def test_update_exception(self): vuln = MockVuln() kb.append('a', 'b', vuln) original_id = vuln.get_uniq_id() # Cause error by changing vuln uniq_id update_vuln = vuln update_vuln._uniq_id = str(uuid.uuid4()) modified_id = vuln.get_uniq_id() self.assertNotEqual(original_id, modified_id) self.assertRaises(DBException, kb.update, vuln, update_vuln)
def test_update_exception(self): vuln = MockVuln() kb.append('a', 'b', vuln) original_id = vuln.get_uniq_id() # Cause error by changing vuln uniq_id update_vuln = vuln update_vuln.set_name('a') modified_id = vuln.get_uniq_id() self.assertNotEqual(original_id, modified_id) self.assertRaises(DBException, kb.update, vuln, update_vuln)
def test_get_one(self): vuln = MockVuln() kb.append('a', 'b', vuln) kb_vuln = kb.get_one('a', 'b') #pylint: disable=E1103 self.assertEqual(kb_vuln.get_uniq_id(), vuln.get_uniq_id()) self.assertEqual(kb_vuln, vuln)
def test_all_of_info_exclude_ids(self): i1 = MockInfo() i2 = MockInfo() v1 = MockVuln() v2 = MockVuln() iset = InfoSet([i2]) vset = InfoSet([v2]) kb.append('a', 'b', i1) kb.append('w', 'z', iset) kb.append('x', 'y', v1) kb.append('4', '2', vset) all_findings = kb.get_all_findings() all_findings_except_v1 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(),)) all_findings_except_v1_v2 = kb.get_all_findings(exclude_ids=(v1.get_uniq_id(), vset.get_uniq_id())) self.assertEqual(all_findings, [i1, iset, v1, vset]) self.assertEqual(all_findings_except_v1, [i1, iset, vset]) self.assertEqual(all_findings_except_v1_v2, [i1, iset])
def test_cache_works_as_expected(self): # # Cache starts empty # cache = FindingsCache() self.assertEquals(cache.list(), []) # # Create two vulnerabilities with their HTTP requests and responses # _id = 1 name = 'I have a name' vuln1 = MockVuln(_id=_id) vuln1.set_name(name) url = URL('http://w3af.com/a/b/c.php') hdr = Headers([('User-Agent', 'w3af')]) request = HTTPRequest(url, data='a=1') request.set_headers(hdr) hdr = Headers([('Content-Type', 'text/html')]) res = HTTPResponse(200, '<html>', hdr, url, url) h1 = HistoryItem() h1.request = request res.set_id(_id) h1.response = res h1.save() _id = 2 name = 'Just a name' vuln2 = MockVuln(_id=_id) vuln2.set_name(name) url = URL('http://w3af.com/a/b/c.php') hdr = Headers([('User-Agent', 'w3af')]) request = HTTPRequest(url, data='a=1') request.set_headers(hdr) hdr = Headers([('Content-Type', 'text/html')]) res = HTTPResponse(200, '<html>', hdr, url, url) h2 = HistoryItem() h2.request = request res.set_id(_id) h2.response = res h2.save() # # Save one vulnerability to the KB and call the cache-user # kb.kb.append('a', 'b', vuln1) x = xml_file() list(x.findings()) self.assertEquals(cache.list(), [vuln1.get_uniq_id()]) # # Save another vulnerability to the KB and call the cache-user # kb.kb.append('a', 'c', vuln2) list(x.findings()) expected = {vuln1.get_uniq_id(), vuln2.get_uniq_id()} self.assertEquals(set(cache.list()), expected) # # Remove one vulnerability and see how it is removed from the cache # kb.kb.raw_write('a', 'c', 'noop') list(x.findings()) expected = {vuln1.get_uniq_id()} self.assertEquals(set(cache.list()), expected)