Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: gardenlinux/glvd
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: fd53052765070bf3e44cfcf9aa83f713f23b3ef9
Choose a base ref
..
head repository: gardenlinux/glvd
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 92ebca516793b7284aa3773210e6fd7d47d028e0
Choose a head ref
Showing with 79 additions and 2 deletions.
  1. +79 −2 tests/web/test_v1_cves.py
81 changes: 79 additions & 2 deletions tests/web/test_v1_cves.py
Original file line number Diff line number Diff line change
@@ -4,10 +4,10 @@

import json

from glvd.database import AllCve
from glvd.database import AllCve, DebCve, DistCpe


class TestV1CvesId:
class TestCveId:
@pytest.fixture(autouse=True, scope='class')
async def setup_example(self, db_session_class):
db_session_class.add(AllCve(
@@ -34,3 +34,80 @@ async def test_nonexist(self, client):
)

assert resp.status_code == 404


class TestCpeName:
@pytest.fixture(autouse=True, scope='class')
async def setup_example(self, db_session_class):
for i in ('TEST-fixed', 'TEST-vuln'):
db_session_class.add(AllCve(
cve_id=i,
data={
'id': i,
},
))
self.dist = DistCpe(
cpe_vendor='debian',
cpe_product='debian_linux',
cpe_version='13',
deb_codename='trixie',
)
db_session_class.add(self.dist)
db_session_class.add(DebCve(
cve_id='TEST-fixed',
deb_source='test',
deb_version='1',
deb_version_fixed='1',
debsec_vulnerable=False,
dist=self.dist,
data_cpe_match={},
))
db_session_class.add(DebCve(
cve_id='TEST-vuln',
deb_source='test',
deb_version='1',
deb_version_fixed='2',
debsec_vulnerable=True,
dist=self.dist,
data_cpe_match={},
))
await db_session_class.flush()

async def test_simple(self, client):
resp = await client.get(
r'/v1/cves/findByCpe?cpeName=cpe:2.3:o:debian:debian_linux:13:*:*:*:*:*:*:*',
)

assert resp.status_code == 200
assert {i['id'] for i in json.loads((await resp.data))} == {
'TEST-vuln',
}

async def test_source(self, client):
resp = await client.get(
r'/v1/cves/findByCpe?cpeName=cpe:2.3:o:debian:debian_linux:13:*:*:*:*:*:*:deb_source\=test',
)

assert resp.status_code == 200
assert {i['id'] for i in json.loads((await resp.data))} == {
'TEST-vuln',
}

async def test_version(self, client):
resp = await client.get(
r'/v1/cves/findByCpe?cpeName=cpe:2.3:o:debian:debian_linux:13:*:*:*:*:*:*:deb_source\=test&debVersionEnd=0',
)

assert resp.status_code == 200
assert {i['id'] for i in json.loads((await resp.data))} == {
'TEST-fixed',
'TEST-vuln',
}

async def test_nonexist(self, client):
resp = await client.get(
r'/v1/cves/findByCpe?cpeName=cpe:2.3:o:debian:debian_linux:14:*:*:*:*:*:*:*',
)

assert resp.status_code == 200
assert json.loads((await resp.data)) == []