0
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
1 # -*- encoding: utf-8 -*- |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
2 # Description: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
3 # Test Case for the Vulnerabilities |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
4 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
5 # Authors: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
6 # BenoƮt Allard <benoit.allard@greenbone.net> |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
7 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
8 # Copyright: |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
9 # Copyright (C) 2014 Greenbone Networks GmbH |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
10 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
11 # This program is free software; you can redistribute it and/or |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
12 # modify it under the terms of the GNU General Public License |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
13 # as published by the Free Software Foundation; either version 2 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
14 # of the License, or (at your option) any later version. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
15 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
16 # This program is distributed in the hope that it will be useful, |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
19 # GNU General Public License for more details. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
20 # |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
21 # You should have received a copy of the GNU General Public License |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
22 # along with this program; if not, write to the Free Software |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
24 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
25 from .utils import TestCase |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
26 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
27 class TestiVulnerability(TestCase): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
28 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
29 def testCreateVulnerability(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
30 rv = self.createDoc('Title', 'Type') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
31 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
32 self.app.get('/vulnerability/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
33 rv = self.app.post('/vulnerability/add', data=dict(ordinal="1", title="", systemname="", id_value="", discoverydate="", releasedate="", cve="")) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
34 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
35 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
36 def testCreateCWE(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
37 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
38 self.app.get('/vulnerability/1/cwe/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
39 rv = self.app.post('/vulnerability/1/cwe/add', data=dict(id='CWE-601', description="URL Redirection to Untrusted Site ('Open Redirect')")) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
40 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
41 self.app.get('/vulnetrability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
42 rv = self.app.get('/vulnerability/1/cwe/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
43 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
44 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
45 def testAddAndEditInvolvement(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
46 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
47 rv = self.app.get('/vulnerability/1/involvement/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
48 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
49 rv = self.app.post('/vulnerability/1/involvement/add', data=dict(party='Vendor', status='Open', description='')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
50 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
51 rv = self.app.get('/vulnerability/1/involvement/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
52 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
53 rv = self.app.get('/vulnerability/1/involvement/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
54 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
55 rv = self.app.post('/vulnerability/1/involvement/0/edit', data=dict(party='Other', status='Open', description='test')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
56 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
57 rv = self.app.get('/vulnerability/1/involvement/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
58 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
59 rv = self.app.get('/vulnerability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
60 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
61 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
62 def testAddAndEditInvolvement(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
63 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
64 rv = self.app.get('/vulnerability/1/productstatus/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
65 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
66 rv = self.app.post('/vulnerability/1/productstatus/add', data=dict(party='Vendor', status='Open', description='')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
67 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
68 rv = self.app.get('/vulnerability/1/productstatus/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
69 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
70 rv = self.app.get('/vulnerability/1/productstatus/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
71 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
72 rv = self.app.post('/vulnerability/1/productstatus/0/edit', data=dict(party='Other', status='Open', description='test')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
73 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
74 rv = self.app.get('/vulnerability/1/productstatus/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
75 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
76 rv = self.app.get('/vulnerability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
77 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
78 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
79 def testAddAndEditThreat(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
80 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
81 rv = self.app.get('/vulnerability/1/threat/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
82 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
83 rv = self.app.post('/vulnerability/1/threat/add', data=dict(type='Test', description='blah', date='', products=[], groups=[])) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
84 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
85 rv = self.app.get('/vulnerability/1/threat/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
86 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
87 rv = self.app.get('/vulnerability/1/threat/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
88 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
89 rv = self.app.post('/vulnerability/1/threat/0/edit', data=dict(type='Test', description='blah2', date='', products=[], groups=[])) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
90 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
91 rv = self.app.get('/vulnerability/1/threat/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
92 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
93 rv = self.app.get('/vulnerability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
94 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
95 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
96 def testAddAndEditCVSS(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
97 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
98 rv = self.app.get('/vulnerability/1/cvss/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
99 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
100 rv = self.app.post('/vulnerability/1/cvss/add', data=dict(basescore='5.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
101 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
102 rv = self.app.get('/vulnerability/1/cvss/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
103 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
104 rv = self.app.get('/vulnerability/1/cvss/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
105 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
106 rv = self.app.post('/vulnerability/1/cvss/0/edit', data=dict(basescore='6.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
107 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
108 rv = self.app.get('/vulnerability/1/cvss/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
109 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
110 rv = self.app.get('/vulnerability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
111 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
112 |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
113 def testAddAndEditRemediation(self): |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
114 self.testCreateVulnerability() |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
115 rv = self.app.get('/vulnerability/1/remediation/add') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
116 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
117 rv = self.app.post('/vulnerability/1/remediation/add', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
118 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
119 rv = self.app.get('/vulnerability/1/remediation/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
120 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
121 rv = self.app.get('/vulnerability/1/remediation/0/edit') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
122 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
123 rv = self.app.post('/vulnerability/1/remediation/0/edit', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
124 self.assertEqual(rv.status_code, 302) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
125 rv = self.app.get('/vulnerability/1/remediation/0') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
126 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
127 rv = self.app.get('/vulnerability/1') |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
128 self.assertEqual(rv.status_code, 200) |
Benoît Allard <benoit.allard@greenbone.net>
parents:
diff
changeset
|
129 |
