def test_fetch_cve_metadata_with_not_affected_pkgs(self, requests_get):
response_impact_and_affected_pkgs = [{
'affects': [{
'affected': None,
'cvss2': None,
'cvss3': None,
'impact': None,
'ps_component': 'openssl097a',
'ps_module': 'rhel-5',
'resolution': 'wontfix'
}, {
'affected': 'notaffected',
'cvss2': None,
'cvss3': None,
'impact': None,
'ps_component': 'nss',
'ps_module': 'rhel-5',
'resolution': None
}],
'impact':
'important'
}]
requests_get.side_effect = [
MockResponse(response_impact_and_affected_pkgs)
]
sfm2 = SFM2API()
highest_cve_severity, affected_pkgs = sfm2.fetch_cve_metadata(
["CVE-1"])
self.assertEqual(highest_cve_severity, "important")
self.assertEqual(affected_pkgs, [])
def __init__(self,
errata_id,
name,
state,
content_types,
security_impact=None,
product_short_name=None,
cve_list=None,
has_hightouch_bug=None):
"""
Initializes the ErrataAdvisory instance.
"""
self.errata_id = errata_id
self.name = name
self.state = state
self.content_types = content_types
self.security_impact = security_impact or ""
self.product_short_name = product_short_name or ""
self.cve_list = cve_list or []
self.has_hightouch_bug = has_hightouch_bug
sfm2 = SFM2API()
self.highest_cve_severity, self.affected_pkgs = sfm2.fetch_cve_metadata(
self.cve_list)
def test_fetch_cve_metadata_empty_affects_and_impact(self, requests_get):
sfm2 = SFM2API()
requests_get.return_value = MockResponse([{
'affects': [],
'impact': None
}])
highest_cve_severity, affected_pkgs = sfm2.fetch_cve_metadata(
["CVE-1"])
self.assertEqual(highest_cve_severity, None)
self.assertEqual(affected_pkgs, [])
def test_fetch_cve_metadata_unspecified_impact_only(self, requests_get):
impacts = ["unspecified", "none"]
requests_get.side_effect = [
MockResponse([{
'affects': [],
'impact': impact
}]) for impact in impacts
]
sfm2 = SFM2API()
highest_cve_severity, _ = sfm2.fetch_cve_metadata(["CVE-1", "CVE-2"])
self.assertEqual(highest_cve_severity, None)
def test_fetch_cve_metadata_with_error(self, requests_get):
for status_code in [400, 500]:
error_response = MagicMock()
error_response.status_code = status_code
error_response.raise_for_status.side_effect = HTTPError(
"Expected exception", response=error_response)
sfm2 = SFM2API()
highest_cve_severity, affected_pkgs = sfm2.fetch_cve_metadata(
["CVE-1"])
self.assertEqual(highest_cve_severity, None)
self.assertEqual(affected_pkgs, [])
def test_fetch_cve_metadata(self, requests_get):
impacts = ["low", "moderate", "important", "critical"]
sfm2 = SFM2API()
for num_of_cves in range(1, 4):
requests_get.side_effect = [
MockResponse([{
'affects': [],
'impact': impacts[num_of_cves - 1]
}])
]
highest_cve_severity, _ = sfm2.fetch_cve_metadata(
["CVE-%s" % num_of_cves])
self.assertEqual(highest_cve_severity,
impacts[num_of_cves - 1].lower())
def test_fetch_cve_metadata_empty_list(self, requests_get):
sfm2 = SFM2API()
highest_cve_severity, _ = sfm2.fetch_cve_metadata([])
self.assertEqual(highest_cve_severity, None)
requests_get.assert_not_called()