def test_put_report_tracking_status_json_not_dict_error(
self,
YesWeHackRawApiClientMock: MagicMock,
YesWeHackRawApiReportMock: MagicMock,
) -> None:
YesWeHackRawApiClientMock.return_value.login.return_value = True
RequestsResponseMock = create_autospec(requests.models.Response)
RequestsResponseMock.return_value.json.return_value = 'I am an API response'
YesWeHackRawApiReportMock.return_value.put_tracking_status.return_value = RequestsResponseMock()
client = YesWeHackApiClient(
configuration=YesWeHackConfiguration(),
)
raw_report = YesWeHackRawApiReportMock(
ywh_api=None,
lazy=True,
id=123,
)
report = Report(
raw_report=raw_report,
report_id='123',
title='A bug report',
local_id='YWH-123',
bug_type=BugType(
name='bug-type',
link='http://bug.example.com/type',
remediation_link='http://bug.example.com/type/remediation',
),
scope='',
cvss=Cvss(
criticity='critical',
score=9.0,
vector='vector',
),
end_point='/',
vulnerable_part='post',
part_name='param',
payload_sample='abcde',
technical_environment='',
description_html='This is a bug',
attachments=[],
hunter=Author(
username='******',
),
logs=[],
status='accepted',
tracking_status='AFI',
program=ReportProgram(
title='My program',
slug='my-program',
),
)
with self.assertRaises(YesWeHackApiClientError):
client.put_report_tracking_status(
report=report,
tracker_name='tracker',
issue_id='foo',
issue_url='https://tracker.example.com/issues/foo',
status='T',
comment='Tracker synchronized.',
)
def test_send_report_issue_create_error(
self,
client_mock_class: MagicMock,
incident_model_mock_class: MagicMock,
session_mock_class: MagicMock,
) -> None:
response = create_autospec(ResponseSpec, spec_set=True)
response.data = {
'sys_id': '456',
'number': 'INC0123',
}
client = client_mock_class(address=ANY, )
client.get_session.return_value = session_mock_class()
incident_model = incident_model_mock_class(client=client, )
incident_model.__aenter__.return_value = incident_model
incident_model.create.side_effect = AiosnowException
tracker_client = ServiceNowTrackerClient(
configuration=ServiceNowConfiguration(
host='my-instance.servicenow.local', ), )
raw_report = YesWeHackRawApiReport(
ywh_api=None,
lazy=True,
id=123,
)
report = Report(
raw_report=raw_report,
report_id='123',
title='A bug report',
local_id='YWH-123',
bug_type=BugType(
name='bug-type',
link='http://bug.example.com/type',
remediation_link='http://bug.example.com/type/remediation',
),
scope='',
cvss=Cvss(
criticity='critical',
score=9.0,
vector='vector',
),
end_point='/',
vulnerable_part='post',
part_name='param',
payload_sample='abcde',
technical_environment='',
description_html='This is a bug',
attachments=[],
hunter=Author(username='******', ),
logs=[],
status='accepted',
tracking_status='AFI',
program=ReportProgram(
title='My program',
slug='my-program',
),
)
with self.assertRaises(ServiceNowTrackerClientError):
tracker_client.send_report(report=report, )
def _map_raw_cvss(
context: MappingContext,
raw_cvss: YesWeHackRawApiCvss,
) -> Cvss:
return Cvss(
criticity=raw_cvss.criticity,
score=raw_cvss.score,
vector=raw_cvss.vector,
)
def test_send_report_error_project_not_found(
self,
gitlab_mock_class: MagicMock,
project_manager_mock_class: MagicMock,
project_mock_class: MagicMock,
project_issues_manager_mock_class: MagicMock,
project_issue_mock_class: MagicMock,
) -> None:
project_manager_mock = project_manager_mock_class(gl=ANY)
gitlab_mock_class.return_value.projects = project_manager_mock
project_manager_mock.get.side_effect = GitlabError('Project not found')
client = GitLabTrackerClient(configuration=GitLabConfiguration(
project='my-project', ), )
raw_report = YesWeHackRawApiReport(
ywh_api=None,
lazy=True,
id=123,
)
report = Report(
raw_report=raw_report,
report_id='123',
title='A bug report',
local_id='YWH-123',
bug_type=BugType(
name='bug-type',
link='http://bug.example.com/type',
remediation_link='http://bug.example.com/type/remediation',
),
scope='',
cvss=Cvss(
criticity='critical',
score=9.0,
vector='vector',
),
end_point='/',
vulnerable_part='post',
part_name='param',
payload_sample='abcde',
technical_environment='',
description_html='This is a bug',
attachments=[],
hunter=Author(username='******', ),
logs=[],
status='accepted',
tracking_status='AFI',
program=ReportProgram(
title='My program',
slug='my-program',
),
)
with self.assertRaises(GitLabTrackerClientError):
client.send_report(report=report, )
def _build_report(
self,
report_id: int,
tracking_status: str = 'AFI',
attachments: Optional[List[Attachment]] = None,
logs: Optional[List[Log]] = None,
) -> Report:
raw_report = YesWeHackRawApiReport(
ywh_api=create_autospec(YesWeHackRawApi),
lazy=True,
id=report_id,
)
return Report(
raw_report=raw_report,
report_id=str(report_id),
title='A bug report',
local_id=f'YWH-{report_id}',
bug_type=BugType(
name='bug-type',
link='http://bug.example.com/type',
remediation_link='http://bug.example.com/type/remediation',
),
scope='',
cvss=Cvss(
criticity='critical',
score=9.0,
vector='vector',
),
end_point='/',
vulnerable_part='post',
part_name='param',
payload_sample='abcde',
technical_environment='',
description_html='This is a bug',
attachments=attachments or [],
hunter=Author(username='******', ),
logs=logs or [],
status='accepted',
tracking_status=tracking_status,
program=ReportProgram(
title='Program 1',
slug='program1',
),
)
def test_send_report(
self,
jira_mock_class: MagicMock,
issue_mock_class: MagicMock,
) -> None:
issue_mock = issue_mock_class(options=ANY, session=ANY)
issue_mock.key = '456'
issue_mock.permalink.return_value = 'http://tracker/issue/456'
jira_mock_class.return_value.create_issue.return_value = issue_mock
client = JiraTrackerClient(
configuration=JiraConfiguration(
project='my-project',
),
)
raw_report = YesWeHackRawApiReport(
ywh_api=None,
lazy=True,
id=123,
)
report = Report(
raw_report=raw_report,
report_id='123',
title='A bug report',
local_id='YWH-123',
bug_type=BugType(
name='bug-type',
link='http://bug.example.com/type',
remediation_link='http://bug.example.com/type/remediation',
),
scope='',
cvss=Cvss(
criticity='critical',
score=9.0,
vector='vector',
),
end_point='/',
vulnerable_part='post',
part_name='param',
payload_sample='abcde',
technical_environment='',
description_html='This is a bug',
attachments=[],
hunter=Author(
username='******',
),
logs=[],
status='accepted',
tracking_status='AFI',
program=ReportProgram(
title='My program',
slug='my-program',
),
)
issue = client.send_report(
report=report,
)
self.assertIsInstance(issue, TrackerIssue)
self.assertEqual('456', issue.issue_id)
self.assertEqual('http://tracker/issue/456', issue.issue_url)
self.assertEqual('my-project', issue.project)
self.assertFalse(issue.closed)
