def test_is_vulnerable_with_spaces(self): data = {"analytics": {"ssl": True}, "messages": [{ "payload": {"templateurl": ' http://www.example.com '} }]} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert(messages[0]) == '---- ISSUE: A "templateurl" in ["messages"]["payload"] doesn\\\'t use SSL; \' http://www.example.com \' does not match \'^https://(.*)$\''
def test_setting_present_but_not_string(self): data = {"analytics": {"ssl": True}, "remotes": {"messages": False}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: The ["remotes"]["messages"] URL doesn\\\'t use SSL; False is not of type \'string\''
def test_setting_present_but_false(self): data = {"analytics": {"ssl": True}, "mediaHeartbeat": {"ssl": False}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: The ["mediaHeartbeat"]["ssl"] setting is missing or false - SSL is not being used; True was expected'
def test_different_parent(self): data = {"othersection": {"ssl": True}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: Schema for checking security settings of the Adobe Mobile SDK configuration files; \'analytics\' is a required property'
def test_parent_present_setting_absent(self): data = {"analytics": {"ssl": True}, "mediaHeartbeat": {}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: The MediaHeartbeat Schema requires the SSL setting; \'ssl\' is a required property'
def test_array(self): data = {"analytics": [{"ssl": True}, {"ssl": False}]} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: The Analytics Schema requires the SSL setting; [{\'ssl\': True}, {\'ssl\': False}] is not of type \'object\''
def test_not_vulnerable_multiple(self): data = {"analytics": {"ssl": True}, "messages": [ {"payload": {"templateurl": 'https://www1.example.com'}}, {"payload": {"templateurl": 'https://www2.example.com'}} ]} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0
def test_empty(self): data = {} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: Schema for checking security settings of the Adobe Mobile SDK configuration files; \'analytics\' is a required property'
def test_array(self): data = {"analytics": {"ssl": True}, "remotes": [ {"messages": 'http://www.example.com'}, {"messages1": 'http://www.example.com'} ]} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert(messages[0]) == '---- ISSUE: The Remotes Schema; [{\'messages\': \'http://www.example.com\'}, {\'messages1\': \'http://www.example.com\'}] is not of type \'object\''
def test_valid_file(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('assets/ADBMobileConfig.json', '{"test1": true, "test2": "str"}') data = AdobeMobileSdkPlugin.parse_data(zip_file, 'assets/ADBMobileConfig.json') assert bool(data) is not False assert len(data) == 2 assert data['test1'] is True assert data['test2'] == 'str'
def test_valid_three_files(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('ADBMobileConfig.json', '') zip_file.writestr('test/ADBMobileConfig.doc', '') zip_file.writestr('test/ADBMobileConfig.json/test3.md', '') paths = AdobeMobileSdkPlugin.get_paths(zip_file) assert len(paths) == 2 assert paths[0] == 'ADBMobileConfig.json' assert paths[1] == 'test/ADBMobileConfig.json'
def test_setting_present_but_not_boolean(self): data = {"analytics": {"ssl": "foobar"}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 2 assert ( messages[0] ) == '---- ISSUE: The [\"analytics\"][\"ssl\"] setting is missing or false - SSL is not being used; \'foobar\' is not of type \'boolean\'' assert ( messages[1] ) == '---- ISSUE: The ["analytics"]["ssl"] setting is missing or false - SSL is not being used; True was expected'
def test_empty_element(self): data = {"analytics": {"ssl": True}, "mediaHeartbeat": {"ssl": ""}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 2 assert ( messages[0] ) == '---- ISSUE: The ["mediaHeartbeat"]["ssl"] setting is missing or false - SSL is not being used; \'\' is not of type \'boolean\'' assert ( messages[1] ) == '---- ISSUE: The ["mediaHeartbeat"]["ssl"] setting is missing or false - SSL is not being used; True was expected'
def test_different_parent(self): data = { "analytics": { "ssl": True }, "othersection": { "messages": 'http://www.example.com' } } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0
def test_not_vulnerable(self): data = { "analytics": { "ssl": True }, "remotes": { "messages": 'https://www.example.com' } } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0
def test_empty_element(self): data = { "analytics": { "ssl": True }, "othersection": { "analytics.poi": '' } } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0
def test_is_vulnerable_with_spaces(self): data = { "analytics": { "ssl": True }, "remotes": { "messages": ' http://www.example.com ' } } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: The ["remotes"]["messages"] URL doesn\\\'t use SSL; \' http://www.example.com \' does not match \'^https://(.*)$\''
def test_empty_element(self): data = { "analytics": { "ssl": True }, "messages": [{ "payload": { "templateurl": '' } }] } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: A "templateurl" in ["messages"]["payload"] doesn\\\'t use SSL; \'\' does not match \'^https://(.*)$\''
def test_setting_present_but_not_string(self): data = { "analytics": { "ssl": True }, "messages": [{ "payload": { "templateurl": False } }] } messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 1 assert ( messages[0] ) == '---- ISSUE: A "templateurl" in ["messages"]["payload"] doesn\\\'t use SSL; False is not of type \'string\''
def test_junk_file(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('assets/ADBMobileConfig.json', '<junky junk>') data = AdobeMobileSdkPlugin.parse_data(zip_file, 'assets/ADBMobileConfig.json') assert data is None
def test_malformed_file(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('assets/ADBMobileConfig.json', '{"welcome,') data = AdobeMobileSdkPlugin.parse_data(zip_file, 'assets/ADBMobileConfig.json') assert data is None
def test_valid_one_file(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('assets/ADBMobileConfig.json', '') paths = AdobeMobileSdkPlugin.get_paths(zip_file) assert len(paths) == 1 assert paths[0] == 'assets/ADBMobileConfig.json'
def test_plugin_properties_name_desc(self): plugin = AdobeMobileSdkPlugin({}, True, False) assert not plugin.name.startswith('Base') assert not plugin.desc.startswith('Base')
def test_is_online_testing_supported(self): plugin = AdobeMobileSdkPlugin({}, is_android=False, is_ios=False, do_online=False) assert plugin.is_online_testing_supported() is False plugin = AdobeMobileSdkPlugin({}, is_android=False, is_ios=False, do_online=True) assert plugin.is_online_testing_supported() is False
def test_empty(self): zip_file = ZipFile(io.BytesIO(), 'a') paths = AdobeMobileSdkPlugin.get_paths(zip_file) assert len(paths) == 0
def test_check_support_is(self): plugin = AdobeMobileSdkPlugin({}, False, False) assert plugin.is_os_supported() is False plugin = AdobeMobileSdkPlugin({}, True, False) assert plugin.is_os_supported() is True plugin = AdobeMobileSdkPlugin({}, False, True) assert plugin.is_os_supported() is True plugin = AdobeMobileSdkPlugin({}, True, True) assert plugin.is_os_supported() is True
def test_no_elements(self): zip_file = ZipFile(io.BytesIO(), 'a') zip_file.writestr('assets/ADBMobileConfig.json', '{}') data = AdobeMobileSdkPlugin.parse_data(zip_file, 'assets/ADBMobileConfig.json') assert len(data) == 0
def test_plugin_properties_name_desc(self): plugin = AdobeMobileSdkPlugin({}, is_android=True, is_ios=False, do_online=False) assert not plugin.name.startswith('Base') assert not plugin.desc.startswith('Base')
def test_parent_present_setting_absent(self): data = {"analytics": {"ssl": True}, "messages": []} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0
def test_valid(self): data = {"analytics": {"ssl": True}, "mediaHeartbeat": {"ssl": True}} messages = AdobeMobileSdkPlugin.validate(data) assert len(messages) == 0