def test_get_cve_maps_empty(self):
"""Test cve maps with empty cve map, expect empty list []."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = []
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, [])
def test_get_cve_maps_non_empty(self):
"""Test cve maps with vulnerability data, expect to get mock data as response."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
vul_data = dict(snyk_vuln_id=["SNYK:0101"],
cvss_scores=["9.0"],
snyk_pvt_vulnerability=[True],
snyk_cwes=["CWES-01", "CWES-02"],
snyk_cvss_v3=["4.5"],
severity=["medium"],
title=["Test title for CVE"],
snyk_url=["https://test.com/cve-01"],
snyk_cve_ids=["CVE-01", "CVE-02", "CVE-03"],
fixed_in=[">=0.19.0-beta.1"])
mocked_response = [
dict(vendor_cve_ids=vul_data['snyk_vuln_id'][0],
cvss=vul_data['cvss_scores'][0],
is_private=vul_data['snyk_pvt_vulnerability'][0],
cwes=["CWES-01", "CWES-02"],
cvss_v3="4.5",
severity="medium",
title="Test title for CVE",
url="https://test.com/cve-01",
cve_ids=["CVE-01", "CVE-02", "CVE-03"],
fixed_in=[">=0.19.0-beta.1"])
]
response_obj._cves = [vul_data]
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, mocked_response)
def test_get_severity_exception(self):
"""Test Severity with unknown value, raises exception."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{'severity': []}]
severity = response_obj.get_severity()
self.assertListEqual(severity, [])
def test_get_severity_known_values(self):
"""Test Severity with known values, expect to get medium severity."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{'severity': ["medium", "low"]}]
severity = response_obj.get_severity()
self.assertListEqual(severity, ["medium"])
def test_get_exploitable_cves_counter_exception(self):
"""Test Exploitable Vulnerabilities counter Exception."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{"exploit": []}]
count = response_obj.get_exploitable_cves_counter()
self.assertEqual(count, None)
def test_get_exploitable_cves_counter_non_zero(self):
"""Test Exploitable Vulnerabilities counter."""
response_obj = ComponentAnalysisResponseBuilder(
self.eco, self.pkg, self.ver)
response_obj._cves = [{"exploit": ["High"]}]
count = response_obj.get_exploitable_cves_counter()
self.assertEqual(count, 1)
def test_get_vulnerabilities_count_non_zero_public(self):
"""Test Vulnerabilities count Public."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [dict(snyk_pvt_vulnerability=[False])]
pub_vul, pvt_vul = response_obj.get_vulnerabilities_count()
self.assertEquals(pub_vul, 1)
self.assertEquals(pvt_vul, 0)
def test_get_vulnerabilities_count_zero_exception(self):
"""Test Vulnerabilities count Exception."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [dict()]
pub_vul, pvt_vul = response_obj.get_vulnerabilities_count()
self.assertEquals(pub_vul, 0)
self.assertEquals(pvt_vul, 0)
def test_get_severity_return_low(self):
"""Test Severity Procedure. Severity "low" has higher precedence."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [
{'severity': ['low']},
{'severity': ['low']},
]
severity = response_obj.get_severity()
self.assertListEqual(severity, ['low', 'low'])
def test_get_severity_return_exception(self):
"""Test Severity Procedure. Severity is invalid."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
response_obj._cves = [
{'severity': ['invalid1']},
{'severity': ['invalid2']},
]
with pytest.raises(Exception) as exception:
response_obj.get_severity()
self.assertIs(exception.type, Exception)
def test_get_cve_maps_default(self):
"""Test cve maps with empty value, expect to get respose with default values."""
response_obj = ComponentAnalysisResponseBuilder(self.eco, self.pkg, self.ver)
vul_data = dict()
mocked_response = [dict(
vendor_cve_ids=None,
cvss='None',
is_private=None,
cwes=[],
cvss_v3=None,
severity=None,
title=None,
url=None,
cve_ids=[],
fixed_in=[])
]
response_obj._cves = [vul_data]
cve_maps = response_obj.get_cve_maps()
self.assertListEqual(cve_maps, mocked_response)
