def test_advisory_format_issue_listing(): listing = advisory_format_issue_listing([ 'CVE-1111-1234', 'CVE-1111-12345', 'CVE-1234-11111', 'CVE-1234-11112', 'CVE-1234-12345', 'CVE-1234-123456' ]) assert 'CVE-1111-1234 CVE-1111-12345 CVE-1234-11111 CVE-1234-11112\n ' + \ 'CVE-1234-12345 CVE-1234-123456' == listing
def show_generated_advisory(advisory_id, raw=False): entries = (db.session.query( Advisory, CVEGroup, CVEGroupPackage, CVE).filter(Advisory.id == advisory_id).join(CVEGroupPackage).join( CVEGroup).join(CVEGroupEntry).join(CVE).order_by(CVE.id)).all() if not entries: return not_found() advisory = entries[0][0] group = entries[0][1] package = entries[0][2] issues = sorted([issue for (advisory, group, package, issue) in entries]) severity_sorted_issues = sorted(issues, key=lambda issue: issue.issue_type) severity_sorted_issues = sorted(severity_sorted_issues, key=lambda issue: issue.severity) remote = any([issue.remote is Remote.remote for issue in issues]) issue_listing_formatted = advisory_format_issue_listing( [issue.id for issue in issues]) link = TRACKER_ADVISORY_URL.format(advisory.id, group.id) upstream_released = group.affected.split('-')[0].split( '+')[0] != group.fixed.split('-')[0].split('+')[0] upstream_version = group.fixed.split('-')[0].split('+')[0] if ':' in upstream_version: upstream_version = upstream_version[upstream_version.index(':') + 1:] unique_issue_types = [] for issue in severity_sorted_issues: if issue.issue_type not in unique_issue_types: unique_issue_types.append(issue.issue_type) references = [] if group.bug_ticket: references.append(TRACKER_BUGTRACKER_URL.format(group.bug_ticket)) references.extend([ ref for ref in multiline_to_list(group.reference) if ref not in references ]) list( map( lambda issue: references.extend([ ref for ref in multiline_to_list(issue.reference) if ref not in references ]), issues)) raw_asa = render_template('advisory.txt', advisory=advisory, group=group, package=package, issues=issues, remote=remote, issue_listing_formatted=issue_listing_formatted, link=link, workaround=advisory.workaround, impact=advisory.impact, upstream_released=upstream_released, upstream_version=upstream_version, unique_issue_types=unique_issue_types, references=references, TRACKER_ISSUE_URL=TRACKER_ISSUE_URL, TRACKER_GROUP_URL=TRACKER_GROUP_URL) if raw: return raw_asa raw_asa = '\n'.join(raw_asa.split('\n')[2:]) raw_asa = str(escape(raw_asa)) raw_asa = advisory_extend_html(raw_asa, issues, package) return render_html_advisory(advisory=advisory, package=package, group=group, raw_asa=raw_asa, generated=True)
def test_advisory_format_issue_listing_single_issue(): listing = advisory_format_issue_listing(['CVE-1111-1234']) assert 'CVE-1111-1234' == listing
def test_advisory_format_issue_listing_single_row(): listing = advisory_format_issue_listing([ 'CVE-1111-1234', 'CVE-1111-12345', 'CVE-1234-11111', 'CVE-1234-11112' ]) assert 'CVE-1111-1234 CVE-1111-12345 CVE-1234-11111 CVE-1234-11112' == listing