def test_list_cves_paginated(app, create_cves):
old = app.config["CVES_PER_PAGE"]
app.config["CVES_PER_PAGE"] = 3
create_cves([
"CVE-2018-18074",
"CVE-2020-9392",
"CVE-2020-26116",
"CVE-2020-27781",
"CVE-2019-17052",
])
with app.test_request_context():
cves = CveController.list_items()
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2019-17052",
"CVE-2020-26116",
"CVE-2020-27781",
]
cves = CveController.list_items({"page": 2})
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2018-18074",
"CVE-2020-9392",
]
with pytest.raises(NotFound):
cves = CveController.list_items({"page": 3})
app.config["CVES_PER_PAGE"] = old
def test_filtered_by_cwe(app, create_cves, args, result):
create_cves([
"CVE-2018-18074", "CVE-2020-9392", "CVE-2020-26116", "CVE-2020-27781"
])
with app.test_request_context():
cves = CveController.list_items(args)
assert sorted([cve.cve_id for cve in cves]) == result
def test_filtered_by_tags(app, create_cve, create_user):
cve_2018_18074 = create_cve("CVE-2018-18074")
cve_2020_9392 = create_cve("CVE-2020-9392")
cve_2020_26116 = create_cve("CVE-2020-26116")
create_cve("CVE-2020-27781")
user = create_user()
user.tags = [
UserTag(name="tag1", description="foo", color="#fff"),
UserTag(name="tag2", description="foo", color="#fff"),
]
db.session.add(CveTag(user_id=user.id, cve_id=cve_2018_18074.id, tags=["tag1"]))
db.session.add(
CveTag(user_id=user.id, cve_id=cve_2020_9392.id, tags=["tag1", "tag2"])
)
db.session.add(CveTag(user_id=user.id, cve_id=cve_2020_26116.id, tags=["tag2"]))
db.session.commit()
# Tag is not in user's list of tags
with pytest.raises(NotFound):
CveController.list_items({"user_id": user.id, "tag": "notfound"})
with app.test_request_context():
cves = CveController.list_items()
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2018-18074",
"CVE-2020-26116",
"CVE-2020-27781",
"CVE-2020-9392",
]
cves = CveController.list_items({"user_id": user.id, "tag": "tag1"})
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2018-18074",
"CVE-2020-9392",
]
cves = CveController.list_items({"user_id": user.id, "tag": "tag2"})
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2020-26116",
"CVE-2020-9392",
]
def test_list_cves(app, create_cves):
create_cves(["CVE-2018-18074", "CVE-2020-9392", "CVE-2020-26116", "CVE-2020-27781"])
with app.test_request_context():
cves = CveController.list_items()
assert len(cves) == 4
assert sorted([cve.cve_id for cve in cves]) == [
"CVE-2018-18074",
"CVE-2020-26116",
"CVE-2020-27781",
"CVE-2020-9392",
]
def get(self, name):
VendorController.get({"name": name})
return CveController.list_items({**request.args, "vendor": name})
def get(self):
return CveController.list_items(request.args)
def test_vendors_products_not_found(app):
with app.test_request_context():
with pytest.raises(NotFound):
CveController.list_items({"vendor": "foo"})
with pytest.raises(NotFound):
CveController.list_items({"vendor": "foo", "product": "bar"})
def test_filtered_by_vendors_products(app, create_cves, args, result):
create_cves(["CVE-2019-8075", "CVE-2019-17052", "CVE-2020-27781"])
with app.test_request_context():
cves = CveController.list_items(args)
assert sorted([cve.cve_id for cve in cves]) == result
def get(self, vendor, product):
ProductController.get({"vendor": vendor, "product": product})
return CveController.list_items(
{**request.args, "vendor": vendor, "product": product}
)
def get(self, id):
CweController.get({"cwe_id": id})
return CveController.list_items({**request.args, "cwe": id})