def test_get_all_archived_scoring_sessions(self): self.login_user('admin', 'admin') result = self.app.get('/archives') expected_result = self.data['archived_sessions'] convert_all_datetime_to_timestamp(expected_result) assert result.status_code == 200 assert json.loads(result.data) == expected_result
def test_get_current_scoring_session(self): self.login_user('admin', 'admin') rest_result = self.app.get('/scoring') expected_result = self.data['session'][0] convert_all_datetime_to_timestamp(expected_result, ['start_time', 'end_time']) assert rest_result.status_code == 200 print rest_result.data assert json.loads(rest_result.data) == self.data['session'][0]
def get_scoring_session(): data = g.db.get_current_scoring_session() if len(data) == 0: return Response(status=404) convert_all_datetime_to_timestamp(data, ["start_time", "end_time"]) js = json.dumps(data[0], default=json_util.default) resp = Response(js, status=200, mimetype="application/json") return resp
def get_specific_archived_scoring_session(session_id): data = g.db.get_specific_archived_scoring_session(session_id) if len(data) == 0: return Response(status=404) convert_all_datetime_to_timestamp(data) js = json.dumps(data[0], default=json_util.default) resp = Response(js, status=200, mimetype='application/json') return resp
def get_specific_attack_check_for_team(team_id, check_id): data = g.db.get_specific_attacker_check(check_id, team_id) if len(data) == 0: return Response(status=404) convert_all_datetime_to_timestamp(data, ['timestamp']) js = json.dumps(data, default=json_util.default) resp = Response(js, status=200, mimetype='application/json') return resp
def test_get_specific_archived_scoring_session(self): self.login_user('admin', 'admin') result = self.app.get('/archives/first_session') assert result.status_code == 200 result_data = [obj for obj in self.data['archived_sessions'] if obj['id'] == 'first_session'][0] del result_data['id'] convert_all_datetime_to_timestamp(result_data) json_result = json.loads(result.data) assert json_result == result_data
def test_get_all_completed_checks(self): self.login_user("admin", "admin") rest_result = self.app.get("/teams/checks") print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [obj for obj in self.data["completed_checks"]] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i in expected_result: convert_all_datetime_to_timestamp(i, ["timestamp", "time_to_check"]) assert json_result == expected_result
def test_get_all_attack_checks(self): self.login_user('admin', 'admin') rest_result = self.app.get('/checks/attacks') print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [obj for obj in self.data['active_checks'] if obj['type'] == 'attacker'] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i in expected_result: del i['type'] convert_all_datetime_to_timestamp(i, ['timestamp', 'time_to_check']) assert json_result == expected_result
def test_get_specific_attack_check_for_specific_team(self): self.login_user('admin', 'admin') rest_result = self.app.get('/checks/attacks/MySecurityHole/teams/1') print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [obj for obj in self.data['active_checks'] if obj['type'] == 'attacker' and obj['team_id'] == '1' and obj['id'] == 'MySecurityHole'] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i in expected_result: del i['team_id'], i['type'], i['id'] convert_all_datetime_to_timestamp(i, ['timestamp', 'time_to_check']) assert json_result == expected_result
def test_get_specific_inject_check_for_specific_team(self): self.login_user('admin', 'admin') rest_result = self.app.get('/teams/1/checks/injects/RemovedFiles') print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [obj for obj in self.data['completed_checks'] if obj['team_id'] == '1' and obj['type'] == 'inject' and obj['id'] == 'RemovedFiles'] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i in expected_result: del i['team_id'], i['type'], i['id'] convert_all_datetime_to_timestamp(i, ['timestamp', 'time_to_check']) assert json_result == expected_result
def test_create_manual_check_for_team_exists(self): self.login_user('admin', 'admin') query_data = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '1'][0] del query_data['team_id'], query_data['type'] convert_all_datetime_to_timestamp(query_data, ['timestamp']) result_data = { "type": "Exists", "reason": "A manual check with the id 'BoardPresentation' for team '1' already exists" } post = self.app.post('/checks/manual/teams/1', data=json.dumps(query_data), follow_redirects=True) print post.status_code, post.data assert post.status_code == 403 assert json.loads(post.data) == result_data
def test_get_specific_manual_check_for_specific_team(self): self.login_user('admin', 'admin') rest_result = self.app.get('/checks/manual/BoardPresentation/teams/1') print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [obj for obj in self.data['completed_checks'] if obj['type'] == 'manual' and obj['team_id'] == '1' and obj['id'] == 'BoardPresentation'] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i, j in zip(expected_result, json_result): del i['team_id'], i['type'], i['id'] convert_all_datetime_to_timestamp(i, ['timestamp', 'time_to_check']) show_difference_between_dicts(i, j) assert json_result == expected_result
def test_create_archived_scoring_session(self): self.login_user('admin', 'admin') query_data = { "id": "second_session" } result_data = [obj for obj in self.data['archived_sessions'] if obj['id'] == 'first_session'][0] del result_data['id'] convert_all_datetime_to_timestamp(result_data) post = self.app.post('/archives', data=json.dumps(query_data), follow_redirects=True) assert post.status_code == 201 assert post.headers['Location'] == 'http://localhost/archives/second_session' result = self.app.get('/archives/second_session') assert result.status_code == 200 assert json.loads(result.data) == result_data
def test_get_all_manual_checks_for_specific_team(self): self.login_user("admin", "admin") rest_result = self.app.get("/teams/1/checks/manual") print rest_result.status_code, rest_result.data assert rest_result.status_code == 200 expected_result = [ obj for obj in self.data["completed_checks"] if obj["team_id"] == "1" and obj["type"] == "manual" ] json_result = json.loads(rest_result.data) assert len(json_result) == len(expected_result) for i in expected_result: del i["team_id"], i["type"] convert_all_datetime_to_timestamp(i, ["timestamp", "time_to_check"]) assert json_result == expected_result
def test_create_archived_scoring_session_missing_param(self): self.login_user('admin', 'admin') query_data = {} post_data = { "type": "IllegalParameter", "reason": "Required parameter 'id' is not specified." } result_data = self.data['archived_sessions'] for i in result_data: convert_all_datetime_to_timestamp(i) post = self.app.post('/archives', data=json.dumps(query_data), follow_redirects=True) assert post.status_code == 403 assert json.loads(post.data) == post_data result = self.app.get('/archives') assert result.status_code == 200 assert json.loads(result.data) == result_data
def get_all_attack_checks_for_team(team_id): data = g.db.get_all_attacker_checks_for_team(team_id) convert_all_datetime_to_timestamp(data, ['timestamp', 'time_to_check']) js = json.dumps(data, default=json_util.default) resp = Response(js, status=200, mimetype='application/json') return resp
def get_all_archived_scoring_sessions(): data = g.db.get_all_archived_scoring_sessions() convert_all_datetime_to_timestamp(data) js = json.dumps(data, default=json_util.default) resp = Response(js, status=200, mimetype='application/json') return resp
def get_all_inject_checks(): data = g.db.get_all_inject_checks() convert_all_datetime_to_timestamp(data, ['time_to_check']) js = json.dumps(data, default=json_util.default) resp = Response(js, status=200, mimetype='application/json') return resp