mirror of
https://github.com/cve-search/PyVulnerabilityLookup.git
synced 2024-11-29 02:07:21 +00:00
127 lines
5 KiB
Python
127 lines
5 KiB
Python
#!/usr/bin/env python3
|
|
|
|
import unittest
|
|
import time
|
|
import os
|
|
|
|
from pyvulnerabilitylookup import PyVulnerabilityLookup
|
|
|
|
|
|
class TestPublic(unittest.TestCase):
|
|
|
|
def setUp(self) -> None:
|
|
token = os.getenv("API_KEY", "")
|
|
self.client = PyVulnerabilityLookup(root_url="https://vulnerability.circl.lu", token=token)
|
|
|
|
# Test default
|
|
|
|
def test_up(self) -> None:
|
|
self.assertTrue(self.client.is_up)
|
|
self.assertTrue(self.client.redis_up())
|
|
|
|
def test_get_vulnerability(self) -> None:
|
|
while True:
|
|
if vuln := self.client.get_vulnerability('PYSEC-2024-4'):
|
|
self.assertEqual(vuln['id'], 'PYSEC-2024-4')
|
|
break
|
|
print('waiting for pysec to be imported')
|
|
time.sleep(1)
|
|
|
|
def test_get_info(self) -> None:
|
|
info = self.client.get_info()
|
|
self.assertTrue(info['last_updates'])
|
|
self.assertTrue(info['db_sizes'])
|
|
|
|
def test_get_last(self) -> None:
|
|
last = self.client.get_last()
|
|
self.assertTrue(last)
|
|
self.assertTrue(isinstance(last, list))
|
|
last = self.client.get_last(number=1)
|
|
self.assertTrue(isinstance(last, list))
|
|
self.assertEqual(len(last), 1)
|
|
last = self.client.get_last(source='pysec')
|
|
for vuln in last:
|
|
self.assertTrue(vuln['id'].startswith('PYSEC'))
|
|
last = self.client.get_last(source='pysec', number=1)
|
|
self.assertEqual(len(last), 1)
|
|
self.assertTrue(last[-1]['id'].startswith('PYSEC'))
|
|
|
|
# TODO: POST Vulnerability / Delete vulnerability
|
|
# Test API
|
|
|
|
def test_get_vendors(self) -> None:
|
|
vendors = self.client.get_vendors()
|
|
self.assertTrue(isinstance(vendors, list))
|
|
|
|
def test_get_vendor_products(self) -> None:
|
|
products = self.client.get_vendor_products('misp')
|
|
self.assertTrue(isinstance(products, list))
|
|
self.assertTrue('misp' in products)
|
|
|
|
def test_get_vendor_product_vulnerabilities(self) -> None:
|
|
vulns = self.client.get_vendor_product_vulnerabilities('misp', 'misp')
|
|
self.assertTrue(isinstance(vulns, dict))
|
|
self.assertTrue('cvelistv5' in vulns)
|
|
|
|
# Test comments
|
|
|
|
def test_get_comments(self) -> None:
|
|
comments = self.client.get_comments()
|
|
self.assertTrue('metadata' in comments)
|
|
self.assertTrue('data' in comments)
|
|
self.assertTrue(len(comments['data']) > 0)
|
|
|
|
comments = self.client.get_comments(uuid='a309d024-2714-4a81-a425-60f83f6d5740')
|
|
self.assertTrue(len(comments['data']) == 1)
|
|
self.assertEqual(comments['data'][0]['uuid'], 'a309d024-2714-4a81-a425-60f83f6d5740')
|
|
|
|
comments = self.client.get_comments(vuln_id='CVE-2024-20401')
|
|
self.assertTrue(len(comments['data']) >= 1)
|
|
for comment in comments['data']:
|
|
self.assertEqual(comment['vulnerability'], 'CVE-2024-20401')
|
|
|
|
comments = self.client.get_comments(author='admin')
|
|
self.assertTrue(len(comments['data']) >= 1)
|
|
for comment in comments['data']:
|
|
self.assertEqual(comment['author']['login'], 'admin')
|
|
|
|
comments = self.client.get_comments(uuid='a309d024-2714-4a81-a425-60f83f6d5740',
|
|
vuln_id='CVE-2024-20401',
|
|
author='admin')
|
|
self.assertTrue(len(comments['data']) == 1)
|
|
self.assertEqual(comments['data'][0]['uuid'], 'a309d024-2714-4a81-a425-60f83f6d5740')
|
|
self.assertEqual(comments['data'][0]['vulnerability'], 'CVE-2024-20401')
|
|
self.assertEqual(comments['data'][0]['author']['login'], 'admin')
|
|
|
|
# TODO: POST / Delete Comment
|
|
# TODO: POST / Get user
|
|
|
|
# Test bundles
|
|
|
|
def test_get_bundles(self) -> None:
|
|
bundles = self.client.get_bundles()
|
|
self.assertTrue('metadata' in bundles)
|
|
self.assertTrue('data' in bundles)
|
|
self.assertTrue(len(bundles['data']) > 0)
|
|
|
|
bundles = self.client.get_bundles(uuid='a23cbcad-e890-4df8-8736-9332ed4c3d47')
|
|
self.assertTrue(len(bundles['data']) == 1)
|
|
self.assertEqual(bundles['data'][0]['uuid'], 'a23cbcad-e890-4df8-8736-9332ed4c3d47')
|
|
|
|
bundles = self.client.get_bundles(vuln_id='CVE-2024-39573')
|
|
self.assertTrue(len(bundles['data']) >= 1)
|
|
for bundle in bundles['data']:
|
|
self.assertTrue('CVE-2024-39573' in bundle['related_vulnerabilities'])
|
|
|
|
bundles = self.client.get_bundles(author='admin')
|
|
self.assertTrue(len(bundles['data']) >= 1)
|
|
for bundle in bundles['data']:
|
|
self.assertEqual(bundle['author']['login'], 'admin')
|
|
|
|
bundles = self.client.get_bundles(uuid='a23cbcad-e890-4df8-8736-9332ed4c3d47',
|
|
vuln_id='CVE-2024-39573',
|
|
author='admin')
|
|
self.assertTrue(len(bundles['data']) == 1)
|
|
self.assertEqual(bundles['data'][0]['uuid'], 'a23cbcad-e890-4df8-8736-9332ed4c3d47')
|
|
self.assertTrue('CVE-2024-39573' in bundles['data'][0]['related_vulnerabilities'])
|
|
self.assertEqual(bundles['data'][0]['author']['login'], 'admin')
|