def suggestPayout(report: ReportWrapper) -> Optional[BountyInfo]: """ Returns a BountyInfo containing a suggested payout and the standard deviation for the given report """ if xss.match(report.getReportBody(), report.getReportWeakness()): return suggestPayoutGivenType(config.payoutDB['xss'], report.getVulnDomains()) if openRedirect.match(report.getReportBody(), report.getReportWeakness()): return suggestPayoutGivenType(config.payoutDB['open redirect'], report.getVulnDomains()) if sqli.match(report.getReportBody(), report.getReportWeakness()): return suggestPayoutGivenType(config.payoutDB['sqli'], report.getVulnDomains()) return None
def test_ReportWrapperGetters(): r = ReportWrapper(openRedirectReproJson) assert r.getReportID() == '239981' assert r.getLatestActivity() == ("blah open_redirect\n\n[some](http://example.com/redir.php?QUERY_STRING=" "https://google.com)") assert r.getReportBody() == ("blah open_redirect\n\n[some](http://example.com/redir.php?QUERY_STRING=" "https://google.com)") assert r.getReportWeakness() == "Open Redirect" assert r.getReportTitle() == "open redirect" assert r.getVulnDomains() == ['example.com'] r = ReportWrapper(openRedirectUnreproJson) assert r.getReportID() == '240035' assert r.getLatestActivity() == ("this is detected as an open redirect but there is no markdown link to it\n\n" "https://example.com/redir.php?QUERY_STRING=https://google.com") assert r.getReportBody() == ("this is detected as an open redirect but there is no markdown link to it\n\n" "https://example.com/redir.php?QUERY_STRING=https://google.com") assert r.getReportWeakness() == "Open Redirect" assert r.getReportTitle() == "malformed open redirect" assert r.getVulnDomains() == ['example.com']