def test_bulk_create_with_conflict_in_every_vuln(self, test_client, session, csrf_token):
vuln_template_1 = VulnerabilityTemplate(name='conflict_vuln_1', severity='high')
session.add(vuln_template_1)
vuln_template_2 = VulnerabilityTemplate(name='conflict_vuln_2', severity='high')
session.add(vuln_template_2)
session.commit()
vuln_1 = VulnerabilityFactory.build_dict()
vuln_1['name'] = 'conflict_vuln_1'
vuln_1['exploitation'] = vuln_1['severity']
vuln_2 = VulnerabilityFactory.build_dict()
vuln_2['name'] = 'conflict_vuln_2'
vuln_2['exploitation'] = vuln_2['severity']
data = {
'csrf_token': csrf_token,
'vulns': [vuln_1, vuln_2]
}
res = test_client.post('/v3/vulnerability_template/bulk_create', json=data)
assert res.status_code == 409
assert len(res.json['vulns_with_conflict']) == 2
assert res.json['vulns_with_conflict'][0][1] == vuln_1['name']
assert res.json['vulns_with_conflict'][1][1] == vuln_2['name']
assert len(res.json['vulns_created']) == 0
def test_bulk_create_with_one_conflict(self, test_client, session,
csrf_token):
vuln_template = VulnerabilityTemplate(name='conflict_vuln',
severity='high')
session.add(vuln_template)
session.commit()
vuln_1 = VulnerabilityFactory.build_dict()
vuln_1['name'] = 'conflict_vuln'
vuln_1['exploitation'] = vuln_1['severity']
vuln_2 = VulnerabilityFactory.build_dict()
vuln_2['exploitation'] = vuln_2['severity']
data = {'csrf_token': csrf_token, 'vulns': [vuln_1, vuln_2]}
res = test_client.post(
self.check_url('/v2/vulnerability_template/bulk_create/'),
json=data)
assert res.status_code == 200
assert len(res.json['vulns_with_conflict']) == 1
assert res.json['vulns_with_conflict'][0][1] == vuln_1['name']
assert len(res.json['vulns_created']) == 1
assert res.json['vulns_created'][0][1] == vuln_2['name']
def test_bulk_create_without_csrf_token(self, test_client):
vuln_1 = VulnerabilityFactory.build_dict()
vuln_1['exploitation'] = vuln_1['severity']
vuln_2 = VulnerabilityFactory.build_dict()
vuln_2['exploitation'] = vuln_2['severity']
data = {
'vulns': [vuln_1, vuln_2]
}
res = test_client.post('/v3/vulnerability_template/bulk_create', json=data)
assert res.status_code == 403
assert res.json['message'] == 'Invalid CSRF token.'
def test_vuln_template_bulk_create(self, test_client, csrf_token):
vuln_1 = VulnerabilityFactory.build_dict()
vuln_1['exploitation'] = vuln_1['severity']
vuln_2 = VulnerabilityFactory.build_dict()
vuln_2['exploitation'] = vuln_2['severity']
data = {'csrf_token': csrf_token, 'vulns': [vuln_1, vuln_2]}
res = test_client.post(
self.check_url('/v2/vulnerability_template/bulk_create/'),
json=data)
assert res.status_code == 200
vulns_created = res.json['vulns_created']
assert len(vulns_created) == 2
assert vulns_created[0][1] == vuln_1['name']
assert vulns_created[1][1] == vuln_2['name']
