def test_add_update_unique_node_with_diff_properties_status_opened():
"""Test add/update security node with opended status (closed_at should not come in query)."""
pcve = IngestionData(_get_sample_payload_status_opened())
se = pcve.security_event
g = Traversel()
g.add_update_unique_node_with_diff_properties(pcve.security_event, pcve.updated_security_event).next()
assert ("g.V().has('url', '{san_url}')"
".fold()"
".coalesce(unfold()"
".property('vertex_label', '{vertex_label}')"
".property('status', '{e_status}')"
".property('title', '{san_title}')"
".property('body', '{san_body}')"
".property('updated_at', {updated_at})"
".property('ecosystem', '{e_ecosystem}')"
".property('probable_cve', '{probable_cve}')"
".property('cves', '{cve1}')"
".property('updated_date', {updated_date})"
".property('updated_yearmonth', {updated_yearmonth})"
".property('updated_year', {updated_year})"
", "
"addV('security_event')"
".property('vertex_label', '{vertex_label}')"
".property('event_type', '{e_event_type}')"
".property('url', '{san_url}')"
".property('api_url', '{san_api_url}')"
".property('status', '{e_status}')"
".property('title', '{san_title}')"
".property('body', '{san_body}')"
".property('event_id', '{event_id}')"
".property('created_at', {created_at})"
".property('updated_at', {updated_at})"
".property('repo_name', '{repo_name}')"
".property('repo_path', '{san_repo_path}')"
".property('ecosystem', '{e_ecosystem}')"
".property('creator_name', '{creator_name}')"
".property('creator_url', '{san_creator_url}')"
".property('probable_cve', '{probable_cve}')"
".property('cves', '{cve1}')"
".property('updated_date', {updated_date})"
".property('updated_yearmonth', {updated_yearmonth})"
".property('updated_year', {updated_year})"
".property('feedback_count', {feedback_count})"
".property('overall_feedback', '{e_overall_feedback}')"
").next()".format(e_status=se.status.value, e_event_type=se.event_type.value,
e_ecosystem=se.ecosystem.value, e_overall_feedback=se.overall_feedback.value,
san_url=sanitize(se.url), san_api_url=sanitize(se.api_url),
san_creator_url=sanitize(se.creator_url), san_repo_path=sanitize(se.repo_path),
san_title=sanitize(se.title), san_body=sanitize(se.body), cve1=se.cves.pop(),
**pcve.security_event.__dict__) == str(g))
def _get_security_event_query_filters(args: Dict) -> str:
assert 'updated_at' in get_type_hints(SecurityEvent)
query = []
ecosystem = args['ecosystem']
query.append('''has('ecosystem', '{ecosystem}')'''.format(ecosystem=EcosystemType[ecosystem].value))
# will retrive only probable cve data
query.append('''has('probable_cve', 1)''')
repo = args['repo']
if isinstance(repo, list) and len(repo) > 0:
repo = sanitize(repo)
query.append('''has('repo_name', within({repo}))'''.format(repo=repo))
updated_dates = args['updated_date']
if isinstance(updated_dates, list) and len(updated_dates) > 0:
query.append('''has('updated_date', within({updated_dates}))'''.format(updated_dates=updated_dates))
updated_yearmonth = args['updated_yearmonth']
if isinstance(updated_yearmonth, list) and len(updated_yearmonth) > 0:
query.append('''has('updated_yearmonth', within({updated_yearmonth}))'''
.format(updated_yearmonth=updated_yearmonth))
return _identity_or_conditional(query)
def test_drop_out_edge_with_primary_key():
"""Test for drop out edge."""
g = Traversel()
feedback = Feedback(author="test", feedback_type=FeedBackType.POSITIVE, comments="test comment",
feedback_url="https://api.github.com/repos/org25/repo10/issues/10")
g.drop_out_edge(feedback)
assert ("g.V()"
".has('author', '{author}')"
".has('feedback_url', '{feedback_url}')"
".outE().drop().iterate()"
.format(author=feedback.author, feedback_url=sanitize(feedback.feedback_url)) == str(g))
def test_add_feedback_test():
"""Test feedback query string."""
feedback_data = {
"author": "test",
"comments": "test comment",
"url": "https://github.com/spf13/cobra/issues/988",
"feedback_type": "POSITIVE"
}
edge_label = 'reinforces' if feedback_data[
'feedback_type'] == 'POSITIVE' else 'weakens'
feedback_query = _get_feedback_query(feedback_data)
feedback_query_single_line = "".join(
feedback_query.replace(" ", "").splitlines())
expected_query = '''
g.V().has('author', '{author}').has('feedback_url', '{url}').outE().drop().iterate();
g.V().has('url', '{url}')
.and(V().has('author', '{author}').has('feedback_url', '{url}')
.fold().coalesce(unfold(), addV('feedback')).property('vertex_label', 'feedback')
.property('author', '{author}').property('feedback_type', '{feedback_type}')
.property('feedback_url', '{url}').property('comments', '{comments}'))
.V().has('author', '{author}').has('feedback_url', '{url}').as('reinforces')
.V().has('url', '{url}').coalesce(__.inE('{edge_label}').where(outV().as('{edge_label}'))
, addE('{edge_label}').from('{edge_label}')).next();
result = g.V().has('url','{url}')
.union(inE().count(), inE().hasLabel('reinforces').count(), inE().hasLabel('weakens').count()).toList();
g.V().has('url', '{url}')
.property('feedback_count', result[0])
.property('overall_feedback', result[1]==result[2] ? 'neutral' :
(result[2] > result[1] ? 'negative': 'positive'));'''\
.format(author=feedback_data['author'], comments=sanitize(feedback_data['comments']),
url=sanitize(feedback_data['url']), edge_label=edge_label, feedback_type=FeedBackType.POSITIVE.value)
expected_query_single_line = "".join(
expected_query.replace(" ", "").splitlines())
assert (feedback_query_single_line == expected_query_single_line)
def test_query_string():
"""Test case to check query string generation."""
expected_query = '''
g.V()
.has('ecosystem', '{ecosystem}')
.has('probable_cve', 1)
.has('repo_name', within({repo_name}))
.has('updated_date', within({updated_date}))
.has('updated_yearmonth', within({updated_yearmonth}))
.as('security_event').select('security_event')
.by(valueMap())'''\
.format(ecosystem=EcosystemType[args['ecosystem']].value, repo_name=sanitize(args['repo']),
updated_date=args['updated_date'], updated_yearmonth=args['updated_yearmonth'])
expected_query_single_line = "".join(
expected_query.replace(" ", "").splitlines())
query = _query_template().format(
security_event_query=_get_security_event_query_filters(args))
query_single_line = "".join(query.replace(" ", "").splitlines())
assert (query_single_line == expected_query_single_line)
def get_feedback(payload):
"""Get the feedbacks for a given security url."""
query = _get_feedback_teamplate().format(url=sanitize(payload['url']))
return execute_query(query)['result']['data']
def _update_security_event(url: str) -> str:
return _update_security_event_template().format(url=sanitize(url))
def test_string_sanitization_with_empty():
"""Test Empty String."""
assert sanitize('') == ''
def test_string_sanitization_with_special_char_list_1():
"""Test with special character in list."""
assert sanitize(['foo)"bar', 'b b']) == "'foo%29%22bar', 'b%20b'"
def test_string_sanitization_with_a_list():
"""Test with normal list."""
assert sanitize(['a', 'b']) == "'a', 'b'"
def test_string_sanitization_with_empty_list():
"""Test with Empty list."""
assert sanitize([]) == ''
def test_string_sanitization_with_special_chars():
"""Test Special characters."""
assert sanitize('foo)"bar') == 'foo%29%22bar'
def test_string_sanitization_with_normal_chars():
"""Test normal characters."""
assert sanitize('foo') == 'foo'
def test_string_sanitization_with_none():
"""Test None."""
with pytest.raises(Exception) as exception:
sanitize(None)
assert "Unexpected type" in str(exception.value)
def get_security_event_by_url(data, url):
"""Get security events by url."""
return next(x for x in data if x["url"][0] == sanitize(url))
def _value_encoding(val):
if type(val) in (int, float): # pylint: disable=unidiomatic-typecheck
return "{}".format(str(val))
if isinstance(val, Enum):
return Traversel._value_encoding(val.value)
return "'{}'".format(sanitize(str(val)))
def test_string_sanitization_with_none_list():
"""Test with None list."""
with pytest.raises(Exception):
sanitize([None])
