new: test for create sighting

2024-11-25 08:17:20 +00:00 · 2024-11-20 15:03:53 +01:00 · 2024-11-20 15:03:53 +01:00 · bd1684e2c3
commit bd1684e2c3
parent 390629aa49
3 changed files with 40 additions and 4 deletions
--- a/pyproject.toml
+++ b/pyproject.toml
@ -1,6 +1,6 @@
 [tool.poetry]
 name = "pyvulnerabilitylookup"
-version = "2.1.0"
+version = "2.1.1"
 description = "Python CLI and module for Vulnerability Lookup"
 authors = ["Raphaël Vinot <raphael.vinot@circl.lu>"]
 license = "BSD-3-Clause"
--- a/pyvulnerabilitylookup/api.py
+++ b/pyvulnerabilitylookup/api.py
@ -3,6 +3,7 @@
 from __future__ import annotations

 import logging
+import functools

 from datetime import date, datetime
 from importlib.metadata import version
@ -46,6 +47,7 @@ class PyVulnerabilityLookup():
        self.session.headers['Content-Type'] = 'application/json'
        if proxies:
            self.session.proxies.update(proxies)
+        self.session.request = functools.partial(self.session.request, timeout=10)

    def set_apikey(self, apikey: str) -> None:
        '''Set the API key to use for the requests'''
@ -186,8 +188,15 @@ class PyVulnerabilityLookup():
        :param vuln_id: The vulnerability ID to get comments of
        :param author: The author of the comment(s)
        '''
+        params = {}
+        if uuid:
+            params['uuid'] = uuid
+        if vuln_id:
+            params['vuln_id'] = vuln_id
+        if author:
+            params['author'] = author
        r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'comment'))),
-                             params={'uuid': uuid, 'vuln_id': vuln_id, 'author': author})
+                             params=params)
        return r.json()

    def get_comment(self, comment_uuid: str) -> dict[str, Any]:
@ -327,8 +336,7 @@ class PyVulnerabilityLookup():

        :param user_id: The user ID
        '''
-        r = self.session.delete(urljoin(self.root_url, str(PurePosixPath('api', 'user', user_id)))
-                                )
+        r = self.session.delete(urljoin(self.root_url, str(PurePosixPath('api', 'user', user_id))))
        return r.status_code

    # #### Sightings ####
--- a/tests/test_web.py
+++ b/tests/test_web.py
@ -1,6 +1,7 @@
 #!/usr/bin/env python3

 import unittest
+import uuid
 import time
 import os

@ -355,3 +356,30 @@ class TestPublic(unittest.TestCase):
        self.assertTrue(sighting_cve_list)
        self.assertTrue('data' in sighting_cve_list)
        self.assertTrue(len(sighting_cve_list['data']) > 0)
+
+    def test_sightings_local(self) -> None:
+        if not self.admin_token:
+            # this test is only working if the admin token is set
+            return None
+
+        u1 = str(uuid.uuid4())
+        sighting = self.client.create_sighting(
+            sighting={
+                "vulnerability": "CVE-2024-20401",
+                "source": u1,
+                "type": "seen"
+            }
+        )
+        self.assertTrue(sighting)
+        print(sighting)
+        s = self.client.get_sighting(sighting['data'][0]['uuid'])
+        self.assertTrue('uuid' in s)
+        self.assertTrue('vulnerability' in s)
+        self.assertTrue('source' in s)
+        self.assertTrue('type' in s)
+        self.assertEqual(s['source'], u1)
+
+        u2 = str(uuid.uuid4())
+        sighting = self.client.create_sighting(source=u2, sighting_type='seen', vulnerability='CVE-2024-20401')
+        s = self.client.get_sighting(sighting['data'][0]['uuid'])
+        self.assertEqual(s['source'], u2)