def test_list_can_show_all_entries(self):
# Create one entry without matches
ScannerResult.objects.create(scanner=YARA)
# Create one entry with matches
rule = ScannerRule.objects.create(name='some-rule', scanner=YARA)
with_matches = ScannerResult(scanner=YARA)
with_matches.add_yara_result(rule=rule.name)
with_matches.save()
# Create a false positive
false_positive = ScannerResult(scanner=YARA, state=FALSE_POSITIVE)
false_positive.add_yara_result(rule=rule.name)
false_positive.save()
# Create an entry without a version
without_version = ScannerResult(scanner=YARA)
without_version.add_yara_result(rule=rule.name)
without_version.save()
response = self.client.get(
self.list_url,
{
MatchesFilter.parameter_name: 'all',
StateFilter.parameter_name: 'all',
WithVersionFilter.parameter_name: 'all',
},
)
assert response.status_code == 200
html = pq(response.content)
expected_length = ScannerResult.objects.count()
assert html('#result_list tbody tr').length == expected_length
def test_list_default(self):
# Create one entry without matches, it will not be shown by default
ScannerResult.objects.create(
scanner=YARA,
version=version_factory(addon=addon_factory()),
)
# Create one entry with matches, it will be shown by default
rule = ScannerRule.objects.create(name='some-rule', scanner=YARA)
with_matches = ScannerResult(
scanner=YARA,
version=version_factory(addon=addon_factory()),
)
with_matches.add_yara_result(rule=rule.name)
with_matches.save()
# Create a false positive, it will not be shown by default
false_positive = ScannerResult(
scanner=YARA,
state=FALSE_POSITIVE,
version=version_factory(addon=addon_factory()),
)
false_positive.add_yara_result(rule=rule.name)
false_positive.save()
# Create an entry without a version, it will not be shown by default
without_version = ScannerResult(scanner=YARA)
without_version.add_yara_result(rule=rule.name)
without_version.save()
response = self.client.get(self.list_url)
assert response.status_code == 200
html = pq(response.content)
assert html('#result_list tbody tr').length == 1
def test_list_filter_matched_rules(self):
rule_bar = ScannerRule.objects.create(name='bar', scanner=YARA)
rule_hello = ScannerRule.objects.create(name='hello', scanner=YARA)
rule_foo = ScannerRule.objects.create(name='foo', scanner=CUSTOMS)
with_bar_matches = ScannerResult(scanner=YARA)
with_bar_matches.add_yara_result(rule=rule_bar.name)
with_bar_matches.add_yara_result(rule=rule_hello.name)
with_bar_matches.save()
ScannerResult.objects.create(scanner=CUSTOMS,
results={'matchedRules': [rule_foo.name]})
with_hello_match = ScannerResult(scanner=YARA)
with_hello_match.add_yara_result(rule=rule_hello.name)
response = self.client.get(
self.list_url, {
'matched_rules__id__exact': rule_bar.pk,
WithVersionFilter.parameter_name: 'all',
})
assert response.status_code == 200
doc = pq(response.content)
assert doc('#result_list tbody tr').length == 1
assert doc('.field-formatted_matched_rules').text() == 'bar, hello'
def test_handle_yara_false_positive(self):
# Create one entry with matches
rule = ScannerRule.objects.create(name='some-rule', scanner=YARA)
result = ScannerResult(scanner=YARA)
result.add_yara_result(rule=rule.name)
result.save()
assert result.state == UNKNOWN
response = self.client.post(
reverse(
'admin:scanners_scannerresult_handlefalsepositive',
args=[result.pk],
)
)
result.refresh_from_db()
assert result.state == FALSE_POSITIVE
# This action should send a redirect to GitHub.
assert response.status_code == 302
# We create a GitHub issue draft by passing some query parameters to
# GitHub.
assert response['Location'].startswith(
'https://github.com/git/repo/issues/new?'
)
assert (
urlencode(
{
'title': 'False positive report for '
'ScannerResult {}'.format(result.pk)
}
)
in response['Location']
)
assert urlencode({'body': '### Report'}) in response['Location']
assert (
urlencode({'labels': 'false positive report'})
in response['Location']
)
assert 'Raw+scanner+results' in response['Location']
