示例#1
0
def test_auditdb_dump():
    main_config = OrchestratorConfig()
    main_config.ui_mode = "disabled"
    audit_config = AuditConfig()
    audit_config.targets = ["www.example.com"]
    audit_config.audit_db = "sqlite://test_auditdb.db"
    with PluginTester(main_config, audit_config) as t:
        disk = t.audit.database
        assert t.audit.name == "test_auditdb"
        assert type(disk) is AuditSQLiteDB
        assert disk.filename == "test_auditdb.db"
        assert disk.connection_url == "sqlite://test_auditdb.db"

        print "Testing the audit database dump..."
        print "  -> Writing..."
        for x in xrange(30):
            d1 = Url("http://www.example.com/" + generate_random_string())
            d2 = Text(generate_random_string())
            d3 = UrlDisclosure(d1)
            d1.add_information(d2)
            disk.add_data(d1)
            disk.add_data(d2)
            disk.add_data(d3)
            disk.mark_plugin_finished(d1.identity, "some_plugin")
            disk.mark_plugin_finished(d2.identity, "some_plugin")
            disk.mark_plugin_finished(d3.identity, "some_plugin")
            disk.mark_stage_finished(d1.identity, 1)
            disk.mark_stage_finished(d2.identity, 2)
            disk.mark_stage_finished(d3.identity, 3)
        disk.add_shared_values("fake_set_id", (
            "string",
            u"unicode",
            100,
            200L,
            5.0,
            True,
            False,
            complex(1, 1),
            None,
            frozenset({"string", 100, 1.0}),
            (None, True, False),
        ))
        disk.put_mapped_values("fake_map_id", (
            ("a_string", "string"),
            ("a_unicode_string", u"unicode"),
            ("an_integer", 100),
            ("a_long", 200L),
            ("a_float", 5.0),
            ("a_bool", True),
            ("another_bool", False),
            ("a_complex", complex(1, 1)),
            ("none", None),
            ("a_frozenset", frozenset({"string", 100, 1.0})),
            ("a_tuple", (None, True, False)),
        ))

        print "  -> Dumping..."
        disk.dump("test_auditdb.sql")
示例#2
0
 def sf_TARGET_WEB_CONTENT(self, sf_module, source, raw_data):
     url = Url(source)
     html = HTML(raw_data)
     url.add_information(html)
     self.reconstruct_http_data[source] = raw_data
     if source in self.reconstruct_http_code and \
                     source in self.reconstruct_http_headers:
         return (url, html) + self.__reconstruct_http(source)
     return url, html
示例#3
0
                        l_p = HTTP.get_url(l_url, callback=self.check_response)  # FIXME handle exceptions!
                    except:
                        if l_p:
                            discard_data(l_p)
                        continue
                    if l_p:
                        if m_analyzer.analyze(l_p.data, url=l_url):
                            match[l_url] = l_p
                        else:
                            discard_data(l_p)

            # Generate results
            for i in m_analyzer.unique_texts:
                l_url    = i.url
                l_p      = match.pop(l_url)
                m_result = Url(l_url, referer=m_url)
                m_result.add_information(l_p)
                m_return.append(m_result)
                m_return.append(l_p)

                # Check for posible suspicious URL
                if l_url in m_discovered_suspicious:
                    v = SuspiciousURL(m_result,
                                   title       = "Suspicious URL found un robots.txt",
                                   risk        = 1,
                                   severity    = 0,
                                   level       = "low",
                                   description = "An URLs was found in Disallow tag of robots.txt. It can contain confidential content or some information leak.",
                                   tool_id     = "robots")
                    v.add_resource(info)
                    m_return.append(v)
示例#4
0
 def sf_URL_PASSWORD(self, sf_module, source, raw_data):
     url = Url(source)
     password = Password(raw_data)
     url.add_information(password)
     return url, password
示例#5
0
def helper_auditdb_stress(n, dbname = ":auto:"):
    main_config = OrchestratorConfig()
    main_config.ui_mode = "disabled"
    audit_config = AuditConfig()
    audit_config.targets = ["www.example.com"]
    audit_config.audit_db = dbname
    with PluginTester(main_config, audit_config) as t:
        disk = t.audit.database
        assert type(disk) is AuditSQLiteDB

        print "  Testing %d elements..." % (n * 3)
        t1 = time.time()

        print "  -> Writing..."
        for x in xrange(n):
            d1 = Url("http://www.example.com/" + generate_random_string())
            d2 = Text(generate_random_string())
            d3 = UrlDisclosure(d1)
            d1.add_information(d2)
            disk.add_data(d1)
            disk.add_data(d2)
            disk.add_data(d3)
        t2 = time.time()

        print "  -- Reading..."
        keys = disk.get_data_keys()
        assert len(keys) == (n * 3)
        for key in keys:
            assert disk.has_data_key(key)
            data = disk.get_data(key)
            assert data is not None
        keys = disk.get_data_keys(Data.TYPE_INFORMATION)
        assert len(keys) == n
        for key in keys:
            assert disk.has_data_key(key, Data.TYPE_INFORMATION)
            data = disk.get_data(key, Data.TYPE_INFORMATION)
            assert data is not None
            assert data.data_type == Data.TYPE_INFORMATION
            assert isinstance(data, Text)
        keys = disk.get_data_keys(Data.TYPE_RESOURCE)
        assert len(keys) == n
        for key in keys:
            assert disk.has_data_key(key, Data.TYPE_RESOURCE)
            data = disk.get_data(key, Data.TYPE_RESOURCE)
            assert data is not None
            assert data.data_type == Data.TYPE_RESOURCE
            assert isinstance(data, Url)
        keys = disk.get_data_keys(Data.TYPE_VULNERABILITY)
        assert len(keys) == n
        for key in keys:
            assert disk.has_data_key(key, Data.TYPE_VULNERABILITY)
            data = disk.get_data(key, Data.TYPE_VULNERABILITY)
            assert data is not None
            assert data.data_type == Data.TYPE_VULNERABILITY
            assert isinstance(data, UrlDisclosure)
        t3 = time.time()

        print "  <- Deleting..."
        for key in keys:
            disk.remove_data(key)
        t4 = time.time()

        print "  Write time:  %d seconds (%f seconds per element)" % (t2 - t1, (t2 - t1) / (n * 3.0))
        print "  Read time:   %d seconds (%f seconds per element)" % (t3 - t2, (t3 - t2) / (n * 3.0))
        print "  Delete time: %d seconds (%f seconds per element)" % (t4 - t3, (t4 - t3) / (n * 3.0))
        print "  Total time:  %d seconds (%f seconds per element)" % (t4 - t1, (t4 - t1) / (n * 3.0))
示例#6
0
def helper_test_auditdb_data_consistency(db, key, data):
    assert isinstance(db, BaseAuditDB)

    # Test the database start and end times.
    db.set_audit_times(None, None)
    assert db.get_audit_times() == (None, None)
    db.set_audit_start_time(1)
    assert db.get_audit_times() == (1, None)
    db.set_audit_stop_time(2)
    assert db.get_audit_times() == (1, 2)
    db.set_audit_start_time(None)
    assert db.get_audit_times() == (None, 2)
    db.set_audit_stop_time(None)
    assert db.get_audit_times() == (None, None)

    # Create some fake data and add it to the database.
    d1 = Url("http://www.example.com/" + key)
    d2 = Text(data)
    d3 = UrlDisclosure(d1)
    d1.add_information(d2)
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}
    db.add_data(d1)
    db.add_data(d2)
    db.add_data(d3)

    # Test has_data_key().
    assert db.has_data_key(d1.identity)
    assert db.has_data_key(d2.identity)
    assert db.has_data_key(d3.identity)
    assert db.has_data_key(d1.identity, d1.data_type)
    assert db.has_data_key(d2.identity, d2.data_type)
    assert db.has_data_key(d3.identity, d3.data_type)

    # Test get_data().
    d1p = db.get_data(d1.identity)
    d2p = db.get_data(d2.identity)
    d3p = db.get_data(d3.identity)
    assert d1p is not None
    assert d2p is not None
    assert d3p is not None
    assert d1p.identity == d1.identity
    assert d2p.identity == d2.identity
    assert d3p.identity == d3.identity
    assert d1p.links == d1.links
    assert d2p.links == d2.links
    assert d3p.links == d3.links

    # Test get_data_types().
    assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == {(d1.data_type, d1.resource_type), (d2.data_type, d2.information_type), (d3.data_type, d3.vulnerability_type)}

    # Test get_data_count().
    assert db.get_data_count() == 3
    assert db.get_data_count(d1.data_type) == 1
    assert db.get_data_count(d2.data_type) == 1
    assert db.get_data_count(d3.data_type) == 1
    assert db.get_data_count(d1.data_type, d1.resource_type) == 1
    assert db.get_data_count(d2.data_type, d2.information_type) == 1
    assert db.get_data_count(d3.data_type, d3.vulnerability_type) == 1

    # Test get_many_data().
    assert {x.identity for x in db.get_many_data((d1.identity, d2.identity, d3.identity))} == {d1.identity, d2.identity, d3.identity}

    # Test stage and plugin completion logic.
    # XXX TODO

    # Test remove_data().
    db.remove_data(d1.identity)
    db.remove_data(d2.identity)
    db.remove_data(d3.identity)
    assert not db.has_data_key(d1.identity)
    assert not db.has_data_key(d2.identity)
    assert not db.has_data_key(d3.identity)
    assert not db.has_data_key(d1.identity, d1.data_type)
    assert not db.has_data_key(d2.identity, d2.data_type)
    assert not db.has_data_key(d3.identity, d3.data_type)
    assert db.get_data_count() == 0
    assert db.get_data_count(d1.data_type) == 0
    assert db.get_data_count(d2.data_type) == 0
    assert db.get_data_count(d3.data_type) == 0
    assert db.get_data_count(d1.data_type, d1.resource_type) == 0
    assert db.get_data_count(d2.data_type, d2.information_type) == 0
    assert db.get_data_count(d3.data_type, d3.vulnerability_type) == 0
    assert db.get_data_types((d1.identity, d2.identity, d3.identity)) == set()
    assert db.get_data(d1.identity) == None
    assert db.get_data(d2.identity) == None
    assert db.get_data(d3.identity) == None
示例#7
0
def helper_data_links():

    # Create some dummy data.
    from golismero.api.data.resource.url import Url
    from golismero.api.data.information.text import Text
    from golismero.api.data.vulnerability.information_disclosure.url_disclosure import UrlDisclosure
    d1 = Url("http://www.example.com/")
    d2 = Text("some text")
    d3 = UrlDisclosure(d1)
    d1.add_information(d2)

    # Test data_type, data_subtype, etc.
    print "Testing Data type checks..."
    assert d1.data_type == Data.TYPE_RESOURCE
    assert d1.data_subtype == Resource.RESOURCE_URL
    assert d1.resource_type == Resource.RESOURCE_URL
    assert d2.data_type == Data.TYPE_INFORMATION
    assert d2.data_subtype == Information.INFORMATION_PLAIN_TEXT
    assert d2.information_type == Information.INFORMATION_PLAIN_TEXT
    assert d3.data_type == Data.TYPE_VULNERABILITY
    assert d3.data_subtype == "information_disclosure/url_disclosure"
    assert d3.vulnerability_type == d3.data_subtype

    # Test validate_link_minimums().
    print "Testing Data.validate_link_minimums()..."
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()

    # Test the links property.
    print "Testing Data.links..."
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}

    # Test the get_links method.
    print "Testing Data.get_links()..."
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()

    # Test the linked_data property.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.linked_data..."
    assert {x.identity for x in d1.linked_data} == {d2.identity, d3.identity}
    assert {x.identity for x in d2.linked_data} == {d1.identity}
    assert {x.identity for x in d3.linked_data} == {d1.identity}

    # Test the get_linked_data() method.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_linked_data()..."
    assert {x.identity for x in d1.find_linked_data(d1.data_type)} == set()
    assert {x.identity for x in d1.find_linked_data(d1.data_type, d1.resource_type)} == set()
    assert {x.identity for x in d1.find_linked_data(d2.data_type)} == {d2.identity}
    assert {x.identity for x in d1.find_linked_data(d2.data_type, d2.information_type)} == {d2.identity}
    assert {x.identity for x in d1.find_linked_data(d3.data_type)} == {d3.identity}
    assert {x.identity for x in d1.find_linked_data(d3.data_type, d3.vulnerability_type)} == {d3.identity}
    assert {x.identity for x in d2.find_linked_data(d2.data_type)} == set()
    assert {x.identity for x in d2.find_linked_data(d2.data_type, d2.information_type)} == set()
    assert {x.identity for x in d2.find_linked_data(d1.data_type)} == {d1.identity}
    assert {x.identity for x in d2.find_linked_data(d1.data_type, d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d2.find_linked_data(d3.data_type)} == set()
    assert {x.identity for x in d2.find_linked_data(d3.data_type, d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.find_linked_data(d3.data_type)} == set()
    assert {x.identity for x in d3.find_linked_data(d3.data_type, d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.find_linked_data(d1.data_type)} == {d1.identity}
    assert {x.identity for x in d3.find_linked_data(d1.data_type, d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d3.find_linked_data(d2.data_type)} == set()
    assert {x.identity for x in d3.find_linked_data(d2.data_type, d2.information_type)} == set()

    # Test the associated_* properties.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.associated_*..."
    assert {x.identity for x in d1.associated_resources} == set()
    assert {x.identity for x in d1.associated_informations} == {d2.identity}
    assert {x.identity for x in d1.associated_vulnerabilities} == {d3.identity}
    assert {x.identity for x in d2.associated_informations} == set()
    assert {x.identity for x in d2.associated_resources} == {d1.identity}
    assert {x.identity for x in d2.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_resources} == {d1.identity}
    assert {x.identity for x in d3.associated_informations} == set()

    # Test the get_associated_*_by_category() methods.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_associated_*_by_category()..."
    assert {x.identity for x in d1.get_associated_resources_by_category(d1.resource_type)} == set()
    assert {x.identity for x in d1.get_associated_informations_by_category(d2.information_type)} == {d2.identity}
    assert {x.identity for x in d1.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == {d3.identity}
    assert {x.identity for x in d2.get_associated_informations_by_category(d2.information_type)} == set()
    assert {x.identity for x in d2.get_associated_resources_by_category(d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d2.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_associated_resources_by_category(d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d3.get_associated_informations_by_category(d2.information_type)} == set()

    # Test TempDataStorage.on_finish().
    print "Testing LocalDataCache.on_finish() on ideal conditions..."
    result = LocalDataCache.on_finish([d2, d3], d1)
    assert set(result) == set([d1, d2, d3])
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()
示例#8
0
            match = {}
            m_analyzer = MatchingAnalyzer(m_response_error_page.data)
            for l_url in set(m_discovered_urls):
                l_url = fix_url(l_url, m_url)
                if l_url in Config.audit_scope:
                    l_p = HTTP.get_url(l_url, callback=self.check_response
                                       )  # FIXME handle exceptions!
                    if l_p:
                        match[l_url] = l_p
                        m_analyzer.append(l_p.data, url=l_url)

            # Generate results
            for i in m_analyzer.unique_texts:
                l_url = i.url
                l_p = match[l_url]
                m_result = Url(l_url, referer=m_url)
                m_result.add_information(l_p)
                m_return.append(m_result)
                m_return.append(l_p)

        # No tricky error page, assume the status codes work
        else:
            for l_url in set(m_discovered_urls):
                l_url = fix_url(l_url, m_url)  # XXX FIXME
                try:
                    l_p = HTTP.get_url(l_url, callback=self.check_response)
                except NetworkOutOfScope:
                    continue
                except NetworkException:
                    continue
                if l_p:
示例#9
0
def helper_data_links():

    # Create some dummy data.
    from golismero.api.data.resource.url import Url
    from golismero.api.data.information.text import Text
    from golismero.api.data.vulnerability.information_disclosure.url_disclosure import UrlDisclosure
    d1 = Url("http://www.example.com/")
    d2 = Text("some text")
    d3 = UrlDisclosure(d1)
    d1.add_information(d2)

    # Test validate_link_minimums().
    print "Testing Data.validate_link_minimums()..."
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()

    # Test the links property.
    print "Testing Data.links..."
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}

    # Test the get_links method.
    print "Testing Data.get_links()..."
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()

    # Test the linked_data property.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.linked_data..."
    assert {x.identity for x in d1.linked_data} == {d2.identity, d3.identity}
    assert {x.identity for x in d2.linked_data} == {d1.identity}
    assert {x.identity for x in d3.linked_data} == {d1.identity}

    # Test the get_linked_data() method.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_linked_data()..."
    assert {x.identity for x in d1.get_linked_data(d1.data_type)} == set()
    assert {
        x.identity
        for x in d1.get_linked_data(d1.data_type, d1.resource_type)
    } == set()
    assert {x.identity
            for x in d1.get_linked_data(d2.data_type)} == {d2.identity}
    assert {
        x.identity
        for x in d1.get_linked_data(d2.data_type, d2.information_type)
    } == {d2.identity}
    assert {x.identity
            for x in d1.get_linked_data(d3.data_type)} == {d3.identity}
    assert {
        x.identity
        for x in d1.get_linked_data(d3.data_type, d3.vulnerability_type)
    } == {d3.identity}
    assert {x.identity for x in d2.get_linked_data(d2.data_type)} == set()
    assert {
        x.identity
        for x in d2.get_linked_data(d2.data_type, d2.information_type)
    } == set()
    assert {x.identity
            for x in d2.get_linked_data(d1.data_type)} == {d1.identity}
    assert {
        x.identity
        for x in d2.get_linked_data(d1.data_type, d1.resource_type)
    } == {d1.identity}
    assert {x.identity for x in d2.get_linked_data(d3.data_type)} == set()
    assert {
        x.identity
        for x in d2.get_linked_data(d3.data_type, d3.vulnerability_type)
    } == set()
    assert {x.identity for x in d3.get_linked_data(d3.data_type)} == set()
    assert {
        x.identity
        for x in d3.get_linked_data(d3.data_type, d3.vulnerability_type)
    } == set()
    assert {x.identity
            for x in d3.get_linked_data(d1.data_type)} == {d1.identity}
    assert {
        x.identity
        for x in d3.get_linked_data(d1.data_type, d1.resource_type)
    } == {d1.identity}
    assert {x.identity for x in d3.get_linked_data(d2.data_type)} == set()
    assert {
        x.identity
        for x in d3.get_linked_data(d2.data_type, d2.information_type)
    } == set()

    # Test the associated_* properties.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.associated_*..."
    assert {x.identity for x in d1.associated_resources} == set()
    assert {x.identity for x in d1.associated_informations} == {d2.identity}
    assert {x.identity for x in d1.associated_vulnerabilities} == {d3.identity}
    assert {x.identity for x in d2.associated_informations} == set()
    assert {x.identity for x in d2.associated_resources} == {d1.identity}
    assert {x.identity for x in d2.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_resources} == {d1.identity}
    assert {x.identity for x in d3.associated_informations} == set()

    # Test the get_associated_*_by_category() methods.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_associated_*_by_category()..."
    assert {
        x.identity
        for x in d1.get_associated_resources_by_category(d1.resource_type)
    } == set()
    assert {
        x.identity
        for x in d1.get_associated_informations_by_category(
            d2.information_type)
    } == {d2.identity}
    assert {
        x.identity
        for x in d1.get_associated_vulnerabilities_by_category(
            d3.vulnerability_type)
    } == {d3.identity}
    assert {
        x.identity
        for x in d2.get_associated_informations_by_category(
            d2.information_type)
    } == set()
    assert {
        x.identity
        for x in d2.get_associated_resources_by_category(d1.resource_type)
    } == {d1.identity}
    assert {
        x.identity
        for x in d2.get_associated_vulnerabilities_by_category(
            d3.vulnerability_type)
    } == set()
    assert {
        x.identity
        for x in d3.get_associated_vulnerabilities_by_category(
            d3.vulnerability_type)
    } == set()
    assert {
        x.identity
        for x in d3.get_associated_resources_by_category(d1.resource_type)
    } == {d1.identity}
    assert {
        x.identity
        for x in d3.get_associated_informations_by_category(
            d2.information_type)
    } == set()

    # Test TempDataStorage.on_finish().
    print "Testing LocalDataCache.on_finish() on ideal conditions..."
    result_before = [d1, d2, d3]
    result_after = LocalDataCache.on_finish(result_before)
    assert set(result_before) == set(result_after)
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()
示例#10
0
def helper_data_links():

    # Create some dummy data.
    from golismero.api.data.resource.url import Url
    from golismero.api.data.information.text import Text
    from golismero.api.data.vulnerability.information_disclosure.url_disclosure import UrlDisclosure
    d1 = Url("http://www.example.com/")
    d2 = Text("some text")
    d3 = UrlDisclosure(d1)
    d1.add_information(d2)

    # Test validate_link_minimums().
    print "Testing Data.validate_link_minimums()..."
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()

    # Test the links property.
    print "Testing Data.links..."
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}

    # Test the get_links method.
    print "Testing Data.get_links()..."
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()

    # Test the linked_data property.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.linked_data..."
    assert {x.identity for x in d1.linked_data} == {d2.identity, d3.identity}
    assert {x.identity for x in d2.linked_data} == {d1.identity}
    assert {x.identity for x in d3.linked_data} == {d1.identity}

    # Test the get_linked_data() method.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_linked_data()..."
    assert {x.identity for x in d1.get_linked_data(d1.data_type)} == set()
    assert {x.identity for x in d1.get_linked_data(d1.data_type, d1.resource_type)} == set()
    assert {x.identity for x in d1.get_linked_data(d2.data_type)} == {d2.identity}
    assert {x.identity for x in d1.get_linked_data(d2.data_type, d2.information_type)} == {d2.identity}
    assert {x.identity for x in d1.get_linked_data(d3.data_type)} == {d3.identity}
    assert {x.identity for x in d1.get_linked_data(d3.data_type, d3.vulnerability_type)} == {d3.identity}
    assert {x.identity for x in d2.get_linked_data(d2.data_type)} == set()
    assert {x.identity for x in d2.get_linked_data(d2.data_type, d2.information_type)} == set()
    assert {x.identity for x in d2.get_linked_data(d1.data_type)} == {d1.identity}
    assert {x.identity for x in d2.get_linked_data(d1.data_type, d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d2.get_linked_data(d3.data_type)} == set()
    assert {x.identity for x in d2.get_linked_data(d3.data_type, d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_linked_data(d3.data_type)} == set()
    assert {x.identity for x in d3.get_linked_data(d3.data_type, d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_linked_data(d1.data_type)} == {d1.identity}
    assert {x.identity for x in d3.get_linked_data(d1.data_type, d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d3.get_linked_data(d2.data_type)} == set()
    assert {x.identity for x in d3.get_linked_data(d2.data_type, d2.information_type)} == set()

    # Test the associated_* properties.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.associated_*..."
    assert {x.identity for x in d1.associated_resources} == set()
    assert {x.identity for x in d1.associated_informations} == {d2.identity}
    assert {x.identity for x in d1.associated_vulnerabilities} == {d3.identity}
    assert {x.identity for x in d2.associated_informations} == set()
    assert {x.identity for x in d2.associated_resources} == {d1.identity}
    assert {x.identity for x in d2.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_vulnerabilities} == set()
    assert {x.identity for x in d3.associated_resources} == {d1.identity}
    assert {x.identity for x in d3.associated_informations} == set()

    # Test the get_associated_*_by_category() methods.
    # There should be no accesses to the database since all data is local.
    print "Testing Data.get_associated_*_by_category()..."
    assert {x.identity for x in d1.get_associated_resources_by_category(d1.resource_type)} == set()
    assert {x.identity for x in d1.get_associated_informations_by_category(d2.information_type)} == {d2.identity}
    assert {x.identity for x in d1.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == {d3.identity}
    assert {x.identity for x in d2.get_associated_informations_by_category(d2.information_type)} == set()
    assert {x.identity for x in d2.get_associated_resources_by_category(d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d2.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_associated_vulnerabilities_by_category(d3.vulnerability_type)} == set()
    assert {x.identity for x in d3.get_associated_resources_by_category(d1.resource_type)} == {d1.identity}
    assert {x.identity for x in d3.get_associated_informations_by_category(d2.information_type)} == set()

    # Test TempDataStorage.on_finish().
    print "Testing LocalDataCache.on_finish() on ideal conditions..."
    result_before = [d1, d2, d3]
    result_after  = LocalDataCache.on_finish(result_before)
    assert set(result_before) == set(result_after)
    d1.validate_link_minimums()
    d2.validate_link_minimums()
    d3.validate_link_minimums()
    assert d1.links == {d2.identity, d3.identity}
    assert d2.links == {d1.identity}
    assert d3.links == {d1.identity}
    assert d1.get_links(d1.data_type) == set()
    assert d1.get_links(d1.data_type, d1.resource_type) == set()
    assert d1.get_links(d2.data_type) == {d2.identity}
    assert d1.get_links(d2.data_type, d2.information_type) == {d2.identity}
    assert d1.get_links(d3.data_type) == {d3.identity}
    assert d1.get_links(d3.data_type, d3.vulnerability_type) == {d3.identity}
    assert d2.get_links(d2.data_type) == set()
    assert d2.get_links(d2.data_type, d2.information_type) == set()
    assert d2.get_links(d1.data_type) == {d1.identity}
    assert d2.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d2.get_links(d3.data_type) == set()
    assert d2.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d3.data_type) == set()
    assert d3.get_links(d3.data_type, d3.vulnerability_type) == set()
    assert d3.get_links(d1.data_type) == {d1.identity}
    assert d3.get_links(d1.data_type, d1.resource_type) == {d1.identity}
    assert d3.get_links(d2.data_type) == set()
    assert d3.get_links(d2.data_type, d2.information_type) == set()