def test_webinspect_api_helper_init_with_setting_overrides_success(log_info_mock, api_mock): # Given expected_host = "test server" expected_username = None expected_password = None expected_silent_flag = False override_mock = MagicMock() override_mock.endpoint = "test server" # When webinspect_api_helper_object = WebInspectAPIHelper(host=None, username=expected_username, password=expected_password, webinspect_setting_overrides=override_mock, silent=expected_silent_flag) # Expect assert webinspect_api_helper_object.host == expected_host assert webinspect_api_helper_object.username == expected_username assert webinspect_api_helper_object.password == expected_password # assert override_mock.call_count == 1 assert webinspect_api_helper_object.silent is expected_silent_flag log_info_mock.assert_called_once_with(expected_host) assert log_info_mock.call_count == 1 assert api_mock.call_count == 1
def _set_api(self, username, password): """ created so I could mock this functionality better. It sets up the webinspect api :param username: :param password: :return: """ self.webinspect_api = WebInspectAPIHelper(username=username, password=password, webinspect_setting_overrides=self.scan_overrides)
def test_webinspect_api_helper_upload_settings_success(api_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.upload_settings = api_mock # When webinspect_api_helper_object.upload_settings() # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_get_scan_by_name_success(api_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.get_scan_by_name = api_mock # When webinspect_api_helper_object.get_scan_by_name("test_name") # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_stop_scan_success(api_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.stop_scan = api_mock scan_guid = "test_guid" # When webinspect_api_helper_object.stop_scan(scan_guid) # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_policy_exists_success(api_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.get_policy_by_guid = api_mock policy_guid = "test_guid" # When webinspect_api_helper_object.policy_exists(policy_guid) # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_get_scan_status_success(api_mock, json_loads_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.get_current_status = api_mock json_loads_mock.side_effect = None # When webinspect_api_helper_object.get_scan_status("test_guid") # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_export_scan_results_success(api_mock, log_export_success_mock, open_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.export_scan_format = api_mock # When webinspect_api_helper_object.export_scan_results('scan_id', '.xml') # Expect assert log_export_success_mock.call_count == 1 assert api_mock.call_count == 1
def test_webinspect_api_helper_create_scan_success(api_mock, json_dumps_mock, log_scan_start_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.create_scan = api_mock # When webinspect_api_helper_object.create_scan() # Expect assert api_mock.call_count == 1 assert log_scan_start_mock.call_count == 1
def test_webinspect_api_helper_export_scan_results_failure_unbound_local_error(api_mock, log_export_failure_mock, open_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.export_scan_format = api_mock open_mock.side_effect = UnboundLocalError # When webinspect_api_helper_object.export_scan_results('scan_id', '.xml') # Expect assert log_export_failure_mock.call_count == 1 assert api_mock.call_count == 1
def test_webinspect_api_upload_policy_no_existing_policy_success(upload_policy_mock, delete_policy_mock, get_policy_mock, ntpath_mock): # Given # There is no existing policy by this name so no deletion webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) # When webinspect_api_helper_object.upload_policy() # Expect assert get_policy_mock.call_count == 1 assert delete_policy_mock.call_count == 0 assert upload_policy_mock.call_count == 1
def test_webinspect_api_helper_list_scans_failure_name_error(api_mock, log_error_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.list_scans = api_mock api_mock.side_effect = NameError # When webinspect_api_helper_object.list_scans() # Expect assert log_error_mock.call_count == 1 assert api_mock.call_count == 1
def test_webinspect_api_helper_get_scan_status_failure_unbound_local_error(api_mock, json_loads_mock, log_error_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.api.get_current_status = api_mock json_loads_mock.side_effect = UnboundLocalError # When webinspect_api_helper_object.get_scan_status("test_guid") # Expect assert log_error_mock.call_count == 1 assert api_mock.call_count == 1
def test_webinspect_api_helper_upload_webmacro_success(api_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.setting_overrides.webinspect_upload_webmacros = ['test_list'] webinspect_api_helper_object.setting_overrides.endpoint = "test_host" webinspect_api_helper_object.api.upload_webmacro = api_mock # When webinspect_api_helper_object.upload_webmacros() # Expect assert api_mock.call_count == 1
def test_webinspect_api_helper_upload_settings_failed_name_error(api_mock, log_error_mock, log_no_server_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) api_mock.side_effect = NameError webinspect_api_helper_object.api.upload_settings = api_mock # When webinspect_api_helper_object.upload_settings() # Expect assert log_no_server_mock.call_count == 1 assert log_error_mock.call_count == 1 assert api_mock.call_count == 1
def test_webinspect_api_helper_create_scan_failure_value_error(api_mock, json_dumps_mock, log_scan_failed_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) json_dumps_mock.side_effect = ValueError webinspect_api_helper_object.api.create_scan = api_mock # When with pytest.raises(SystemExit): webinspect_api_helper_object.create_scan() # Expect assert api_mock.call_count == 0 # because it errors before the call assert log_scan_failed_mock.call_count == 1
def test_webinspect_api_helper_upload_settings_failed_unbound_local_error(api_mock, log_error_mock, log_no_server_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.setting_overrides.webinspect_upload_webmacros = ['test_list'] api_mock.side_effect = UnboundLocalError webinspect_api_helper_object.api.upload_webmacro = api_mock # When webinspect_api_helper_object.upload_webmacros() # Expect assert log_no_server_mock.call_count == 1 assert log_error_mock.call_count == 1 assert api_mock.call_count == 1
def list_scans(scan_name, server, username, password): if server: # if any cli servers were passed. servers = [] for s in server: servers.append(s) else: servers = [(e[0]) for e in WebInspectConfig().endpoints] auth_config = WebInspectAuth() username, password = auth_config.authenticate(username, password) for server in servers: query_client = WebInspectAPIHelper(host=server, username=username, password=password) if scan_name: results = query_client.get_scan_by_name(scan_name) if results and len(results): print("Scans matching the name {} found on {}".format( scan_name, server)) print("{0:80} {1:40} {2:10}".format( 'Scan Name', 'Scan ID', 'Scan Status')) print("{0:80} {1:40} {2:10}\n".format( '-' * 80, '-' * 40, '-' * 10)) for match in results: print("{0:80} {1:40} {2:10}".format( match['Name'], match['ID'], match['Status'])) else: Logger.app.error( "No scans matching the name {} were found on {}". format(scan_name, server)) else: results = query_client.list_scans() if results and len(results): print("Scans found on {}".format(server)) print("{0:80} {1:40} {2:10}".format( 'Scan Name', 'Scan ID', 'Scan Status')) print("{0:80} {1:40} {2:10}\n".format( '-' * 80, '-' * 40, '-' * 10)) for scan in results: print("{0:80} {1:40} {2:10}".format( scan['Name'], scan['ID'], scan['Status'])) else: print("No scans found on {}".format(server)) # If we've made it this far, our new credentials are valid and should be saved if username is not None and password is not None and not auth_config.has_auth_creds( ): auth_config.write_credentials(username, password)
def test_webinspect_api_upload_policy_delete_existing_policy_success(upload_policy_mock, delete_policy_mock, get_policy_mock, ntpath_mock): # Given # There is existing policy by this name so deletion webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) expected_response = WebInspectResponse(response_code=200, success=True, data={'test_data': 'test_data', 'uniqueId': "12345"}) # there is an existing policy on the server get_policy_mock.return_value = expected_response # When webinspect_api_helper_object.upload_policy() # Expect assert get_policy_mock.call_count == 1 assert delete_policy_mock.call_count == 1 assert upload_policy_mock.call_count == 1
def test_webinspect_api_upload_policy_failure_type_error(upload_policy_mock, delete_policy_mock, get_policy_mock, ntpath_mock, log_error_mock): # not 100% sure where these tests fail, but want to make sure we catch it properly # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) get_policy_mock.side_effect = TypeError # When webinspect_api_helper_object.upload_policy() # Expect assert log_error_mock.call_count == 1 assert get_policy_mock.call_count == 1 assert delete_policy_mock.call_count == 0 assert upload_policy_mock.call_count == 1
def test_webinspect_api_upload_policy_failure_uncaught_error(upload_policy_mock, delete_policy_mock, get_policy_mock, ntpath_mock, log_error_mock): # I'm not confident this is a great test - but if something unexpected exception happens we want to at least test how it's handled.. . ? # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) get_policy_mock.side_effect = IOError # a random error that isn't handled # When with pytest.raises(Exception): webinspect_api_helper_object.upload_policy() # Expect assert log_error_mock.call_count == 0 # we break before this assert get_policy_mock.call_count == 1 assert delete_policy_mock.call_count == 0 assert upload_policy_mock.call_count == 0 # we break before this
def test_webinspect_api_verify_scan_policy(get_policy_by_guid_mock, get_index_mock, check_if_built_in_mock, policy_exists_mock): # Given webinspect_api_helper_object = WebInspectAPIHelper(silent=True, webinspect_setting_overrides=MagicMock()) webinspect_api_helper_object.setting_overrides.scan_policy = "test_policy" # get_policy_by_guid_mock.return_value = # webinspect_api_helper_object.api.get_policy_by_guid = # get_policy_by_guid_mock check_if_built_in_mock.return_value = True test_config = MagicMock() # When webinspect_api_helper_object.verify_scan_policy(test_config) # Expect assert check_if_built_in_mock.call_count == 1 assert get_index_mock.call_count == 1 assert get_policy_by_guid_mock.call_count == 1
def download(server, scan_name, scan_id, extension, username, password): try: auth_config = WebInspectAuth() username, password = auth_config.authenticate(username, password) query_client = WebInspectAPIHelper(host=server, username=username, password=password) if not scan_id: results = query_client.get_scan_by_name(scan_name) if len(results) == 0: webinspect_logexceptionhelper.log_error_no_scans_found(scan_name) elif len(results) == 1: scan_id = results[0]['ID'] Logger.app.info("Scan matching the name {} found.".format(scan_name)) Logger.app.info("Downloading scan {}".format(scan_name)) query_client.export_scan_results(scan_id, extension, scan_name) else: webinspect_logexceptionhelper.log_info_multiple_scans_found(scan_name) print("{0:80} {1:40} {2:10}".format('Scan Name', 'Scan ID', 'Scan Status')) print("{0:80} {1:40} {2:10}\n".format('-' * 80, '-' * 40, '-' * 10)) for result in results: print("{0:80} {1:40} {2:10}".format(result['Name'], result['ID'], result['Status'])) else: if query_client.get_scan_status(scan_id): query_client.export_scan_results(scan_id, extension, scan_name) else: if query_client.get_scan_status(scan_id): query_client.export_scan_results(scan_id, extension, scan_name) else: Logger.console.error("Unable to find scan with ID matching {}".format(scan_id)) except (UnboundLocalError, TypeError) as e: webinspect_logexceptionhelper.log_error_webinspect_download(e) # If we've made it this far, our new credentials are valid and should be saved if username is not None and password is not None and not auth_config.has_auth_creds(): auth_config.write_credentials(username, password)