def test_get_exploitable_cves_counter_non_zero(self):
"""Test Exploitable Vulnerabilities counter."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{"exploit": ["High"]}]
count = response_obj.get_exploitable_cves_counter()
self.assertEqual(count, 1)
def test_get_exploitable_cves_counter_exception(self):
"""Test Exploitable Vulnerabilities counter Exception."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{"exploit": []}]
count = response_obj.get_exploitable_cves_counter()
self.assertEqual(count, None)
def test_registration_link(self):
"""Test Vulnerabilities count."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
link = response_obj.get_registration_link()
result = urlparse(link)
self.assertTrue(all([result.scheme, result.netloc, result.path]), "Invalid Link.")
self.assertIsInstance(link, str)
def test_get_vulnerabilities_count_zero_exception(self):
"""Test Vulnerabilities count Exception."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [dict()]
pub_vul, pvt_vul = response_obj.get_vulnerabilities_count()
self.assertEquals(pub_vul, 0)
self.assertEquals(pvt_vul, 0)
def test_get_vulnerabilities_count_non_zero_public(self):
"""Test Vulnerabilities count Public."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [dict(snyk_pvt_vulnerability=[False])]
pub_vul, pvt_vul = response_obj.get_vulnerabilities_count()
self.assertEquals(pub_vul, 1)
self.assertEquals(pvt_vul, 0)
def test_get_severity_exception(self):
"""Test Severity with unknown value, raises exception."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{'severity': []}]
severity = response_obj.get_severity()
self.assertListEqual(severity, [])
def test_get_severity_known_values(self):
"""Test Severity with known values, expect to get medium severity."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{'severity': ["medium", "low"]}]
severity = response_obj.get_severity()
self.assertListEqual(severity, ["medium"])
def test_get_cve_maps_empty(self):
"""Test cve maps with empty cve map, expect empty list []."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = []
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, [])
def test_get_cve_maps_non_empty(self):
"""Test cve maps with vulnerability data, expect to get mock data as response."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
vul_data = dict(snyk_vuln_id=["SNYK:0101"],
cvss_scores=["9.0"],
snyk_pvt_vulnerability=[True],
snyk_cwes=["CWES-01", "CWES-02"],
snyk_cvss_v3=["4.5"],
severity=["medium"],
title=["Test title for CVE"],
snyk_url=["https://test.com/cve-01"],
snyk_cve_ids=["CVE-01", "CVE-02", "CVE-03"],
fixed_in=[">=0.19.0-beta.1"])
mocked_response = [
dict(vendor_cve_ids=vul_data['snyk_vuln_id'][0],
cvss=vul_data['cvss_scores'][0],
is_private=vul_data['snyk_pvt_vulnerability'][0],
cwes=["CWES-01", "CWES-02"],
cvss_v3="4.5",
severity="medium",
title="Test title for CVE",
url="https://test.com/cve-01",
cve_ids=["CVE-01", "CVE-02", "CVE-03"],
fixed_in=[">=0.19.0-beta.1"])
]
response_obj._cves = [vul_data]
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, mocked_response)
def test_get_message_with_pvt_vul_unequal_len(self):
"""Test Message with Private Vulnerability unequal len of severities and vul count."""
response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1")
response_obj.pvt_vul = 2
response_obj.severity = ['high']
message = response_obj.get_message()
ideal_msg = "django - 1.1 has 2 security advisory with 1 having high severity. "
self.assertEqual(message, ideal_msg)
def test_get_severity_return_low(self):
"""Test Severity Procedure. Severity "low" has higher precedence."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [
{'severity': ['low']},
{'severity': ['low']},
]
severity = response_obj.get_severity()
self.assertListEqual(severity, ['low', 'low'])
def test_get_severity_return_exception(self):
"""Test Severity Procedure. Severity is invalid."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [
{'severity': ['invalid1']},
{'severity': ['invalid2']},
]
with pytest.raises(Exception) as exception:
response_obj.get_severity()
self.assertIs(exception.type, Exception)
def test_get_link(self):
"""Test link to vendor website."""
link = ComponentAnalysisResponseBuilder(
'maven', 'com.fasterxml.jackson.core:jackson-databind',
'2.8.9').get_link()
self.assertEqual(
link, "https://snyk.io/vuln/maven:" +
quote("com.fasterxml.jackson.core:jackson-databind"))
def test_get_cve_maps_default(self):
"""Test cve maps with empty value, expect to get respose with default values."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
vul_data = dict()
mocked_response = [dict(
vendor_cve_ids=None,
cvss='None',
is_private=None,
cwes=[],
cvss_v3=None,
severity=None,
title=None,
url=None,
cve_ids=[],
fixed_in=[])
]
response_obj._cves = [vul_data]
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, mocked_response)
def test_generate_recommendation_same_version(self, _hascve, _cvemaps, _nocve,
_vulcount, _severity, _response):
"""Test Function for Generate recommendation_same_version."""
_vulcount.return_value = (0, 0)
mocked_response = {'result': {'data': [
{'version': {'version': ['1']},
'cve': 'cve',
'package':{'latest_non_cve_version': ["1.0"]}
}
]}}
response = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver).generate_recommendation(mocked_response)
self.assertDictEqual(response, {})
def test_get_message_with_public_vul_equal(self):
"""Test Message with Public Vulnerability equal len of severities and vul count."""
response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1")
response_obj.public_vul = 1
response_obj.nocve_version = "3.1"
response_obj.severity = ['high']
message = response_obj.get_message()
ideal_msg = "django - 1.1 has 1 known security vulnerability " \
"having high severity. Recommendation: use version 3.1."
self.assertEqual(message, ideal_msg)
def test_get_message_with_both_vul(self):
"""Test Message with Both Vulnerability."""
response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1")
response_obj.public_vul = 1
response_obj.pvt_vul = 1
response_obj.severity = ['high']
message = response_obj.get_message()
ideal_msg = "django - 1.1 has 1 known security vulnerability and 1 " \
"security advisory with 1 having high severity. " \
"No recommended version."
self.assertEqual(message, ideal_msg)
def test_generate_response(self, _mock_msg, _mock_link, _mock_maps):
"""Test Response Generator Function."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
_mock_msg.return_value = 'You are Superb.'
_mock_link.return_value = 'https://xyx.com'
_mock_maps.return_value = {}
response_obj.nocve_version = 1
response_obj.severity = ['high']
response_obj.public_vul = 2
response_obj.pvt_vul = 1
response = response_obj.generate_response()
mocked_response = dict(
recommended_versions=response_obj.nocve_version,
registration_link=_mock_link.return_value,
component_analyses=dict(vulnerability=_mock_maps.return_value),
message=_mock_msg.return_value,
severity=response_obj.severity[0],
known_security_vulnerability_count=response_obj.public_vul,
security_advisory_count=response_obj.pvt_vul,
)
self.assertDictEqual(response, mocked_response)
def test_get_total_vulnerabilities(self):
"""Test Exploitable Vulnerabilities counter."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
count = response_obj.get_total_vulnerabilities()
self.assertEqual(count, 0)
def test_generate_recommendation_no_recommendation(self):
"""Test Function for No recommendation."""
response = ComponentAnalysisResponseBuilder(
self.eco, self.pkg,
self.ver).generate_recommendation(self.graph_response)
self.assertEqual(response, dict(recommendation={}))
def test_get_version_without_cves_highest(self):
"""Test Get highest version without cves."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
version = response_obj.get_version_without_cves(['0.6'])
self.assertEqual(version, '')
