def test_put_report_tracking_status_json_not_dict_error( self, YesWeHackRawApiClientMock: MagicMock, YesWeHackRawApiReportMock: MagicMock, ) -> None: YesWeHackRawApiClientMock.return_value.login.return_value = True RequestsResponseMock = create_autospec(requests.models.Response) RequestsResponseMock.return_value.json.return_value = 'I am an API response' YesWeHackRawApiReportMock.return_value.put_tracking_status.return_value = RequestsResponseMock() client = YesWeHackApiClient( configuration=YesWeHackConfiguration(), ) raw_report = YesWeHackRawApiReportMock( ywh_api=None, lazy=True, id=123, ) report = Report( raw_report=raw_report, report_id='123', title='A bug report', local_id='YWH-123', bug_type=BugType( name='bug-type', link='http://bug.example.com/type', remediation_link='http://bug.example.com/type/remediation', ), scope='', cvss=Cvss( criticity='critical', score=9.0, vector='vector', ), end_point='/', vulnerable_part='post', part_name='param', payload_sample='abcde', technical_environment='', description_html='This is a bug', attachments=[], hunter=Author( username='******', ), logs=[], status='accepted', tracking_status='AFI', program=ReportProgram( title='My program', slug='my-program', ), ) with self.assertRaises(YesWeHackApiClientError): client.put_report_tracking_status( report=report, tracker_name='tracker', issue_id='foo', issue_url='https://tracker.example.com/issues/foo', status='T', comment='Tracker synchronized.', )
def test_send_report_issue_create_error( self, client_mock_class: MagicMock, incident_model_mock_class: MagicMock, session_mock_class: MagicMock, ) -> None: response = create_autospec(ResponseSpec, spec_set=True) response.data = { 'sys_id': '456', 'number': 'INC0123', } client = client_mock_class(address=ANY, ) client.get_session.return_value = session_mock_class() incident_model = incident_model_mock_class(client=client, ) incident_model.__aenter__.return_value = incident_model incident_model.create.side_effect = AiosnowException tracker_client = ServiceNowTrackerClient( configuration=ServiceNowConfiguration( host='my-instance.servicenow.local', ), ) raw_report = YesWeHackRawApiReport( ywh_api=None, lazy=True, id=123, ) report = Report( raw_report=raw_report, report_id='123', title='A bug report', local_id='YWH-123', bug_type=BugType( name='bug-type', link='http://bug.example.com/type', remediation_link='http://bug.example.com/type/remediation', ), scope='', cvss=Cvss( criticity='critical', score=9.0, vector='vector', ), end_point='/', vulnerable_part='post', part_name='param', payload_sample='abcde', technical_environment='', description_html='This is a bug', attachments=[], hunter=Author(username='******', ), logs=[], status='accepted', tracking_status='AFI', program=ReportProgram( title='My program', slug='my-program', ), ) with self.assertRaises(ServiceNowTrackerClientError): tracker_client.send_report(report=report, )
def _map_raw_cvss( context: MappingContext, raw_cvss: YesWeHackRawApiCvss, ) -> Cvss: return Cvss( criticity=raw_cvss.criticity, score=raw_cvss.score, vector=raw_cvss.vector, )
def test_send_report_error_project_not_found( self, gitlab_mock_class: MagicMock, project_manager_mock_class: MagicMock, project_mock_class: MagicMock, project_issues_manager_mock_class: MagicMock, project_issue_mock_class: MagicMock, ) -> None: project_manager_mock = project_manager_mock_class(gl=ANY) gitlab_mock_class.return_value.projects = project_manager_mock project_manager_mock.get.side_effect = GitlabError('Project not found') client = GitLabTrackerClient(configuration=GitLabConfiguration( project='my-project', ), ) raw_report = YesWeHackRawApiReport( ywh_api=None, lazy=True, id=123, ) report = Report( raw_report=raw_report, report_id='123', title='A bug report', local_id='YWH-123', bug_type=BugType( name='bug-type', link='http://bug.example.com/type', remediation_link='http://bug.example.com/type/remediation', ), scope='', cvss=Cvss( criticity='critical', score=9.0, vector='vector', ), end_point='/', vulnerable_part='post', part_name='param', payload_sample='abcde', technical_environment='', description_html='This is a bug', attachments=[], hunter=Author(username='******', ), logs=[], status='accepted', tracking_status='AFI', program=ReportProgram( title='My program', slug='my-program', ), ) with self.assertRaises(GitLabTrackerClientError): client.send_report(report=report, )
def _build_report( self, report_id: int, tracking_status: str = 'AFI', attachments: Optional[List[Attachment]] = None, logs: Optional[List[Log]] = None, ) -> Report: raw_report = YesWeHackRawApiReport( ywh_api=create_autospec(YesWeHackRawApi), lazy=True, id=report_id, ) return Report( raw_report=raw_report, report_id=str(report_id), title='A bug report', local_id=f'YWH-{report_id}', bug_type=BugType( name='bug-type', link='http://bug.example.com/type', remediation_link='http://bug.example.com/type/remediation', ), scope='', cvss=Cvss( criticity='critical', score=9.0, vector='vector', ), end_point='/', vulnerable_part='post', part_name='param', payload_sample='abcde', technical_environment='', description_html='This is a bug', attachments=attachments or [], hunter=Author(username='******', ), logs=logs or [], status='accepted', tracking_status=tracking_status, program=ReportProgram( title='Program 1', slug='program1', ), )
def test_send_report( self, jira_mock_class: MagicMock, issue_mock_class: MagicMock, ) -> None: issue_mock = issue_mock_class(options=ANY, session=ANY) issue_mock.key = '456' issue_mock.permalink.return_value = 'http://tracker/issue/456' jira_mock_class.return_value.create_issue.return_value = issue_mock client = JiraTrackerClient( configuration=JiraConfiguration( project='my-project', ), ) raw_report = YesWeHackRawApiReport( ywh_api=None, lazy=True, id=123, ) report = Report( raw_report=raw_report, report_id='123', title='A bug report', local_id='YWH-123', bug_type=BugType( name='bug-type', link='http://bug.example.com/type', remediation_link='http://bug.example.com/type/remediation', ), scope='', cvss=Cvss( criticity='critical', score=9.0, vector='vector', ), end_point='/', vulnerable_part='post', part_name='param', payload_sample='abcde', technical_environment='', description_html='This is a bug', attachments=[], hunter=Author( username='******', ), logs=[], status='accepted', tracking_status='AFI', program=ReportProgram( title='My program', slug='my-program', ), ) issue = client.send_report( report=report, ) self.assertIsInstance(issue, TrackerIssue) self.assertEqual('456', issue.issue_id) self.assertEqual('http://tracker/issue/456', issue.issue_url) self.assertEqual('my-project', issue.project) self.assertFalse(issue.closed)