def test_handle_yara_false_positive(self): # Create one entry with matches rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) result = ScannerResult(scanner=YARA) result.add_yara_result(rule=rule.name) result.save() assert result.state == UNKNOWN response = self.client.post( reverse( 'admin:scanners_scannerresult_handlefalsepositive', args=[result.pk], )) result.refresh_from_db() assert result.state == FALSE_POSITIVE # This action should send a redirect to GitHub. assert response.status_code == 302 # We create a GitHub issue draft by passing some query parameters to # GitHub. assert response['Location'].startswith( 'https://github.com/git/repo/issues/new?') assert (urlencode({ 'title': 'False positive report for ' 'ScannerResult {}'.format(result.pk) }) in response['Location']) assert urlencode({'body': '### Report'}) in response['Location'] assert (urlencode({'labels': 'false positive report'}) in response['Location']) assert 'Raw+scanner+results' in response['Location']
def test_handle_revert_report(self): # Create one entry with matches rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) result = ScannerResult(scanner=YARA, version=version_factory(addon=addon_factory())) result.add_yara_result(rule=rule.name) result.state = TRUE_POSITIVE result.save() assert result.state == TRUE_POSITIVE response = self.client.post( reverse('admin:scanners_scannerresult_handlerevert', args=[result.pk]), follow=True, ) result.refresh_from_db() assert result.state == UNKNOWN # The action should send a redirect. last_url, status_code = response.redirect_chain[-1] assert status_code == 302 # The action should redirect to the list view and the default list # filters should show the result (because its state is UNKNOWN again). html = pq(response.content) assert html('#result_list tbody tr').length == 1 # A confirmation message should also appear. assert html('.messagelist .info').length == 1
def test_list_shows_matches_only_by_default(self): # Create one entry without matches ScannerResult.objects.create(scanner=YARA) # Create one entry with matches rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) with_matches = ScannerResult(scanner=YARA) with_matches.add_yara_result(rule=rule.name) with_matches.save() response = self.client.get(self.list_url) assert response.status_code == 200 html = pq(response.content) assert html('#result_list tbody tr').length == 1
def test_list_can_show_all_entries(self): # Create one entry without matches ScannerResult.objects.create(scanner=YARA) # Create one entry with matches rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) with_matches = ScannerResult(scanner=YARA) with_matches.add_yara_result(rule=rule.name) with_matches.save() response = self.client.get(self.list_url, {MatchesFilter.parameter_name: 'all'}) assert response.status_code == 200 html = pq(response.content) expected_length = ScannerResult.objects.count() assert html('#result_list tbody tr').length == expected_length
def test_change_view_contains_link_to_results(self): rule = ScannerRule.objects.create(name='bar', scanner=YARA) result = ScannerResult(scanner=YARA) result.add_yara_result(rule=rule.name) result.save() ScannerResult.objects.create(scanner=YARA) # Doesn't match url = reverse('admin:scanners_scannerrule_change', args=(rule.pk, )) response = self.client.get(url) assert response.status_code == 200 doc = pq(response.content) link = doc('.field-matched_results_link a') assert link results_list_url = reverse('admin:scanners_scannerresult_changelist') expected_href = ( f'{results_list_url}?matched_rules__id__exact={rule.pk}' f'&has_version=all&state=all&scanner={rule.scanner}') assert link.attr('href') == expected_href assert link.text() == '1'
def test_list_can_show_all_entries(self): # Create one entry without matches ScannerResult.objects.create(scanner=YARA) # Create one entry with matches rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) with_matches = ScannerResult(scanner=YARA) with_matches.add_yara_result(rule=rule.name) with_matches.save() # Create a false positive false_positive = ScannerResult(scanner=YARA, state=FALSE_POSITIVE) false_positive.add_yara_result(rule=rule.name) false_positive.save() # Create an entry without a version without_version = ScannerResult(scanner=YARA) without_version.add_yara_result(rule=rule.name) without_version.save() response = self.client.get( self.list_url, { MatchesFilter.parameter_name: 'all', StateFilter.parameter_name: 'all', WithVersionFilter.parameter_name: 'all', }, ) assert response.status_code == 200 html = pq(response.content) expected_length = ScannerResult.objects.count() assert html('#result_list tbody tr').length == expected_length
def test_list_default(self): # Create one entry without matches, it will not be shown by default ScannerResult.objects.create( scanner=YARA, version=version_factory(addon=addon_factory()), ) # Create one entry with matches, it will be shown by default rule = ScannerRule.objects.create(name='some-rule', scanner=YARA) with_matches = ScannerResult( scanner=YARA, version=version_factory(addon=addon_factory()), ) with_matches.add_yara_result(rule=rule.name) with_matches.save() # Create a false positive, it will not be shown by default false_positive = ScannerResult( scanner=YARA, state=FALSE_POSITIVE, version=version_factory(addon=addon_factory()), ) false_positive.add_yara_result(rule=rule.name) false_positive.save() # Create an entry without a version, it will not be shown by default without_version = ScannerResult(scanner=YARA) without_version.add_yara_result(rule=rule.name) without_version.save() response = self.client.get(self.list_url) assert response.status_code == 200 html = pq(response.content) assert html('#result_list tbody tr').length == 1
def test_list_filter_matched_rules(self): rule_bar = ScannerRule.objects.create(name='bar', scanner=YARA) rule_hello = ScannerRule.objects.create(name='hello', scanner=YARA) rule_foo = ScannerRule.objects.create(name='foo', scanner=CUSTOMS) with_bar_matches = ScannerResult(scanner=YARA) with_bar_matches.add_yara_result(rule=rule_bar.name) with_bar_matches.add_yara_result(rule=rule_hello.name) with_bar_matches.save() ScannerResult.objects.create(scanner=CUSTOMS, results={'matchedRules': [rule_foo.name]}) with_hello_match = ScannerResult(scanner=YARA) with_hello_match.add_yara_result(rule=rule_hello.name) response = self.client.get( self.list_url, { 'matched_rules__id__exact': rule_bar.pk, WithVersionFilter.parameter_name: 'all', }) assert response.status_code == 200 doc = pq(response.content) assert doc('#result_list tbody tr').length == 1 assert doc('.field-formatted_matched_rules').text() == 'bar, hello'