def test_add_update_unique_node_with_diff_properties_status_opened(): """Test add/update security node with opended status (closed_at should not come in query).""" pcve = IngestionData(_get_sample_payload_status_opened()) se = pcve.security_event g = Traversel() g.add_update_unique_node_with_diff_properties(pcve.security_event, pcve.updated_security_event).next() assert ("g.V().has('url', '{san_url}')" ".fold()" ".coalesce(unfold()" ".property('vertex_label', '{vertex_label}')" ".property('status', '{e_status}')" ".property('title', '{san_title}')" ".property('body', '{san_body}')" ".property('updated_at', {updated_at})" ".property('ecosystem', '{e_ecosystem}')" ".property('probable_cve', '{probable_cve}')" ".property('cves', '{cve1}')" ".property('updated_date', {updated_date})" ".property('updated_yearmonth', {updated_yearmonth})" ".property('updated_year', {updated_year})" ", " "addV('security_event')" ".property('vertex_label', '{vertex_label}')" ".property('event_type', '{e_event_type}')" ".property('url', '{san_url}')" ".property('api_url', '{san_api_url}')" ".property('status', '{e_status}')" ".property('title', '{san_title}')" ".property('body', '{san_body}')" ".property('event_id', '{event_id}')" ".property('created_at', {created_at})" ".property('updated_at', {updated_at})" ".property('repo_name', '{repo_name}')" ".property('repo_path', '{san_repo_path}')" ".property('ecosystem', '{e_ecosystem}')" ".property('creator_name', '{creator_name}')" ".property('creator_url', '{san_creator_url}')" ".property('probable_cve', '{probable_cve}')" ".property('cves', '{cve1}')" ".property('updated_date', {updated_date})" ".property('updated_yearmonth', {updated_yearmonth})" ".property('updated_year', {updated_year})" ".property('feedback_count', {feedback_count})" ".property('overall_feedback', '{e_overall_feedback}')" ").next()".format(e_status=se.status.value, e_event_type=se.event_type.value, e_ecosystem=se.ecosystem.value, e_overall_feedback=se.overall_feedback.value, san_url=sanitize(se.url), san_api_url=sanitize(se.api_url), san_creator_url=sanitize(se.creator_url), san_repo_path=sanitize(se.repo_path), san_title=sanitize(se.title), san_body=sanitize(se.body), cve1=se.cves.pop(), **pcve.security_event.__dict__) == str(g))
def _get_security_event_query_filters(args: Dict) -> str: assert 'updated_at' in get_type_hints(SecurityEvent) query = [] ecosystem = args['ecosystem'] query.append('''has('ecosystem', '{ecosystem}')'''.format(ecosystem=EcosystemType[ecosystem].value)) # will retrive only probable cve data query.append('''has('probable_cve', 1)''') repo = args['repo'] if isinstance(repo, list) and len(repo) > 0: repo = sanitize(repo) query.append('''has('repo_name', within({repo}))'''.format(repo=repo)) updated_dates = args['updated_date'] if isinstance(updated_dates, list) and len(updated_dates) > 0: query.append('''has('updated_date', within({updated_dates}))'''.format(updated_dates=updated_dates)) updated_yearmonth = args['updated_yearmonth'] if isinstance(updated_yearmonth, list) and len(updated_yearmonth) > 0: query.append('''has('updated_yearmonth', within({updated_yearmonth}))''' .format(updated_yearmonth=updated_yearmonth)) return _identity_or_conditional(query)
def test_drop_out_edge_with_primary_key(): """Test for drop out edge.""" g = Traversel() feedback = Feedback(author="test", feedback_type=FeedBackType.POSITIVE, comments="test comment", feedback_url="https://api.github.com/repos/org25/repo10/issues/10") g.drop_out_edge(feedback) assert ("g.V()" ".has('author', '{author}')" ".has('feedback_url', '{feedback_url}')" ".outE().drop().iterate()" .format(author=feedback.author, feedback_url=sanitize(feedback.feedback_url)) == str(g))
def test_add_feedback_test(): """Test feedback query string.""" feedback_data = { "author": "test", "comments": "test comment", "url": "https://github.com/spf13/cobra/issues/988", "feedback_type": "POSITIVE" } edge_label = 'reinforces' if feedback_data[ 'feedback_type'] == 'POSITIVE' else 'weakens' feedback_query = _get_feedback_query(feedback_data) feedback_query_single_line = "".join( feedback_query.replace(" ", "").splitlines()) expected_query = ''' g.V().has('author', '{author}').has('feedback_url', '{url}').outE().drop().iterate(); g.V().has('url', '{url}') .and(V().has('author', '{author}').has('feedback_url', '{url}') .fold().coalesce(unfold(), addV('feedback')).property('vertex_label', 'feedback') .property('author', '{author}').property('feedback_type', '{feedback_type}') .property('feedback_url', '{url}').property('comments', '{comments}')) .V().has('author', '{author}').has('feedback_url', '{url}').as('reinforces') .V().has('url', '{url}').coalesce(__.inE('{edge_label}').where(outV().as('{edge_label}')) , addE('{edge_label}').from('{edge_label}')).next(); result = g.V().has('url','{url}') .union(inE().count(), inE().hasLabel('reinforces').count(), inE().hasLabel('weakens').count()).toList(); g.V().has('url', '{url}') .property('feedback_count', result[0]) .property('overall_feedback', result[1]==result[2] ? 'neutral' : (result[2] > result[1] ? 'negative': 'positive'));'''\ .format(author=feedback_data['author'], comments=sanitize(feedback_data['comments']), url=sanitize(feedback_data['url']), edge_label=edge_label, feedback_type=FeedBackType.POSITIVE.value) expected_query_single_line = "".join( expected_query.replace(" ", "").splitlines()) assert (feedback_query_single_line == expected_query_single_line)
def test_query_string(): """Test case to check query string generation.""" expected_query = ''' g.V() .has('ecosystem', '{ecosystem}') .has('probable_cve', 1) .has('repo_name', within({repo_name})) .has('updated_date', within({updated_date})) .has('updated_yearmonth', within({updated_yearmonth})) .as('security_event').select('security_event') .by(valueMap())'''\ .format(ecosystem=EcosystemType[args['ecosystem']].value, repo_name=sanitize(args['repo']), updated_date=args['updated_date'], updated_yearmonth=args['updated_yearmonth']) expected_query_single_line = "".join( expected_query.replace(" ", "").splitlines()) query = _query_template().format( security_event_query=_get_security_event_query_filters(args)) query_single_line = "".join(query.replace(" ", "").splitlines()) assert (query_single_line == expected_query_single_line)
def get_feedback(payload): """Get the feedbacks for a given security url.""" query = _get_feedback_teamplate().format(url=sanitize(payload['url'])) return execute_query(query)['result']['data']
def _update_security_event(url: str) -> str: return _update_security_event_template().format(url=sanitize(url))
def test_string_sanitization_with_empty(): """Test Empty String.""" assert sanitize('') == ''
def test_string_sanitization_with_special_char_list_1(): """Test with special character in list.""" assert sanitize(['foo)"bar', 'b b']) == "'foo%29%22bar', 'b%20b'"
def test_string_sanitization_with_a_list(): """Test with normal list.""" assert sanitize(['a', 'b']) == "'a', 'b'"
def test_string_sanitization_with_empty_list(): """Test with Empty list.""" assert sanitize([]) == ''
def test_string_sanitization_with_special_chars(): """Test Special characters.""" assert sanitize('foo)"bar') == 'foo%29%22bar'
def test_string_sanitization_with_normal_chars(): """Test normal characters.""" assert sanitize('foo') == 'foo'
def test_string_sanitization_with_none(): """Test None.""" with pytest.raises(Exception) as exception: sanitize(None) assert "Unexpected type" in str(exception.value)
def get_security_event_by_url(data, url): """Get security events by url.""" return next(x for x in data if x["url"][0] == sanitize(url))
def _value_encoding(val): if type(val) in (int, float): # pylint: disable=unidiomatic-typecheck return "{}".format(str(val)) if isinstance(val, Enum): return Traversel._value_encoding(val.value) return "'{}'".format(sanitize(str(val)))
def test_string_sanitization_with_none_list(): """Test with None list.""" with pytest.raises(Exception): sanitize([None])