def test_get_scan_vulnerabilites(self):
scan_id = '123'
query = MagicMock()
self.mock_session.query.return_value = query
scan_manager.get_scan_vulnerabilities(scan_id, self.mock_session)
assert query.get.called
query.get.assert_called_once_with(scan_id)
def test_get_scan_vulnerabilites(self):
scan_id = '123'
query = MagicMock()
self.mock_session.query.return_value = query
scan_manager.get_scan_vulnerabilities(scan_id, self.mock_session)
assert query.get.called
query.get.assert_called_once_with(scan_id)
def get_vulnerabilities(scan_id):
"""Get scan vulnerabilities"""
with db.session_scope() as session:
try:
scan_vulnerabilities = [
scan_vulnerability.to_dict()
for scan_vulnerability in get_scan_vulnerabilities(
scan_id, session)
]
response = []
def fillResponse(scan_vulnerability):
vulns = get_vulns_for_cpe(scan_vulnerability['cpe'], session)
scan_dep = get_scan_dep_by_id(
scan_vulnerability['scan_dep_id'], session)
return [
response.append({
'library': scan_dep.library,
'version': scan_dep.version,
'cpe': vuln.cpe,
'cve': vuln.cve
}) for vuln in vulns
]
[
fillResponse(scan_vulnerability)
for scan_vulnerability in scan_vulnerabilities
]
except Exception as exc:
return api_error_response(exc.args[0]), 404
return jsonify(response)
def notify_results(scan_id):
with db.session_scope() as session:
scan = get_scan(scan_id, session)
scan_vulns = [
'{}:{}'.format(scan_vuln.library, scan_vuln.version)
for scan_vuln in get_scan_vulnerabilities(scan_id, session)
]
project = scan.project
logger.debug('notify project data {}'.format(project.hook_data))
notify_scan_results(project, scan_vulns)
def notify_results(scan_id):
with db.session_scope() as session:
scan = get_scan(scan_id, session)
scan_vulns = set([
scan_vuln.scan_dep.raw_dep
for scan_vuln in get_scan_vulnerabilities(scan_id, session)
])
project = scan.project
logger.debug('notify project data {}'.format(project.hook_data))
notify_scan_results(project, scan_vulns)
def get_vulnerabilities(scan_id):
"""Get scan vulnerabilities"""
with db.session_scope() as session:
try:
scan_vulnerabilities = [scan_vulnerability.to_dict() for scan_vulnerability in get_scan_vulnerabilities(scan_id, session)]
except Exception as exc:
return api_error_response(exc.args[0]), 404
return jsonify(scan_vulnerabilities)
def get_vulnerabilities(scan_id):
"""Get scan vulnerabilities"""
with db.session_scope() as session:
try:
scan_vulnerabilities = [scan_vulnerability.to_dict() for scan_vulnerability in get_scan_vulnerabilities(scan_id, session)]
response = []
def fillResponse(scan_vulnerability):
vulns = get_vulns_for_cpe(scan_vulnerability['cpe'], session)
scan_dep = get_scan_dep_by_id(scan_vulnerability['scan_dep_id'], session)
return [response.append(
{
'library': scan_dep.library,
'version': scan_dep.version,
'cpe': vuln.cpe,
'cve': vuln.cve
}) for vuln in vulns]
[ fillResponse(scan_vulnerability) for scan_vulnerability in scan_vulnerabilities]
except Exception as exc:
return api_error_response(exc.args[0]), 404
return jsonify(response)