class TestModelObjectCRUD(TestCase): """docstring for TestModelObjectCRUD""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) workspace = self.wm.createWorkspace('test_workspace', workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) def tearDown(self): c = self.wm.removeWorkspace('test_workspace') def test_create_and_remove_host_from_controller(self): host1 = create_host(self, "coquito") self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.model_controller.delHostSYNC(host1.name) self.assertNotIn(host1.getID(), self.model_controller.getAllHosts(), "Host not deleted") def test_delete_interface(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname = "pepito") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.model_controller.delInterfaceSYNC(host1.getID(), "pepito") self.assertNotIn(interface1, host1.getAllInterfaces(), "Interface in host! Not deleted!") self.assertIn(host1, self.model_controller.getAllHosts(), 'Host removed after interface removal') def test_delete_service(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") self.model_controller.delServiceFromInterfaceSYNC(host1.getID(), interface1.getID(), service1.getID()) self.assertNotIn(service1, self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices(), \ "Service not deleted")
def test_save_command_in_fs(self): """ Tests if command is saved in couch """ wm = WorkspaceManager(mock(ModelController), mock(PluginController)) command_info = self.getDefaultCommandInfo() command_info['workspace'] = 'new_workspace' exec_command = CommandRunInformation(**command_info) workspace = wm.createWorkspace(exec_command.workspace, workspaceClass=WorkspaceOnFS) wm.setActiveWorkspace(workspace) cm = CommandManager() res = cm.saveCommand(exec_command, workspace) self._manager = PersistenceManagerFactory.getInstance() # saved_doc = self._manager.getDocument(exec_command.workspace, res['id']) # After all wm.removeWorkspace(command_info['workspace'])
class ModelObjectCRUD(unittest.TestCase): @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.temp_workspace = self.wm.createWorkspace( test_utils.new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.temp_workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.temp_workspace.name) def testAddHost(self): """ This test case creates a host within the Model Controller context then checks it's vality""" # When hostname = 'host' _ = test_utils.create_host(self, host_name=hostname, os='windows') # #Then added_host = self.model_controller.getHost(hostname) self.assertEquals(added_host.getName(), hostname, 'Saved object name is not correctly saved') def testAddVulnToHost(self): """ This test case creates a host within the Model Controller context then adds a VULN""" # When h = test_utils.create_host(self) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(h.getID(), vuln) added_host = self.model_controller.getHost(h.getName()) vulns = added_host.getVulns() #Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnWebToHost(self): """ This test case creates a host within the Model Controller context then adds a VulnWeb""" # When h = test_utils.create_host(self) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(h.getID(), vuln) added_host = self.model_controller.getHost(h.getName()) vulns = added_host.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnWebToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') self.temp_workspace.load() # Then added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln.getID(), [v.getID() for v in vulns], 'Vuln not reloaded') def testAddVulnWebToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a VulnWeb""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddNoteToHost(self): """ This test case creates a host within the Model Controller context then adds a Note""" # When h = test_utils.create_host(self) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToHostSYNC(h.getID(), note) # Then added_host = self.model_controller.getHost(h.getName()) notes = added_host.getNotes() self.assertIn(note, notes, 'Note not added') def testAddNoteToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a Note""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToInterfaceSYNC(host.getID(), interface.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() # Then self.assertIn(note, notes, 'Note not added') def testAddNoteToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a Note""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() # Then self.assertIn(note, notes, 'Note not added') def testDeleteHost(self): """ Creates a Host to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delHostSYNC(host1.name) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertNotIn(host1.getID(), hosts_ids, "Host not deleted") def testDeleteInterface(self): """ Creates a Host and an Interface, then deletes the interface to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") interface1 = test_utils.create_interface(self, host1, iname="pepito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") self.model_controller.delInterfaceSYNC(host1.getID(), "pepito") interfaces_ids = [ i.getID() for i in self.model_controller.getHost( host1.getID()).getAllInterfaces() ] self.assertNotIn(interface1.getID(), interfaces_ids, "Interface not in host!") def testDeleteService(self): """ Creates a Host an Interface and a Service, then deletes the Service to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") interface1 = test_utils.create_interface(self, host1, iname="pepito") service1 = test_utils.create_service(self, host1, interface1) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") services_ids = [s.getID() for s in \ self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices()] self.assertIn(service1.getID(), services_ids, "Service not in Interface!") self.model_controller.delServiceFromInterfaceSYNC( host1.getID(), interface1.getID(), service1.getID()) services_ids = [s.getID() for s in \ self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices()] self.assertNotIn(service1.getID(), services_ids, \ "Service not deleted") def testDeleteVulnFromHost(self): """ Creates a Host adds a Vuln then removes """ host1 = test_utils.create_host(self, "coquito") vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(host1.getID(), vuln) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delVulnFromHostSYNC(host1.getID(), vuln.getID()) added_host = self.model_controller.getHost(host1.getName()) self.assertNotIn(vuln, added_host.getVulns(), 'Vuln not removed') def testDelVulnFromInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') # Then self.model_controller.delVulnFromInterfaceSYNC(host.getID(), interface.getID(), vuln.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertNotIn(vuln, vulns, 'Vuln not removed') def testDelVulnFromService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a Vuln, then removes the Vuln""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') # Then self.model_controller.delVulnFromServiceSYNC(host.getID(), service.getID(), vuln.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() self.assertNotIn(vuln, vulns, 'Vuln not removed') def testDeleteNoteFromHost(self): """ Creates a Host adds a Note then removes """ host1 = test_utils.create_host(self, "coquito") note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToHostSYNC(host1.getID(), note) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delNoteFromHostSYNC(host1.getID(), note.getID()) added_host = self.model_controller.getHost(host1.getName()) self.assertNotIn(note, added_host.getNotes(), 'Note not removed') def testDelNoteFromInterface(self): """ Creates a Hosts, adds an Interface and a Note, then removes the note """ # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToInterfaceSYNC(host.getID(), interface.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() self.assertIn(note, notes, 'Note not added') # Then self.model_controller.delNoteFromInterfaceSYNC(host.getID(), interface.getID(), note.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() self.assertNotIn(note, notes, 'Note not removed') def testDelNoteFromService(self): """ Creates a Hosts, adds an Interface, a Service and a Note, then removes the note """ # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() self.assertIn(note, notes, 'Note not added') # Then self.model_controller.delNoteFromServiceSYNC(host.getID(), service.getID(), note.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() self.assertNotIn(note, notes, 'Note not removed') def testVulnHostLookup(self): host = test_utils.create_host(self) vuln = test_utils.create_host_vuln(self, host, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals(len(visitor.parents[0]), 1, "object hierarchy should be only host") self.assertIn(vuln, visitor.vulns) def testVulnInterfaceLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) vuln = test_utils.create_int_vuln(self, host, inter, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals(len(visitor.parents[0]), 2, "object hierarchy should be host and interface") self.assertIn(vuln, visitor.vulns) def testVulnServiceLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, inter) vuln = test_utils.create_serv_vuln(self, host, service, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals( len(visitor.parents[0]), 3, "object hierarchy should be host, interface and service") self.assertIn(vuln, visitor.vulns) def testMultipleVulnLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, inter) vuln = test_utils.create_serv_vuln(self, host, service, 'vuln', 'desc', 'high') vuln2 = test_utils.create_int_vuln(self, host, inter, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) parents1 = visitor.parents[0] parents2 = visitor.parents[1] self.assertIn(host, parents1, "Host should be in parents") self.assertIn(host, parents2, "Host should be in parents") self.assertIn(inter, parents2, "Interface should be in parents") self.assertIn(inter, parents2, "Interface should be in parents")
class TestWorkspacesManagement(unittest.TestCase): def setUp(self): self.couch_uri = CONF.getCouchURI() self.cdm = CouchdbManager(uri=self.couch_uri) wpath = os.path.expanduser("~/.faraday/persistence/") self.fsm = FSManager(wpath) self.wm = WorkspaceManager(mock(ModelController), mock(PluginController)) self._fs_workspaces = [] self._couchdb_workspaces = [] def tearDown(self): self.cleanCouchDatabases() self.cleanFSWorkspaces() # pass def new_random_workspace_name(self): return ("aworkspace" + "".join(random.sample([chr(i) for i in range(65, 90)], 10))).lower() def cleanFSWorkspaces(self): import shutil basepath = os.path.expanduser("~/.faraday/persistence/") for d in self._fs_workspaces: wpath = os.path.join(basepath, d) if os.path.isdir(wpath): shutil.rmtree(wpath) def cleanCouchDatabases(self): try: for wname in self._couchdb_workspaces: self.cdm.removeWorkspace(wname) except Exception as e: print e def test_create_fs_workspace(self): """ Verifies the creation of a filesystem workspace """ wname = self.new_random_workspace_name() self._fs_workspaces.append(wname) self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) self.assertFalse(self.cdm.existWorkspace(wname)) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertTrue(os.path.exists(wpath)) self.assertEquals(WorkspaceOnFS.__name__, self.wm.getWorkspaceType(wname)) def test_create_couch_workspace(self): """ Verifies the creation of a couch workspace """ wname = self.new_random_workspace_name() self._couchdb_workspaces.append(wname) self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnCouch) self.assertTrue(self.cdm.existWorkspace(wname)) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertFalse(os.path.exists(wpath)) self.assertEquals(WorkspaceOnCouch.__name__, self.wm.getWorkspaceType(wname)) def test_delete_couch_workspace(self): """ Verifies the deletion of a couch workspace """ wname = self.new_random_workspace_name() self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnCouch) self.assertTrue(self.cdm.existWorkspace(wname)) #Delete workspace self.wm.removeWorkspace(wname) self.assertFalse(self.cdm.existWorkspace(wname)) def test_delete_fs_workspace(self): """ Verifies the deletion of a filesystem workspace """ wname = self.new_random_workspace_name() self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertTrue(os.path.exists(wpath)) #Delete workspace self.wm.removeWorkspace(wname) self.assertFalse(os.path.exists(wpath)) def test_list_workspaces(self): """ Lists FS workspaces and Couch workspaces """ # First create workspaces manually wnamefs = self.new_random_workspace_name() wnamecouch = self.new_random_workspace_name() # FS self.fsm.addWorkspace(wnamefs) # Couch self.cdm.addWorkspace(wnamecouch) # When loading workspaces self.wm.loadWorkspaces() self.assertIn(wnamefs, self.wm.getWorkspacesNames(), 'FS Workspace not loaded') self.assertIn(wnamecouch, self.wm.getWorkspacesNames(), 'Couch Workspace not loaded') self.assertEquals(self.wm.getWorkspaceType(wnamefs), WorkspaceOnFS.__name__, 'Workspace type bad defined') self.assertEquals(self.wm.getWorkspaceType(wnamecouch), WorkspaceOnCouch.__name__, 'Workspace type bad defined') def test_get_workspace(self): """ Create a workspace, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(workspace, 'Workspace added should not be none') self.assertEquals(workspace, added_workspace, 'Workspace created and added diffier') def test_get_existent_couch_workspace(self): """ Create a workspace in the backend, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.cdm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(added_workspace, 'Workspace added should not be none') def test_get_existent_fs_workspace(self): """ Create a workspace in the backend, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.fsm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(added_workspace, 'Workspace added should not be none') def test_get_non_existent_workspace(self): """ Retrieve a non existent workspace """ added_workspace = self.wm.getWorkspace('inventado') # Then self.assertIsNone(added_workspace, 'Workspace added should not be none') def test_set_active_workspace(self): ''' create a workspace through the backend, then set it as active ''' wname = self.new_random_workspace_name() workspace = self.fsm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # when self.wm.setActiveWorkspace(added_workspace) self.assertEquals(added_workspace, self.wm.getActiveWorkspace(), 'Active workspace diffiers with expected workspace') self.assertTrue(self.wm.isActive(added_workspace.name), 'Workspace is active flag not set') def test_remove_fs_workspace(self): # First wname = self.new_random_workspace_name() added_workspace = self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) # When self.wm.removeWorkspace(wname) # Then self.assertNotIn(wname, self.fsm.getWorkspacesNames()) def test_remove_couch_workspace(self): # First wname = self.new_random_workspace_name() added_workspace = self.wm.createWorkspace( wname, workspaceClass=WorkspaceOnCouch) # When self.wm.removeWorkspace(wname) # Then self.assertNotIn(wname, self.cdm.getWorkspacesNames()) def test_remove_non_existent_workspace(self): # When self.wm.removeWorkspace('invented') # Then self.assertNotIn('invented', self.cdm.getWorkspacesNames())
class TestWorkspacesManagement(unittest.TestCase): def setUp(self): self.couch_uri = CONF.getCouchURI() self.cdm = CouchdbManager(uri=self.couch_uri) wpath = os.path.expanduser("~/.faraday/persistence/" ) self.fsm = FSManager(wpath) self.wm = WorkspaceManager(mock(ModelController), mock(PluginController)) self._fs_workspaces = [] self._couchdb_workspaces = [] def tearDown(self): self.cleanCouchDatabases() self.cleanFSWorkspaces() # pass def new_random_workspace_name(self): return ("aworkspace" + "".join(random.sample( [chr(i) for i in range(65, 90)], 10))).lower() def cleanFSWorkspaces(self): import shutil basepath = os.path.expanduser("~/.faraday/persistence/") for d in self._fs_workspaces: wpath = os.path.join(basepath, d) if os.path.isdir(wpath): shutil.rmtree(wpath) def cleanCouchDatabases(self): try: for wname in self._couchdb_workspaces: self.cdm.removeWorkspace(wname) except Exception as e: print e def test_create_fs_workspace(self): """ Verifies the creation of a filesystem workspace """ wname = self.new_random_workspace_name() self._fs_workspaces.append(wname) self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) self.assertFalse(self.cdm.existWorkspace(wname)) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertTrue(os.path.exists(wpath)) self.assertEquals(WorkspaceOnFS.__name__, self.wm.getWorkspaceType(wname)) def test_create_couch_workspace(self): """ Verifies the creation of a couch workspace """ wname = self.new_random_workspace_name() self._couchdb_workspaces.append(wname) self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnCouch) self.assertTrue(self.cdm.existWorkspace(wname)) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertFalse(os.path.exists(wpath)) self.assertEquals(WorkspaceOnCouch.__name__, self.wm.getWorkspaceType(wname)) def test_delete_couch_workspace(self): """ Verifies the deletion of a couch workspace """ wname = self.new_random_workspace_name() self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnCouch) self.assertTrue(self.cdm.existWorkspace(wname)) #Delete workspace self.wm.removeWorkspace(wname) self.assertFalse(self.cdm.existWorkspace(wname)) def test_delete_fs_workspace(self): """ Verifies the deletion of a filesystem workspace """ wname = self.new_random_workspace_name() self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) wpath = os.path.expanduser("~/.faraday/persistence/%s" % wname) self.assertTrue(os.path.exists(wpath)) #Delete workspace self.wm.removeWorkspace(wname) self.assertFalse(os.path.exists(wpath)) def test_list_workspaces(self): """ Lists FS workspaces and Couch workspaces """ # First create workspaces manually wnamefs = self.new_random_workspace_name() wnamecouch = self.new_random_workspace_name() # FS self.fsm.addWorkspace(wnamefs) # Couch self.cdm.addWorkspace(wnamecouch) # When loading workspaces self.wm.loadWorkspaces() self.assertIn(wnamefs, self.wm.getWorkspacesNames(), 'FS Workspace not loaded') self.assertIn(wnamecouch, self.wm.getWorkspacesNames(), 'Couch Workspace not loaded') self.assertEquals(self.wm.getWorkspaceType(wnamefs), WorkspaceOnFS.__name__, 'Workspace type bad defined' ) self.assertEquals(self.wm.getWorkspaceType(wnamecouch), WorkspaceOnCouch.__name__, 'Workspace type bad defined') def test_get_workspace(self): """ Create a workspace, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(workspace, 'Workspace added should not be none') self.assertEquals(workspace, added_workspace, 'Workspace created and added diffier') def test_get_existent_couch_workspace(self): """ Create a workspace in the backend, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.cdm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(added_workspace, 'Workspace added should not be none') def test_get_existent_fs_workspace(self): """ Create a workspace in the backend, now ask for it """ # When wname = self.new_random_workspace_name() workspace = self.fsm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # Then self.assertIsNotNone(added_workspace, 'Workspace added should not be none') def test_get_non_existent_workspace(self): """ Retrieve a non existent workspace """ added_workspace = self.wm.getWorkspace('inventado') # Then self.assertIsNone(added_workspace, 'Workspace added should not be none') def test_set_active_workspace(self): ''' create a workspace through the backend, then set it as active ''' wname = self.new_random_workspace_name() workspace = self.fsm.addWorkspace(wname) self.wm.loadWorkspaces() added_workspace = self.wm.getWorkspace(wname) # when self.wm.setActiveWorkspace(added_workspace) self.assertEquals(added_workspace, self.wm.getActiveWorkspace(), 'Active workspace diffiers with expected workspace') self.assertTrue(self.wm.isActive(added_workspace.name), 'Workspace is active flag not set') def test_remove_fs_workspace(self): # First wname = self.new_random_workspace_name() added_workspace = self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnFS) # When self.wm.removeWorkspace(wname) # Then self.assertNotIn(wname, self.fsm.getWorkspacesNames()) def test_remove_couch_workspace(self): # First wname = self.new_random_workspace_name() added_workspace = self.wm.createWorkspace(wname, workspaceClass=WorkspaceOnCouch) # When self.wm.removeWorkspace(wname) # Then self.assertNotIn(wname, self.cdm.getWorkspacesNames()) def test_remove_non_existent_workspace(self): # When self.wm.removeWorkspace('invented') # Then self.assertNotIn('invented', self.cdm.getWorkspacesNames())
class TestWorkspaceCRUD(TestCase): """docstring for TestWorspace""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) def test_switch_workspace_with_objects(self): workspace = self.wm.createWorkspace('test_workspace', workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") workspace2 = self.wm.createWorkspace('test_workspace2', workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace2) self.assertNotIn(host1, self.model_controller.getAllHosts(), "Host in controller, should be removed when \ switching workspaces") self.wm.setActiveWorkspace(workspace) self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") def test_remove_active_workspace(self): workspace = self.wm.createWorkspace('test_workspace', workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) self.assertNotIn(host1, self.model_controller.getAllHosts(), 'Host not removed while removing active workspace') def test_remove_active_workspace_fs(self): workspace = self.wm.createWorkspace('test_workspace', workspaceClass=WorkspaceOnFS) self.wm.setActiveWorkspace(workspace) host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) self.assertNotIn(host1, self.model_controller.getAllHosts(), 'Host not removed while removing active workspace') def test_remove_another_workspace(self): workspace = self.wm.createWorkspace('test_workspace', workspaceClass=WorkspaceOnCouch) workspace2 = self.wm.createWorkspace('test_workspace2', workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) create_host(self, "coquito") self.wm.setActiveWorkspace(workspace2) self.wm.removeWorkspace(workspace.name) self.assertNotIn(workspace.name, self.wm.getWorkspacesNames(), "Workspace not removed") self.assertIn(workspace2.name, self.wm.getWorkspacesNames(), "Workspace removed while removing another workspace")
class TestModelObjectCRUD(TestCase): """docstring for TestModelObjectCRUD""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.workspace = self.wm.createWorkspace( new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.workspace.name) def test_create_and_remove_host_from_controller(self): host1 = create_host(self, "coquito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delHostSYNC(host1.name) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertNotIn(host1.getID(), hosts_ids, "Host not deleted") def test_delete_interface(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") self.model_controller.delInterfaceSYNC(host1.getID(), "pepito") interfaces_ids = [ i.getID() for i in self.model_controller.getHost( host1.getID()).getAllInterfaces() ] self.assertNotIn(interface1.getID(), interfaces_ids, "Interface not in host!") def test_delete_service(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") services_ids = [ s.getID() for s in self.model_controller.getHost(host1.getID()).getInterface( interface1.getID()).getAllServices() ] self.assertIn(service1.getID(), services_ids, "Service not in Interface!") self.model_controller.delServiceFromInterfaceSYNC( host1.getID(), interface1.getID(), service1.getID()) services_ids = [ s.getID() for s in self.model_controller.getHost(host1.getID()).getInterface( interface1.getID()).getAllServices() ] self.assertNotIn(service1.getID(), services_ids, \ "Service not deleted")
class VulnerabilityCreationTests(unittest.TestCase): @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.temp_workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.temp_workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.temp_workspace.name) def testStandarizeNumericVulnSeverity(self): """ Verifies numeric severity transformed into 'info, low, high, critical' severity""" vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=0) self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=1) self.assertEquals(vuln.severity, 'low', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=2) self.assertEquals(vuln.severity, 'med', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=3) self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=4) self.assertEquals(vuln.severity, 'critical', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=5) self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=-1) self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') def testStandarizeShortnameVulnSeverity(self): """ Verifies longname severity transformed into 'info, low, high, critical' severity (informational -> info)""" vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='informational') self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='medium') self.assertEquals(vuln.severity, 'med', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='highest') self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='criticalosiuos') self.assertEquals(vuln.severity, 'critical', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='tuvieja') self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') def testStandarizeUpdatedSeverity(self): vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='informational') self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln.updateAttributes(severity='3') self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly')
class TestWorkspaceManager(unittest.TestCase): """docstring for TestWorspace""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) cls.couch_uri = CONF.getCouchURI() cls.cdm = CouchdbManager(uri=cls.couch_uri) def setUp(self): self._couchdb_workspaces = [] self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) def tearDown(self): self.cleanCouchDatabases() def cleanCouchDatabases(self): try: for wname in self._couchdb_workspaces: self.cdm.removeWorkspace(wname) except Exception as e: print e def _test_switch_workspace_with_objects(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") workspace2 = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace2.name) self.wm.setActiveWorkspace(workspace2) WorkspacePersister.stopThreads() self.assertNotIn( host1, self.model_controller.getAllHosts(), "Host in controller, should be removed when \ switching workspaces") self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") def _test_remove_active_workspace(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertNotIn(host1.getID(), hosts_ids, 'Host not removed while removing active workspace') def _test_remove_active_workspace_fs(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnFS) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) self.assertNotIn(host1, self.model_controller.getAllHosts(), 'Host not removed while removing active workspace') def _test_remove_another_workspace(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) workspace2 = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace2.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() create_host(self, "coquito") self.wm.setActiveWorkspace(workspace2) WorkspacePersister.stopThreads() self.wm.removeWorkspace(workspace.name) self.assertNotIn(workspace.name, self.wm.getWorkspacesNames(), "Workspace not removed") self.assertIn(workspace2.name, self.wm.getWorkspacesNames(), "Workspace removed while removing another workspace") def _test_load_workspace_on_couch(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" """ We are going to test this structure: host -> interface1 -> service1 -> vuln_web -> vuln -> note -> service2 -> vuln -> vuln -> vuln -> note -> note -> interface2 -> service3 -> note -> credential -> vuln -> vuln """ workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host = create_host(self) interface = create_interface(self, host, ip="127.0.0.1") interface2 = create_interface(self, host, ip="127.0.0.2") service = create_service(self, host, interface, ports=1) service2 = create_service(self, host, interface, ports=2) service3 = create_service(self, host, interface2, ports=3) vulnweb = ModelObjectVulnWeb(name='VulnWebTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vulnweb) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') vuln2 = ModelObjectVuln(name='VulnTest2', desc='TestDescription', severity='high') vuln3 = ModelObjectVuln(name='VulnTest3', desc='TestDescription', severity='high') vuln4 = ModelObjectVuln(name='VulnTest4', desc='TestDescription', severity='high') vuln5 = ModelObjectVuln(name='VulnTest5', desc='TestDescription', severity='high') vuln6 = ModelObjectVuln(name='VulnTest6', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln2) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln3) self.model_controller.addVulnToHostSYNC(host.getID(), vuln4) self.model_controller.addVulnToServiceSYNC(host.getID(), service3.getID(), vuln5) self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface2.getID(), vuln6) note = ModelObjectNote(name='NoteTest', text='TestDescription') note2 = ModelObjectNote(name='NoteTest2', text='TestDescription') note3 = ModelObjectNote(name='NoteTest3', text='TestDescription') note4 = ModelObjectNote(name='NoteTest4', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) self.model_controller.addNoteToHostSYNC(host.getID(), note2) self.model_controller.addNoteToHostSYNC(host.getID(), note3) self.model_controller.addNoteToServiceSYNC(host.getID(), service3.getID(), note4) cred = ModelObjectCred(username='******', password='******') self.model_controller.addCredToServiceSYNC(host.getID(), service3.getID(), cred) # First, we test if the structure was correctly created # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") # So, now we reload the worskpace and check everything again workspace.load() # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") def test_load_workspace_on_fs(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" """ We are going to test this structure: host -> interface1 -> service1 -> vuln_web -> vuln -> note -> service2 -> vuln -> vuln -> vuln -> note -> note -> interface2 -> service3 -> note -> credential -> vuln -> vuln """ workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnFS) #self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host = create_host(self) interface = create_interface(self, host, ip="127.0.0.1") interface2 = create_interface(self, host, ip="127.0.0.2") service = create_service(self, host, interface, ports=1) service2 = create_service(self, host, interface, ports=2) service3 = create_service(self, host, interface2, ports=3) vulnweb = ModelObjectVulnWeb(name='VulnWebTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vulnweb) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') vuln2 = ModelObjectVuln(name='VulnTest2', desc='TestDescription', severity='high') vuln3 = ModelObjectVuln(name='VulnTest3', desc='TestDescription', severity='high') vuln4 = ModelObjectVuln(name='VulnTest4', desc='TestDescription', severity='high') vuln5 = ModelObjectVuln(name='VulnTest5', desc='TestDescription', severity='high') vuln6 = ModelObjectVuln(name='VulnTest6', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln2) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln3) self.model_controller.addVulnToHostSYNC(host.getID(), vuln4) self.model_controller.addVulnToServiceSYNC(host.getID(), service3.getID(), vuln5) self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface2.getID(), vuln6) note = ModelObjectNote(name='NoteTest', text='TestDescription') note2 = ModelObjectNote(name='NoteTest2', text='TestDescription') note3 = ModelObjectNote(name='NoteTest3', text='TestDescription') note4 = ModelObjectNote(name='NoteTest4', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) self.model_controller.addNoteToHostSYNC(host.getID(), note2) self.model_controller.addNoteToHostSYNC(host.getID(), note3) self.model_controller.addNoteToServiceSYNC(host.getID(), service3.getID(), note4) cred = ModelObjectCred(username='******', password='******') self.model_controller.addCredToServiceSYNC(host.getID(), service3.getID(), cred) # First, we test if the structure was correctly created # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") # So, now we reload the worskpace and check everything again print workspace.name workspace.load() # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created")
class TestWorkspaceManager(unittest.TestCase): """docstring for TestWorspace""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) cls.couch_uri = CONF.getCouchURI() cls.cdm = CouchdbManager(uri=cls.couch_uri) def setUp(self): self._couchdb_workspaces = [] self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) def tearDown(self): self.cleanCouchDatabases() def cleanCouchDatabases(self): try: for wname in self._couchdb_workspaces: self.cdm.removeWorkspace(wname) except Exception as e: print e def _test_switch_workspace_with_objects(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") workspace2 = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace2.name) self.wm.setActiveWorkspace(workspace2) WorkspacePersister.stopThreads() self.assertNotIn(host1, self.model_controller.getAllHosts(), "Host in controller, should be removed when \ switching workspaces") self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() self.assertIn(host1, self.model_controller.getAllHosts(), "Host not in controller") self.assertIn(interface1, host1.getAllInterfaces(), "Interface not in host!") self.assertIn(service1, interface1.getAllServices(), "Service not in Interface!") def _test_remove_active_workspace(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertNotIn(host1.getID(), hosts_ids, 'Host not removed while removing active workspace') def _test_remove_active_workspace_fs(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnFS) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host1 = create_host(self, "coquito") self.wm.removeWorkspace(workspace.name) self.assertNotIn(host1, self.model_controller.getAllHosts(), 'Host not removed while removing active workspace') def _test_remove_another_workspace(self): workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) workspace2 = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace2.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() create_host(self, "coquito") self.wm.setActiveWorkspace(workspace2) WorkspacePersister.stopThreads() self.wm.removeWorkspace(workspace.name) self.assertNotIn(workspace.name, self.wm.getWorkspacesNames(), "Workspace not removed") self.assertIn(workspace2.name, self.wm.getWorkspacesNames(), "Workspace removed while removing another workspace") def _test_load_workspace_on_couch(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" """ We are going to test this structure: host -> interface1 -> service1 -> vuln_web -> vuln -> note -> service2 -> vuln -> vuln -> vuln -> note -> note -> interface2 -> service3 -> note -> credential -> vuln -> vuln """ workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host = create_host(self) interface = create_interface(self, host, ip="127.0.0.1") interface2 = create_interface(self, host, ip="127.0.0.2") service = create_service(self, host, interface, ports=1) service2 = create_service(self, host, interface, ports=2) service3 = create_service(self, host, interface2, ports=3) vulnweb = ModelObjectVulnWeb(name='VulnWebTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vulnweb) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') vuln2 = ModelObjectVuln(name='VulnTest2', desc='TestDescription', severity='high') vuln3 = ModelObjectVuln(name='VulnTest3', desc='TestDescription', severity='high') vuln4 = ModelObjectVuln(name='VulnTest4', desc='TestDescription', severity='high') vuln5 = ModelObjectVuln(name='VulnTest5', desc='TestDescription', severity='high') vuln6 = ModelObjectVuln(name='VulnTest6', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln2) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln3) self.model_controller.addVulnToHostSYNC(host.getID(), vuln4) self.model_controller.addVulnToServiceSYNC(host.getID(), service3.getID(), vuln5) self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface2.getID(), vuln6) note = ModelObjectNote(name='NoteTest', text='TestDescription') note2 = ModelObjectNote(name='NoteTest2', text='TestDescription') note3 = ModelObjectNote(name='NoteTest3', text='TestDescription') note4 = ModelObjectNote(name='NoteTest4', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) self.model_controller.addNoteToHostSYNC(host.getID(), note2) self.model_controller.addNoteToHostSYNC(host.getID(), note3) self.model_controller.addNoteToServiceSYNC(host.getID(), service3.getID(), note4) cred = ModelObjectCred(username='******', password='******') self.model_controller.addCredToServiceSYNC(host.getID(), service3.getID(), cred) # First, we test if the structure was correctly created # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") # So, now we reload the worskpace and check everything again workspace.load() # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") def test_load_workspace_on_fs(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" """ We are going to test this structure: host -> interface1 -> service1 -> vuln_web -> vuln -> note -> service2 -> vuln -> vuln -> vuln -> note -> note -> interface2 -> service3 -> note -> credential -> vuln -> vuln """ workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnFS) #self._couchdb_workspaces.append(workspace.name) self.wm.setActiveWorkspace(workspace) WorkspacePersister.stopThreads() host = create_host(self) interface = create_interface(self, host, ip="127.0.0.1") interface2 = create_interface(self, host, ip="127.0.0.2") service = create_service(self, host, interface, ports=1) service2 = create_service(self, host, interface, ports=2) service3 = create_service(self, host, interface2, ports=3) vulnweb = ModelObjectVulnWeb(name='VulnWebTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vulnweb) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') vuln2 = ModelObjectVuln(name='VulnTest2', desc='TestDescription', severity='high') vuln3 = ModelObjectVuln(name='VulnTest3', desc='TestDescription', severity='high') vuln4 = ModelObjectVuln(name='VulnTest4', desc='TestDescription', severity='high') vuln5 = ModelObjectVuln(name='VulnTest5', desc='TestDescription', severity='high') vuln6 = ModelObjectVuln(name='VulnTest6', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln2) self.model_controller.addVulnToServiceSYNC(host.getID(), service2.getID(), vuln3) self.model_controller.addVulnToHostSYNC(host.getID(), vuln4) self.model_controller.addVulnToServiceSYNC(host.getID(), service3.getID(), vuln5) self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface2.getID(), vuln6) note = ModelObjectNote(name='NoteTest', text='TestDescription') note2 = ModelObjectNote(name='NoteTest2', text='TestDescription') note3 = ModelObjectNote(name='NoteTest3', text='TestDescription') note4 = ModelObjectNote(name='NoteTest4', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) self.model_controller.addNoteToHostSYNC(host.getID(), note2) self.model_controller.addNoteToHostSYNC(host.getID(), note3) self.model_controller.addNoteToServiceSYNC(host.getID(), service3.getID(), note4) cred = ModelObjectCred(username='******', password='******') self.model_controller.addCredToServiceSYNC(host.getID(), service3.getID(), cred) # First, we test if the structure was correctly created # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created") # So, now we reload the worskpace and check everything again print workspace.name workspace.load() # one host with two interfaces, one vuln and two notes self.assertEquals(len(self.model_controller.getAllHosts()), 1, "Host not created") added_host = self.model_controller.getHost(host.getID()) self.assertEquals(len(added_host.getAllInterfaces()), 2, "Interfaces not added to Host") self.assertEquals(len(added_host.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_host.getNotes()), 2, "Notes not created") # one interface with two services, and another one # with a service and a vuln added_interface1 = added_host.getInterface(interface.getID()) added_interface2 = added_host.getInterface(interface2.getID()) self.assertEquals(len(added_interface1.getAllServices()), 2, "Services not created") self.assertEquals(len(added_interface2.getAllServices()), 1, "Service not created") self.assertEquals(len(added_interface2.getVulns()), 1, "Vulns not created") # one service with a note, a vuln and a vuln web added_service1 = added_interface1.getService(service.getID()) self.assertEquals(len(added_service1.getNotes()), 1, "Note not created") self.assertEquals(len(added_service1.getVulns()), 2, "Vulns not created") added_vuln_web = added_service1.getVuln(vulnweb.getID()) self.assertEquals(added_vuln_web.class_signature, "VulnerabilityWeb", "Not a vuln web") # one service with two vulns added_service2 = added_interface1.getService(service2.getID()) self.assertEquals(len(added_service2.getVulns()), 2, "Services not created") # one service with a note, a vuln and a credential added_service3 = added_interface2.getService(service3.getID()) self.assertEquals(len(added_service3.getVulns()), 1, "Vuln not created") self.assertEquals(len(added_service3.getNotes()), 1, "Note not created") self.assertEquals(len(added_service3.getCreds()), 1, "Cred not created")
class ModelObjectCRUD(unittest.TestCase): @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.temp_workspace = self.wm.createWorkspace( test_utils.new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.temp_workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.temp_workspace.name) def testAddHost(self): """ This test case creates a host within the Model Controller context then checks it's vality""" # When hostname = 'host' _ = test_utils.create_host(self, host_name=hostname, os='windows') # #Then added_host = self.model_controller.getHost(hostname) self.assertEquals(added_host.getName(), hostname, 'Saved object name is not correctly saved') def testAddVulnToHost(self): """ This test case creates a host within the Model Controller context then adds a VULN""" # When h = test_utils.create_host(self) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(h.getID(), vuln) added_host = self.model_controller.getHost(h.getName()) vulns = added_host.getVulns() #Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnWebToHost(self): """ This test case creates a host within the Model Controller context then adds a VulnWeb""" # When h = test_utils.create_host(self) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(h.getID(), vuln) added_host = self.model_controller.getHost(h.getName()) vulns = added_host.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddVulnWebToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VulnWeb""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') self.temp_workspace.load() # Then added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln.getID(), [v.getID() for v in vulns], 'Vuln not reloaded') def testAddVulnWebToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a VulnWeb""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVulnWeb(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() # Then self.assertIn(vuln, vulns, 'Vuln not added') def testAddNoteToHost(self): """ This test case creates a host within the Model Controller context then adds a Note""" # When h = test_utils.create_host(self) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToHostSYNC(h.getID(), note) # Then added_host = self.model_controller.getHost(h.getName()) notes = added_host.getNotes() self.assertIn(note, notes, 'Note not added') def testAddNoteToInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a Note""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToInterfaceSYNC(host.getID(), interface.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() # Then self.assertIn(note, notes, 'Note not added') def testAddNoteToService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a Note""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() # Then self.assertIn(note, notes, 'Note not added') def testDeleteHost(self): """ Creates a Host to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delHostSYNC(host1.name) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertNotIn(host1.getID(), hosts_ids, "Host not deleted") def testDeleteInterface(self): """ Creates a Host and an Interface, then deletes the interface to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") interface1 = test_utils.create_interface(self, host1, iname="pepito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") self.model_controller.delInterfaceSYNC(host1.getID(), "pepito") interfaces_ids = [i.getID() for i in self.model_controller.getHost(host1.getID()).getAllInterfaces()] self.assertNotIn(interface1.getID(), interfaces_ids, "Interface not in host!") def testDeleteService(self): """ Creates a Host an Interface and a Service, then deletes the Service to test it's removal from the controllers list """ host1 = test_utils.create_host(self, "coquito") interface1 = test_utils.create_interface(self, host1, iname="pepito") service1 = test_utils.create_service(self, host1, interface1) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") services_ids = [s.getID() for s in \ self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices()] self.assertIn(service1.getID(), services_ids, "Service not in Interface!") self.model_controller.delServiceFromInterfaceSYNC(host1.getID(), interface1.getID(), service1.getID()) services_ids = [s.getID() for s in \ self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices()] self.assertNotIn(service1.getID(), services_ids, \ "Service not deleted") def testDeleteVulnFromHost(self): """ Creates a Host adds a Vuln then removes """ host1 = test_utils.create_host(self, "coquito") vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToHostSYNC(host1.getID(), vuln) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delVulnFromHostSYNC(host1.getID(), vuln.getID()) added_host = self.model_controller.getHost(host1.getName()) self.assertNotIn(vuln, added_host.getVulns(), 'Vuln not removed') def testDelVulnFromInterface(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds a VULN""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToInterfaceSYNC(host.getID(), interface.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') # Then self.model_controller.delVulnFromInterfaceSYNC(host.getID(), interface.getID(), vuln.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) vulns = added_interface.getVulns() self.assertNotIn(vuln, vulns, 'Vuln not removed') def testDelVulnFromService(self): """ This test case creates a host within the Model Controller context adds an interface to it then adds service then a Vuln, then removes the Vuln""" # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='high') self.model_controller.addVulnToServiceSYNC(host.getID(), service.getID(), vuln) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() self.assertIn(vuln, vulns, 'Vuln not added') # Then self.model_controller.delVulnFromServiceSYNC(host.getID(), service.getID(), vuln.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) vulns = added_service.getVulns() self.assertNotIn(vuln, vulns, 'Vuln not removed') def testDeleteNoteFromHost(self): """ Creates a Host adds a Note then removes """ host1 = test_utils.create_host(self, "coquito") note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToHostSYNC(host1.getID(), note) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delNoteFromHostSYNC(host1.getID(), note.getID()) added_host = self.model_controller.getHost(host1.getName()) self.assertNotIn(note, added_host.getNotes(), 'Note not removed') def testDelNoteFromInterface(self): """ Creates a Hosts, adds an Interface and a Note, then removes the note """ # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToInterfaceSYNC(host.getID(), interface.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() self.assertIn(note, notes, 'Note not added') # Then self.model_controller.delNoteFromInterfaceSYNC(host.getID(), interface.getID(), note.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) notes = added_interface.getNotes() self.assertNotIn(note, notes, 'Note not removed') def testDelNoteFromService(self): """ Creates a Hosts, adds an Interface, a Service and a Note, then removes the note """ # When host = test_utils.create_host(self) interface = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, interface) note = ModelObjectNote(name='NoteTest', text='TestDescription') self.model_controller.addNoteToServiceSYNC(host.getID(), service.getID(), note) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() self.assertIn(note, notes, 'Note not added') # Then self.model_controller.delNoteFromServiceSYNC(host.getID(), service.getID(), note.getID()) added_host = self.model_controller.getHost(host.getName()) added_interface = added_host.getInterface(interface.getID()) added_service = added_interface.getService(service.getID()) notes = added_service.getNotes() self.assertNotIn(note, notes, 'Note not removed') def testVulnHostLookup(self): host = test_utils.create_host(self) vuln = test_utils.create_host_vuln(self, host, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals(len(visitor.parents[0]), 1, "object hierarchy should be only host") self.assertIn(vuln, visitor.vulns) def testVulnInterfaceLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) vuln = test_utils.create_int_vuln(self, host, inter, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals(len(visitor.parents[0]), 2, "object hierarchy should be host and interface") self.assertIn(vuln, visitor.vulns) def testVulnServiceLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, inter) vuln = test_utils.create_serv_vuln(self, host, service, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) self.assertEquals(len(visitor.parents[0]), 3, "object hierarchy should be host, interface and service") self.assertIn(vuln, visitor.vulns) def testMultipleVulnLookup(self): host = test_utils.create_host(self) inter = test_utils.create_interface(self, host) service = test_utils.create_service(self, host, inter) vuln = test_utils.create_serv_vuln(self, host, service, 'vuln', 'desc', 'high') vuln2 = test_utils.create_int_vuln(self, host, inter, 'vuln', 'desc', 'high') visitor = VulnsLookupVisitor(vuln.getID()) host.accept(visitor) parents1 = visitor.parents[0] parents2 = visitor.parents[1] self.assertIn(host, parents1, "Host should be in parents") self.assertIn(host, parents2, "Host should be in parents") self.assertIn(inter, parents2, "Interface should be in parents") self.assertIn(inter, parents2, "Interface should be in parents")
class TestModelObjectCRUD(TestCase): """docstring for TestModelObjectCRUD""" @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.workspace = self.wm.createWorkspace(new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.workspace.name) def test_create_and_remove_host_from_controller(self): host1 = create_host(self, "coquito") hosts_ids = [ h.getID() for h in self.model_controller.getAllHosts() ] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") self.model_controller.delHostSYNC(host1.name) hosts_ids = [ h.getID() for h in self.model_controller.getAllHosts() ] self.assertNotIn(host1.getID(), hosts_ids, "Host not deleted") def test_delete_interface(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname = "pepito") hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") self.model_controller.delInterfaceSYNC(host1.getID(), "pepito") interfaces_ids = [i.getID() for i in self.model_controller.getHost(host1.getID()).getAllInterfaces()] self.assertNotIn(interface1.getID(), interfaces_ids, "Interface not in host!") def test_delete_service(self): host1 = create_host(self, "coquito") interface1 = create_interface(self, host1, iname="pepito") service1 = create_service(self, host1, interface1) hosts_ids = [h.getID() for h in self.model_controller.getAllHosts()] self.assertIn(host1.getID(), hosts_ids, "Host not in controller") host1 = self.model_controller.getHost(host1.getID()) interfaces_ids = [i.getID() for i in host1.getAllInterfaces()] self.assertIn(interface1.getID(), interfaces_ids, "Interface not in host!") services_ids = [s.getID() for s in self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices() ] self.assertIn(service1.getID(), services_ids, "Service not in Interface!") self.model_controller.delServiceFromInterfaceSYNC(host1.getID(), interface1.getID(), service1.getID()) services_ids = [s.getID() for s in self.model_controller.getHost(host1.getID()) .getInterface(interface1.getID()).getAllServices() ] self.assertNotIn(service1.getID(), services_ids, \ "Service not deleted")
class VulnerabilityCreationTests(unittest.TestCase): @classmethod def setUpClass(cls): cls.model_controller = controller.ModelController(mock()) api.setUpAPIs(cls.model_controller) def setUp(self): self.wm = WorkspaceManager(self.model_controller, mock(plcore.PluginController)) self.temp_workspace = self.wm.createWorkspace( new_random_workspace_name(), workspaceClass=WorkspaceOnCouch) self.wm.setActiveWorkspace(self.temp_workspace) WorkspacePersister.stopThreads() def tearDown(self): self.wm.removeWorkspace(self.temp_workspace.name) def testStandarizeNumericVulnSeverity(self): """ Verifies numeric severity transformed into 'info, low, high, critical' severity""" vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=0) self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=1) self.assertEquals(vuln.severity, 'low', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=2) self.assertEquals(vuln.severity, 'med', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=3) self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=4) self.assertEquals(vuln.severity, 'critical', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=5) self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity=-1) self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') def testStandarizeShortnameVulnSeverity(self): """ Verifies longname severity transformed into 'info, low, high, critical' severity (informational -> info)""" vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='informational') self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='medium') self.assertEquals(vuln.severity, 'med', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='highest') self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='criticalosiuos') self.assertEquals(vuln.severity, 'critical', 'Vulnerability severity not transformed correctly') vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='tuvieja') self.assertEquals(vuln.severity, 'unclassified', 'Vulnerability severity not transformed correctly') def testStandarizeUpdatedSeverity(self): vuln = ModelObjectVuln(name='VulnTest', desc='TestDescription', severity='informational') self.assertEquals(vuln.severity, 'info', 'Vulnerability severity not transformed correctly') vuln.updateAttributes(severity='3') self.assertEquals(vuln.severity, 'high', 'Vulnerability severity not transformed correctly')