Race condition in the JPEGEncoder function...'}| +|content_result|content|True|Content record for the vulnerability or module|{"published_at":"2015-11-05T00:00:00.000Z","references":"mozilla-thunderbird-upgrade-38_4","severity":"7","solutions":"mozilla-thunderbird-upgrade-38_4","title":"MFSA2015-123 Thunderbird: Buffer overflow during i...","alternate_ids":"BID/77411,CVE/2015-7189,DEBIAN/DSA-3393,DEBIAN/DSA...","content_type":"vulnerability","description":"\n
Race condition in the JPEGEncoder function..."}| Example output: @@ -91,7 +91,7 @@ Example input: |Name|Type|Required|Description|Example| | :--- | :--- | :--- | :--- | :--- | |results_found|bool|True|Will return false if no results are found|None| -|search_results|[]search_result|False|Vulnerability and exploits found|{'identifier': 'ubuntu-cve-2015-9542', 'title': 'Ubuntu: (Multiple Advisories) (CVE-2015-9542): libpam-radius-auth vulnerability', 'published_at': '2020-02-24T00:00:00.000Z', 'solutions': 'ubuntu-upgrade-chromium', 'link': 'https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/ubuntu-cve-2015-9542'}| +|search_results|[]search_result|False|Vulnerability and exploits found|{"identifier":"ubuntu-cve-2015-9542","title":"Ubuntu: (Multiple Advisories) (CVE-2015-9542): libpam-radius-auth vulnerability","published_at":"2020-02-24T00:00:00.000Z","solutions":"ubuntu-upgrade-chromium","link":"https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/ubuntu-cve-2015-9542"}| Example output: @@ -150,6 +150,7 @@ _This plugin does not contain any troubleshooting information._ # Version History +* 2.1.4 - Initial updates for fedramp compliance | Updated SDK to the latest version * 2.1.3 - Fix critical Snyk vulnerability | Update SDK * 2.1.2 - Bumping SDK version to 5.6.1 * 2.1.1 - Add 404 and 504 error handlers | Add retry diff --git a/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/get_content/action.py b/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/get_content/action.py index b7d344cf4c..08c83c1281 100755 --- a/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/get_content/action.py +++ b/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/get_content/action.py @@ -15,7 +15,8 @@ def __init__(self): ) def run(self, params={}): + # START INPUT BINDING - DO NOT REMOVE - ANY INPUTS BELOW WILL UPDATE WITH YOUR PLUGIN SPEC AFTER REGENERATION identifier = params.get(Input.IDENTIFIER) - content_result = extract.Content.get(identifier) + # END INPUT BINDING - DO NOT REMOVE - return {Output.CONTENT_RESULT: content_result} + return {Output.CONTENT_RESULT: extract.Content.get(identifier)} diff --git a/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/search_db/action.py b/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/search_db/action.py index 6f8b8f8333..59c886a023 100755 --- a/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/search_db/action.py +++ b/plugins/rapid7_vulndb/komand_rapid7_vulndb/actions/search_db/action.py @@ -3,6 +3,7 @@ # Custom imports below from komand_rapid7_vulndb.util import extract +from insightconnect_plugin_runtime.helper import clean class SearchDb(insightconnect_plugin_runtime.Action): @@ -15,20 +16,21 @@ def __init__(self): ) def run(self, params={}): - # Get params + # START INPUT BINDING - DO NOT REMOVE - ANY INPUTS BELOW WILL UPDATE WITH YOUR PLUGIN SPEC AFTER REGENERATION search_for = params.get(Input.SEARCH) - db = params.get(Input.DATABASE) - responses = extract.Search.get_results(search_for, db) - results = [] + database = params.get(Input.DATABASE) + # END INPUT BINDING - DO NOT REMOVE + + responses = extract.Search.get_results(search_for, database) + results = [] for response in responses: identifier = response.get("identifier") if not identifier: continue - dict_response = response.copy() dict_response["solutions"] = extract.Content.get(identifier).get("solutions") - results.append(dict_response) + results.append(clean(dict_response)) return { Output.RESULTS_FOUND: len(results) > 0, diff --git a/plugins/rapid7_vulndb/komand_rapid7_vulndb/connection/connection.py b/plugins/rapid7_vulndb/komand_rapid7_vulndb/connection/connection.py index a95a16cb21..449e240c99 100755 --- a/plugins/rapid7_vulndb/komand_rapid7_vulndb/connection/connection.py +++ b/plugins/rapid7_vulndb/komand_rapid7_vulndb/connection/connection.py @@ -4,15 +4,20 @@ # Custom imports below import requests +from typing import Dict, Any +from komand_rapid7_vulndb.util.extract import TIMEOUT class Connection(insightconnect_plugin_runtime.Connection): def __init__(self): super(self.__class__, self).__init__(input=ConnectionSchema()) - def connect(self, params): - result = requests.get("https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/info") - if result.status_code == requests.codes.ok: + def connect(self, params={}) -> None: + pass + + @staticmethod + def test() -> Dict[str, Any]: + response = requests.get("https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/info", timeout=TIMEOUT) + if response.status_code == requests.codes.ok: return {"success": True} - else: - raise ConnectionTestException(preset=ConnectionTestException.Preset.SERVICE_UNAVAILABLE) + raise ConnectionTestException(preset=ConnectionTestException.Preset.SERVICE_UNAVAILABLE) diff --git a/plugins/rapid7_vulndb/plugin.spec.yaml b/plugins/rapid7_vulndb/plugin.spec.yaml index cc3de9e7cd..ea8069a2b5 100644 --- a/plugins/rapid7_vulndb/plugin.spec.yaml +++ b/plugins/rapid7_vulndb/plugin.spec.yaml @@ -4,19 +4,20 @@ products: [insightconnect] name: rapid7_vulndb title: Rapid7 Vulnerability & Exploit Database description: Make searching the Rapid7 vulnerability and exploit data fast, easy and efficient with the InsightConnect plugin. Leverage this curated repository of vetted computer software exploits and exploitable vulnerabilities to ensure your security operations are always aware of the latest threats that could be used against your environment vulnerabilities -version: 2.1.3 -sdk: - type: slim - version: 6.0.0 - user: nobody -supported_versions: ["v1"] +version: 2.1.4 connection_version: 2 +supported_versions: ["v1"] vendor: rapid7 support: rapid7 cloud_ready: true +fedramp_ready: true +sdk: + type: slim + version: 6.1.0 + user: nobody key_features: -- Search Database for vulnerabilities -- Retrieve vulnerability or Metasploit module details based on a CVE or module identifier + - Search Database for vulnerabilities + - Retrieve vulnerability or Metasploit module details based on a CVE or module identifier requirements: "_This plugin does not contain any requirements._" troubleshooting: "_This plugin does not contain any troubleshooting information._" status: [] @@ -25,16 +26,17 @@ resources: license_url: https://github.com/rapid7/insightconnect-plugins/blob/master/LICENSE vendor_url: https://www.rapid7.com tags: -- vulnerability -- exploit -- rapid7 -- database -- vulndb + - vulnerability + - exploit + - rapid7 + - database + - vulndb references: - "[Rapid7 Vulnerability & Exploit Database API Specification](https://vdb.rapid7.com/swagger_doc)" links: - "[Rapid7 Vulnerability & Exploit Database API Specification](https://vdb.rapid7.com/swagger_doc)" version_history: +- "2.1.4 - Initial updates for fedramp compliance | Updated SDK to the latest version" - "2.1.3 - Fix critical Snyk vulnerability | Update SDK" - "2.1.2 - Bumping SDK version to 5.6.1" - "2.1.1 - Add 404 and 504 error handlers | Add retry" @@ -159,7 +161,7 @@ actions: type: 'content' description: Content record for the vulnerability or module required: true - example: { "published_at": "2015-11-05T00:00:00.000Z", "references": "mozilla-thunderbird-upgrade-38_4", "severity": "7", "solutions": "mozilla-thunderbird-upgrade-38_4", "title": "MFSA2015-123 Thunderbird: Buffer overflow during i...", "alternate_ids": "BID/77411,CVE/2015-7189,DEBIAN/DSA-3393,DEBIAN/DSA...", "content_type": "vulnerability", "description": "\n
Race condition in the JPEGEncoder function..." } + example: '{"published_at":"2015-11-05T00:00:00.000Z","references":"mozilla-thunderbird-upgrade-38_4","severity":"7","solutions":"mozilla-thunderbird-upgrade-38_4","title":"MFSA2015-123 Thunderbird: Buffer overflow during i...","alternate_ids":"BID/77411,CVE/2015-7189,DEBIAN/DSA-3393,DEBIAN/DSA...","content_type":"vulnerability","description":"\n
Race condition in the JPEGEncoder function..."}' search_db: title: Search Database description: Search the database to find vulnerabilities and exploits @@ -169,8 +171,8 @@ actions: description: Name of the database type: string enum: - - Vulnerability Database - - Metasploit Modules + - Vulnerability Database + - Metasploit Modules required: true example: "Vulnerability Database" search: @@ -185,11 +187,9 @@ actions: type: '[]search_result' description: Vulnerability and exploits found required: false - example: { "identifier": "ubuntu-cve-2015-9542", "title": "Ubuntu: (Multiple Advisories) (CVE-2015-9542): libpam-radius-auth vulnerability", "published_at": "2020-02-24T00:00:00.000Z", "solutions": "ubuntu-upgrade-chromium", "link": "https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/ubuntu-cve-2015-9542" } + example: '{"identifier":"ubuntu-cve-2015-9542","title":"Ubuntu: (Multiple Advisories) (CVE-2015-9542): libpam-radius-auth vulnerability","published_at":"2020-02-24T00:00:00.000Z","solutions":"ubuntu-upgrade-chromium","link":"https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/ubuntu-cve-2015-9542"}' results_found: title: Results Found description: Will return false if no results are found type: bool required: true - - diff --git a/plugins/rapid7_vulndb/requirements.txt b/plugins/rapid7_vulndb/requirements.txt index f348300a4d..33886f3496 100755 --- a/plugins/rapid7_vulndb/requirements.txt +++ b/plugins/rapid7_vulndb/requirements.txt @@ -2,4 +2,4 @@ # All dependencies must be version-pinned, eg. requests==1.2.0 # See: https://pip.pypa.io/en/stable/user_guide/#requirements-files jsonschema==3.2.0 -setuptools==70.0.0 +setuptools==73.0.1 diff --git a/plugins/rapid7_vulndb/setup.py b/plugins/rapid7_vulndb/setup.py index 0a52795e63..d5a9568cfe 100755 --- a/plugins/rapid7_vulndb/setup.py +++ b/plugins/rapid7_vulndb/setup.py @@ -3,7 +3,7 @@ setup(name="rapid7_vulndb-rapid7-plugin", - version="2.1.3", + version="2.1.4", description="Make searching the Rapid7 vulnerability and exploit data fast, easy and efficient with the InsightConnect plugin. Leverage this curated repository of vetted computer software exploits and exploitable vulnerabilities to ensure your security operations are always aware of the latest threats that could be used against your environment vulnerabilities", author="rapid7", author_email="", diff --git a/plugins/rapid7_vulndb/unit_test/mock.py b/plugins/rapid7_vulndb/unit_test/mock.py index 13b35d4f20..9c4c0d30c4 100644 --- a/plugins/rapid7_vulndb/unit_test/mock.py +++ b/plugins/rapid7_vulndb/unit_test/mock.py @@ -1,8 +1,6 @@ import json import os -import requests.models - from util import Util STUB_IDENTIFIER = "3395856ce81f2b7382dee72602f798b642f14140-cve" @@ -52,10 +50,10 @@ def json(self): return MockResponse("get_content_bad", 404) if args[0] == f"https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/{STUB_504_IDENTIFIER}": return MockResponse("get_content_bad2", 504) - if args[0] == f"https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/search": - query = kwargs.get("params").get("query") - page = kwargs.get("params").get("page") - type_ = kwargs.get("params").get("type") + if args[0] == "https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/search": + query = kwargs.get("params", {}).get("query") + page = kwargs.get("params", {}).get("page") + type_ = kwargs.get("params", {}).get("type") if query == STUB_SEARCH_NO_RESULTS_IDENTIFIER: return MockResponse("search_db_no_results", 200) if query == STUB_SEARCH_404_IDENTIFIER: diff --git a/plugins/rapid7_vulndb/unit_test/payloads/get_content.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/get_content.json.resp index 5d5ad077cb..6eadb2af0e 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/get_content.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/get_content.json.resp @@ -1,57 +1,57 @@ { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_1", - "title": "test_title_1", - "description": "\n
test_description_1
\n ", - "data": { - "solutions": [ - "test_solution_1" - ], - "alternate_ids": [ - { - "namespace": "CVE", - "name": "2021-12345", - "unified_name": "CVE/2021-12345" - }, - { - "namespace": "DEBIAN", - "name": "DSA-1234", - "unified_name": "DEBIAN/DSA-1234" - }, - { - "namespace": "URL", - "name": "https://example.com.html", - "unified_name": "URL/https://example.com.html" - } - ], - "severity": "4", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:N/A:N)", - "date_published": "2021-01-01T00:00:00+00:00", - "date_added": "2021-01-01T00:00:00+00:00", - "date_modified": "2022-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_1" + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_1", + "title": "test_title_1", + "description": "\ntest_description_1
\n ", + "data": { + "solutions": [ + "test_solution_1" + ], + "alternate_ids": [ + { + "namespace": "CVE", + "name": "2021-12345", + "unified_name": "CVE/2021-12345" + }, + { + "namespace": "DEBIAN", + "name": "DSA-1234", + "unified_name": "DEBIAN/DSA-1234" + }, + { + "namespace": "URL", + "name": "https://example.com.html", + "unified_name": "URL/https://example.com.html" + } ], - "created_at": "2021-01-01T00:00:00.000Z", - "updated_at": "2021-01-01T00:00:00.000Z", - "published_at": "2021-01-01T00:00:00.000Z", - "content_type": "vulnerability", - "content_url": "https://example.com", - "hits": 0, - "alternate_id_urls": [ - { - "text": "CVE-2021-12345", - "url": "http://example.com/cve/cve-2021-12345" - }, - { - "text": "DEBIAN-DSA-1234", - "url": "#" - }, - { - "text": "URL-https://example.com.html", - "url": "https://example.com.html" - } - ] + "severity": "4", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:N/A:N)", + "date_published": "2021-01-01T00:00:00+00:00", + "date_added": "2021-01-01T00:00:00+00:00", + "date_modified": "2022-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_1" + ], + "created_at": "2021-01-01T00:00:00.000Z", + "updated_at": "2021-01-01T00:00:00.000Z", + "published_at": "2021-01-01T00:00:00.000Z", + "content_type": "vulnerability", + "content_url": "https://example.com", + "hits": 0, + "alternate_id_urls": [ + { + "text": "CVE-2021-12345", + "url": "http://example.com/cve/cve-2021-12345" + }, + { + "text": "DEBIAN-DSA-1234", + "url": "#" + }, + { + "text": "URL-https://example.com.html", + "url": "https://example.com.html" + } + ] } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/get_content_bad.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/get_content_bad.json.resp index f090669fe9..c6a4ccc99d 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/get_content_bad.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/get_content_bad.json.resp @@ -1,3 +1,3 @@ { - "error": "The requested content item could not be found" + "error": "The requested content item could not be found" } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db.json.resp index 59653f2e9b..093a383aee 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db.json.resp @@ -1,77 +1,77 @@ { - "data": [ - { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_2", - "title": "test_title_2", - "description": "\ntest_description_2
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-01T00:00:00+00:00", - "date_added": "2022-01-01T00:00:00+00:00", - "date_modified": "2022-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_1", - "test_reference_2" - ], - "created_at": "2022-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2022-01-01T00:00:00.000Z", - "content_type": "vulnerability" - }, - { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_3", - "title": "test_title_3", - "description": "\ntest_description_3
\n ", - "data": { - "solutions": [ - "test_solution_3", - "test_solution_4" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-01T00:00:00+00:00", - "date_added": "2022-01-01T00:00:00+00:00", - "date_modified": "2022-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_3", - "test_reference_4" - ], - "created_at": "2022-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2022-01-01T00:00:00.000Z", - "content_type": "vulnerability" - } - ], - "metadata": { - "index": 1, - "size": 2, - "sort": "created_at,DESC", - "total_pages": 2, - "total_data": 2 + "data": [ + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_2", + "title": "test_title_2", + "description": "\ntest_description_2
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" + ], + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-01T00:00:00+00:00", + "date_added": "2022-01-01T00:00:00+00:00", + "date_modified": "2022-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_1", + "test_reference_2" + ], + "created_at": "2022-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2022-01-01T00:00:00.000Z", + "content_type": "vulnerability" + }, + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_3", + "title": "test_title_3", + "description": "\ntest_description_3
\n ", + "data": { + "solutions": [ + "test_solution_3", + "test_solution_4" + ], + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-01T00:00:00+00:00", + "date_added": "2022-01-01T00:00:00+00:00", + "date_modified": "2022-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_3", + "test_reference_4" + ], + "created_at": "2022-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2022-01-01T00:00:00.000Z", + "content_type": "vulnerability" } + ], + "metadata": { + "index": 1, + "size": 2, + "sort": "created_at,DESC", + "total_pages": 2, + "total_data": 2 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_metasploit.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_metasploit.json.resp index a2e9fffbdd..f4b664a6c5 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_metasploit.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_metasploit.json.resp @@ -1,32 +1,32 @@ { - "data": [ - { - "id": 1234, - "type": "Metasploit", - "identifier": "test_identifier_5", - "title": "test_title_5", - "description": "test_description_5", - "data": { - "disclosure_date": "2017-01-01", - "architectures": "", - "platform": "Windows", - "authors": [ - "Example User \"123456\"test_description_6
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "CVE", - "name": "2019-12345", - "unified_name": "CVE/2019-12345" - }, - { - "namespace": "URL", - "name": "https://example.com", - "unified_name": "URL/https://example.com" - } - ], - "severity": "2", - "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", - "date_published": "2019-01-01T00:00:00+00:00", - "date_added": "2021-01-01T00:00:00+00:00", - "date_modified": "2021-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_6", - "test_reference_7" - ], - "created_at": "2021-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2019-01-01T00:00:00.000Z", - "content_type": "vulnerability" - } - ], - "metadata": { - "index": 1, - "size": 1, - "sort": "created_at,DESC", - "total_pages": 1, - "total_data": 1 + "data": [ + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_6", + "title": "test_title_6", + "description": "\ntest_description_6
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" + ], + "alternate_ids": [ + { + "namespace": "CVE", + "name": "2019-12345", + "unified_name": "CVE/2019-12345" + }, + { + "namespace": "URL", + "name": "https://example.com", + "unified_name": "URL/https://example.com" + } + ], + "severity": "2", + "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", + "date_published": "2019-01-01T00:00:00+00:00", + "date_added": "2021-01-01T00:00:00+00:00", + "date_modified": "2021-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_6", + "test_reference_7" + ], + "created_at": "2021-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2019-01-01T00:00:00.000Z", + "content_type": "vulnerability" } + ], + "metadata": { + "index": 1, + "size": 1, + "sort": "created_at,DESC", + "total_pages": 1, + "total_data": 1 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_nexpose_page_0.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_nexpose_page_0.json.resp index 4ae7b0d8a3..cbf0496091 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_nexpose_page_0.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_nexpose_page_0.json.resp @@ -1,49 +1,49 @@ { - "data": [ - { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_6", - "title": "test_title_6", - "description": "\ntest_description_6
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "CVE", - "name": "2019-12345", - "unified_name": "CVE/2019-12345" - }, - { - "namespace": "URL", - "name": "https://example.com", - "unified_name": "URL/https://example.com" - } - ], - "severity": "2", - "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", - "date_published": "2019-01-01T00:00:00+00:00", - "date_added": "2021-01-01T00:00:00+00:00", - "date_modified": "2021-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_6", - "test_reference_7" - ], - "created_at": "2021-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2019-01-01T00:00:00.000Z", - "content_type": "vulnerability" - } - ], - "metadata": { - "index": 1, - "size": 1, - "sort": "created_at,DESC", - "total_pages": 1, - "total_data": 1 + "data": [ + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_6", + "title": "test_title_6", + "description": "\ntest_description_6
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" + ], + "alternate_ids": [ + { + "namespace": "CVE", + "name": "2019-12345", + "unified_name": "CVE/2019-12345" + }, + { + "namespace": "URL", + "name": "https://example.com", + "unified_name": "URL/https://example.com" + } + ], + "severity": "2", + "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", + "date_published": "2019-01-01T00:00:00+00:00", + "date_added": "2021-01-01T00:00:00+00:00", + "date_modified": "2021-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_6", + "test_reference_7" + ], + "created_at": "2021-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2019-01-01T00:00:00.000Z", + "content_type": "vulnerability" } + ], + "metadata": { + "index": 1, + "size": 1, + "sort": "created_at,DESC", + "total_pages": 1, + "total_data": 1 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_no_results.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_no_results.json.resp index ca8e9c05ef..b158ef66c6 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_no_results.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_no_results.json.resp @@ -1,10 +1,10 @@ { - "data": [], - "metadata": { - "index": 1, - "size": 0, - "sort": "created_at,DESC", - "total_pages": 0, - "total_data": 0 - } + "data": [], + "metadata": { + "index": 1, + "size": 0, + "sort": "created_at,DESC", + "total_pages": 0, + "total_data": 0 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_0.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_0.json.resp index d71036a19a..c19070851a 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_0.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_0.json.resp @@ -1,44 +1,44 @@ { - "data": [ - { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_2", - "title": "test_title_2", - "description": "\ntest_description_2
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-01T00:00:00+00:00", - "date_added": "2022-01-01T00:00:00+00:00", - "date_modified": "2022-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_1", - "test_reference_2" - ], - "created_at": "2022-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2022-01-01T00:00:00.000Z", - "content_type": "vulnerability" - } - ], - "metadata": { - "index": 1, - "size": 2, - "sort": "created_at,DESC", - "total_pages": 2, - "total_data": 12794 + "data": [ + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_2", + "title": "test_title_2", + "description": "\ntest_description_2
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" + ], + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-01T00:00:00+00:00", + "date_added": "2022-01-01T00:00:00+00:00", + "date_modified": "2022-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_1", + "test_reference_2" + ], + "created_at": "2022-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2022-01-01T00:00:00.000Z", + "content_type": "vulnerability" } + ], + "metadata": { + "index": 1, + "size": 2, + "sort": "created_at,DESC", + "total_pages": 2, + "total_data": 12794 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_1.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_1.json.resp index 80ff820982..861ad830ab 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_1.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_page_1.json.resp @@ -1,44 +1,44 @@ { - "data": [ - { - "id": 123456789, - "type": "Nexpose", - "identifier": "test_identifier_3", - "title": "test_title_3", - "description": "\ntest_description_3
\n ", - "data": { - "solutions": [ - "test_solution_3", - "test_solution_4" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-01T00:00:00+00:00", - "date_added": "2022-01-01T00:00:00+00:00", - "date_modified": "2022-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_3", - "test_reference_4" - ], - "created_at": "2022-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2022-01-01T00:00:00.000Z", - "content_type": "vulnerability" - } - ], - "metadata": { - "index": 1, - "size": 2, - "sort": "created_at,DESC", - "total_pages": 2, - "total_data": 12794 + "data": [ + { + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_3", + "title": "test_title_3", + "description": "\ntest_description_3
\n ", + "data": { + "solutions": [ + "test_solution_3", + "test_solution_4" + ], + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-01T00:00:00+00:00", + "date_added": "2022-01-01T00:00:00+00:00", + "date_modified": "2022-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_3", + "test_reference_4" + ], + "created_at": "2022-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2022-01-01T00:00:00.000Z", + "content_type": "vulnerability" } + ], + "metadata": { + "index": 1, + "size": 2, + "sort": "created_at,DESC", + "total_pages": 2, + "total_data": 12794 + } } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_result.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_result.json.resp index 470ac27b9a..12a31c98f5 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_result.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_result.json.resp @@ -1,19 +1,19 @@ { 'results_found': True, 'search_results': [ - { - 'identifier': 'test_identifier_3', - 'title': 'test_title_3', - 'published_at': '2022-01-01T00:00:00.000Z', - 'link': 'https://example.com/test_identifier_3', - 'solutions': 'test_solution_1,test_solution_2' - }, - { - 'identifier': 'test_identifier_4', - 'title': 'test_title_4', - 'published_at': '2022-01-01T00:00:00.000Z', - 'link': 'https://example.com/test_identifier_4', - 'solutions': 'test_solution_3,test_solution_4' - } - ] + { + 'identifier': 'test_identifier_3', + 'title': 'test_title_3', + 'published_at': '2022-01-01T00:00:00.000Z', + 'link': 'https://example.com/test_identifier_3', + 'solutions': 'test_solution_1,test_solution_2' + }, + { + 'identifier': 'test_identifier_4', + 'title': 'test_title_4', + 'published_at': '2022-01-01T00:00:00.000Z', + 'link': 'https://example.com/test_identifier_4', + 'solutions': 'test_solution_3,test_solution_4' + } + ] } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_3.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_3.json.resp index 24b9207d8a..af99a82eae 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_3.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_3.json.resp @@ -1,41 +1,41 @@ { - "id": 172531376, - "type": "Nexpose", - "identifier": "test_identifier_3", - "title": "test_title_3", - "description": "\ntest_description_3
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-24T00:00:00+00:00", - "date_added": "2022-02-22T00:00:00+00:00", - "date_modified": "2022-02-25T00:00:00+00:00" - }, - "references": [ - "test_reference_1", - "test_reference_2" + "id": 172531376, + "type": "Nexpose", + "identifier": "test_identifier_3", + "title": "test_title_3", + "description": "\ntest_description_3
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" ], - "created_at": "2022-02-24T17:48:09.969Z", - "updated_at": "2022-02-26T17:48:35.123Z", - "published_at": "2022-01-24T00:00:00.000Z", - "content_type": "vulnerability", - "content_url": "https://example.com/test_identifier_3", - "hits": 0, - "alternate_id_urls": [ - { - "text": "NVD-CVE-2022-1234", - "url": "#" - } - ] + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-24T00:00:00+00:00", + "date_added": "2022-02-22T00:00:00+00:00", + "date_modified": "2022-02-25T00:00:00+00:00" + }, + "references": [ + "test_reference_1", + "test_reference_2" + ], + "created_at": "2022-02-24T17:48:09.969Z", + "updated_at": "2022-02-26T17:48:35.123Z", + "published_at": "2022-01-24T00:00:00.000Z", + "content_type": "vulnerability", + "content_url": "https://example.com/test_identifier_3", + "hits": 0, + "alternate_id_urls": [ + { + "text": "NVD-CVE-2022-1234", + "url": "#" + } + ] } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_4.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_4.json.resp index b41f837904..52d291d756 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_4.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_4.json.resp @@ -1,41 +1,41 @@ { - "id": 172531376, - "type": "Nexpose", - "identifier": "test_identifier_4", - "title": "test_title_4", - "description": "\ntest_description_4
\n ", - "data": { - "solutions": [ - "test_solution_3", - "test_solution_4" - ], - "alternate_ids": [ - { - "namespace": "NVD", - "name": "CVE-2022-1234", - "unified_name": "NVD/CVE-2022-1234" - } - ], - "severity": "7", - "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", - "date_published": "2022-01-24T00:00:00+00:00", - "date_added": "2022-02-22T00:00:00+00:00", - "date_modified": "2022-02-25T00:00:00+00:00" - }, - "references": [ - "test_reference_3", - "test_reference_4" + "id": 172531376, + "type": "Nexpose", + "identifier": "test_identifier_4", + "title": "test_title_4", + "description": "\ntest_description_4
\n ", + "data": { + "solutions": [ + "test_solution_3", + "test_solution_4" ], - "created_at": "2022-02-24T17:48:09.969Z", - "updated_at": "2022-02-26T17:48:35.123Z", - "published_at": "2022-01-24T00:00:00.000Z", - "content_type": "vulnerability", - "content_url": "https://example.com/test_identifier_4", - "hits": 0, - "alternate_id_urls": [ - { - "text": "NVD-CVE-2022-1234", - "url": "#" - } - ] + "alternate_ids": [ + { + "namespace": "NVD", + "name": "CVE-2022-1234", + "unified_name": "NVD/CVE-2022-1234" + } + ], + "severity": "7", + "csvss": "(AV:N/AC:M/Au:N/C:P/I:P/A:P)", + "date_published": "2022-01-24T00:00:00+00:00", + "date_added": "2022-02-22T00:00:00+00:00", + "date_modified": "2022-02-25T00:00:00+00:00" + }, + "references": [ + "test_reference_3", + "test_reference_4" + ], + "created_at": "2022-02-24T17:48:09.969Z", + "updated_at": "2022-02-26T17:48:35.123Z", + "published_at": "2022-01-24T00:00:00.000Z", + "content_type": "vulnerability", + "content_url": "https://example.com/test_identifier_4", + "hits": 0, + "alternate_id_urls": [ + { + "text": "NVD-CVE-2022-1234", + "url": "#" + } + ] } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_5.json.resp b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_5.json.resp index 7af2144627..de7b6968fa 100644 --- a/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_5.json.resp +++ b/plugins/rapid7_vulndb/unit_test/payloads/search_db_test_identifier_5.json.resp @@ -1,32 +1,32 @@ { - "id": 1234, - "type": "Metasploit", - "identifier": "test_identifier_5", - "title": "test_title_5", - "description": "test_description_5", - "data": { - "disclosure_date": "2017-01-01", - "architectures": "", - "platform": "Windows", - "authors": [ - "Example User \"123456\"test_description_6
\n ", - "data": { - "solutions": [ - "test_solution_1", - "test_solution_2" - ], - "alternate_ids": [ - { - "namespace": "CVE", - "name": "2019-12345", - "unified_name": "CVE/2019-12345" - }, - { - "namespace": "URL", - "name": "https://example.com", - "unified_name": "URL/https://example.com" - } - ], - "severity": "2", - "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", - "date_published": "2019-01-01T00:00:00+00:00", - "date_added": "2021-01-01T00:00:00+00:00", - "date_modified": "2021-01-01T00:00:00+00:00" - }, - "references": [ - "test_reference_6", - "test_reference_7" + "id": 123456789, + "type": "Nexpose", + "identifier": "test_identifier_6", + "title": "test_title_6", + "description": "\ntest_description_6
\n ", + "data": { + "solutions": [ + "test_solution_1", + "test_solution_2" + ], + "alternate_ids": [ + { + "namespace": "CVE", + "name": "2019-12345", + "unified_name": "CVE/2019-12345" + }, + { + "namespace": "URL", + "name": "https://example.com", + "unified_name": "URL/https://example.com" + } ], - "created_at": "2021-01-01T00:00:00.000Z", - "updated_at": "2022-01-01T00:00:00.000Z", - "published_at": "2019-01-01T00:00:00.000Z", - "content_type": "vulnerability", - "content_url": "https://example.com/test_identifier_6", - "hits": 0, - "alternate_id_urls": [ - { - "text": "CVE-2019-12345", - "url": "http://example.com/cve-2019-10426" - }, - { - "text": "URL-https://example.com/2019-09-25/", - "url": "https://example.com/2019-09-25/" - } - ] + "severity": "2", + "csvss": "(AV:L/AC:L/Au:N/C:P/I:N/A:N)", + "date_published": "2019-01-01T00:00:00+00:00", + "date_added": "2021-01-01T00:00:00+00:00", + "date_modified": "2021-01-01T00:00:00+00:00" + }, + "references": [ + "test_reference_6", + "test_reference_7" + ], + "created_at": "2021-01-01T00:00:00.000Z", + "updated_at": "2022-01-01T00:00:00.000Z", + "published_at": "2019-01-01T00:00:00.000Z", + "content_type": "vulnerability", + "content_url": "https://example.com/test_identifier_6", + "hits": 0, + "alternate_id_urls": [ + { + "text": "CVE-2019-12345", + "url": "http://example.com/cve-2019-10426" + }, + { + "text": "URL-https://example.com/2019-09-25/", + "url": "https://example.com/2019-09-25/" + } + ] } \ No newline at end of file diff --git a/plugins/rapid7_vulndb/unit_test/test_get_content.py b/plugins/rapid7_vulndb/unit_test/test_get_content.py index eb7ae6ce9c..44c71d40c8 100644 --- a/plugins/rapid7_vulndb/unit_test/test_get_content.py +++ b/plugins/rapid7_vulndb/unit_test/test_get_content.py @@ -1,21 +1,20 @@ -import sys import os +import sys sys.path.append(os.path.abspath("../")) from unittest import TestCase +from unittest.mock import MagicMock, patch + from insightconnect_plugin_runtime.exceptions import PluginException -from unittest.mock import patch -from komand_rapid7_vulndb.actions.get_content import GetContent -from komand_rapid7_vulndb.actions.get_content.schema import Input, GetContentInput, GetContentOutput from jsonschema import validate -from mock import ( - mock_request, -) +from komand_rapid7_vulndb.actions.get_content import GetContent +from komand_rapid7_vulndb.actions.get_content.schema import GetContentInput, GetContentOutput, Input + +from mock import mock_request class TestGetContent(TestCase): - @classmethod - def setUpClass(self) -> None: + def setUp(self) -> None: self.params = { "identifier": "3395856ce81f2b7382dee72602f798b642f14140-cve", "identifier_404": "4416967df92g3c8493eff83513g819c753g23241-cve", @@ -28,7 +27,7 @@ def setUpClass(self) -> None: self.action = GetContent() @patch("requests.get", side_effect=mock_request) - def test_get_content(self, mock_req): + def test_get_content(self, mock_requests: MagicMock) -> None: input_data = {Input.IDENTIFIER: self.params.get("identifier")} validate(input_data, GetContentInput.schema) @@ -47,12 +46,14 @@ def test_get_content(self, mock_req): } self.assertEqual(actual, expected) validate(actual, GetContentOutput.schema) + mock_requests.assert_called() @patch("requests.get", side_effect=mock_request) - def test_get_content_error(self, mock_req): + def test_get_content_error(self, mock_requests: MagicMock) -> None: for error, identifier, expected in self.params_list: with self.assertRaises(PluginException) as exception: input_data = {Input.IDENTIFIER: identifier} validate(input_data, GetContentInput.schema) self.action.run(input_data) self.assertEqual(exception.exception.cause, expected) + mock_requests.assert_called() diff --git a/plugins/rapid7_vulndb/unit_test/test_search_db.py b/plugins/rapid7_vulndb/unit_test/test_search_db.py index 3638f72ede..8f8affe487 100644 --- a/plugins/rapid7_vulndb/unit_test/test_search_db.py +++ b/plugins/rapid7_vulndb/unit_test/test_search_db.py @@ -1,22 +1,22 @@ -import sys import os +import sys sys.path.append(os.path.abspath("../")) -from insightconnect_plugin_runtime.exceptions import PluginException from unittest import TestCase -from unittest.mock import patch +from unittest.mock import MagicMock, patch + +from insightconnect_plugin_runtime.exceptions import PluginException +from jsonschema import validate from komand_rapid7_vulndb.actions.search_db import SearchDb from komand_rapid7_vulndb.actions.search_db.schema import Input, SearchDbInput, SearchDbOutput -from jsonschema import validate -from mock import ( - mock_request, -) + +from mock import mock_request class TestSearchDb(TestCase): @classmethod - def setUpClass(self) -> None: + def setUp(self) -> None: self.params = { "database": "3395856ce81f2b7382dee72602f798b642f14140-cve", "vulnerability_database": "Vulnerability Database", @@ -39,7 +39,7 @@ def setUpClass(self) -> None: self.action = SearchDb() @patch("requests.get", side_effect=mock_request) - def test_search_db(self, mock_req): + def test_search_db(self, mock_requests: MagicMock) -> None: input_searchdb = { Input.SEARCH: self.params.get("search_test"), Input.DATABASE: self.params.get("vulnerability_database"), @@ -66,10 +66,11 @@ def test_search_db(self, mock_req): ], } self.assertEqual(actual, expected) + validate(actual, SearchDbOutput.schema) + mock_requests.assert_called() @patch("requests.get", side_effect=mock_request) - def test_search_db_no_results(self, mock_req): - + def test_search_db_no_results(self, mock_requests: MagicMock) -> None: input_data = { Input.SEARCH: self.params.get("search_no_results"), Input.DATABASE: self.params.get("vulnerability_database"), @@ -78,9 +79,11 @@ def test_search_db_no_results(self, mock_req): actual = self.action.run(input_data) expected = {"results_found": False, "search_results": []} self.assertEqual(actual, expected) + validate(actual, SearchDbOutput.schema) + mock_requests.assert_called() @patch("requests.get", side_effect=mock_request) - def test_search_db_vulnerability_nexpose(self, mock_req): + def test_search_db_vulnerability_nexpose(self, mock_requests: MagicMock) -> None: input_data = { Input.SEARCH: self.params.get("search"), Input.DATABASE: self.params.get("vulnerability_database"), @@ -99,9 +102,11 @@ def test_search_db_vulnerability_nexpose(self, mock_req): ], } self.assertEqual(actual, expected) + validate(actual, SearchDbOutput.schema) + mock_requests.assert_called() @patch("requests.get", side_effect=mock_request) - def test_search_db_metasploit(self, mock_req): + def test_search_db_metasploit(self, mock_requests: MagicMock) -> None: actual = self.action.run( {Input.SEARCH: self.params.get("search"), Input.DATABASE: self.params.get("metasploit_database")} ) @@ -113,17 +118,19 @@ def test_search_db_metasploit(self, mock_req): "title": "test_title_5", "published_at": "2018-01-01T00:00:00.000Z", "link": "https://vdb-kasf1i23nr1kl2j4.rapid7.com/v1/content/test_identifier_5", - "solutions": None, } ], } self.assertEqual(actual, expected) + validate(actual, SearchDbOutput.schema) + mock_requests.assert_called() @patch("requests.get", side_effect=mock_request) - def test_get_content_error(self, mock_req): + def test_get_content_error(self, mock_requests: MagicMock) -> None: for error, identifier, db_type, expected in self.params_list: with self.assertRaises(PluginException) as exception: input_data = {Input.SEARCH: identifier, Input.DATABASE: db_type} validate(input_data, SearchDbInput.schema) self.action.run(input_data) self.assertEqual(exception.exception.cause, expected) + mock_requests.assert_called() diff --git a/plugins/rapid7_vulndb/unit_test/util.py b/plugins/rapid7_vulndb/unit_test/util.py index 27b55e6266..5ee5813bcf 100644 --- a/plugins/rapid7_vulndb/unit_test/util.py +++ b/plugins/rapid7_vulndb/unit_test/util.py @@ -1,16 +1,14 @@ -import os import json +import os +from typing import Any, Dict class Util: @staticmethod - def read_file_to_dict(filename): - with open(filename, "rt") as my_file: - return json.loads( - Util.read_file_to_string(os.path.join(os.path.dirname(os.path.realpath(__file__)), filename)) - ) + def read_file_to_dict(filename: str) -> Dict[str, Any]: + return json.loads(Util.read_file_to_string(os.path.join(os.path.dirname(os.path.realpath(__file__)), filename))) @staticmethod - def read_file_to_string(filename): + def read_file_to_string(filename: str) -> str: with open(filename, "rt") as my_file: return my_file.read()