def test_get_exploitable_cves_counter_non_zero(self): """Test Exploitable Vulnerabilities counter.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{"exploit": ["High"]}] count = response_obj.get_exploitable_cves_counter() self.assertEqual(count, 1)
def test_get_exploitable_cves_counter_exception(self): """Test Exploitable Vulnerabilities counter Exception.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{"exploit": []}] count = response_obj.get_exploitable_cves_counter() self.assertEqual(count, None)
def test_registration_link(self): """Test Vulnerabilities count.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) link = response_obj.get_registration_link() result = urlparse(link) self.assertTrue(all([result.scheme, result.netloc, result.path]), "Invalid Link.") self.assertIsInstance(link, str)
def test_get_vulnerabilities_count_zero_exception(self): """Test Vulnerabilities count Exception.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [dict()] pub_vul, pvt_vul = response_obj.get_vulnerabilities_count() self.assertEquals(pub_vul, 0) self.assertEquals(pvt_vul, 0)
def test_get_vulnerabilities_count_non_zero_public(self): """Test Vulnerabilities count Public.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [dict(snyk_pvt_vulnerability=[False])] pub_vul, pvt_vul = response_obj.get_vulnerabilities_count() self.assertEquals(pub_vul, 1) self.assertEquals(pvt_vul, 0)
def test_get_severity_exception(self): """Test Severity with unknown value, raises exception.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{'severity': []}] severity = response_obj.get_severity() self.assertListEqual(severity, [])
def test_get_severity_known_values(self): """Test Severity with known values, expect to get medium severity.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{'severity': ["medium", "low"]}] severity = response_obj.get_severity() self.assertListEqual(severity, ["medium"])
def test_get_cve_maps_empty(self): """Test cve maps with empty cve map, expect empty list [].""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, [])
def test_get_cve_maps_non_empty(self): """Test cve maps with vulnerability data, expect to get mock data as response.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) vul_data = dict(snyk_vuln_id=["SNYK:0101"], cvss_scores=["9.0"], snyk_pvt_vulnerability=[True], snyk_cwes=["CWES-01", "CWES-02"], snyk_cvss_v3=["4.5"], severity=["medium"], title=["Test title for CVE"], snyk_url=["https://test.com/cve-01"], snyk_cve_ids=["CVE-01", "CVE-02", "CVE-03"], fixed_in=[">=0.19.0-beta.1"]) mocked_response = [ dict(vendor_cve_ids=vul_data['snyk_vuln_id'][0], cvss=vul_data['cvss_scores'][0], is_private=vul_data['snyk_pvt_vulnerability'][0], cwes=["CWES-01", "CWES-02"], cvss_v3="4.5", severity="medium", title="Test title for CVE", url="https://test.com/cve-01", cve_ids=["CVE-01", "CVE-02", "CVE-03"], fixed_in=[">=0.19.0-beta.1"]) ] response_obj._cves = [vul_data] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, mocked_response)
def test_get_message_with_pvt_vul_unequal_len(self): """Test Message with Private Vulnerability unequal len of severities and vul count.""" response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1") response_obj.pvt_vul = 2 response_obj.severity = ['high'] message = response_obj.get_message() ideal_msg = "django - 1.1 has 2 security advisory with 1 having high severity. " self.assertEqual(message, ideal_msg)
def test_get_severity_return_low(self): """Test Severity Procedure. Severity "low" has higher precedence.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [ {'severity': ['low']}, {'severity': ['low']}, ] severity = response_obj.get_severity() self.assertListEqual(severity, ['low', 'low'])
def test_get_severity_return_exception(self): """Test Severity Procedure. Severity is invalid.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [ {'severity': ['invalid1']}, {'severity': ['invalid2']}, ] with pytest.raises(Exception) as exception: response_obj.get_severity() self.assertIs(exception.type, Exception)
def test_get_link(self): """Test link to vendor website.""" link = ComponentAnalysisResponseBuilder( 'maven', 'com.fasterxml.jackson.core:jackson-databind', '2.8.9').get_link() self.assertEqual( link, "https://snyk.io/vuln/maven:" + quote("com.fasterxml.jackson.core:jackson-databind"))
def test_get_cve_maps_default(self): """Test cve maps with empty value, expect to get respose with default values.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) vul_data = dict() mocked_response = [dict( vendor_cve_ids=None, cvss='None', is_private=None, cwes=[], cvss_v3=None, severity=None, title=None, url=None, cve_ids=[], fixed_in=[]) ] response_obj._cves = [vul_data] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, mocked_response)
def test_generate_recommendation_same_version(self, _hascve, _cvemaps, _nocve, _vulcount, _severity, _response): """Test Function for Generate recommendation_same_version.""" _vulcount.return_value = (0, 0) mocked_response = {'result': {'data': [ {'version': {'version': ['1']}, 'cve': 'cve', 'package':{'latest_non_cve_version': ["1.0"]} } ]}} response = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver).generate_recommendation(mocked_response) self.assertDictEqual(response, {})
def test_get_message_with_public_vul_equal(self): """Test Message with Public Vulnerability equal len of severities and vul count.""" response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1") response_obj.public_vul = 1 response_obj.nocve_version = "3.1" response_obj.severity = ['high'] message = response_obj.get_message() ideal_msg = "django - 1.1 has 1 known security vulnerability " \ "having high severity. Recommendation: use version 3.1." self.assertEqual(message, ideal_msg)
def test_get_message_with_both_vul(self): """Test Message with Both Vulnerability.""" response_obj = ComponentAnalysisResponseBuilder("pypi", "django", "1.1") response_obj.public_vul = 1 response_obj.pvt_vul = 1 response_obj.severity = ['high'] message = response_obj.get_message() ideal_msg = "django - 1.1 has 1 known security vulnerability and 1 " \ "security advisory with 1 having high severity. " \ "No recommended version." self.assertEqual(message, ideal_msg)
def test_generate_response(self, _mock_msg, _mock_link, _mock_maps): """Test Response Generator Function.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) _mock_msg.return_value = 'You are Superb.' _mock_link.return_value = 'https://xyx.com' _mock_maps.return_value = {} response_obj.nocve_version = 1 response_obj.severity = ['high'] response_obj.public_vul = 2 response_obj.pvt_vul = 1 response = response_obj.generate_response() mocked_response = dict( recommended_versions=response_obj.nocve_version, registration_link=_mock_link.return_value, component_analyses=dict(vulnerability=_mock_maps.return_value), message=_mock_msg.return_value, severity=response_obj.severity[0], known_security_vulnerability_count=response_obj.public_vul, security_advisory_count=response_obj.pvt_vul, ) self.assertDictEqual(response, mocked_response)
def test_get_total_vulnerabilities(self): """Test Exploitable Vulnerabilities counter.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) count = response_obj.get_total_vulnerabilities() self.assertEqual(count, 0)
def test_generate_recommendation_no_recommendation(self): """Test Function for No recommendation.""" response = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver).generate_recommendation(self.graph_response) self.assertEqual(response, dict(recommendation={}))
def test_get_version_without_cves_highest(self): """Test Get highest version without cves.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) version = response_obj.get_version_without_cves(['0.6']) self.assertEqual(version, '')