def test_minimum_viable_record(self):
feature_model = FeatureModel(uid=str(uuid4()))
db.session.add(feature_model)
db.session.commit()
self.assertEqual(len(FeatureModel.query.all()), 1)
def test_upload_with_fmjson(self):
r = FeatureModel().query.all()
self.assertListEqual(r, [])
test_filename = 'test.fm.json'
upload_file = load_test_fmjson()
response = self.client.post(
f'/api/feature-model/upload/{test_filename}/',
headers=DEFAULT_HEADERS,
data=upload_file)
self.assertEqual(response.status_code,
200,
msg='expected post of new feature model to succeed')
response_json = json.loads(response.data)
self.assertIsNotNone(response_json)
self.assertEqual(response_json['tree'], json.loads(upload_file))
created_feat_model = FeatureModel.query.filter_by(
filename=test_filename).first()
self.assertIsNotNone(created_feat_model.conftree,
msg='expected "conftree" to be populated')
self.assertEqual(
created_feat_model.filename,
test_filename,
msg=
'expected filename used in request URL to be stored in the feature model'
)
def create():
"""Renders the create page."""
if request.method == "GET":
return render_template('create_feature.html',
title='Create New Requests')
elif request.method == "POST":
title = request.form['featureTitle']
description = request.form['featureDescription']
client = request.form['feautureClient']
priority = int(request.form['priority'])
target = datetime.strptime(request.form['target'], '%Y-%m-%d')
area = request.form['area']
# validate the received values
if title:
new_feature = FeatureModel(title=title,
description=description,
priority=priority,
target_date=target,
client=client,
product_area=area)
db.session.add(new_feature)
reOrderPriority(priority, client)
db.session.commit()
return home()
def test_feature_create(self):
new_feature = FeatureModel(title='title',client='A',description='desc',priority=1,product_area='policy',target_date=datetime.strptime('2018-08-10', '%Y-%m-%d'))
print(new_feature)
db.session.add(new_feature)
db.session.commit()
features = FeatureModel.query.all()
assert new_feature in features
print("NUMBER OF ENTRİES:")
print (len(features))
def get(self, workflowId):
"""
clone a workflow based on the Id passed in
"""
current_app.logger.debug(f'cloning workflow({workflowId})')
workflow = Workflow.query.get_or_404(workflowId)
new_workflow = Workflow(label=f'COPY - {workflow.label}')
db.session.add(new_workflow)
db.session.commit()
if workflow.systemConfigurationInput is not None:
sysconfig = SystemConfigurationInput(
label=f'COPY - {workflow.systemConfigurationInput.label}',
nixConfigFilename=workflow.systemConfigurationInput.
nixConfigFilename,
nixConfig=workflow.systemConfigurationInput.nixConfig,
workflowId=new_workflow.workflowId)
db.session.add(sysconfig)
if workflow.testgenConfigInput is not None:
testgenconfig = TestgenConfigInput(
label=f'COPY - {workflow.testgenConfigInput.label}',
configInput=workflow.testgenConfigInput.configInput,
workflowId=new_workflow.workflowId)
db.session.add(testgenconfig)
if workflow.vulnerabilityConfigurationInput is not None:
existing_feat_model = workflow.vulnerabilityConfigurationInput.featureModel
feat_model = FeatureModel(
label=f'COPY - {existing_feat_model.label}',
uid=str(
uuid4()
), # TODO: the model should really handle UID generation so we don't have this duplication
filename=existing_feat_model.filename,
source=existing_feat_model.source,
conftree=existing_feat_model.conftree,
hash=existing_feat_model.hash,
configs=existing_feat_model.configs)
db.session.add(feat_model)
vuln_config = VulnerabilityConfigurationInput(
label=
f'COPY - {workflow.vulnerabilityConfigurationInput.label}',
vulnClass=workflow.vulnerabilityConfigurationInput.vulnClass,
featureModelUid=feat_model.uid,
workflowId=new_workflow.workflowId)
db.session.add(vuln_config)
db.session.commit()
return new_workflow
def post(self, subpath):
"""
upload a clafer or fm.json file to create a feature model
"""
name, cfg_type = subpath.split('/')
current_app.logger.debug('name is: ' + name + ', cfg_type is: ' +
cfg_type)
if name.endswith('.cfr'):
try:
json_feat_model = convert_model_to_json(request.data)
cfr_feature_model_source = request.data.decode('utf8')
except RuntimeError as err:
current_app.logger.error(str(err))
return abort(500, str(err))
elif name.endswith('.fm.json'):
try:
json_feat_model = json.loads(request.data)
cfr_feature_model_source = (fmjson_to_clafer(request.data))
except RuntimeError as err:
current_app.logger.error(str(err))
return abort(500, str(err))
else:
return abort(400,
'Unsupported file extension for filename: ' + name)
uid = str(uuid4())
the_hash = str(sha3_256(bytes(cfr_feature_model_source, 'utf8')))
current_app.logger.debug(
f'going to store {name} with uid({uid}) and hash({the_hash})')
try:
new_feature_model = FeatureModel(uid=uid,
label=name,
filename=name,
hash=the_hash,
conftree=json_feat_model,
configs=[],
source=cfr_feature_model_source)
db.session.add(new_feature_model)
db.session.commit()
current_app.logger.debug(
f'created feature model ({new_feature_model})')
return new_feature_model
except Exception as err:
current_app.logger.error(err)
return abort(500, str(err))
def post(self, subpath):
"""
create a vuln-configuration, given a vulnerability class
"""
workflowId, vuln_name = subpath.split('/')
current_app.logger.debug('workflowId: ' + workflowId + 'Vuln: ' +
vuln_name)
if vuln_name not in config['default'].VALID_VULN_CLASSES.keys():
return abort(500, "Invalid vulnerability class name: " + vuln_name)
name = os.path.join('../../testgen_fm/',
config['default'].VALID_VULN_CLASSES[vuln_name])
os.chdir(os.path.dirname(__file__))
if name.endswith('.cfr'):
try:
with open(name, 'r') as f:
cfr_feature_model_source = f.read()
cfr_source_bytes = cfr_feature_model_source.encode('utf8')
json_feat_model = convert_model_to_json(cfr_source_bytes)
# cfr_feature_model_source = request.data.decode('utf8')
except RuntimeError as err:
current_app.logger.error(str(err))
return abort(500, str(err))
else:
return abort(400,
'Unsupported file extension for filename: ' + name)
uid = str(uuid4())
the_hash = str(sha3_256(cfr_source_bytes))
current_app.logger.debug(
f'going to store {name} with uid({uid}) and hash({the_hash})')
try:
new_feature_model = FeatureModel(
uid=uid,
label=name,
filename=name,
hash=the_hash,
conftree=json_feat_model,
configs=[],
source=cfr_source_bytes.decode('utf8'))
db.session.add(new_feature_model)
db.session.commit()
current_app.logger.debug(
f'created feature model ({new_feature_model})')
new_vuln_cfg_input = VulnerabilityConfigurationInput(
label='',
workflowId=workflowId,
vulnClass=vuln_name,
featureModelUid=uid)
db.session.add(new_vuln_cfg_input)
db.session.commit()
return new_feature_model
except Exception as err:
current_app.logger.error(err)
return abort(500, str(err))
def create_featureModel(**kwargs) -> FeatureModel:
fm = FeatureModel(**kwargs)
add_to_db(fm)
return fm