Mercurial > farol > farol

diff tests/testVulnerability.py @ 0:4a9f23230eba
Initial Release
author: Benoît Allard <benoit.allard@greenbone.net>
date: Wed, 24 Sep 2014 10:07:49 +0200
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/testVulnerability.py	Wed Sep 24 10:07:49 2014 +0200
@@ -0,0 +1,129 @@
+# -*- encoding: utf-8 -*-
+# Description:
+# Test Case for the Vulnerabilities
+#
+# Authors:
+# Benoît Allard <benoit.allard@greenbone.net>
+#
+# Copyright:
+# Copyright (C) 2014 Greenbone Networks GmbH
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+
+from .utils import TestCase
+
+class TestiVulnerability(TestCase):
+
+    def testCreateVulnerability(self):
+        rv = self.createDoc('Title', 'Type')
+        self.assertEqual(rv.status_code, 200)
+        self.app.get('/vulnerability/add')
+        rv = self.app.post('/vulnerability/add', data=dict(ordinal="1", title="", systemname="", id_value="", discoverydate="", releasedate="", cve=""))
+        self.assertEqual(rv.status_code, 302)
+
+    def testCreateCWE(self):
+        self.testCreateVulnerability()
+        self.app.get('/vulnerability/1/cwe/add')
+        rv = self.app.post('/vulnerability/1/cwe/add', data=dict(id='CWE-601', description="URL Redirection to Untrusted Site ('Open Redirect')"))
+        self.assertEqual(rv.status_code, 302)
+        self.app.get('/vulnetrability/1')
+        rv = self.app.get('/vulnerability/1/cwe/0/edit')
+        self.assertEqual(rv.status_code, 200)
+
+    def testAddAndEditInvolvement(self):
+        self.testCreateVulnerability()
+        rv = self.app.get('/vulnerability/1/involvement/add')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/involvement/add', data=dict(party='Vendor', status='Open', description=''))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/involvement/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1/involvement/0/edit')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/involvement/0/edit', data=dict(party='Other', status='Open', description='test'))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/involvement/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1')
+        self.assertEqual(rv.status_code, 200)
+
+    def testAddAndEditInvolvement(self):
+        self.testCreateVulnerability()
+        rv = self.app.get('/vulnerability/1/productstatus/add')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/productstatus/add', data=dict(party='Vendor', status='Open', description=''))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/productstatus/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1/productstatus/0/edit')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/productstatus/0/edit', data=dict(party='Other', status='Open', description='test'))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/productstatus/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1')
+        self.assertEqual(rv.status_code, 200)
+
+    def testAddAndEditThreat(self):
+        self.testCreateVulnerability()
+        rv = self.app.get('/vulnerability/1/threat/add')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/threat/add', data=dict(type='Test', description='blah', date='', products=[], groups=[]))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/threat/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1/threat/0/edit')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/threat/0/edit', data=dict(type='Test', description='blah2', date='', products=[], groups=[]))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/threat/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1')
+        self.assertEqual(rv.status_code, 200)
+
+    def testAddAndEditCVSS(self):
+        self.testCreateVulnerability()
+        rv = self.app.get('/vulnerability/1/cvss/add')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/cvss/add', data=dict(basescore='5.8', environmentalscore='', temporalscore='', vector='A/B/C/D'))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/cvss/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1/cvss/0/edit')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/cvss/0/edit', data=dict(basescore='6.8', environmentalscore='', temporalscore='', vector='A/B/C/D'))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/cvss/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1')
+        self.assertEqual(rv.status_code, 200)
+
+    def testAddAndEditRemediation(self):
+        self.testCreateVulnerability()
+        rv = self.app.get('/vulnerability/1/remediation/add')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/remediation/add', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[]))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/remediation/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1/remediation/0/edit')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.post('/vulnerability/1/remediation/0/edit', data=dict(type="A", description="b", date="", entitlement="", url="", products=[], groups=[]))
+        self.assertEqual(rv.status_code, 302)
+        rv = self.app.get('/vulnerability/1/remediation/0')
+        self.assertEqual(rv.status_code, 200)
+        rv = self.app.get('/vulnerability/1')
+        self.assertEqual(rv.status_code, 200)
+
author	Benoît Allard <benoit.allard@greenbone.net>
date	Wed, 24 Sep 2014 10:07:49 +0200
parents
children