities" in data["_embedded"])
vlist = data["_embedded"]["sw360:vulnerabilities"]
self.assertEqual(2, len(vlist))
self.assertEqual("Title of vulnerability 12345", vlist[0]["title"])
def test_get_attachment_infos_by_hash(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.GET,
url=self.MYURL +
"resource/api/attachments?sha1=5f392efeb0934339fb6b0f3e021076db19fad164", # noqa
body=
'{"_embedded": {"sw360:attachments": [{"filename": "CLIXML_angular-10.0.7.xml", "sha1": "5f392efeb0934339fb6b0f3e021076db19fad164", "attachmentType": "COMPONENT_LICENSE_INFO_XML"}]}}', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
data = lib.get_attachment_infos_by_hash(
"5f392efeb0934339fb6b0f3e021076db19fad164")
self.assertIsNotNone(data)
self.assertTrue("_embedded" in data)
self.assertTrue("sw360:attachments" in data["_embedded"])
att_info = data["_embedded"]["sw360:attachments"]
self.assertTrue(len(att_info) > 0)
self.assertEqual("5f392efeb0934339fb6b0f3e021076db19fad164",
att_info[0]["sha1"])
def test_upload_project_attachment(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.POST,
url=self.MYURL + "resource/api/projects/666/attachments", # noqa
body='xxx', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
_, filename = tempfile.mkstemp()
self.assertTrue(os.path.exists(filename))
lib.upload_project_attachment("666",
filename,
upload_type="README_OSS",
upload_comment="The new RDM!")
try:
os.remove(filename)
except OSError:
# ignore
pass
def test_upload_release_attachment_failed(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
method=responses.POST,
url=self.MYURL + "resource/api/releases/1234/attachments", # noqa
body=
'{"timestamp": "2020-12-10T07:22:06.1685Z", "status": "500", "error": "Internal Server Error", "message": "forbidded"}', # noqa
status=500,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
_, filename = tempfile.mkstemp()
self.assertTrue(os.path.exists(filename))
with self.assertRaises(SW360Error) as context:
lib.upload_release_attachment("1234", filename)
try:
os.remove(filename)
except OSError:
# ignore
pass
self.assertEqual(500, context.exception.response.status_code)
self.assertEqual("500", context.exception.details["status"])
self.assertEqual("Internal Server Error",
context.exception.details["error"])
self.assertEqual("forbidded", context.exception.details["message"])
def test_delete_release_no_id(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
with self.assertRaises(SW360Error) as context:
lib.delete_release(None)
self.assertEqual("No release id provided!", context.exception.message)
def xtest_get_component_real(self):
"""
Only for debugging...
"""
lib = SW360("https://sw360.siemens.com", os.environ["SW360ProductionToken"], False)
lib.login_api()
# c = lib.get_component("eaba2f0416e000e8ca5b2ccb4400633e")
# c = lib.get_components_by_external_id( "package-url", "pkg:nuget/Tethys.Logging")
c = lib.api_get("https://sw360.siemens.com/resource/api/components/searchByExternalIds?package-url=pkg:nuget/Tethys.Logging") # noqa
print(c)
def test_download_release_attachment_no_resource_id(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
with self.assertRaises(SW360Error) as context:
lib.download_release_attachment("myfile.txt", None, "5678")
self.assertEqual("No resource id provided!", context.exception.message)
def test_login(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'ok'}",
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
actual = lib.login_api()
self.assertTrue(actual)
def test_update_vendor_no_id(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
vendor = {}
vendor["shortName"] = "xxx"
with self.assertRaises(SW360Error) as context:
lib.update_vendor(vendor, None)
self.assertEqual("No vendor id provided!", context.exception.message)
def test_upload_attachment_file_does_not_exist(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
filename = "_does_not_exist_filename.dat"
self.assertFalse(os.path.exists(filename))
with self.assertRaises(SW360Error) as context:
lib.upload_release_attachment("1234", filename)
self.assertTrue(
context.exception.message.startswith("ERROR: file not found:"))
def test_update_component_no_id(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
comp = {}
comp["name"] = "NewComponent"
with self.assertRaises(SW360Error) as context:
lib.update_component(comp, None)
self.assertEqual("No component id provided!", context.exception.message)
def test_delete_release(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
lib.force_no_session = True
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.DELETE,
url=self.MYURL + "resource/api/releases/123",
body="4",
status=200,
)
lib.delete_release("123")
def test_login_failed_forbidden(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/",
body="{'status': 'failed'}",
status=403,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN},
)
with self.assertRaises(SW360Error) as context:
lib.login_api()
self.assertEqual(self.ERROR_MSG_NO_LOGIN, context.exception.message)
def test_get_users_of_release(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
self._add_login_response()
actual = lib.login_api()
self.assertTrue(actual)
responses.add(
responses.GET,
url=self.MYURL + "resource/api/releases/usedBy/123", # noqa
body='{"_embedded": {"sw360:projects": [{"name": "xxx", "version": "4.5"}]}}', # noqa
status=200,
content_type="application/json",
adding_headers={"Authorization": "Token " + self.MYTOKEN}
)
lib.get_users_of_release("123")
def test_login_failed_invalid_url(self):
lib = SW360(self.MYURL, self.MYTOKEN, False)
have_backup = False
if "SW360ProductionToken" in os.environ:
have_backup = True
backup = os.environ["SW360ProductionToken"]
os.environ["SW360ProductionToken"] = ""
with self.assertRaises(SW360Error) as context:
lib.login_api()
self.assertTrue(context.exception.message.startswith(self.ERROR_MSG_NO_LOGIN))
if have_backup:
os.environ["SW360ProductionToken"] = backup
