def test_get_cve_maps_empty(self): """Test cve maps with empty cve map, expect empty list [].""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, [])
def test_get_cve_maps_non_empty(self): """Test cve maps with vulnerability data, expect to get mock data as response.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) vul_data = dict(snyk_vuln_id=["SNYK:0101"], cvss_scores=["9.0"], snyk_pvt_vulnerability=[True], snyk_cwes=["CWES-01", "CWES-02"], snyk_cvss_v3=["4.5"], severity=["medium"], title=["Test title for CVE"], snyk_url=["https://test.com/cve-01"], snyk_cve_ids=["CVE-01", "CVE-02", "CVE-03"], fixed_in=[">=0.19.0-beta.1"]) mocked_response = [ dict(vendor_cve_ids=vul_data['snyk_vuln_id'][0], cvss=vul_data['cvss_scores'][0], is_private=vul_data['snyk_pvt_vulnerability'][0], cwes=["CWES-01", "CWES-02"], cvss_v3="4.5", severity="medium", title="Test title for CVE", url="https://test.com/cve-01", cve_ids=["CVE-01", "CVE-02", "CVE-03"], fixed_in=[">=0.19.0-beta.1"]) ] response_obj._cves = [vul_data] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, mocked_response)
def test_get_severity_exception(self): """Test Severity with unknown value, raises exception.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{'severity': []}] severity = response_obj.get_severity() self.assertListEqual(severity, [])
def test_get_severity_known_values(self): """Test Severity with known values, expect to get medium severity.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{'severity': ["medium", "low"]}] severity = response_obj.get_severity() self.assertListEqual(severity, ["medium"])
def test_get_exploitable_cves_counter_exception(self): """Test Exploitable Vulnerabilities counter Exception.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{"exploit": []}] count = response_obj.get_exploitable_cves_counter() self.assertEqual(count, None)
def test_get_exploitable_cves_counter_non_zero(self): """Test Exploitable Vulnerabilities counter.""" response_obj = ComponentAnalysisResponseBuilder( self.eco, self.pkg, self.ver) response_obj._cves = [{"exploit": ["High"]}] count = response_obj.get_exploitable_cves_counter() self.assertEqual(count, 1)
def test_get_vulnerabilities_count_non_zero_public(self): """Test Vulnerabilities count Public.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [dict(snyk_pvt_vulnerability=[False])] pub_vul, pvt_vul = response_obj.get_vulnerabilities_count() self.assertEquals(pub_vul, 1) self.assertEquals(pvt_vul, 0)
def test_get_vulnerabilities_count_zero_exception(self): """Test Vulnerabilities count Exception.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [dict()] pub_vul, pvt_vul = response_obj.get_vulnerabilities_count() self.assertEquals(pub_vul, 0) self.assertEquals(pvt_vul, 0)
def test_get_severity_return_low(self): """Test Severity Procedure. Severity "low" has higher precedence.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [ {'severity': ['low']}, {'severity': ['low']}, ] severity = response_obj.get_severity() self.assertListEqual(severity, ['low', 'low'])
def test_get_severity_return_exception(self): """Test Severity Procedure. Severity is invalid.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) response_obj._cves = [ {'severity': ['invalid1']}, {'severity': ['invalid2']}, ] with pytest.raises(Exception) as exception: response_obj.get_severity() self.assertIs(exception.type, Exception)
def test_get_cve_maps_default(self): """Test cve maps with empty value, expect to get respose with default values.""" response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver) vul_data = dict() mocked_response = [dict( vendor_cve_ids=None, cvss='None', is_private=None, cwes=[], cvss_v3=None, severity=None, title=None, url=None, cve_ids=[], fixed_in=[]) ] response_obj._cves = [vul_data] cve_maps = response_obj.get_cve_maps() self.assertListEqual(cve_maps, mocked_response)