def test_from_file(self): failed_json_files = [] for _fname in os.listdir(DBVuln.DB_PATH): _file_path = os.path.join(DBVuln.DB_PATH, _fname) try: dbv = DBVuln.from_file(_file_path) except: failed_json_files.append(_fname) continue self.assertIsInstance(dbv.title, basestring) self.assertIsInstance(dbv.description, basestring) self.assertIsInstance(dbv.id, int) self.assertIsInstance(dbv.severity, basestring) self.assertIsInstance(dbv.wasc, (types.NoneType, list)) self.assertIsInstance(dbv.tags, (types.NoneType, list)) self.assertIsInstance(dbv.cwe, (types.NoneType, list)) self.assertIsInstance(dbv.owasp_top_10, (types.NoneType, dict)) self.assertIsInstance(dbv.fix, dict) self.assertIsInstance(dbv.fix_effort, int) self.assertIsInstance(dbv.fix_guidance, basestring) for ref in dbv.references: self.assertIsInstance(ref, Reference) self.assertEqual(failed_json_files, [])
def test_from_file(self): _file = os.path.join(DBVuln.DB_PATH, '123-spec-example.json') dbv_1 = DBVuln.from_file(_file) dbv_2 = DBVuln.from_id(123) self.assertEqual(dbv_1, dbv_2) self.assertEqual(dbv_1.db_file, _file)
def test_from_file(self): failed_json_files = [] processed_files = [] for language in DBVuln.get_all_languages(): json_path = os.path.join(DBVuln.DB_PATH, language) for _fname in os.listdir(json_path): _file_path = os.path.join(json_path, _fname) if os.path.isdir(_file_path): continue try: DBVuln.LANG = language dbv = DBVuln.from_file(_file_path) except: failed_json_files.append(_fname) continue processed_files.append(_fname) self.assertIsInstance(dbv.title, basestring) self.assertIsInstance(dbv.description, basestring) self.assertIsInstance(dbv.id, int) self.assertIsInstance(dbv.severity, basestring) self.assertIsInstance(dbv.wasc, (type(None), list)) self.assertIsInstance(dbv.tags, (type(None), list)) self.assertIsInstance(dbv.cwe, (type(None), list)) self.assertIsInstance(dbv.owasp_top_10, (type(None), dict)) self.assertIsInstance(dbv.fix_effort, int) self.assertIsInstance(dbv.fix_guidance, basestring) for ref in dbv.references: self.assertIsInstance(ref, Reference) self.assertEqual(failed_json_files, []) self.assertGreater(len(processed_files), 20)
def test_load_es_lang(self): language = 'es' _file = os.path.join(DBVuln.DB_PATH, language, '123-spec-example.json') dbv_1 = DBVuln.from_file(_file, language=language) dbv_2 = DBVuln.from_id(123, language=language) self.assertEqual(dbv_1, dbv_2) self.assertEqual(dbv_1.db_file, _file) dbv = dbv_1 expected_references = [ Reference("http://foo.es/xss", "Primera referencia a una vulnerabilidad de XSS"), Reference("http://asp.net/xss", "Como arreglar XSS en .NET") ] self.assertEqual(dbv.title, u'Cross-Site Scripting en ES') self.assertEqual(dbv.description, u'Un texto largo donde se explica que es un XSS') self.assertEqual(dbv.id, MOCK_ID) self.assertEqual(dbv.severity, MOCK_SEVERITY) self.assertEqual(dbv.wasc, [u'0003']) self.assertEqual(dbv.tags, [u'xss', u'client side']) self.assertEqual(dbv.cwe, [u'0003', u'0007']) self.assertEqual( dbv.owasp_top_10, { "2010": [1], "2013": [2] }, ) self.assertEqual(dbv.references, expected_references) self.assertEqual(dbv.fix_effort, 50) self.assertEqual( dbv.fix_guidance, u'Y otro texto largo donde se explica como' u' arreglar vulnerabilidades de XSS')