def test_valid_args_but_no_filepath(self):
with self.assertRaises(SystemExit):
with capture_sys_output() as (_, stderr):
parse_args(['-j'])
EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT]
[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]
[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]
[-trim] [-i]
python -m pyt: error: The -f/--filepath argument is required\n"""
self.assertEqual(stderr.getvalue(), EXPECTED)
def test_no_args(self):
with self.assertRaises(SystemExit):
with capture_sys_output() as (stdout, _):
parse_args([])
self.maxDiff = None
EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT]
[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]
[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]
[-r] [-x EXCLUDED_PATHS] [--dont-prepend-root]
[--no-local-imports] [-trim] [-i]
targets [targets ...]
required arguments:
targets source file(s) or directory(s) to be tested
optional arguments:
-a ADAPTOR, --adaptor ADAPTOR
Choose a web framework adaptor: Flask(Default),
Django, Every or Pylons
-pr PROJECT_ROOT, --project-root PROJECT_ROOT
Add project root, only important when the entry file
is not at the root of the project.
-b BASELINE_JSON_FILE, --baseline BASELINE_JSON_FILE
Path of a baseline report to compare against (only
JSON-formatted files are accepted)
-j, --json Prints JSON instead of report.
-m BLACKBOX_MAPPING_FILE, --blackbox-mapping-file BLACKBOX_MAPPING_FILE
Input blackbox mapping file.
-t TRIGGER_WORD_FILE, --trigger-word-file TRIGGER_WORD_FILE
Input file with a list of sources and sinks
-o OUTPUT_FILE, --output OUTPUT_FILE
write report to filename
--ignore-nosec do not skip lines with # nosec comments
-r, --recursive find and process files in subdirectories
-x EXCLUDED_PATHS, --exclude EXCLUDED_PATHS
Separate files with commas
--dont-prepend-root In project root e.g. /app, imports are not prepended
with app.*
--no-local-imports If set, absolute imports must be relative to the
project root. If not set, modules in the same
directory can be imported just by their names.
print arguments:
-trim, --trim-reassigned-in
Trims the reassigned list to just the vulnerability
chain.
-i, --interactive Will ask you about each blackbox function call in
vulnerability chains.\n"""
self.assertEqual(stdout.getvalue(), EXPECTED)
def test_valid_args_but_no_targets(self):
with self.assertRaises(SystemExit):
with capture_sys_output() as (_, stderr):
parse_args(['-j'])
EXPECTED = """usage: python -m pyt [-h] [-a ADAPTOR] [-pr PROJECT_ROOT]
[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]
[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]
[-r] [-x EXCLUDED_PATHS] [-trim] [-i]
targets [targets ...]
python -m pyt: error: the following arguments are required: targets\n"""
self.assertEqual(stderr.getvalue(), EXPECTED)
def test_no_args(self):
with self.assertRaises(SystemExit):
with capture_sys_output() as (stdout, _):
parse_args([])
self.maxDiff = None
EXPECTED = """usage: python -m pyt [-h] [-f FILEPATH] [-a ADAPTOR] [-pr PROJECT_ROOT]
[-b BASELINE_JSON_FILE] [-j] [-m BLACKBOX_MAPPING_FILE]
[-t TRIGGER_WORD_FILE] [-o OUTPUT_FILE] [--ignore-nosec]
[-trim] [-i]
required arguments:
-f FILEPATH, --filepath FILEPATH
Path to the file that should be analysed.
optional arguments:
-a ADAPTOR, --adaptor ADAPTOR
Choose a web framework adaptor: Flask(Default),
Django, Every or Pylons
-pr PROJECT_ROOT, --project-root PROJECT_ROOT
Add project root, only important when the entry file
is not at the root of the project.
-b BASELINE_JSON_FILE, --baseline BASELINE_JSON_FILE
Path of a baseline report to compare against (only
JSON-formatted files are accepted)
-j, --json Prints JSON instead of report.
-m BLACKBOX_MAPPING_FILE, --blackbox-mapping-file BLACKBOX_MAPPING_FILE
Input blackbox mapping file.
-t TRIGGER_WORD_FILE, --trigger-word-file TRIGGER_WORD_FILE
Input file with a list of sources and sinks
-o OUTPUT_FILE, --output OUTPUT_FILE
write report to filename
--ignore-nosec do not skip lines with # nosec comments
print arguments:
-trim, --trim-reassigned-in
Trims the reassigned list to just the vulnerability
chain.
-i, --interactive Will ask you about each blackbox function call in
vulnerability chains.\n"""
self.assertEqual(stdout.getvalue(), EXPECTED)
def test_normal_usage(self):
with capture_sys_output() as (stdout, stderr):
parse_args(['foo.py'])
self.assertEqual(stdout.getvalue(), '')
self.assertEqual(stderr.getvalue(), '')
