Mercurial > farol > farolluz
diff farolluz/cvrf.py @ 22:4004b67216a9
Add tests + method to change a ProductID
author | Benoît Allard <benoit.allard@greenbone.net> |
---|---|
date | Fri, 24 Oct 2014 16:16:50 +0200 |
parents | 4b53e7bcff0d |
children | 809db989cac5 |
line wrap: on
line diff
--- a/farolluz/cvrf.py Wed Oct 15 09:50:32 2014 +0200 +++ b/farolluz/cvrf.py Fri Oct 24 16:16:50 2014 +0200 @@ -897,7 +897,7 @@ raise ValidationError('A CVSS Score Set must have a Base Score') if self._vector and not self.vector: raise ValidationError('Syntax Error in CVSS Vector') - if abs(self._basescore - self.baseScore()) >= 0.05: + if self.vector and (abs(self._basescore - self.baseScore()) >= 0.05): raise ValidationError('Inconsistency in CVSS Score Set between Vector (%f) and Base Score (%f)' % (self.baseScore(), self._basescore)) for productid in self._productids: if productid not in productids: @@ -949,6 +949,7 @@ if groupid not in groupids: raise ValidationError('Unknown GroupID: %s' % groupid) + class CVRF(object): def __init__(self, title, _type): self._title = title @@ -1036,27 +1037,39 @@ products.add(productid) return set(self.getProductForID(p) for p in products) - def isProductOrphan(self, productid): - """ Returns if a productid is mentioned nowhere in the document """ + def mentionsProductId(self, productid): # We first look at the ProductTree ptree = self._producttree for relation in ptree._relationships: if productid == relation._productreference: - return False - if productid == relation._relatestoproductreference: - return False - groupids = [g._groupid for g in ptree._groups if productid in g._productids] - if len(groupids) > 0: - return False - # Go through all the Vulnerabilities + yield relation + elif productid == relation._relatestoproductreference: + yield relation + # Then go through the groups + for group in ptree._groups: + if productid in group._productids: + yield group + # Finally, go through all the Vulnerabilities for vulnerability in self._vulnerabilities: - if vulnerability.isMentioningProdId(productid): - return False - for groupid in groupids: - # This will never be executed as we bail out on len(groups) > 0 - if vulnerability.isMentioningGroupId(groupid): - return False - return True + for item in vulnerability.mentionsProdId(productid): + yield item + + def isProductOrphan(self, productid): + """ Returns if a productid is mentioned nowhere in the document """ + for item in self.mentionsProductId(productid): + return True + return False + + def changeProductID(self, old, new): + for item in self.mentionsProductId(old): + if isinstance(item, CVRFRelationship): + if old == item._productreference: + item._productreference = new + elif old == item._relatestoproductreference: + item._relatestoproductreference = new + else: + item._productids.remove(old) + item._productids.append(new) def isGroupOrphan(self, groupid): """ Returns if a group can be safely deleted """