Mercurial > farol > farol
comparison tests/testVulnerability.py @ 0:4a9f23230eba
Initial Release
| author | Benoît Allard <benoit.allard@greenbone.net> |
|---|---|
| date | Wed, 24 Sep 2014 10:07:49 +0200 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:4a9f23230eba |
|---|---|
| 1 # -*- encoding: utf-8 -*- | |
| 2 # Description: | |
| 3 # Test Case for the Vulnerabilities | |
| 4 # | |
| 5 # Authors: | |
| 6 # BenoƮt Allard <benoit.allard@greenbone.net> | |
| 7 # | |
| 8 # Copyright: | |
| 9 # Copyright (C) 2014 Greenbone Networks GmbH | |
| 10 # | |
| 11 # This program is free software; you can redistribute it and/or | |
| 12 # modify it under the terms of the GNU General Public License | |
| 13 # as published by the Free Software Foundation; either version 2 | |
| 14 # of the License, or (at your option) any later version. | |
| 15 # | |
| 16 # This program is distributed in the hope that it will be useful, | |
| 17 # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 19 # GNU General Public License for more details. | |
| 20 # | |
| 21 # You should have received a copy of the GNU General Public License | |
| 22 # along with this program; if not, write to the Free Software | |
| 23 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. | |
| 24 | |
| 25 from .utils import TestCase | |
| 26 | |
| 27 class TestiVulnerability(TestCase): | |
| 28 | |
| 29 def testCreateVulnerability(self): | |
| 30 rv = self.createDoc('Title', 'Type') | |
| 31 self.assertEqual(rv.status_code, 200) | |
| 32 self.app.get('/vulnerability/add') | |
| 33 rv = self.app.post('/vulnerability/add', data=dict(ordinal="1", title="", systemname="", id_value="", discoverydate="", releasedate="", cve="")) | |
| 34 self.assertEqual(rv.status_code, 302) | |
| 35 | |
| 36 def testCreateCWE(self): | |
| 37 self.testCreateVulnerability() | |
| 38 self.app.get('/vulnerability/1/cwe/add') | |
| 39 rv = self.app.post('/vulnerability/1/cwe/add', data=dict(id='CWE-601', description="URL Redirection to Untrusted Site ('Open Redirect')")) | |
| 40 self.assertEqual(rv.status_code, 302) | |
| 41 self.app.get('/vulnetrability/1') | |
| 42 rv = self.app.get('/vulnerability/1/cwe/0/edit') | |
| 43 self.assertEqual(rv.status_code, 200) | |
| 44 | |
| 45 def testAddAndEditInvolvement(self): | |
| 46 self.testCreateVulnerability() | |
| 47 rv = self.app.get('/vulnerability/1/involvement/add') | |
| 48 self.assertEqual(rv.status_code, 200) | |
| 49 rv = self.app.post('/vulnerability/1/involvement/add', data=dict(party='Vendor', status='Open', description='')) | |
| 50 self.assertEqual(rv.status_code, 302) | |
| 51 rv = self.app.get('/vulnerability/1/involvement/0') | |
| 52 self.assertEqual(rv.status_code, 200) | |
| 53 rv = self.app.get('/vulnerability/1/involvement/0/edit') | |
| 54 self.assertEqual(rv.status_code, 200) | |
| 55 rv = self.app.post('/vulnerability/1/involvement/0/edit', data=dict(party='Other', status='Open', description='test')) | |
| 56 self.assertEqual(rv.status_code, 302) | |
| 57 rv = self.app.get('/vulnerability/1/involvement/0') | |
| 58 self.assertEqual(rv.status_code, 200) | |
| 59 rv = self.app.get('/vulnerability/1') | |
| 60 self.assertEqual(rv.status_code, 200) | |
| 61 | |
| 62 def testAddAndEditInvolvement(self): | |
| 63 self.testCreateVulnerability() | |
| 64 rv = self.app.get('/vulnerability/1/productstatus/add') | |
| 65 self.assertEqual(rv.status_code, 200) | |
| 66 rv = self.app.post('/vulnerability/1/productstatus/add', data=dict(party='Vendor', status='Open', description='')) | |
| 67 self.assertEqual(rv.status_code, 302) | |
| 68 rv = self.app.get('/vulnerability/1/productstatus/0') | |
| 69 self.assertEqual(rv.status_code, 200) | |
| 70 rv = self.app.get('/vulnerability/1/productstatus/0/edit') | |
| 71 self.assertEqual(rv.status_code, 200) | |
| 72 rv = self.app.post('/vulnerability/1/productstatus/0/edit', data=dict(party='Other', status='Open', description='test')) | |
| 73 self.assertEqual(rv.status_code, 302) | |
| 74 rv = self.app.get('/vulnerability/1/productstatus/0') | |
| 75 self.assertEqual(rv.status_code, 200) | |
| 76 rv = self.app.get('/vulnerability/1') | |
| 77 self.assertEqual(rv.status_code, 200) | |
| 78 | |
| 79 def testAddAndEditThreat(self): | |
| 80 self.testCreateVulnerability() | |
| 81 rv = self.app.get('/vulnerability/1/threat/add') | |
| 82 self.assertEqual(rv.status_code, 200) | |
| 83 rv = self.app.post('/vulnerability/1/threat/add', data=dict(type='Test', description='blah', date='', products=[], groups=[])) | |
| 84 self.assertEqual(rv.status_code, 302) | |
| 85 rv = self.app.get('/vulnerability/1/threat/0') | |
| 86 self.assertEqual(rv.status_code, 200) | |
| 87 rv = self.app.get('/vulnerability/1/threat/0/edit') | |
| 88 self.assertEqual(rv.status_code, 200) | |
| 89 rv = self.app.post('/vulnerability/1/threat/0/edit', data=dict(type='Test', description='blah2', date='', products=[], groups=[])) | |
| 90 self.assertEqual(rv.status_code, 302) | |
| 91 rv = self.app.get('/vulnerability/1/threat/0') | |
| 92 self.assertEqual(rv.status_code, 200) | |
| 93 rv = self.app.get('/vulnerability/1') | |
| 94 self.assertEqual(rv.status_code, 200) | |
| 95 | |
| 96 def testAddAndEditCVSS(self): | |
| 97 self.testCreateVulnerability() | |
| 98 rv = self.app.get('/vulnerability/1/cvss/add') | |
| 99 self.assertEqual(rv.status_code, 200) | |
| 100 rv = self.app.post('/vulnerability/1/cvss/add', data=dict(basescore='5.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) | |
| 101 self.assertEqual(rv.status_code, 302) | |
| 102 rv = self.app.get('/vulnerability/1/cvss/0') | |
| 103 self.assertEqual(rv.status_code, 200) | |
| 104 rv = self.app.get('/vulnerability/1/cvss/0/edit') | |
| 105 self.assertEqual(rv.status_code, 200) | |
| 106 rv = self.app.post('/vulnerability/1/cvss/0/edit', data=dict(basescore='6.8', environmentalscore='', temporalscore='', vector='A/B/C/D')) | |
| 107 self.assertEqual(rv.status_code, 302) | |
| 108 rv = self.app.get('/vulnerability/1/cvss/0') | |
| 109 self.assertEqual(rv.status_code, 200) | |
| 110 rv = self.app.get('/vulnerability/1') | |
| 111 self.assertEqual(rv.status_code, 200) | |
| 112 | |
| 113 def testAddAndEditRemediation(self): | |
| 114 self.testCreateVulnerability() | |
| 115 rv = self.app.get('/vulnerability/1/remediation/add') | |
| 116 self.assertEqual(rv.status_code, 200) | |
| 117 rv = self.app.post('/vulnerability/1/remediation/add', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) | |
| 118 self.assertEqual(rv.status_code, 302) | |
| 119 rv = self.app.get('/vulnerability/1/remediation/0') | |
| 120 self.assertEqual(rv.status_code, 200) | |
| 121 rv = self.app.get('/vulnerability/1/remediation/0/edit') | |
| 122 self.assertEqual(rv.status_code, 200) | |
| 123 rv = self.app.post('/vulnerability/1/remediation/0/edit', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[])) | |
| 124 self.assertEqual(rv.status_code, 302) | |
| 125 rv = self.app.get('/vulnerability/1/remediation/0') | |
| 126 self.assertEqual(rv.status_code, 200) | |
| 127 rv = self.app.get('/vulnerability/1') | |
| 128 self.assertEqual(rv.status_code, 200) | |
| 129 |