def test_from_file(self):
failed_json_files = []
for _fname in os.listdir(DBVuln.DB_PATH):
_file_path = os.path.join(DBVuln.DB_PATH, _fname)
try:
dbv = DBVuln.from_file(_file_path)
except:
failed_json_files.append(_fname)
continue
self.assertIsInstance(dbv.title, basestring)
self.assertIsInstance(dbv.description, basestring)
self.assertIsInstance(dbv.id, int)
self.assertIsInstance(dbv.severity, basestring)
self.assertIsInstance(dbv.wasc, (types.NoneType, list))
self.assertIsInstance(dbv.tags, (types.NoneType, list))
self.assertIsInstance(dbv.cwe, (types.NoneType, list))
self.assertIsInstance(dbv.owasp_top_10, (types.NoneType, dict))
self.assertIsInstance(dbv.fix, dict)
self.assertIsInstance(dbv.fix_effort, int)
self.assertIsInstance(dbv.fix_guidance, basestring)
for ref in dbv.references:
self.assertIsInstance(ref, Reference)
self.assertEqual(failed_json_files, [])
def test_from_file(self):
_file = os.path.join(DBVuln.DB_PATH, '123-spec-example.json')
dbv_1 = DBVuln.from_file(_file)
dbv_2 = DBVuln.from_id(123)
self.assertEqual(dbv_1, dbv_2)
self.assertEqual(dbv_1.db_file, _file)
def test_from_file(self):
failed_json_files = []
processed_files = []
for language in DBVuln.get_all_languages():
json_path = os.path.join(DBVuln.DB_PATH, language)
for _fname in os.listdir(json_path):
_file_path = os.path.join(json_path, _fname)
if os.path.isdir(_file_path):
continue
try:
DBVuln.LANG = language
dbv = DBVuln.from_file(_file_path)
except:
failed_json_files.append(_fname)
continue
processed_files.append(_fname)
self.assertIsInstance(dbv.title, basestring)
self.assertIsInstance(dbv.description, basestring)
self.assertIsInstance(dbv.id, int)
self.assertIsInstance(dbv.severity, basestring)
self.assertIsInstance(dbv.wasc, (type(None), list))
self.assertIsInstance(dbv.tags, (type(None), list))
self.assertIsInstance(dbv.cwe, (type(None), list))
self.assertIsInstance(dbv.owasp_top_10, (type(None), dict))
self.assertIsInstance(dbv.fix_effort, int)
self.assertIsInstance(dbv.fix_guidance, basestring)
for ref in dbv.references:
self.assertIsInstance(ref, Reference)
self.assertEqual(failed_json_files, [])
self.assertGreater(len(processed_files), 20)
def test_load_es_lang(self):
language = 'es'
_file = os.path.join(DBVuln.DB_PATH, language, '123-spec-example.json')
dbv_1 = DBVuln.from_file(_file, language=language)
dbv_2 = DBVuln.from_id(123, language=language)
self.assertEqual(dbv_1, dbv_2)
self.assertEqual(dbv_1.db_file, _file)
dbv = dbv_1
expected_references = [
Reference("http://foo.es/xss",
"Primera referencia a una vulnerabilidad de XSS"),
Reference("http://asp.net/xss", "Como arreglar XSS en .NET")
]
self.assertEqual(dbv.title, u'Cross-Site Scripting en ES')
self.assertEqual(dbv.description,
u'Un texto largo donde se explica que es un XSS')
self.assertEqual(dbv.id, MOCK_ID)
self.assertEqual(dbv.severity, MOCK_SEVERITY)
self.assertEqual(dbv.wasc, [u'0003'])
self.assertEqual(dbv.tags, [u'xss', u'client side'])
self.assertEqual(dbv.cwe, [u'0003', u'0007'])
self.assertEqual(
dbv.owasp_top_10,
{
"2010": [1],
"2013": [2]
},
)
self.assertEqual(dbv.references, expected_references)
self.assertEqual(dbv.fix_effort, 50)
self.assertEqual(
dbv.fix_guidance, u'Y otro texto largo donde se explica como'
u' arreglar vulnerabilidades de XSS')
