Mercurial > farol
diff tests/testVulnerability.py @ 0:4a9f23230eba
Initial Release
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 24 Sep 2014 10:07:49 +0200 |
| parents | |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tests/testVulnerability.py Wed Sep 24 10:07:49 2014 +0200 @@ -0,0 +1,129 @@ +# -*- encoding: utf-8 -*- +# Description: +# Test Case for the Vulnerabilities +# +# Authors: +# BenoƮt Allard <benoit.allard@greenbone.net> +# +# Copyright: +# Copyright (C) 2014 Greenbone Networks GmbH +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + +from .utils import TestCase + +class TestiVulnerability(TestCase): + + def testCreateVulnerability(self): + rv = self.createDoc('Title', 'Type') + self.assertEqual(rv.status_code, 200) + self.app.get('/vulnerability/add') + rv = self.app.post('/vulnerability/add', data=dict(ordinal="1", title="", systemname="", id_value="", discoverydate="", releasedate="", cve="")) + self.assertEqual(rv.status_code, 302) + + def testCreateCWE(self): + self.testCreateVulnerability() + self.app.get('/vulnerability/1/cwe/add') + rv = self.app.post('/vulnerability/1/cwe/add', data=dict(id='CWE-601', description="URL Redirection to Untrusted Site ('Open Redirect')")) + self.assertEqual(rv.status_code, 302) + self.app.get('/vulnetrability/1') + rv = self.app.get('/vulnerability/1/cwe/0/edit') + self.assertEqual(rv.status_code, 200) + + def testAddAndEditInvolvement(self): + self.testCreateVulnerability() + rv = self.app.get('/vulnerability/1/involvement/add') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/involvement/add', data=dict(party='Vendor', status='Open', description='')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/involvement/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1/involvement/0/edit') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/involvement/0/edit', data=dict(party='Other', status='Open', description='test')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/involvement/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1') + self.assertEqual(rv.status_code, 200) + + def testAddAndEditInvolvement(self): + self.testCreateVulnerability() + rv = self.app.get('/vulnerability/1/productstatus/add') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/productstatus/add', data=dict(party='Vendor', status='Open', description='')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/productstatus/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1/productstatus/0/edit') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/productstatus/0/edit', data=dict(party='Other', status='Open', description='test')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/productstatus/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1') + self.assertEqual(rv.status_code, 200) + + def testAddAndEditThreat(self): + self.testCreateVulnerability() + rv = self.app.get('/vulnerability/1/threat/add') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/threat/add', data=dict(type='Test', description='blah', date='', products=[], groups=[])) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/threat/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1/threat/0/edit') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/threat/0/edit', data=dict(type='Test', description='blah2', date='', products=[], groups=[])) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/threat/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1') + self.assertEqual(rv.status_code, 200) + + def testAddAndEditCVSS(self): + self.testCreateVulnerability() + rv = self.app.get('/vulnerability/1/cvss/add') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/cvss/add', data=dict(basescore='5.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/cvss/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1/cvss/0/edit') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/cvss/0/edit', data=dict(basescore='6.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/cvss/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1') + self.assertEqual(rv.status_code, 200) + + def testAddAndEditRemediation(self): + self.testCreateVulnerability() + rv = self.app.get('/vulnerability/1/remediation/add') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/remediation/add', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/remediation/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1/remediation/0/edit') + self.assertEqual(rv.status_code, 200) + rv = self.app.post('/vulnerability/1/remediation/0/edit', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) + self.assertEqual(rv.status_code, 302) + rv = self.app.get('/vulnerability/1/remediation/0') + self.assertEqual(rv.status_code, 200) + rv = self.app.get('/vulnerability/1') + self.assertEqual(rv.status_code, 200) +