diff --git a/dojo/forms.py b/dojo/forms.py index 334a958e93..a4306b141e 100644 --- a/dojo/forms.py +++ b/dojo/forms.py @@ -2400,7 +2400,7 @@ def get_jira_issue_template_dir_choices(): for dirname in dirnames: clean_base_dir = base_dir.removeprefix(settings.TEMPLATE_DIR_PREFIX) - template_dir_list.append((os.path.join(clean_base_dir, dirname), dirname)) + template_dir_list.append((str(Path(clean_base_dir) / dirname), dirname)) logger.debug("templates: %s", template_dir_list) return template_dir_list diff --git a/dojo/jira_link/helper.py b/dojo/jira_link/helper.py index 308331987a..d9fa17d0b3 100644 --- a/dojo/jira_link/helper.py +++ b/dojo/jira_link/helper.py @@ -1,7 +1,6 @@ import io import json import logging -import os from pathlib import Path from typing import Any @@ -333,8 +332,8 @@ def get_jira_issue_template(obj): template_dir = "issue-trackers/jira_full/" if isinstance(obj, Finding_Group): - return os.path.join(template_dir, "jira-finding-group-description.tpl") - return os.path.join(template_dir, "jira-description.tpl") + return Path(template_dir) / "jira-finding-group-description.tpl" + return Path(template_dir) / "jira-description.tpl" def get_jira_creation(obj): diff --git a/dojo/models.py b/dojo/models.py index 99074a9cf3..53c1d79382 100644 --- a/dojo/models.py +++ b/dojo/models.py @@ -2,7 +2,6 @@ import copy import hashlib import logging -import os import re import warnings from datetime import datetime @@ -149,7 +148,7 @@ def __call__(self, model_instance, filename): filename += ext if self.directory is None: return filename - return os.path.join(now().strftime(self.directory), filename) + return Path(now().strftime(self.directory)) / filename class Regulation(models.Model): diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 4f72fa171c..6315a45628 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -442,7 +442,7 @@ def generate_url(scheme, double_slashes, user, password, host, port, path, param # Put strings here, like "/home/html/static" or "C:/www/django/static". # Always use forward slashes, even on Windows. # Don't forget to use absolute paths, not relative paths. - os.path.join(Path(DOJO_ROOT).parent, "components", "node_modules"), + Path(DOJO_ROOT).parent / "components" / "node_modules", ) # List of finder classes that know how to find static files in @@ -949,7 +949,7 @@ def saml2_attrib_map_format(dict): "entityid": str(SAML2_ENTITY_ID), # directory with attribute mapping - "attribute_map_dir": path.join(BASEDIR, "attribute-maps"), + "attribute_map_dir": Path(BASEDIR) / "attribute-maps", # do now discard attributes not specified in attribute-maps "allow_unknown_attributes": SAML_ALLOW_UNKNOWN_ATTRIBUTES, # this block states what services we provide diff --git a/dojo/tools/factory.py b/dojo/tools/factory.py index b69fea12ac..daddd62f00 100644 --- a/dojo/tools/factory.py +++ b/dojo/tools/factory.py @@ -117,7 +117,7 @@ def requires_tool_type(scan_type): package_dir = str(Path(__file__).resolve().parent) for module_name in os.listdir(package_dir): # noqa: PTH208 # check if it's dir - if Path(os.path.join(package_dir, module_name)).is_dir(): + if (Path(package_dir) / module_name).is_dir(): try: # check if it's a Python module if find_spec(f"dojo.tools.{module_name}.parser"): diff --git a/dojo/views.py b/dojo/views.py index df65be4d6b..8149671618 100644 --- a/dojo/views.py +++ b/dojo/views.py @@ -1,5 +1,4 @@ import logging -import os from pathlib import Path from auditlog.models import LogEntry @@ -151,7 +150,7 @@ def manage_files(request, oid, obj_type): for o in files_formset.deleted_objects: logger.debug("removing file: %s", o.file.name) - Path(os.path.join(settings.MEDIA_ROOT, o.file.name)).unlink() + (Path(settings.MEDIA_ROOT) / o.file.name).unlink() for o in files_formset.new_objects: logger.debug("adding file: %s", o.file.name) @@ -162,7 +161,7 @@ def manage_files(request, oid, obj_type): finding__isnull=True) for o in orphan_files: logger.debug("purging orphan file: %s", o.file.name) - Path(os.path.join(settings.MEDIA_ROOT, o.file.name)).unlink() + (Path(settings.MEDIA_ROOT) / o.file.name).unlink() o.delete() messages.add_message( diff --git a/ruff.toml b/ruff.toml index 12b556d5cf..dfda6140c8 100644 --- a/ruff.toml +++ b/ruff.toml @@ -66,7 +66,7 @@ select = [ "TCH", "INT", "ARG003", "ARG004", "ARG005", - "PTH2", "PTH101", "PTH102", "PTH103", "PTH104", "PTH105", "PTH106", "PTH107", "PTH108", "PTH109", "PTH110", "PTH111", "PTH112", "PTH113", "PTH114", "PTH115", "PTH116", "PTH117", "PTH119", "PTH120", "PTH121", "PTH122", "PTH124", + "PTH2", "PTH101", "PTH102", "PTH103", "PTH104", "PTH105", "PTH106", "PTH107", "PTH108", "PTH109", "PTH11", "PTH120", "PTH121", "PTH122", "PTH124", "TD001", "TD004", "TD005", "PD", "PGH", diff --git a/tests/file_test.py b/tests/file_test.py index 686f133e4d..8084fd8daa 100644 --- a/tests/file_test.py +++ b/tests/file_test.py @@ -35,7 +35,7 @@ def test_add_file_finding_level(self): driver.find_element(By.LINK_TEXT, "Manage Files").click() # select first file input field: form-0-image # Set full image path for image file 'strange.png - image_path = os.path.join(dir_path, "finding_image.png") + image_path = Path(dir_path) / "finding_image.png" driver.find_element(By.ID, "id_form-0-title").send_keys("Finding Title") driver.find_element(By.ID, "id_form-0-file").send_keys(image_path) # Save uploaded image @@ -76,7 +76,7 @@ def test_add_file_test_level(self): driver.find_element(By.NAME, "Manage Files").click() # select first file input field: form-0-image # Set full image path for image file 'strange.png - image_path = os.path.join(dir_path, "finding_image.png") + image_path = Path(dir_path) / "finding_image.png" driver.find_element(By.ID, "id_form-0-title").send_keys("Test Title") driver.find_element(By.ID, "id_form-0-file").send_keys(image_path) # Save uploaded image @@ -116,7 +116,7 @@ def test_add_file_engagement_level(self): driver.find_element(By.NAME, "Manage Files").click() # select first file input field: form-0-image # Set full image path for image file 'strange.png - image_path = os.path.join(dir_path, "finding_image.png") + image_path = Path(dir_path) / "finding_image.png" driver.find_element(By.ID, "id_form-0-title").send_keys("Engagement Title") driver.find_element(By.ID, "id_form-0-file").send_keys(image_path) # Save uploaded image diff --git a/tests/finding_test.py b/tests/finding_test.py index 4e08744c5e..0adf78f8aa 100644 --- a/tests/finding_test.py +++ b/tests/finding_test.py @@ -146,7 +146,7 @@ def test_add_image(self): driver.find_element(By.LINK_TEXT, "Manage Files").click() # select first file input field: form-0-image # Set full image path for image file 'strange.png - image_path = os.path.join(dir_path, "finding_image.png") + image_path = Path(dir_path) / "finding_image.png" driver.find_element(By.ID, "id_form-0-file").send_keys(image_path) driver.find_element(By.ID, "id_form-0-title").send_keys("Image Title") # Save uploaded image @@ -466,7 +466,7 @@ def test_import_scan_result(self): # Select `Default` as the Environment Select(driver.find_element(By.ID, "id_environment")).select_by_visible_text("Development") # upload scan file - file_path = os.path.join(dir_path, "zap_sample.xml") + file_path = Path(dir_path) / "zap_sample.xml" driver.find_element(By.NAME, "file").send_keys(file_path) # Click Submit button with WaitForPageLoad(driver, timeout=50): diff --git a/tests/ibm_appscan_test.py b/tests/ibm_appscan_test.py index 451e387db1..f03305bd6f 100644 --- a/tests/ibm_appscan_test.py +++ b/tests/ibm_appscan_test.py @@ -31,7 +31,7 @@ def test_import_ibm_app_scan_result(self): # Select `Default` as the Environment Select(driver.find_element(By.ID, "id_environment")).select_by_visible_text("Development") # Upload Scan result file - scanner_file = os.path.join(dir_path, "ibm_appscan_xml_file.xml") + scanner_file = Path(dir_path) / "ibm_appscan_xml_file.xml" driver.find_element(By.NAME, "file").send_keys(scanner_file) # click on upload button driver.find_elements(By.CSS_SELECTOR, "button.btn.btn-primary")[1].click() diff --git a/unittests/dojo_test_case.py b/unittests/dojo_test_case.py index d22073e273..3f8db4ad78 100644 --- a/unittests/dojo_test_case.py +++ b/unittests/dojo_test_case.py @@ -1,7 +1,6 @@ import copy import json import logging -import os from functools import wraps from itertools import chain from pathlib import Path @@ -40,7 +39,11 @@ def get_unit_tests_path(): - return str(Path(os.path.realpath(__file__)).parent) + return Path(__file__).parent + + +def get_unit_tests_scans_path(parser): + return Path(__file__).parent / "scans" / parser def toggle_system_setting_boolean(flag_name, value): @@ -504,7 +507,7 @@ def import_scan_with_params(self, filename, scan_type="ZAP Scan", engagement=1, product_name=None, product_type_name=None, auto_create_context=None, expected_http_status_code=201, test_title=None, scan_date=None, service=None, forceActive=True, forceVerified=True): - with open(get_unit_tests_path() + "/" + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "minimum_severity": minimum_severity, "active": active, @@ -556,7 +559,7 @@ def import_scan_with_params(self, filename, scan_type="ZAP Scan", engagement=1, def reimport_scan_with_params(self, test_id, filename, scan_type="ZAP Scan", engagement=1, minimum_severity="Low", active=True, verified=False, push_to_jira=None, tags=None, close_old_findings=True, group_by=None, engagement_name=None, scan_date=None, product_name=None, product_type_name=None, auto_create_context=None, expected_http_status_code=201, test_title=None): - with open(get_unit_tests_path() + "/" + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "minimum_severity": minimum_severity, "active": active, @@ -605,7 +608,7 @@ def reimport_scan_with_params(self, test_id, filename, scan_type="ZAP Scan", eng def endpoint_meta_import_scan_with_params(self, filename, product=1, product_name=None, create_endpoints=True, create_tags=True, create_dojo_meta=True, expected_http_status_code=201): - with open(get_unit_tests_path() + "/" + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "create_endpoints": create_endpoints, "create_tags": create_tags, diff --git a/unittests/test_endpoint_meta_import.py b/unittests/test_endpoint_meta_import.py index d159dbd4f2..5f93aceb19 100644 --- a/unittests/test_endpoint_meta_import.py +++ b/unittests/test_endpoint_meta_import.py @@ -206,7 +206,7 @@ def endpoint_meta_import_ui(self, product, payload): def endpoint_meta_import_scan_with_params_ui(self, filename, product=1, create_endpoints=True, create_tags=True, create_dojo_meta=True, expected_http_status_code=201): - with open(get_unit_tests_path() + "/" + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "create_endpoints": create_endpoints, "create_tags": create_tags, diff --git a/unittests/test_factory.py b/unittests/test_factory.py index 5d8b4040dd..39c4a789ae 100644 --- a/unittests/test_factory.py +++ b/unittests/test_factory.py @@ -1,5 +1,4 @@ import logging -import os from importlib import import_module from importlib.util import find_spec from inspect import isclass @@ -16,25 +15,25 @@ class TestFactory(DojoTestCase): def test_get_parser(self): with self.subTest(scan_type="Acunetix Scan"): scan_type = "Acunetix Scan" - testfile = open(get_unit_tests_path() + "/scans/acunetix/one_finding.xml", encoding="utf-8") + testfile = open(get_unit_tests_path() / "scans" / "acunetix" / "one_finding.xml", encoding="utf-8") parser = get_parser(scan_type) parser.get_findings(testfile, Test()) testfile.close() with self.subTest(scan_type="Anchore Engine Scan"): scan_type = "Anchore Engine Scan" - testfile = open(get_unit_tests_path() + "/scans/anchore_engine/one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_path() / "scans" / "anchore_engine" / "one_vuln.json", encoding="utf-8") parser = get_parser(scan_type) parser.get_findings(testfile, Test()) testfile.close() with self.subTest(scan_type="Tenable Scan"): scan_type = "Tenable Scan" - testfile = open(get_unit_tests_path() + "/scans/tenable/nessus/nessus_v_unknown.xml", encoding="utf-8") + testfile = open(get_unit_tests_path() / "scans" / "tenable/nessus" / "nessus_v_unknown.xml", encoding="utf-8") parser = get_parser(scan_type) parser.get_findings(testfile, Test()) testfile.close() with self.subTest(scan_type="ZAP Scan"): scan_type = "ZAP Scan" - testfile = open(get_unit_tests_path() + "/scans/zap/some_2.9.0.xml", encoding="utf-8") + testfile = open(get_unit_tests_path() / "scans" / "zap" / "some_2.9.0.xml", encoding="utf-8") parser = get_parser(scan_type) parser.get_findings(testfile, Test()) testfile.close() @@ -73,7 +72,7 @@ def test_parser_name_matches_module(self): for module_name in module_names: if module_name in excluded_parsers: continue - if Path(os.path.join(package_dir, module_name)).is_dir(): + if (Path(package_dir) / module_name).is_dir(): found = False if find_spec(f"dojo.tools.{module_name}.parser"): module = import_module(f"dojo.tools.{module_name}.parser") diff --git a/unittests/test_import_reimport.py b/unittests/test_import_reimport.py index 02548ccb57..bc70330226 100644 --- a/unittests/test_import_reimport.py +++ b/unittests/test_import_reimport.py @@ -1823,7 +1823,7 @@ def import_scan_with_params_ui(self, filename, scan_type="ZAP Scan", engagement= elif not verified: verifiedPayload = "force_to_false" - with open(get_unit_tests_path() + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "minimum_severity": minimum_severity, "active": activePayload, @@ -1861,7 +1861,7 @@ def reimport_scan_with_params_ui(self, test_id, filename, scan_type="ZAP Scan", if not verified: verifiedPayload = "force_to_false" - with open(get_unit_tests_path() + filename, encoding="utf-8") as testfile: + with open(get_unit_tests_path() / filename, encoding="utf-8") as testfile: payload = { "minimum_severity": minimum_severity, "active": activePayload, diff --git a/unittests/test_importers_importer.py b/unittests/test_importers_importer.py index 41baf6d78e..8d18e26c13 100644 --- a/unittests/test_importers_importer.py +++ b/unittests/test_importers_importer.py @@ -39,7 +39,7 @@ class TestDojoDefaultImporter(DojoTestCase): def test_parse_findings(self): - with open(get_unit_tests_path() + "/scans/acunetix/one_finding.xml", encoding="utf-8") as scan: + with open(get_unit_tests_path() / "scans" / "acunetix" / "one_finding.xml", encoding="utf-8") as scan: scan_type = "Acunetix Scan" user, _created = User.objects.get_or_create(username="admin") product_type, _created = Product_Type.objects.get_or_create(name="test") @@ -80,7 +80,7 @@ def test_parse_findings(self): self.assertIn(finding.numerical_severity, ["S0", "S1", "S2", "S3", "S4"]) def test_import_scan(self): - with open(get_unit_tests_path() + "/scans/sarif/spotbugs.sarif", encoding="utf-8") as scan: + with open(get_unit_tests_path() / "scans" / "sarif" / "spotbugs.sarif", encoding="utf-8") as scan: scan_type = SarifParser().get_scan_types()[0] # SARIF format implement the new method user, _ = User.objects.get_or_create(username="admin") product_type, _ = Product_Type.objects.get_or_create(name="test2") diff --git a/unittests/test_jira_config_engagement_epic.py b/unittests/test_jira_config_engagement_epic.py index 7b6b753416..1410d6d25c 100644 --- a/unittests/test_jira_config_engagement_epic.py +++ b/unittests/test_jira_config_engagement_epic.py @@ -27,7 +27,7 @@ def _get_vcr(self, **kwargs): my_vcr.record_mode = "once" my_vcr.path_transformer = VCR.ensure_suffix(".yaml") my_vcr.filter_headers = ["Authorization", "X-Atlassian-Token"] - my_vcr.cassette_library_dir = get_unit_tests_path() + "/vcr/jira/" + my_vcr.cassette_library_dir = get_unit_tests_path() / "vcr" / "jira" # TODO: check this # filters headers doesn't seem to work for cookies, so use callbacks to filter cookies from being recorded my_vcr.before_record_request = self.before_record_request my_vcr.before_record_response = self.before_record_response diff --git a/unittests/test_jira_import_and_pushing_api.py b/unittests/test_jira_import_and_pushing_api.py index eeba03f974..d41f2b6397 100644 --- a/unittests/test_jira_import_and_pushing_api.py +++ b/unittests/test_jira_import_and_pushing_api.py @@ -50,7 +50,7 @@ def _get_vcr(self, **kwargs): my_vcr.record_mode = "once" my_vcr.path_transformer = VCR.ensure_suffix(".yaml") my_vcr.filter_headers = ["Authorization", "X-Atlassian-Token"] - my_vcr.cassette_library_dir = get_unit_tests_path() + "/vcr/jira/" + my_vcr.cassette_library_dir = get_unit_tests_path() / "vcr" / "jira" # TODO: check this # filters headers doesn't seem to work for cookies, so use callbacks to filter cookies from being recorded my_vcr.before_record_request = self.before_record_request my_vcr.before_record_response = self.before_record_response diff --git a/unittests/test_parsers.py b/unittests/test_parsers.py index 2e61c48273..9a7da594d1 100644 --- a/unittests/test_parsers.py +++ b/unittests/test_parsers.py @@ -5,13 +5,13 @@ from .dojo_test_case import DojoTestCase, get_unit_tests_path -basedir = os.path.join(get_unit_tests_path(), "..") +basedir = get_unit_tests_path().parent @test_tag("parser-supplement-tests") class TestParsers(DojoTestCase): def test_file_existence(self): - for parser_dir in os.scandir(os.path.join(basedir, "dojo", "tools")): + for parser_dir in os.scandir(Path(basedir) / "dojo" / "tools"): if parser_dir.is_file() or parser_dir.name == "__pycache__": continue # this is not parser dir but some support file @@ -28,7 +28,7 @@ def test_file_existence(self): "wizcli_common_parsers", # common class for other wizcli parsers ]: with self.subTest(parser=parser_dir.name, category="docs"): - doc_file = os.path.join(basedir, "docs", "content", "en", "connecting_your_tools", "parsers", category, f"{doc_name}.md") + doc_file = Path(basedir) / "docs" / "content" / "en" / "connecting_your_tools" / "parsers" / category / f"{doc_name}.md" self.assertTrue( Path(doc_file).is_file(), f"Documentation file '{doc_file}' is missing or using different name", @@ -53,7 +53,7 @@ def test_file_existence(self): "wizcli_common_parsers", # common class for other wizcli parsers ]: with self.subTest(parser=parser_dir.name, category="parser"): - parser_test_file = os.path.join(basedir, "unittests", "tools", f"test_{parser_dir.name}_parser.py") + parser_test_file = Path(basedir) / "unittests" / "tools" / f"test_{parser_dir.name}_parser.py" self.assertTrue( Path(parser_test_file).is_file(), f"Unittest of parser '{parser_test_file}' is missing or using different name", @@ -64,7 +64,7 @@ def test_file_existence(self): "wizcli_common_parsers", # common class for other wizcli parsers ]: with self.subTest(parser=parser_dir.name, category="testfiles"): - scan_dir = os.path.join(basedir, "unittests", "scans", parser_dir.name) + scan_dir = Path(basedir) / "unittests" / "scans" / parser_dir.name self.assertTrue( Path(scan_dir).is_dir(), f"Test files for unittest of parser '{scan_dir}' are missing or using different name", @@ -76,16 +76,16 @@ def test_file_existence(self): "api_vulners", # TODO: tests should be implemented also for this parser ]: with self.subTest(parser=parser_dir.name, category="importer"): - importer_test_file = os.path.join(basedir, "unittests", "tools", f"test_{parser_dir.name}_importer.py") + importer_test_file = Path(basedir) / "unittests" / "tools" / f"test_{parser_dir.name}_importer.py" self.assertTrue( Path(importer_test_file).is_file(), f"Unittest of importer '{importer_test_file}' is missing or using different name", ) - for file in os.scandir(os.path.join(basedir, "dojo", "tools", parser_dir.name)): + for file in os.scandir(Path(basedir) / "dojo" / "tools" / parser_dir.name): if file.is_file() and file.name != "__pycache__" and file.name != "__init__.py": - f = os.path.join(basedir, "dojo", "tools", parser_dir.name, file.name) + f_path = Path(basedir) / "dojo" / "tools" / parser_dir.name / file.name read_true = False - with open(f, encoding="utf-8") as f: + with open(f_path, encoding="utf-8") as f: i = 0 for line in f: if read_true is True: @@ -93,7 +93,7 @@ def test_file_existence(self): read_true = False i = 0 elif i > 4: - self.assertTrue(expr=False, msg="In file " + str(os.path.join("dojo", "tools", parser_dir.name, file.name)) + " the test is failing because you don't have utf-8 after .read()") + self.assertTrue(expr=False, msg=f"In file '{f_path}' the test is failing because you don't have utf-8 after .read()") i = 0 read_true = False else: @@ -103,12 +103,12 @@ def test_file_existence(self): i = 0 def test_parser_existence(self): - for docs in os.scandir(os.path.join(basedir, "docs", "content", "en", "connecting_your_tools", "parsers", "file")): + for docs in os.scandir(Path(basedir) / "docs" / "content" / "en" / "connecting_your_tools" / "parsers" / "file"): if docs.name not in [ "_index.md", "codeql.md", "edgescan.md", ]: with self.subTest(parser=docs.name.split(".md")[0], category="parser"): - parser = os.path.join(basedir, "dojo", "tools", f"{docs.name.split('.md')[0]}", "parser.py") + parser = Path(basedir) / "dojo" / "tools" / f"{docs.name.split('.md')[0]}" / "parser.py" self.assertTrue( Path(parser).is_file(), f"Parser '{parser}' is missing or using different name", diff --git a/unittests/tools/test_acunetix_parser.py b/unittests/tools/test_acunetix_parser.py index fe0deb95e6..699cb84110 100644 --- a/unittests/tools/test_acunetix_parser.py +++ b/unittests/tools/test_acunetix_parser.py @@ -3,13 +3,13 @@ from dojo.models import Test from dojo.tools.acunetix.parser import AcunetixParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAcunetixParser(DojoTestCase): def test_parse_file_with_one_finding(self): - with open("unittests/scans/acunetix/one_finding.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "one_finding.xml", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -37,7 +37,7 @@ def test_parse_file_with_one_finding(self): self.assertEqual("some/path", endpoint.path) def test_parse_file_with_multiple_finding(self): - with open("unittests/scans/acunetix/many_findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "many_findings.xml", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -132,7 +132,7 @@ def test_parse_file_with_multiple_finding(self): self.assertIsInstance(req_resp["resp"], str) def test_parse_file_with_example_com(self): - with open("unittests/scans/acunetix/XML_http_example_co_id_.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "XML_http_example_co_id_.xml", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -204,7 +204,7 @@ def test_parse_file_with_example_com(self): self.assertIsInstance(req_resp["resp"], str) def test_parse_file_with_one_finding_acunetix360(self): - with open("unittests/scans/acunetix/acunetix360_one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "acunetix360_one_finding.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -225,7 +225,7 @@ def test_parse_file_with_one_finding_acunetix360(self): self.assertIn("https://online.acunetix360.com/issues/detail/735f4503-e9eb-4b4c-4306-ad49020a4c4b", finding.references) def test_parse_file_with_one_finding_false_positive(self): - with open("unittests/scans/acunetix/acunetix360_one_finding_false_positive.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "acunetix360_one_finding_false_positive.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -245,7 +245,7 @@ def test_parse_file_with_one_finding_false_positive(self): self.assertTrue(finding.false_p) def test_parse_file_with_one_finding_risk_accepted(self): - with open("unittests/scans/acunetix/acunetix360_one_finding_accepted_risk.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "acunetix360_one_finding_accepted_risk.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -265,7 +265,7 @@ def test_parse_file_with_one_finding_risk_accepted(self): self.assertTrue(finding.risk_accepted) def test_parse_file_with_multiple_finding_acunetix360(self): - with open("unittests/scans/acunetix/acunetix360_many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "acunetix360_many_findings.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) @@ -306,7 +306,7 @@ def test_parse_file_with_multiple_finding_acunetix360(self): self.assertEqual(str(endpoint), "http://php.testsparker.com") def test_parse_file_with_mulitple_cwe(self): - with open("unittests/scans/acunetix/acunetix360_multiple_cwe.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "acunetix360_multiple_cwe.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -325,19 +325,19 @@ def test_parse_file_with_mulitple_cwe(self): self.assertEqual(str(endpoint), "http://php.testsparker.com/auth/login.php") def test_parse_file_issue_10370(self): - with open("unittests/scans/acunetix/issue_10370.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "issue_10370.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_issue_10435(self): - with open("unittests/scans/acunetix/issue_10435.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "issue_10435.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_issue_11206(self): - with open("unittests/scans/acunetix/issue_11206.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("acunetix") / "issue_11206.json", encoding="utf-8") as testfile: parser = AcunetixParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_anchore_engine_parser.py b/unittests/tools/test_anchore_engine_parser.py index 60a4e511f3..007c1166f7 100644 --- a/unittests/tools/test_anchore_engine_parser.py +++ b/unittests/tools/test_anchore_engine_parser.py @@ -1,29 +1,29 @@ from dojo.models import Test from dojo.tools.anchore_engine.parser import AnchoreEngineParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAnchoreEngineParser(DojoTestCase): def test_anchore_engine_parser_has_no_finding(self): - with open("unittests/scans/anchore_engine/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_engine") / "no_vuln.json", encoding="utf-8") as testfile: parser = AnchoreEngineParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_anchore_engine_parser_has_one_finding(self): - with open("unittests/scans/anchore_engine/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_engine") / "one_vuln.json", encoding="utf-8") as testfile: parser = AnchoreEngineParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_anchore_engine_parser_has_many_findings(self): - with open("unittests/scans/anchore_engine/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_engine") / "many_vulns.json", encoding="utf-8") as testfile: parser = AnchoreEngineParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(23, len(findings)) def test_anchore_engine_parser_has_many_findings_2_4_1(self): - with open("unittests/scans/anchore_engine/many_vulns_2.4.1.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_engine") / "many_vulns_2.4.1.json", encoding="utf-8") as testfile: parser = AnchoreEngineParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(51, len(findings)) diff --git a/unittests/tools/test_anchore_enterprise_parser.py b/unittests/tools/test_anchore_enterprise_parser.py index 6025fb736a..a2ae81304a 100644 --- a/unittests/tools/test_anchore_enterprise_parser.py +++ b/unittests/tools/test_anchore_enterprise_parser.py @@ -1,26 +1,24 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.anchore_enterprise.parser import AnchoreEnterpriseParser, extract_vulnerability_id, search_filepath -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAnchoreEnterpriseParser(DojoTestCase): def test_anchore_policy_check_parser_has_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/no_checks.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_enterprise") / "no_checks.json", encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_anchore_policy_check_parser_has_one_finding(self): - with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/one_check.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_enterprise") / "one_check.json", encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_anchore_policy_check_parser_has_multiple_findings(self): - with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/many_checks.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_enterprise") / "many_checks.json", encoding="utf-8") as testfile: parser = AnchoreEnterpriseParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(57, len(findings)) @@ -29,7 +27,7 @@ def test_anchore_policy_check_parser_has_multiple_findings(self): self.assertEqual("CVE-2015-2992", finding.unsaved_vulnerability_ids[0]) def test_anchore_policy_check_parser_invalid_format(self): - with open(path.join(Path(__file__).parent, "../scans/anchore_enterprise/invalid_checks_format.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_enterprise") / "invalid_checks_format.json", encoding="utf-8") as testfile: with self.assertRaises(Exception): parser = AnchoreEnterpriseParser() parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_anchore_grype_parser.py b/unittests/tools/test_anchore_grype_parser.py index c706e0c384..ffff867366 100644 --- a/unittests/tools/test_anchore_grype_parser.py +++ b/unittests/tools/test_anchore_grype_parser.py @@ -1,19 +1,19 @@ from dojo.models import Finding, Test from dojo.tools.anchore_grype.parser import AnchoreGrypeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAnchoreGrypeParser(DojoTestCase): def test_parser_has_no_findings(self): - with open("unittests/scans/anchore_grype/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "no_vuln.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parser_has_many_findings(self): found = False - with open("unittests/scans/anchore_grype/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "many_vulns.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1509, len(findings)) @@ -35,7 +35,7 @@ def test_parser_has_many_findings(self): def test_grype_parser_with_one_criticle_vuln_has_one_findings(self): found = False - with open("unittests/scans/anchore_grype/many_vulns2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "many_vulns2.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1567, len(findings)) @@ -56,7 +56,7 @@ def test_grype_parser_with_one_criticle_vuln_has_one_findings(self): def test_grype_parser_with_many_vulns3(self): found = False - with open("unittests/scans/anchore_grype/many_vulns3.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "many_vulns3.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(327, len(findings)) @@ -77,7 +77,7 @@ def test_grype_parser_with_many_vulns3(self): def test_grype_parser_with_new_matcher_list(self): found = False - with open("unittests/scans/anchore_grype/many_vulns4.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "many_vulns4.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) @@ -97,7 +97,7 @@ def test_grype_parser_with_new_matcher_list(self): self.assertTrue(found) def test_check_all_fields(self): - with open("unittests/scans/anchore_grype/check_all_fields.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "check_all_fields.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -266,13 +266,13 @@ def test_check_all_fields(self): self.assertEqual(2, finding.nb_occurences) def test_grype_issue_9618(self): - with open("unittests/scans/anchore_grype/issue_9618.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "issue_9618.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(35, len(findings)) def test_grype_issue_9942(self): - with open("unittests/scans/anchore_grype/issue_9942.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchore_grype") / "issue_9942.json", encoding="utf-8") as testfile: parser = AnchoreGrypeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_anchorectl_policies_parser.py b/unittests/tools/test_anchorectl_policies_parser.py index 1ad4eb91cc..8380616376 100644 --- a/unittests/tools/test_anchorectl_policies_parser.py +++ b/unittests/tools/test_anchorectl_policies_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.anchorectl_policies.parser import AnchoreCTLPoliciesParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAnchoreCTLPoliciesParser(DojoTestCase): def test_anchore_engine_parser_has_no_finding(self): - with open("unittests/scans/anchorectl_policies/no_violation.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_policies") / "no_violation.json", encoding="utf-8") as testfile: parser = AnchoreCTLPoliciesParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_anchore_engine_parser_has_one_finding_and_it_is_correctly_parsed(self): - with open("unittests/scans/anchorectl_policies/one_violation.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_policies") / "one_violation.json", encoding="utf-8") as testfile: parser = AnchoreCTLPoliciesParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -21,13 +21,13 @@ def test_anchore_engine_parser_has_one_finding_and_it_is_correctly_parsed(self): self.assertEqual(singleFinding.description, "User root found as effective user, which is not on the allowed list") def test_anchore_engine_parser_has_many_findings(self): - with open("unittests/scans/anchorectl_policies/many_violations.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_policies") / "many_violations.json", encoding="utf-8") as testfile: parser = AnchoreCTLPoliciesParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_anchore_engine_parser_has_one_finding_and_description_has_severity(self): - with open("unittests/scans/anchorectl_policies/one_violation_description_severity.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_policies") / "one_violation_description_severity.json", encoding="utf-8") as testfile: parser = AnchoreCTLPoliciesParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_anchorectl_vulns_parser.py b/unittests/tools/test_anchorectl_vulns_parser.py index 1ba824fe76..9254331c0f 100644 --- a/unittests/tools/test_anchorectl_vulns_parser.py +++ b/unittests/tools/test_anchorectl_vulns_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.anchorectl_vulns.parser import AnchoreCTLVulnsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAnchoreCTLVulnsParser(DojoTestCase): def test_anchore_engine_parser_has_no_finding(self): - with open("unittests/scans/anchorectl_vulns/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_vulns") / "no_vuln.json", encoding="utf-8") as testfile: parser = AnchoreCTLVulnsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_anchore_engine_parser_has_one_finding_and_it_is_correctly_parsed(self): - with open("unittests/scans/anchorectl_vulns/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_vulns") / "one_vuln.json", encoding="utf-8") as testfile: parser = AnchoreCTLVulnsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -21,7 +21,7 @@ def test_anchore_engine_parser_has_one_finding_and_it_is_correctly_parsed(self): self.assertEqual(singleFinding.description, "**Image hash**: None\n\n**Package**: libgnutls30-3.5.8-5+deb9u4\n\n**Package path**: None\n\n**Package type**: dpkg\n\n**Feed**: vulnerabilities/debian:9\n\n**CPE**: None\n\n**Description**: That test description\n\n") def test_anchore_engine_parser_has_many_findings(self): - with open("unittests/scans/anchorectl_vulns/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("anchorectl_vulns") / "many_vulns.json", encoding="utf-8") as testfile: parser = AnchoreCTLVulnsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(23, len(findings)) diff --git a/unittests/tools/test_api_blackduck_parser.py b/unittests/tools/test_api_blackduck_parser.py index f58613ca71..438318eefd 100644 --- a/unittests/tools/test_api_blackduck_parser.py +++ b/unittests/tools/test_api_blackduck_parser.py @@ -1,13 +1,13 @@ from dojo.models import SEVERITIES, Test from dojo.tools.api_blackduck.parser import ApiBlackduckParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestApiBlackduckParser(DojoTestCase): def test_bandit_parser_has_many_findings(self): - with open("unittests/scans/api_blackduck/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_blackduck") / "many_vulns.json", encoding="utf-8") as testfile: parser = ApiBlackduckParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_api_bugcrowd_parser.py b/unittests/tools/test_api_bugcrowd_parser.py index 48e748633c..e1d851b8e8 100644 --- a/unittests/tools/test_api_bugcrowd_parser.py +++ b/unittests/tools/test_api_bugcrowd_parser.py @@ -1,20 +1,19 @@ import datetime -from django.test import TestCase - from dojo.models import Product_API_Scan_Configuration, Test from dojo.tools.api_bugcrowd.parser import ApiBugcrowdParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestApiBugcrowdParser(TestCase): +class TestApiBugcrowdParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/api_bugcrowd/bugcrowd_empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_bugcrowd") / "bugcrowd_empty.json", encoding="utf-8") as testfile: parser = ApiBugcrowdParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/api_bugcrowd/bugcrowd_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_bugcrowd") / "bugcrowd_one.json", encoding="utf-8") as testfile: # description = """ # Vulnerability Name: JWT alg none @@ -51,7 +50,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): endpoint.clean() def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/api_bugcrowd/bugcrowd_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_bugcrowd") / "bugcrowd_many.json", encoding="utf-8") as testfile: parser = ApiBugcrowdParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -117,7 +116,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding(self): def test_parse_file_with_not_reproducible_finding(self): with open( - "unittests/scans/api_bugcrowd/bugcrowd_not_reproducible.json", encoding="utf-8", + get_unit_tests_scans_path("api_bugcrowd") / "bugcrowd_not_reproducible.json", encoding="utf-8", ) as testfile: # description = """ @@ -149,7 +148,7 @@ def test_parse_file_with_not_reproducible_finding(self): endpoint.clean() def test_parse_file_with_broken_bug_url(self): - with open("unittests/scans/api_bugcrowd/bugcrowd_broken_bug_url.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_bugcrowd") / "bugcrowd_broken_bug_url.json", encoding="utf-8") as testfile: parser = ApiBugcrowdParser() with self.assertLogs("dojo.tools.api_bugcrowd.parser", level="ERROR") as cm: parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_api_cobalt_parser.py b/unittests/tools/test_api_cobalt_parser.py index afb45d902f..e64f407a9e 100644 --- a/unittests/tools/test_api_cobalt_parser.py +++ b/unittests/tools/test_api_cobalt_parser.py @@ -3,19 +3,19 @@ from dojo.models import Test, Test_Type from dojo.tools.api_cobalt.parser import ApiCobaltParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestApiCobaltParser(DojoTestCase): def test_cobalt_api_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/api_cobalt/cobalt_api_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_zero_vul.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_cobalt_api_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/api_cobalt/cobalt_api_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_many_vul.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -24,7 +24,7 @@ def test_cobalt_api_parser_with_many_vuln_has_many_findings(self): self.assertEqual(3, len(findings)) def test_cobalt_api_parser_with_carried_over_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_carried_over.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_carried_over.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -51,7 +51,7 @@ def test_cobalt_api_parser_with_carried_over_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_check_fix_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_check_fix.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_check_fix.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -78,7 +78,7 @@ def test_cobalt_api_parser_with_check_fix_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_invalid_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_invalid.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_invalid.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -105,7 +105,7 @@ def test_cobalt_api_parser_with_invalid_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_need_fix_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_need_fix.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_need_fix.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -132,7 +132,7 @@ def test_cobalt_api_parser_with_need_fix_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_new_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_new.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_new.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -159,7 +159,7 @@ def test_cobalt_api_parser_with_new_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_out_of_scope_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_out_of_scope.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_out_of_scope.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -186,7 +186,7 @@ def test_cobalt_api_parser_with_out_of_scope_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_triaging_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_triaging.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_triaging.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -213,7 +213,7 @@ def test_cobalt_api_parser_with_triaging_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_valid_fix_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_valid_fix.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_valid_fix.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -240,7 +240,7 @@ def test_cobalt_api_parser_with_valid_fix_finding(self): self.assertTrue(finding.dynamic_finding) def test_cobalt_api_parser_with_wont_fix_finding(self): - with open("unittests/scans/api_cobalt/cobalt_api_one_vul_wont_fix.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_one_vul_wont_fix.json", encoding="utf-8") as testfile: parser = ApiCobaltParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -268,7 +268,7 @@ def test_cobalt_api_parser_with_wont_fix_finding(self): @patch("dojo.tools.api_cobalt.importer.CobaltApiImporter.get_findings") def test_cobalt_api_parser_with_api(self, mock): - with open(get_unit_tests_path() + "/scans/api_cobalt/cobalt_api_many_vul.json", encoding="utf-8") as api_findings_file: + with open(get_unit_tests_scans_path("api_cobalt") / "cobalt_api_many_vul.json", encoding="utf-8") as api_findings_file: api_findings = json.load(api_findings_file) mock.return_value = api_findings diff --git a/unittests/tools/test_api_edgescan_parser.py b/unittests/tools/test_api_edgescan_parser.py index 944b721f01..567150da20 100644 --- a/unittests/tools/test_api_edgescan_parser.py +++ b/unittests/tools/test_api_edgescan_parser.py @@ -1,10 +1,9 @@ -from django.test import TestCase - from dojo.models import Test from dojo.tools.api_edgescan.parser import ApiEdgescanParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestApiEdgescanParser(TestCase): +class TestApiEdgescanParser(DojoTestCase): def test_get_scan_types(self): parser = ApiEdgescanParser() @@ -32,13 +31,13 @@ def test_requires_tool_type(self): self.assertEqual(parser.requires_tool_type("scan_type"), "Edgescan") def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/api_edgescan/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_edgescan") / "no_vuln.json", encoding="utf-8") as testfile: parser = ApiEdgescanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/api_edgescan/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_edgescan") / "one_vuln.json", encoding="utf-8") as testfile: parser = ApiEdgescanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -61,7 +60,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual(finding.unsaved_endpoints[0].protocol, None) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/api_edgescan/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_edgescan") / "many_vulns.json", encoding="utf-8") as testfile: parser = ApiEdgescanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_api_sonarqube_importer.py b/unittests/tools/test_api_sonarqube_importer.py index 2c5564fbec..b81826b48a 100644 --- a/unittests/tools/test_api_sonarqube_importer.py +++ b/unittests/tools/test_api_sonarqube_importer.py @@ -5,51 +5,51 @@ from dojo.models import Engagement, Product, Product_API_Scan_Configuration, Test from dojo.tools.api_sonarqube.importer import SonarQubeApiImporter -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def dummy_product(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/product.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "product.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_issues(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/issues.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "issues.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_rule(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/rule.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "rule.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_rule_wo_html_desc(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/rule_wo_html_desc.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "rule_wo_html_desc.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_no_hotspot(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/no_vuln.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "no_vuln.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_one_hotspot(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/one_vuln.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "one_vuln.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_many_hotspots(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/many_vulns.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "many_vulns.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_hotspot_rule(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/rule.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "rule.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_hotspot_rule_wo_risk_description(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/rule_wo_risk_description.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "rule_wo_risk_description.json", encoding="utf-8") as json_file: return json.load(json_file) diff --git a/unittests/tools/test_api_sonarqube_parser.py b/unittests/tools/test_api_sonarqube_parser.py index 176219291a..6f419ec48c 100644 --- a/unittests/tools/test_api_sonarqube_parser.py +++ b/unittests/tools/test_api_sonarqube_parser.py @@ -11,26 +11,26 @@ Tool_Type, ) from dojo.tools.api_sonarqube.parser import ApiSonarQubeParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def dummy_product(self, *args, **kwargs): - with open("unittests/scans/api_sonarqube/product.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "product.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_issues(self, *args, **kwargs): - with open("unittests/scans/api_sonarqube/issues.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "issues.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_rule(self, *args, **kwargs): - with open("unittests/scans/api_sonarqube/rule.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "rule.json", encoding="utf-8") as json_file: return json.load(json_file) def dummy_hotspot_rule(self, *args, **kwargs): - with open(get_unit_tests_path() + "/scans/api_sonarqube/hotspots/rule.json", encoding="utf-8") as json_file: + with open(get_unit_tests_scans_path("api_sonarqube") / "hotspots" / "rule.json", encoding="utf-8") as json_file: return json.load(json_file) diff --git a/unittests/tools/test_api_vulners_parser.py b/unittests/tools/test_api_vulners_parser.py index e532e1ee27..d66c1f9303 100644 --- a/unittests/tools/test_api_vulners_parser.py +++ b/unittests/tools/test_api_vulners_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.api_vulners.parser import ApiVulnersParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestApiVulnersParser(DojoTestCase): def test_parse_many_findings(self): - with open("unittests/scans/api_vulners/report_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_vulners") / "report_many_vulns.json", encoding="utf-8") as testfile: parser = ApiVulnersParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -19,7 +19,7 @@ def test_parse_many_findings(self): self.assertEqual("CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", finding.cvssv3) def test_parse_one_finding(self): - with open("unittests/scans/api_vulners/report_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_vulners") / "report_one_vuln.json", encoding="utf-8") as testfile: parser = ApiVulnersParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -31,13 +31,13 @@ def test_parse_one_finding(self): self.assertEqual("CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", finding.cvssv3) def test_parse_no_finding(self): - with open("unittests/scans/api_vulners/report_no_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_vulners") / "report_no_vulns.json", encoding="utf-8") as testfile: parser = ApiVulnersParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_no_description(self): - with open("unittests/scans/api_vulners/report_no_description.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("api_vulners") / "report_no_description.json", encoding="utf-8") as testfile: parser = ApiVulnersParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_appcheck_web_application_scanner_parser.py b/unittests/tools/test_appcheck_web_application_scanner_parser.py index 9360eb9209..133b773d9a 100644 --- a/unittests/tools/test_appcheck_web_application_scanner_parser.py +++ b/unittests/tools/test_appcheck_web_application_scanner_parser.py @@ -1,7 +1,5 @@ import string -from django.test import TestCase - from dojo.models import Finding, Test from dojo.tools.appcheck_web_application_scanner.engines.appcheck import AppCheckScanningEngineParser from dojo.tools.appcheck_web_application_scanner.engines.base import ( @@ -12,18 +10,19 @@ ) from dojo.tools.appcheck_web_application_scanner.engines.nmap import NmapScanningEngineParser from dojo.tools.appcheck_web_application_scanner.parser import AppCheckWebApplicationScannerParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestAppCheckWebApplicationScannerParser(TestCase): +class TestAppCheckWebApplicationScannerParser(DojoTestCase): def test_appcheck_web_application_scanner_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("appcheck_web_application_scanner") / "appcheck_web_application_scanner_zero_vul.json", encoding="utf-8") as testfile: parser = AppCheckWebApplicationScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_appcheck_web_application_scanner_parser_with_one_criticle_vuln_has_one_findings(self): - with open("unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("appcheck_web_application_scanner") / "appcheck_web_application_scanner_one_vul.json", encoding="utf-8") as testfile: parser = AppCheckWebApplicationScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -57,7 +56,7 @@ def test_appcheck_web_application_scanner_parser_with_one_criticle_vuln_has_one_ self.assertEqual("0.0.0.1", endpoint.host) def test_appcheck_web_application_scanner_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("appcheck_web_application_scanner") / "appcheck_web_application_scanner_many_vul.json", encoding="utf-8") as testfile: parser = AppCheckWebApplicationScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) @@ -223,14 +222,14 @@ def test_appcheck_web_application_scanner_parser_with_many_vuln_has_many_finding self.assertEqual("ajax/ShelfEdgeLabel/ShelfEdgeLabelsPromotionalBatch", endpoint.path) def test_appcheck_web_application_scanner_parser_dupes(self): - with open("unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_dupes.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("appcheck_web_application_scanner") / "appcheck_web_application_scanner_dupes.json", encoding="utf-8") as testfile: parser = AppCheckWebApplicationScannerParser() findings = parser.get_findings(testfile, Test()) # Test has 5 entries, but we should only return 3 findings. self.assertEqual(3, len(findings)) def test_appcheck_web_application_scanner_parser_http2(self): - with open("unittests/scans/appcheck_web_application_scanner/appcheck_web_application_scanner_http2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("appcheck_web_application_scanner") / "appcheck_web_application_scanner_http2.json", encoding="utf-8") as testfile: parser = AppCheckWebApplicationScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_appspider_parser.py b/unittests/tools/test_appspider_parser.py index 207db2d2d6..2c70ee6a6c 100644 --- a/unittests/tools/test_appspider_parser.py +++ b/unittests/tools/test_appspider_parser.py @@ -1,9 +1,7 @@ -from os import path -from pathlib import Path from dojo.models import Engagement, Finding, Product, Test from dojo.tools.appspider.parser import AppSpiderParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAppSpiderParser(DojoTestCase): @@ -11,7 +9,7 @@ def test_appspider_parser_has_one_finding(self): test = Test() test.engagement = Engagement() test.engagement.product = Product() - testfile = open(path.join(Path(__file__).parent, "../scans/appspider/one_vuln.xml"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "appspider/one_vuln.xml", encoding="utf-8") parser = AppSpiderParser() findings = parser.get_findings(testfile, test) for finding in findings: diff --git a/unittests/tools/test_aqua_parser.py b/unittests/tools/test_aqua_parser.py index 3cb28ee7ee..380c18a2ed 100644 --- a/unittests/tools/test_aqua_parser.py +++ b/unittests/tools/test_aqua_parser.py @@ -2,18 +2,18 @@ from dojo.models import Test from dojo.tools.aqua.parser import AquaParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAquaParser(DojoTestCase): def test_aqua_parser_has_no_finding(self): - with open("unittests/scans/aqua/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "no_vuln.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_aqua_parser_has_one_finding(self): - with open("unittests/scans/aqua/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "one_vuln.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -30,13 +30,13 @@ def test_aqua_parser_has_one_finding(self): self.assertEqual("CVE-2019-14697", finding.unsaved_vulnerability_ids[0]) def test_aqua_parser_has_many_findings(self): - with open("unittests/scans/aqua/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "many_vulns.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(24, len(findings)) def test_aqua_parser_v2_has_one_finding(self): - with open("unittests/scans/aqua/one_v2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "one_v2.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -49,13 +49,13 @@ def test_aqua_parser_v2_has_one_finding(self): self.assertEqual("CVE-2019-15601", finding.unsaved_vulnerability_ids[0]) def test_aqua_parser_v2_has_many_findings(self): - with open("unittests/scans/aqua/many_v2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "many_v2.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_aqua_parser_cvssv3_has_no_finding(self): - with open("unittests/scans/aqua/many_v2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "many_v2.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) nb_cvssv3 = 0 @@ -66,7 +66,7 @@ def test_aqua_parser_cvssv3_has_no_finding(self): self.assertEqual(0, nb_cvssv3) def test_aqua_parser_cvssv3_has_many_findings(self): - with open("unittests/scans/aqua/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "many_vulns.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) nb_cvssv3 = 0 @@ -77,7 +77,7 @@ def test_aqua_parser_cvssv3_has_many_findings(self): self.assertEqual(16, nb_cvssv3) def test_aqua_parser_for_aqua_severity(self): - with open("unittests/scans/aqua/vulns_with_aqua_severity.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "vulns_with_aqua_severity.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) sevs = [] @@ -93,27 +93,27 @@ def test_aqua_parser_for_aqua_severity(self): self.assertEqual(7, d["Info"]) def test_aqua_parser_issue_10585(self): - with open("unittests/scans/aqua/issue_10585.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "issue_10585.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_aqua_parser_aqua_devops_issue_10611(self): - with open("unittests/scans/aqua/aqua_devops_issue_10611.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "aqua_devops_issue_10611.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(101, len(findings)) self.assertEqual("server.key - server.key (/juice-shop/node_modules/node-gyp/test/fixtures/server.key) ", findings[83].title) def test_aqua_parser_aqua_devops_issue_10849(self): - with open("unittests/scans/aqua/issue_10849.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "issue_10849.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0.0006, findings[0].epss_score) self.assertEqual(0.23474, findings[0].epss_percentile) def test_aqua_parser_aqua_devops_empty(self): - with open("unittests/scans/aqua/empty_aquadevops.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aqua") / "empty_aquadevops.json", encoding="utf-8") as testfile: parser = AquaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) diff --git a/unittests/tools/test_arachni_parser.py b/unittests/tools/test_arachni_parser.py index 266d45dc05..6e31186b7a 100644 --- a/unittests/tools/test_arachni_parser.py +++ b/unittests/tools/test_arachni_parser.py @@ -2,13 +2,13 @@ from dojo.models import Test from dojo.tools.arachni.parser import ArachniParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestArachniParser(DojoTestCase): def test_parser_has_one_finding(self): - with open("unittests/scans/arachni/arachni.afr.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("arachni") / "arachni.afr.json", encoding="utf-8") as testfile: parser = ArachniParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -23,7 +23,7 @@ def test_parser_has_one_finding(self): self.assertEqual(datetime.datetime(2017, 11, 14, 2, 57, 29, tzinfo=datetime.UTC), finding.date) def test_parser_has_many_finding(self): - with open("unittests/scans/arachni/dd.com.afr.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("arachni") / "dd.com.afr.json", encoding="utf-8") as testfile: parser = ArachniParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -54,7 +54,7 @@ def test_parser_has_many_finding(self): self.assertIn("server", finding.unsaved_tags) def test_parser_has_many_finding2(self): - with open("unittests/scans/arachni/js.com.afr.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("arachni") / "js.com.afr.json", encoding="utf-8") as testfile: parser = ArachniParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_asff_parser.py b/unittests/tools/test_asff_parser.py index fe01bb06cf..75a99be24c 100644 --- a/unittests/tools/test_asff_parser.py +++ b/unittests/tools/test_asff_parser.py @@ -1,14 +1,13 @@ import json -import os.path from datetime import datetime from dojo.models import Endpoint, Test from dojo.tools.asff.parser import AsffParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path(), "scans/asff", file_name) + return get_unit_tests_scans_path("asff") / file_name class TestAsffParser(DojoTestCase): diff --git a/unittests/tools/test_auditjs_parser.py b/unittests/tools/test_auditjs_parser.py index 4a367a7ca2..1df420952c 100644 --- a/unittests/tools/test_auditjs_parser.py +++ b/unittests/tools/test_auditjs_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.auditjs.parser import AuditJSParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAuditJSParser(DojoTestCase): def test_auditjs_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/auditjs/auditjs_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("auditjs") / "auditjs_zero_vul.json", encoding="utf-8") as testfile: parser = AuditJSParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_auditjs_parser_with_one_criticle_vuln_has_one_findings(self): - with open("unittests/scans/auditjs/auditjs_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("auditjs") / "auditjs_one_vul.json", encoding="utf-8") as testfile: parser = AuditJSParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -32,7 +32,7 @@ def test_auditjs_parser_with_one_criticle_vuln_has_one_findings(self): findings[0].references) def test_auditjs_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/auditjs/auditjs_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("auditjs") / "auditjs_many_vul.json", encoding="utf-8") as testfile: parser = AuditJSParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -59,7 +59,7 @@ def test_auditjs_parser_with_many_vuln_has_many_findings(self): def test_auditjs_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/auditjs/empty_with_error.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("auditjs") / "empty_with_error.json", encoding="utf-8") as testfile: parser = AuditJSParser() parser.get_findings(testfile, Test()) @@ -68,7 +68,7 @@ def test_auditjs_parser_empty_with_error(self): ) def test_auditjs_parser_with_package_name_has_namespace(self): - with open("unittests/scans/auditjs/auditjs_with_package_namespace.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("auditjs") / "auditjs_with_package_namespace.json", encoding="utf-8") as testfile: parser = AuditJSParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_aws_inspector2_parser.py b/unittests/tools/test_aws_inspector2_parser.py index f023bec88a..917b148762 100644 --- a/unittests/tools/test_aws_inspector2_parser.py +++ b/unittests/tools/test_aws_inspector2_parser.py @@ -1,20 +1,20 @@ from django.test import TestCase from dojo.models import Test -from dojo.tools.aws_inspector2.parser import AWSInspector2Parser +from dojo.tools.aws_inspector2.parser import AWSInspector2Parser, get_unit_tests_scans_path class TestAWSInspector2Parser(TestCase): def test_aws_inspector2_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/aws_inspector2/aws_inspector2_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aws_inspector2") / "aws_inspector2_zero_vul.json", encoding="utf-8") as testfile: parser = AWSInspector2Parser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_aws_inspector2_parser_with_one_vuln_has_one_findings(self): - with open("unittests/scans/aws_inspector2/aws_inspector2_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aws_inspector2") / "aws_inspector2_one_vul.json", encoding="utf-8") as testfile: parser = AWSInspector2Parser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -26,7 +26,7 @@ def test_aws_inspector2_parser_with_one_vuln_has_one_findings(self): self.assertEqual("Medium", findings[0].severity) def test_aws_inspector2_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/aws_inspector2/aws_inspector2_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aws_inspector2") / "aws_inspector2_many_vul.json", encoding="utf-8") as testfile: parser = AWSInspector2Parser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -37,7 +37,7 @@ def test_aws_inspector2_parser_with_many_vuln_has_many_findings(self): def test_aws_inspector2_parser_empty_with_error(self): with self.assertRaises(TypeError) as context: - with open("unittests/scans/aws_inspector2/empty_with_error.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("aws_inspector2") / "empty_with_error.json", encoding="utf-8") as testfile: parser = AWSInspector2Parser() parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_aws_prowler_parser.py b/unittests/tools/test_aws_prowler_parser.py index 91da95da6d..c24e0c5d37 100644 --- a/unittests/tools/test_aws_prowler_parser.py +++ b/unittests/tools/test_aws_prowler_parser.py @@ -2,7 +2,7 @@ from dojo.models import Test from dojo.tools.aws_prowler.parser import AWSProwlerParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAwsProwlerParser(DojoTestCase): @@ -14,12 +14,12 @@ def setup(self, testfile): def test_aws_prowler_parser_with_no_vuln_has_no_findings(self): findings = self.setup( - open("unittests/scans/aws_prowler/no_vuln.csv", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "no_vuln.csv", encoding="utf-8")) self.assertEqual(0, len(findings)) def test_aws_prowler_parser_with_critical_vuln_has_one_findings(self): findings = self.setup( - open("unittests/scans/aws_prowler/one_vuln.csv", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "one_vuln.csv", encoding="utf-8")) self.assertEqual(1, len(findings)) self.assertEqual( "Root user in the account wasn't accessed in the last 1 days", findings[0].title, @@ -27,7 +27,7 @@ def test_aws_prowler_parser_with_critical_vuln_has_one_findings(self): def test_aws_prowler_parser_with_many_vuln_has_many_findings(self): findings = self.setup( - open("unittests/scans/aws_prowler/many_vuln.csv", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "many_vuln.csv", encoding="utf-8")) self.assertEqual(4, len(findings)) self.assertEqual( "Root user in the account wasn't accessed in the last 1 days", findings[0].title) @@ -42,7 +42,7 @@ def test_aws_prowler_parser_with_many_vuln_has_many_findings(self): def test_aws_prowler_parser_with_many_vuln_has_many_findings2(self): findings = self.setup( - open("unittests/scans/aws_prowler/many_vuln2.csv", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "many_vuln2.csv", encoding="utf-8")) self.assertEqual(174, len(findings)) self.assertEqual("Root user in the account wasn't accessed in the last 1 days", findings[0].title) self.assertEqual("Info", findings[0].severity) @@ -52,7 +52,7 @@ def test_aws_prowler_parser_with_many_vuln_has_many_findings2(self): def test_aws_prowler_parser_issue4450(self): findings = self.setup( - open("unittests/scans/aws_prowler/issue4450.csv", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "issue4450.csv", encoding="utf-8")) self.assertEqual(4, len(findings)) with self.subTest(i=0): finding = findings[0] @@ -72,12 +72,12 @@ def test_aws_prowler_parser_issue4450(self): def test_aws_prowler_parser_with_no_vuln_has_no_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler/no_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "no_vuln.json", encoding="utf-8")) self.assertEqual(0, len(findings)) def test_aws_prowler_parser_with_critical_vuln_has_one_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler/one_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "one_vuln.json", encoding="utf-8")) self.assertEqual(1, len(findings)) self.assertEqual("eu-central-1: Only Virtual MFA is enabled for root", findings[0].title) self.assertIn("012345678912", findings[0].description) @@ -97,7 +97,7 @@ def test_aws_prowler_parser_with_critical_vuln_has_one_findings_json(self): def test_aws_prowler_parser_with_many_vuln_has_many_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler/many_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler") / "many_vuln.json", encoding="utf-8")) self.assertEqual(4, len(findings)) with self.subTest(i=0): self.assertEqual("eu-central-1: Only Virtual MFA is enabled for root", findings[0].title) diff --git a/unittests/tools/test_aws_prowler_v3plus_parser.py b/unittests/tools/test_aws_prowler_v3plus_parser.py index 5ef20b764a..db273f3bf7 100644 --- a/unittests/tools/test_aws_prowler_v3plus_parser.py +++ b/unittests/tools/test_aws_prowler_v3plus_parser.py @@ -2,7 +2,7 @@ from dojo.models import Test from dojo.tools.aws_prowler_v3plus.parser import AWSProwlerV3plusParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAwsProwlerV3plusParser(DojoTestCase): @@ -14,12 +14,12 @@ def setup(self, testfile): def test_aws_prowler_parser_with_no_vuln_has_no_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/no_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "no_vuln.json", encoding="utf-8")) self.assertEqual(0, len(findings)) def test_aws_prowler_parser_with_critical_vuln_has_one_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/one_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "one_vuln.json", encoding="utf-8")) self.assertEqual(1, len(findings)) self.assertEqual("prowler-aws-acm_certificates_expiration_check-999999999999-us-east-1-api.sandbox.partner.teste.com", findings[0].unique_id_from_tool) self.assertIn("Check if ACM Certificates are about to expire in specific days or less", findings[0].description) @@ -29,7 +29,7 @@ def test_aws_prowler_parser_with_critical_vuln_has_one_findings_json(self): def test_aws_prowler_parser_with_many_vuln_has_many_findings_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/many_vuln.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "many_vuln.json", encoding="utf-8")) self.assertEqual(3, len(findings)) with self.subTest(i=0): self.assertEqual("prowler-aws-acm_certificates_expiration_check-999999999999-us-east-1-api.teste.teste.com", findings[0].unique_id_from_tool) @@ -46,12 +46,12 @@ def test_aws_prowler_parser_with_many_vuln_has_many_findings_json(self): def test_aws_prowler_parser_with_no_vuln_has_no_findings_ocsf_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/no_vuln.ocsf.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "no_vuln.ocsf.json", encoding="utf-8")) self.assertEqual(0, len(findings)) def test_aws_prowler_parser_after_4_5_0_with_critical_vuln_has_one_findings_ocsf_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/one_vuln_after_4_5_0.ocsf.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "one_vuln_after_4_5_0.ocsf.json", encoding="utf-8")) self.assertEqual(1, len(findings)) self.assertEqual("prowler-aws-iam_role_administratoraccess_policy_permissive_trust_relationship-123456789012-us-east-1-myAdministratorExecutionRole", findings[0].unique_id_from_tool) self.assertIn("Ensure IAM Roles with attached AdministratorAccess policy have a well defined trust relationship", findings[0].description) @@ -61,7 +61,7 @@ def test_aws_prowler_parser_after_4_5_0_with_critical_vuln_has_one_findings_ocsf def test_aws_prowler_parser_after_4_5_0_with_many_vuln_has_many_findings_ocsf_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/many_vuln_after_4_5_0.ocsf.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "many_vuln_after_4_5_0.ocsf.json", encoding="utf-8")) self.assertEqual(2, len(findings)) with self.subTest(i=0): self.assertEqual("prowler-aws-iam_role_administratoraccess_policy_permissive_trust_relationship-123456789012-us-east-1-myAdministratorExecutionRole", findings[0].unique_id_from_tool) @@ -74,7 +74,7 @@ def test_aws_prowler_parser_after_4_5_0_with_many_vuln_has_many_findings_ocsf_js def test_aws_prowler_parser_with_critical_vuln_has_one_findings_ocsf_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/one_vuln.ocsf.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "one_vuln.ocsf.json", encoding="utf-8")) self.assertEqual(1, len(findings)) self.assertEqual("prowler-aws-iam_role_administratoraccess_policy_permissive_trust_relationship-123456789012-us-east-1-myAdministratorExecutionRole", findings[0].unique_id_from_tool) self.assertIn("Ensure IAM Roles with attached AdministratorAccess policy have a well defined trust relationship", findings[0].description) @@ -84,7 +84,7 @@ def test_aws_prowler_parser_with_critical_vuln_has_one_findings_ocsf_json(self): def test_aws_prowler_parser_with_many_vuln_has_many_findings_ocsf_json(self): findings = self.setup( - open("unittests/scans/aws_prowler_v3plus/many_vuln.ocsf.json", encoding="utf-8")) + open(get_unit_tests_scans_path("aws_prowler_v3plus") / "many_vuln.ocsf.json", encoding="utf-8")) self.assertEqual(2, len(findings)) with self.subTest(i=0): self.assertEqual("prowler-aws-iam_role_administratoraccess_policy_permissive_trust_relationship-123456789012-us-east-1-myAdministratorExecutionRole", findings[0].unique_id_from_tool) diff --git a/unittests/tools/test_awssecurityhub_parser.py b/unittests/tools/test_awssecurityhub_parser.py index 5885852b34..cf875c6aed 100644 --- a/unittests/tools/test_awssecurityhub_parser.py +++ b/unittests/tools/test_awssecurityhub_parser.py @@ -1,18 +1,18 @@ -import os.path + from dojo.models import Test from dojo.tools.awssecurityhub.parser import AwsSecurityHubParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name: str): - return os.path.join("/scans/awssecurityhub", file_name) + return get_unit_tests_scans_path("awssecurityhub") / file_name class TestAwsSecurityHubParser(DojoTestCase): def test_one_finding(self): - with open(get_unit_tests_path() + sample_path("config_one_finding.json"), encoding="utf-8") as test_file: + with open(sample_path("config_one_finding.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) @@ -23,7 +23,7 @@ def test_one_finding(self): self.assertEqual("https://docs.aws.amazon.com/console/securityhub/IAM.5/remediation", finding.references) def test_one_finding_active(self): - with open(get_unit_tests_path() + sample_path("config_one_finding_active.json"), encoding="utf-8") as test_file: + with open(sample_path("config_one_finding_active.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) @@ -33,7 +33,7 @@ def test_one_finding_active(self): self.assertTrue(finding.active) def test_many_findings(self): - with open(get_unit_tests_path() + sample_path("config_many_findings.json"), encoding="utf-8") as test_file: + with open(sample_path("config_many_findings.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(3, len(findings)) @@ -42,13 +42,13 @@ def test_many_findings(self): self.assertEqual("This is a Security Hub Finding \nThis AWS control checks whether AWS Multi-Factor Authentication (MFA) is enabled for all AWS Identity and Access Management (IAM) users that use a console password.\n**AWS Finding ARN:** arn:aws:securityhub:us-east-1:012345678912:subscription/aws-foundational-security-best-practices/v/1.0.0/IAM.5/finding/de861909-2d26-4e45-bd86-19d2ab6ceef1\n**Resource IDs:** AWS::::Account:012345678912\n**AwsAccountId:** 012345678912\n**Generator ID:** aws-foundational-security-best-practices/v/1.0.0/IAM.5\n", finding.description) def test_repeated_findings(self): - with open(get_unit_tests_path() + sample_path("config_repeated_findings.json"), encoding="utf-8") as test_file: + with open(sample_path("config_repeated_findings.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) def test_unique_id(self): - with open(get_unit_tests_path() + sample_path("config_one_finding.json"), encoding="utf-8") as test_file: + with open(sample_path("config_one_finding.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual( @@ -57,7 +57,7 @@ def test_unique_id(self): ) def test_inspector_ec2(self): - with open(get_unit_tests_path() + sample_path("inspector_ec2_cve.json"), encoding="utf-8") as test_file: + with open(sample_path("inspector_ec2_cve.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(5, len(findings)) @@ -71,7 +71,7 @@ def test_inspector_ec2(self): self.assertEqual("AwsEc2Instance arn:aws:ec2:us-east-1:XXXXXXXXXXXX:i-11111111111111111", endpoint.host) def test_inspector_ec2_with_no_vulnerabilities(self): - with open(get_unit_tests_path() + sample_path("inspector_ec2_cve_no_vulnerabilities.json"), encoding="utf-8") as test_file: + with open(sample_path("inspector_ec2_cve_no_vulnerabilities.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) @@ -79,7 +79,7 @@ def test_inspector_ec2_with_no_vulnerabilities(self): self.assertEqual(finding.component_name, "AwsEc2Instance") def test_inspector_ec2_ghsa(self): - with open(get_unit_tests_path() + sample_path("inspector_ec2_ghsa.json"), encoding="utf-8") as test_file: + with open(sample_path("inspector_ec2_ghsa.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) @@ -94,7 +94,7 @@ def test_inspector_ec2_ghsa(self): self.assertEqual("AwsEc2Instance arn:aws:ec2:eu-central-1:012345678912:instance/i-07c11cc535d830123", endpoint.host) def test_inspector_ecr(self): - with open(get_unit_tests_path() + sample_path("inspector_ecr.json"), encoding="utf-8") as test_file: + with open(sample_path("inspector_ecr.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(7, len(findings)) @@ -111,7 +111,7 @@ def test_inspector_ecr(self): self.assertEqual("AwsEcrContainerImage arn:aws:ecr:eu-central-1:123456789012:repository/repo-os/sha256:af965ef68c78374a5f987fce98c0ddfa45801df2395bf012c50b863e65978d74", endpoint.host) def test_guardduty(self): - with open(get_unit_tests_path() + sample_path("guardduty.json"), encoding="utf-8") as test_file: + with open(sample_path("guardduty.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(4, len(findings)) @@ -128,7 +128,7 @@ def test_guardduty(self): self.assertEqual("This is a GuardDuty Finding\nAPIs commonly used in Discovery tactics were invoked by user AssumedRole : 123123123, under anomalous circumstances. Such activity is not typically seen from this user.\n**AWS Finding ARN:** arn:aws:guardduty:us-east-1:123456789012:detector/123456789/finding/2123123123123\n**SourceURL:** [https://us-east-1.console.aws.amazon.com/guardduty/home?region=us-east-1#/findings?macros=current&fId=2123123123123](https://us-east-1.console.aws.amazon.com/guardduty/home?region=us-east-1#/findings?macros=current&fId=2123123123123)\n**AwsAccountId:** 123456789012\n**Region:** us-east-1\n**Generator ID:** arn:aws:guardduty:us-east-1:123456789012:detector/123456789\n", finding.description) def test_issue_10956(self): - with open(get_unit_tests_path() + sample_path("issue_10956.json"), encoding="utf-8") as test_file: + with open(sample_path("issue_10956.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) @@ -136,7 +136,7 @@ def test_issue_10956(self): self.assertEqual("0.00239", finding.epss_score) def test_missing_account_id(self): - with open(get_unit_tests_path() + sample_path("missing_account_id.json"), encoding="utf-8") as test_file: + with open(sample_path("missing_account_id.json"), encoding="utf-8") as test_file: parser = AwsSecurityHubParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_azure_security_center_recommendations_parser.py b/unittests/tools/test_azure_security_center_recommendations_parser.py index 3ee1beefe3..b61055fa07 100644 --- a/unittests/tools/test_azure_security_center_recommendations_parser.py +++ b/unittests/tools/test_azure_security_center_recommendations_parser.py @@ -2,19 +2,19 @@ from dojo.models import Test from dojo.tools.azure_security_center_recommendations.parser import AzureSecurityCenterRecommendationsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestAzureSecurityCenterRecommendationsParser(DojoTestCase): def test_parse_file_with_no_findings(self): - with open("unittests/scans/azure_security_center_recommendations/zero_vulns.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("azure_security_center_recommendations") / "zero_vulns.csv", encoding="utf-8") as testfile: parser = AzureSecurityCenterRecommendationsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_multiple_findings(self): - with open("unittests/scans/azure_security_center_recommendations/many_vulns.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("azure_security_center_recommendations") / "many_vulns.csv", encoding="utf-8") as testfile: parser = AzureSecurityCenterRecommendationsParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_bandit_parser.py b/unittests/tools/test_bandit_parser.py index 6e51768ced..5603d8ebfe 100644 --- a/unittests/tools/test_bandit_parser.py +++ b/unittests/tools/test_bandit_parser.py @@ -4,18 +4,18 @@ from dojo.models import Test from dojo.tools.bandit.parser import BanditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBanditParser(DojoTestCase): def test_bandit_parser_has_no_finding(self): - with open("unittests/scans/bandit/no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bandit") / "no_vuln.json", encoding="utf-8") as testfile: parser = BanditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_bandit_parser_has_one_finding(self): - with open("unittests/scans/bandit/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bandit") / "one_vuln.json", encoding="utf-8") as testfile: parser = BanditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -33,7 +33,7 @@ def test_bandit_parser_has_one_finding(self): self.assertIn("https://bandit.readthedocs.io/en/latest/plugins/b101_assert_used.html", item.references) def test_bandit_parser_has_many_findings(self): - with open("unittests/scans/bandit/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bandit") / "many_vulns.json", encoding="utf-8") as testfile: parser = BanditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(214, len(findings)) @@ -48,7 +48,7 @@ def test_bandit_parser_has_many_findings(self): self.assertIn("https://bandit.readthedocs.io/en/latest/plugins/b110_try_except_pass.html", item.references) def test_bandit_parser_has_many_findings_recent(self): - with open("unittests/scans/bandit/dd.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bandit") / "dd.json", encoding="utf-8") as testfile: parser = BanditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(47, len(findings)) @@ -62,7 +62,7 @@ def test_bandit_parser_has_many_findings_recent(self): self.assertEqual("Certain", item.get_scanner_confidence_text()) def test_bandit_parser_has_many_findings_recent2(self): - with open("unittests/scans/bandit/dd2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bandit") / "dd2.json", encoding="utf-8") as testfile: parser = BanditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(165, len(findings)) diff --git a/unittests/tools/test_bearer_cli_parser.py b/unittests/tools/test_bearer_cli_parser.py index 92a7b55098..afd74f4c06 100644 --- a/unittests/tools/test_bearer_cli_parser.py +++ b/unittests/tools/test_bearer_cli_parser.py @@ -1,13 +1,13 @@ from django.test import TestCase from dojo.models import Test -from dojo.tools.bearer_cli.parser import BearerCLIParser +from dojo.tools.bearer_cli.parser import BearerCLIParser, get_unit_tests_scans_path class TestBearerParser(TestCase): def test_bearer_parser_with_one_vuln_has_one_findings(self): - testfile = open("unittests/scans/bearer_cli/bearer_cli_one_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("bearer_cli") / "bearer_cli_one_vul.json", encoding="utf-8") parser = BearerCLIParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -21,7 +21,7 @@ def test_bearer_parser_with_one_vuln_has_one_findings(self): self.assertEqual(581, findings[0].line) def test_bearer_parser_with_many_vuln_has_many_findings(self): - testfile = open("unittests/scans/bearer_cli/bearer_cli_many_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("bearer_cli") / "bearer_cli_many_vul.json", encoding="utf-8") parser = BearerCLIParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_blackduck_binary_analysis_parser.py b/unittests/tools/test_blackduck_binary_analysis_parser.py index 92d92c111b..22a810cfce 100644 --- a/unittests/tools/test_blackduck_binary_analysis_parser.py +++ b/unittests/tools/test_blackduck_binary_analysis_parser.py @@ -1,19 +1,18 @@ -from pathlib import Path from dojo.models import Test from dojo.tools.blackduck_binary_analysis.parser import BlackduckBinaryAnalysisParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBlackduckBinaryAnalysisParser(DojoTestCase): def test_parse_no_vulns(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck_binary_analysis/no_vuln.csv") + testfile = get_unit_tests_scans_path("blackduck_binary_analysis") / "no_vuln.csv" parser = BlackduckBinaryAnalysisParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_vuln(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck_binary_analysis/one_vuln.csv") + testfile = get_unit_tests_scans_path("blackduck_binary_analysis") / "one_vuln.csv" parser = BlackduckBinaryAnalysisParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -46,7 +45,7 @@ def test_parse_one_vuln(self): self.assertIsNotNone(finding.unique_id_from_tool) def test_parse_many_vulns(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck_binary_analysis/many_vulns.csv") + testfile = get_unit_tests_scans_path("blackduck_binary_analysis") / "many_vulns.csv" parser = BlackduckBinaryAnalysisParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_blackduck_component_risk_parser.py b/unittests/tools/test_blackduck_component_risk_parser.py index ccb613ce9e..605c738281 100644 --- a/unittests/tools/test_blackduck_component_risk_parser.py +++ b/unittests/tools/test_blackduck_component_risk_parser.py @@ -1,16 +1,12 @@ -from pathlib import Path from dojo.models import Test from dojo.tools.blackduck_component_risk.parser import BlackduckComponentRiskParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBlackduckComponentRiskParser(DojoTestCase): def test_blackduck_enhanced_zip_upload(self): - testfile = Path( - get_unit_tests_path() + "/scans/blackduck_component_risk/" - "blackduck_hub_component_risk.zip", - ) + testfile = get_unit_tests_scans_path("blackduck_component_risk") / "blackduck_hub_component_risk.zip" parser = BlackduckComponentRiskParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) diff --git a/unittests/tools/test_blackduck_parser.py b/unittests/tools/test_blackduck_parser.py index d2d16c6942..aaa9b72318 100644 --- a/unittests/tools/test_blackduck_parser.py +++ b/unittests/tools/test_blackduck_parser.py @@ -1,25 +1,24 @@ -from pathlib import Path from dojo.models import Test from dojo.tools.blackduck.parser import BlackduckParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBlackduckHubParser(DojoTestCase): def test_blackduck_csv_parser_has_no_finding(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck/no_vuln.csv") + testfile = get_unit_tests_scans_path("blackduck") / "no_vuln.csv" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_blackduck_csv_parser_has_one_finding(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck/one_vuln.csv") + testfile = get_unit_tests_scans_path("blackduck") / "one_vuln.csv" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_blackduck_csv_parser_has_many_findings(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck/many_vulns.csv") + testfile = get_unit_tests_scans_path("blackduck") / "many_vulns.csv" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(24, len(findings)) @@ -32,7 +31,7 @@ def test_blackduck_csv_parser_has_many_findings(self): self.assertEqual(findings[2].component_version, "4.5.2") def test_blackduck_csv_parser_new_format_has_many_findings(self): - testfile = Path(get_unit_tests_path() + "/scans/blackduck/many_vulns_new_format.csv") + testfile = get_unit_tests_scans_path("blackduck") / "many_vulns_new_format.csv" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) findings = list(findings) @@ -43,17 +42,13 @@ def test_blackduck_csv_parser_new_format_has_many_findings(self): self.assertEqual(findings[2].component_version, "2.9.9.3") def test_blackduck_enhanced_has_many_findings(self): - testfile = Path( - get_unit_tests_path() + "/scans/blackduck/blackduck_enhanced_py3_unittest.zip", - ) + testfile = get_unit_tests_scans_path("blackduck") / "blackduck_enhanced_py3_unittest.zip" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(11, len(findings)) def test_blackduck_enhanced_zip_upload(self): - testfile = Path( - get_unit_tests_path() + "/scans/blackduck/blackduck_enhanced_py3_unittest_v2.zip", - ) + testfile = get_unit_tests_scans_path("blackduck") / "blackduck_enhanced_py3_unittest_v2.zip" parser = BlackduckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(11, len(findings)) diff --git a/unittests/tools/test_brakeman_parser.py b/unittests/tools/test_brakeman_parser.py index 185c7f2204..34b8cc1bc2 100644 --- a/unittests/tools/test_brakeman_parser.py +++ b/unittests/tools/test_brakeman_parser.py @@ -1,24 +1,24 @@ from dojo.models import Test from dojo.tools.brakeman.parser import BrakemanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBrakemanParser(DojoTestCase): def test_parse_file_no_finding(self): - with open("unittests/scans/brakeman/no_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("brakeman") / "no_finding.json", encoding="utf-8") as testfile: parser = BrakemanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_has_two_findings(self): - with open("unittests/scans/brakeman/two_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("brakeman") / "two_findings.json", encoding="utf-8") as testfile: parser = BrakemanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_file_has_many_findings(self): - with open("unittests/scans/brakeman/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("brakeman") / "many_findings.json", encoding="utf-8") as testfile: parser = BrakemanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(18, len(findings)) diff --git a/unittests/tools/test_bugcrowd_parser.py b/unittests/tools/test_bugcrowd_parser.py index 87a3083ffb..12e0a6b00d 100644 --- a/unittests/tools/test_bugcrowd_parser.py +++ b/unittests/tools/test_bugcrowd_parser.py @@ -2,13 +2,13 @@ from dojo.models import Test from dojo.tools.bugcrowd.parser import BugCrowdParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBugCrowdParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/bugcrowd/BugCrowd-zero.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bugcrowd") / "BugCrowd-zero.csv", encoding="utf-8") as testfile: parser = BugCrowdParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -17,7 +17,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/bugcrowd/BugCrowd-one.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bugcrowd") / "BugCrowd-one.csv", encoding="utf-8") as testfile: parser = BugCrowdParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -27,7 +27,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual(findings[0].date, datetime(2020, 3, 1, 6, 15, 6, tzinfo=UTC)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/bugcrowd/BugCrowd-many.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("bugcrowd") / "BugCrowd-many.csv", encoding="utf-8") as testfile: parser = BugCrowdParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_bundler_audit_parser.py b/unittests/tools/test_bundler_audit_parser.py index 2fa4b4bc31..3c1fc5328d 100644 --- a/unittests/tools/test_bundler_audit_parser.py +++ b/unittests/tools/test_bundler_audit_parser.py @@ -1,14 +1,12 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.bundler_audit.parser import BundlerAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBundlerAuditParser(DojoTestCase): def test_get_findings(self): - with open(path.join(Path(__file__).parent, "../scans/bundler_audit/bundler-audit_v0.6.1.txt"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "bundler_audit/bundler-audit_v0.6.1.txt", encoding="utf-8") as testfile: parser = BundlerAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -30,7 +28,7 @@ def test_get_findings(self): self.assertEqual("2.2.3", finding.component_version) def test_get_findings_version9(self): - with open(path.join(Path(__file__).parent, "../scans/bundler_audit/version_9.0.txt"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "bundler_audit/version_9.0.txt", encoding="utf-8") as testfile: parser = BundlerAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) diff --git a/unittests/tools/test_burp_api_parser.py b/unittests/tools/test_burp_api_parser.py index af34ecac7a..34765d3626 100644 --- a/unittests/tools/test_burp_api_parser.py +++ b/unittests/tools/test_burp_api_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.burp_api.parser import BurpApiParser, convert_confidence, convert_severity -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestParser(DojoTestCase): def test_example_report(self): - testfile = get_unit_tests_path() + "/scans/burp_api/example.json" + testfile = get_unit_tests_scans_path() / "/burp_api/example.json" with open(testfile, encoding="utf-8") as f: parser = BurpApiParser() findings = parser.get_findings(f, Test()) @@ -24,7 +24,7 @@ def test_example_report(self): self.assertIsNotNone(item.impact) def test_validate_more(self): - testfile = get_unit_tests_path() + "/scans/burp_api/many_vulns.json" + testfile = get_unit_tests_scans_path() / "/burp_api/many_vulns.json" with open(testfile, encoding="utf-8") as f: parser = BurpApiParser() findings = parser.get_findings(f, Test()) @@ -61,7 +61,7 @@ def test_convert_confidence(self): self.assertIsNone(convert_confidence({})) def test_fix_issue_9128(self): - testfile = get_unit_tests_path() + "/scans/burp_api/fix_issue_9128.json" + testfile = get_unit_tests_scans_path() / "/burp_api/fix_issue_9128.json" with open(testfile, encoding="utf-8") as f: parser = BurpApiParser() findings = parser.get_findings(f, Test()) diff --git a/unittests/tools/test_burp_dastardly_parser.py b/unittests/tools/test_burp_dastardly_parser.py index 8bf959b23c..4040fc837d 100644 --- a/unittests/tools/test_burp_dastardly_parser.py +++ b/unittests/tools/test_burp_dastardly_parser.py @@ -1,15 +1,13 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.burp_dastardly.parser import BurpDastardlyParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBurpParser(DojoTestCase): def test_burp_dastardly_multiple_findings(self): - with open(path.join(Path(__file__).parent, "../scans/burp_dastardly/many_findings.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_dastardly/many_findings.xml", encoding="utf-8") as test_file: parser = BurpDastardlyParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_enterprise_parser.py b/unittests/tools/test_burp_enterprise_parser.py index cc0ce744e0..229fbcafbc 100644 --- a/unittests/tools/test_burp_enterprise_parser.py +++ b/unittests/tools/test_burp_enterprise_parser.py @@ -1,15 +1,13 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.burp_enterprise.parser import BurpEnterpriseParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBurpEnterpriseParser(DojoTestCase): def test_burp_enterprise_with_multiple_vulns(self): - with open(path.join(Path(__file__).parent, "../scans/burp_enterprise/many_vulns.html"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_enterprise/many_vulns.html", encoding="utf-8") as test_file: parser = BurpEnterpriseParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -38,7 +36,7 @@ def test_burp_enterprise_with_multiple_vulns(self): self.assertIn("**Issue detail**:\nFingerprint Details:\n\nWAF Type : redacted\nWAF tech. details : Cloud-based CDN, WAF & DDoS prevention", finding.description) def test_burp_enterprise_with_multiple_vulns_newer_format(self): - with open(path.join(Path(__file__).parent, "../scans/burp_enterprise/many_vulns_updated_format.html"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_enterprise/many_vulns_updated_format.html", encoding="utf-8") as test_file: parser = BurpEnterpriseParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_graphql_parser.py b/unittests/tools/test_burp_graphql_parser.py index e163c52fea..91db9cd232 100644 --- a/unittests/tools/test_burp_graphql_parser.py +++ b/unittests/tools/test_burp_graphql_parser.py @@ -1,15 +1,13 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.burp_graphql.parser import BurpGraphQLParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBurpGraphQLParser(DojoTestCase): def test_burp_one_finding(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/one_finding.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/one_finding.json", encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -34,7 +32,7 @@ def test_burp_one_finding(self): self.assertIn("CWE-79", findings[0].references) def test_burp_two_findings(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/two_findings.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/two_findings.json", encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -50,27 +48,27 @@ def test_burp_two_findings(self): self.assertIn("description 3", findings[1].description) def test_burp_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/no_findings.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/no_findings.json", encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(0, len(findings)) def test_burp_null_title(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_title.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/null_title.json", encoding="utf-8") as test_file: with self.assertRaises(ValueError): parser = BurpGraphQLParser() parser.get_findings(test_file, Test()) def test_burp_null_request_segments(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_request_segments.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/null_request_segments.json", encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(1, len(findings)) def test_burp_null_data(self): - with open(path.join(Path(__file__).parent, "../scans/burp_graphql/null_data.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp_graphql/null_data.json", encoding="utf-8") as test_file: parser = BurpGraphQLParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_burp_parser.py b/unittests/tools/test_burp_parser.py index a75ea4f914..011252d2f0 100644 --- a/unittests/tools/test_burp_parser.py +++ b/unittests/tools/test_burp_parser.py @@ -1,15 +1,13 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.burp.parser import BurpParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestBurpParser(DojoTestCase): def test_burp_with_one_vuln_has_one_finding(self): - with open(path.join(Path(__file__).parent, "../scans/burp/one_finding.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp/one_finding.xml", encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -21,7 +19,7 @@ def test_burp_with_one_vuln_has_one_finding(self): self.assertEqual(3, len(findings[0].unsaved_endpoints)) def test_burp_with_multiple_vulns_has_multiple_findings(self): - with open(path.join(Path(__file__).parent, "../scans/burp/seven_findings.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp/seven_findings.xml", encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -35,7 +33,7 @@ def test_burp_with_multiple_vulns_has_multiple_findings(self): self.assertEqual("Frameable response (potential Clickjacking)", finding.title) def test_burp_with_one_vuln_with_blank_response(self): - with open(path.join(Path(__file__).parent, "../scans/burp/one_finding_with_blank_response.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp/one_finding_with_blank_response.xml", encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -51,7 +49,7 @@ def test_burp_with_one_vuln_with_blank_response(self): self.assertEqual("High", findings[0].severity) def test_burp_with_one_vuln_with_cwe(self): - with open(path.join(Path(__file__).parent, "../scans/burp/one_finding_with_cwe.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp/one_finding_with_cwe.xml", encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: @@ -67,7 +65,7 @@ def test_burp_with_one_vuln_with_cwe(self): self.assertEqual("Info", findings[0].severity) def test_burp_issue4399(self): - with open(path.join(Path(__file__).parent, "../scans/burp/issue4399.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "burp/issue4399.xml", encoding="utf-8") as test_file: parser = BurpParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_cargo_audit_parser.py b/unittests/tools/test_cargo_audit_parser.py index d8c4ac7fd2..556aab0b9e 100644 --- a/unittests/tools/test_cargo_audit_parser.py +++ b/unittests/tools/test_cargo_audit_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.cargo_audit.parser import CargoAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCargoAuditParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/cargo_audit/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cargo_audit") / "no_findings.json", encoding="utf-8") as testfile: parser = CargoAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/cargo_audit/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cargo_audit") / "many_findings.json", encoding="utf-8") as testfile: parser = CargoAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) diff --git a/unittests/tools/test_checkmarx_one_parser.py b/unittests/tools/test_checkmarx_one_parser.py index 2c1efcce11..0039c09db1 100644 --- a/unittests/tools/test_checkmarx_one_parser.py +++ b/unittests/tools/test_checkmarx_one_parser.py @@ -3,7 +3,7 @@ from dojo.models import Test from dojo.tools.checkmarx_one.parser import CheckmarxOneParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path logger = logging.getLogger(__name__) @@ -11,7 +11,7 @@ class TestCheckmarxOneParser(DojoTestCase): def test_checkmarx_one_many_vulns(self): - with open("unittests/scans/checkmarx_one/checkmarx_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "checkmarx_one.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -29,13 +29,13 @@ def test_checkmarx_one_many_vulns(self): self.assertEqual("/src/helpers/Constants.ts", finding_test.file_path) def test_checkmarx_one_no_findings(self): - with open("unittests/scans/checkmarx_one/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "no_findings.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_checkmarx_one_many_findings(self): - with open("unittests/scans/checkmarx_one/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "many_findings.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) @@ -52,7 +52,7 @@ def test_checkmarx_one_many_findings(self): self.assertEqual("/qe/testharness/Dockerfile", finding_test.file_path) def test_checkmarx_one_sca_10770(self): - with open("unittests/scans/checkmarx_one/checkmarx_one_sca_10770.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "checkmarx_one_sca_10770.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) @@ -69,7 +69,7 @@ def test_checkmarx_one_sca_10770(self): self.assertEqual(89, finding_test.cwe) def test_checkmarx_one_no_description(self): - with open("unittests/scans/checkmarx_one/checkmarx_one_format_two.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "checkmarx_one_format_two.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -135,7 +135,7 @@ def test_sca_finding(finding): # Not implemented yet pass - with open("unittests/scans/checkmarx_one/vulnerabilities_from_scan_results.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkmarx_one") / "vulnerabilities_from_scan_results.json", encoding="utf-8") as testfile: parser = CheckmarxOneParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(146, len(findings)) diff --git a/unittests/tools/test_checkmarx_osa_parser.py b/unittests/tools/test_checkmarx_osa_parser.py index 74592b5124..3a696f7a4a 100644 --- a/unittests/tools/test_checkmarx_osa_parser.py +++ b/unittests/tools/test_checkmarx_osa_parser.py @@ -2,7 +2,7 @@ from dojo.models import Engagement, Product, Test from dojo.tools.checkmarx_osa.parser import CheckmarxOsaParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCheckmarxOsaParser(DojoTestCase): @@ -28,7 +28,7 @@ def test_checkmarx_osa_parse_file_with_no_vulnerabilities_has_no_findings( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/no_finding.json", + get_unit_tests_scans_path("checkmarx_osa") / "no_finding.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -42,7 +42,7 @@ def test_checkmarx_osa_parse_file_with_single_vulnerability_has_single_finding( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -94,7 +94,7 @@ def test_checkmarx_osa_parse_file_with_false_positive_is_false_positive( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding_false_positive.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding_false_positive.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -115,7 +115,7 @@ def test_checkmarx_osa_parse_file_with_confirmed_is_verified( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding_confirmed.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding_confirmed.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -136,7 +136,7 @@ def test_checkmarx_osa_parse_file_with_multiple_findings( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/multiple_findings.json", + get_unit_tests_scans_path("checkmarx_osa") / "multiple_findings.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -150,7 +150,7 @@ def test_checkmarx_osa_parse_file_with_no_score( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding_no_score.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding_no_score.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -166,7 +166,7 @@ def test_checkmarx_osa_parse_file_with_no_url( self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding_no_url.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding_no_url.json", ) parser = CheckmarxOsaParser() findings = parser.get_findings(my_file_handle, test) @@ -183,7 +183,7 @@ def test_checkmarx_osa_parse_file_with_no_libraryId_raises_ValueError( ): with self.assertRaises(ValueError) as context: my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx_osa/single_finding_no_libraryId.json", + get_unit_tests_scans_path("checkmarx_osa") / "single_finding_no_libraryId.json", ) with my_file_handle: parser = CheckmarxOsaParser() diff --git a/unittests/tools/test_checkmarx_parser.py b/unittests/tools/test_checkmarx_parser.py index 322b28faa3..50d830936e 100644 --- a/unittests/tools/test_checkmarx_parser.py +++ b/unittests/tools/test_checkmarx_parser.py @@ -4,7 +4,7 @@ from dojo.models import Engagement, Product, Test from dojo.tools.checkmarx.parser import CheckmarxParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCheckmarxParser(DojoTestCase): @@ -30,7 +30,7 @@ def teardown(self, my_file_handle): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_no_vulnerabilities_has_no_findings(self, mock): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/no_finding.xml", + get_unit_tests_scans_path("checkmarx") / "no_finding.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -41,7 +41,7 @@ def test_file_name_aggregated_parse_file_with_no_vulnerabilities_has_no_findings def test_detailed_parse_file_with_no_vulnerabilities_has_no_findings(self, mock): """Checkmarx detailed scanner, with all vulnerabilities from checkmarx""" my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/no_finding.xml", + get_unit_tests_scans_path("checkmarx") / "no_finding.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -52,7 +52,7 @@ def test_detailed_parse_file_with_no_vulnerabilities_has_no_findings(self, mock) @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_single_vulnerability_has_single_finding(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_finding.xml", + get_unit_tests_scans_path("checkmarx") / "single_finding.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -80,7 +80,7 @@ def test_file_name_aggregated_parse_file_with_single_vulnerability_has_single_fi @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_single_vulnerability_has_single_finding(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_finding.xml", + get_unit_tests_scans_path("checkmarx") / "single_finding.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -214,7 +214,7 @@ def check_parse_file_with_single_vulnerability_has_single_finding(self, findings @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_false_positive_is_false_positive(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_finding_false_positive.xml", + get_unit_tests_scans_path("checkmarx") / "single_finding_false_positive.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -226,7 +226,7 @@ def test_file_name_aggregated_parse_file_with_false_positive_is_false_positive(s @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_false_positive_is_false_positive(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_finding_false_positive.xml", + get_unit_tests_scans_path("checkmarx") / "single_finding_false_positive.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -255,7 +255,7 @@ def check_parse_file_with_false_positive_is_false_positive(self, findings): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_two_aggregated_findings_one_is_false_p(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/two_aggregated_findings_one_is_false_positive.xml", + get_unit_tests_scans_path("checkmarx") / "two_aggregated_findings_one_is_false_positive.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -281,7 +281,7 @@ def test_file_name_aggregated_parse_file_with_two_aggregated_findings_one_is_fal @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_multiple_vulnerabilities_has_multiple_findings(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -300,7 +300,7 @@ def test_file_name_aggregated_parse_file_with_multiple_vulnerabilities_has_multi @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_multiple_vulnerabilities_has_multiple_findings(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -323,7 +323,7 @@ def test_detailed_parse_file_with_multiple_vulnerabilities_has_multiple_findings @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_different_sourceFilename_same_sinkFilename_is_aggregated(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings_different_sourceFilename_same_sinkFilename.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings_different_sourceFilename_same_sinkFilename.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -337,7 +337,7 @@ def test_file_name_aggregated_parse_file_with_different_sourceFilename_same_sink @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_different_sourceFilename_same_sinkFilename_is_not_aggregated(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings_different_sourceFilename_same_sinkFilename.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings_different_sourceFilename_same_sinkFilename.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -354,7 +354,7 @@ def test_detailed_parse_file_with_different_sourceFilename_same_sinkFilename_is_ @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_same_sourceFilename_different_sinkFilename_is_not_aggregated(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings_same_sourceFilename_different_sinkFilename.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings_same_sourceFilename_different_sinkFilename.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -366,7 +366,7 @@ def test_file_name_aggregated_parse_file_with_same_sourceFilename_different_sink @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_same_sourceFilename_different_sinkFilename_is_not_aggregated(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings_same_sourceFilename_different_sinkFilename.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings_same_sourceFilename_different_sinkFilename.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -381,7 +381,7 @@ def test_detailed_parse_file_with_same_sourceFilename_different_sinkFilename_is_ @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_utf8_replacement_char(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/utf8_replacement_char.xml", + get_unit_tests_scans_path("checkmarx") / "utf8_replacement_char.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -409,7 +409,7 @@ def test_file_name_aggregated_parse_file_with_utf8_replacement_char(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_utf8_replacement_char(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/utf8_replacement_char.xml", + get_unit_tests_scans_path("checkmarx") / "utf8_replacement_char.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -527,7 +527,7 @@ def check_parse_file_with_utf8_replacement_char(self, findings): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_name_aggregated_parse_file_with_utf8_various_non_ascii_char(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/utf8_various_non_ascii_char.xml", + get_unit_tests_scans_path("checkmarx") / "utf8_various_non_ascii_char.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -555,7 +555,7 @@ def test_file_name_aggregated_parse_file_with_utf8_various_non_ascii_char(self, @patch("dojo.tools.checkmarx.parser.add_language") def test_detailed_parse_file_with_utf8_various_non_ascii_char(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/utf8_various_non_ascii_char.xml", + get_unit_tests_scans_path("checkmarx") / "utf8_various_non_ascii_char.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -673,7 +673,7 @@ def check_parse_file_with_utf8_various_non_ascii_char(self, findings): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_with_multiple_findings_is_aggregated_with_query_id(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings_same_query_id.xml", + get_unit_tests_scans_path("checkmarx") / "multiple_findings_same_query_id.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -693,7 +693,7 @@ def test_file_with_multiple_findings_is_aggregated_with_query_id(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_with_empty_filename(self, mock): my_file_handle, product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_no_filename.xml", + get_unit_tests_scans_path("checkmarx") / "single_no_filename.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -713,7 +713,7 @@ def test_file_with_empty_filename(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_with_many_aggregated_findings(self, mock): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/many_aggregated_findings.xml", + get_unit_tests_scans_path("checkmarx") / "many_aggregated_findings.xml", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, test) @@ -730,7 +730,7 @@ def test_file_with_many_aggregated_findings(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_with_many_findings_json(self, mock): my_file_handle, _product, _engagement, _test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings.json", + get_unit_tests_scans_path("checkmarx") / "multiple_findings.json", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, Test()) @@ -764,7 +764,7 @@ def test_file_with_many_findings_json(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_file_issue6956(self, mock): my_file_handle, _product, _engagement, _test = self.init( - get_unit_tests_path() + "/scans/checkmarx/sample_report.json", + get_unit_tests_scans_path("checkmarx") / "sample_report.json", ) parser = CheckmarxParser() findings = parser.get_findings(my_file_handle, Test()) @@ -827,7 +827,7 @@ def test_file_issue6956(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_finding_date_should_be_date_xml(self, mock): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/single_finding.xml", + get_unit_tests_scans_path("checkmarx") / "single_finding.xml", ) parser = CheckmarxParser() parser.set_mode("detailed") @@ -838,7 +838,7 @@ def test_finding_date_should_be_date_xml(self, mock): @patch("dojo.tools.checkmarx.parser.add_language") def test_finding_date_should_be_date_json(self, mock): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/checkmarx/multiple_findings.json", + get_unit_tests_scans_path("checkmarx") / "multiple_findings.json", ) parser = CheckmarxParser() parser.set_mode("detailed") diff --git a/unittests/tools/test_checkov_parser.py b/unittests/tools/test_checkov_parser.py index 9e4cd58cbd..5980c4ac83 100644 --- a/unittests/tools/test_checkov_parser.py +++ b/unittests/tools/test_checkov_parser.py @@ -1,36 +1,36 @@ from dojo.models import Test from dojo.tools.checkov.parser import CheckovParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCheckovParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/checkov/checkov-report-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov-report-0-vuln.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_no_vuln_has_no_findings_v2(self): - with open("unittests/scans/checkov/checkov2-report-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov2-report-0-vuln.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/checkov/checkov-report-1-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov-report-1-vuln.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/checkov/checkov-report-many-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov-report-many-vuln.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) self.assertGreater(len(findings), 2) def test_parse_file_with_multiple_check_type_has_multiple_check_type(self): - with open("unittests/scans/checkov/checkov-report-multiple-check_type.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov-report-multiple-check_type.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) @@ -80,7 +80,7 @@ def test_parse_file_with_multiple_check_type_has_multiple_check_type(self): ) def test_parse_file_with_specified_severity(self): - with open("unittests/scans/checkov/checkov-report-severity.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("checkov") / "checkov-report-severity.json", encoding="utf-8") as testfile: parser = CheckovParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) diff --git a/unittests/tools/test_chefinspect_parser.py b/unittests/tools/test_chefinspect_parser.py index 65aa626281..ba4e5a4e21 100644 --- a/unittests/tools/test_chefinspect_parser.py +++ b/unittests/tools/test_chefinspect_parser.py @@ -1,24 +1,24 @@ from dojo.models import Test from dojo.tools.chefinspect.parser import ChefInspectParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestChefInspectParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/chefinspect/no_finding.log", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("chefinspect") / "no_finding.log", encoding="utf-8") as testfile: parser = ChefInspectParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/chefinspect/one_finding.log", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("chefinspect") / "one_finding.log", encoding="utf-8") as testfile: parser = ChefInspectParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/chefinspect/many_findings.log", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("chefinspect") / "many_findings.log", encoding="utf-8") as testfile: parser = ChefInspectParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(10, len(findings)) diff --git a/unittests/tools/test_clair_parser.py b/unittests/tools/test_clair_parser.py index 858215fab6..2712d1cbc4 100644 --- a/unittests/tools/test_clair_parser.py +++ b/unittests/tools/test_clair_parser.py @@ -1,25 +1,25 @@ from dojo.tools.clair.parser import ClairParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestClairParser(DojoTestCase): def test_no_findings_clair(self): - my_file_handle = open("unittests/scans/clair/clair_empty.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clair_empty.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() self.assertEqual(0, len(findings)) def test_few_findings_clair(self): - my_file_handle = open("unittests/scans/clair/clair_few_vuln.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clair_few_vuln.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() self.assertEqual(4, len(findings)) def test_many_findings_clair(self): - my_file_handle = open("unittests/scans/clair/clair_many_vul.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clair_many_vul.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() @@ -32,21 +32,21 @@ def test_many_findings_clair(self): self.assertEqual("CVE-2018-20839", finding.unsaved_vulnerability_ids[0]) def test_parse_no_content_no_findings_clairklar(self): - my_file_handle = open("unittests/scans/clair/clairklar_empty.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clairklar_empty.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() self.assertEqual(0, len(findings)) def test_high_findings_clairklar(self): - my_file_handle = open("unittests/scans/clair/clairklar_high.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clairklar_high.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() self.assertEqual(6, len(findings)) def test_mixed_findings_clairklar(self): - my_file_handle = open("unittests/scans/clair/clairklar_mixed.json", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("clair") / "clairklar_mixed.json", encoding="utf-8") parser = ClairParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() diff --git a/unittests/tools/test_cloudsploit_parser.py b/unittests/tools/test_cloudsploit_parser.py index a919b03ff9..885b017ee4 100644 --- a/unittests/tools/test_cloudsploit_parser.py +++ b/unittests/tools/test_cloudsploit_parser.py @@ -1,26 +1,26 @@ from dojo.models import Test from dojo.tools.cloudsploit.parser import CloudsploitParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCloudsploitParser(DojoTestCase): def test_cloudsploit_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/cloudsploit/cloudsploit_zero_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("cloudsploit") / "cloudsploit_zero_vul.json", encoding="utf-8") parser = CloudsploitParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_cloudsploit_parser_with_one_criticle_vuln_has_one_findings(self): - testfile = open("unittests/scans/cloudsploit/cloudsploit_one_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("cloudsploit") / "cloudsploit_one_vul.json", encoding="utf-8") parser = CloudsploitParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(1, len(findings)) def test_cloudsploit_parser_with_many_vuln_has_many_findings(self): - testfile = open("unittests/scans/cloudsploit/cloudsploit_many_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("cloudsploit") / "cloudsploit_many_vul.json", encoding="utf-8") parser = CloudsploitParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_cobalt_parser.py b/unittests/tools/test_cobalt_parser.py index ad93c3a83e..bfec5fe50e 100644 --- a/unittests/tools/test_cobalt_parser.py +++ b/unittests/tools/test_cobalt_parser.py @@ -1,25 +1,25 @@ from dojo.models import Test from dojo.tools.cobalt.parser import CobaltParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCobaltParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/cobalt/cobalt_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cobalt") / "cobalt_no_vuln.csv", encoding="utf-8") as testfile: parser = CobaltParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/cobalt/cobalt_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cobalt") / "cobalt_one_vuln.csv", encoding="utf-8") as testfile: parser = CobaltParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/cobalt/cobalt_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cobalt") / "cobalt_many_vuln.csv", encoding="utf-8") as testfile: parser = CobaltParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) diff --git a/unittests/tools/test_codechecker_parser.py b/unittests/tools/test_codechecker_parser.py index 4f81bca457..ff6c7125e4 100644 --- a/unittests/tools/test_codechecker_parser.py +++ b/unittests/tools/test_codechecker_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.codechecker.parser import CodeCheckerParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCodeCheckerParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/codechecker/cc-report-0-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("codechecker") / "cc-report-0-vuln.json", encoding="utf-8", ) as testfile: parser = CodeCheckerParser() findings = parser.get_findings(testfile, Test()) @@ -15,7 +15,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): def test_parse_file_with_one_vuln_has_one_finding(self): with open( - get_unit_tests_path() + "/scans/codechecker/cc-report-1-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("codechecker") / "cc-report-1-vuln.json", encoding="utf-8", ) as testfile: parser = CodeCheckerParser() findings = parser.get_findings(testfile, Test()) @@ -33,7 +33,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): def test_parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/codechecker/cc-report-many-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("codechecker") / "cc-report-many-vuln.json", encoding="utf-8", ) as testfile: parser = CodeCheckerParser() findings = parser.get_findings(testfile, Test()) @@ -60,7 +60,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): def test_parse_file_with_various_review_statuses(self): with open( - get_unit_tests_path() + "/scans/codechecker/cc-report-review-status.json", encoding="utf-8", + get_unit_tests_scans_path("codechecker") / "cc-report-review-status.json", encoding="utf-8", ) as testfile: parser = CodeCheckerParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_contrast_parser.py b/unittests/tools/test_contrast_parser.py index 479da4d473..421ec7d294 100644 --- a/unittests/tools/test_contrast_parser.py +++ b/unittests/tools/test_contrast_parser.py @@ -2,7 +2,7 @@ from dojo.models import Engagement, Product, Test from dojo.tools.contrast.parser import ContrastParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestContrastParser(DojoTestCase): @@ -11,7 +11,7 @@ def test_example_report(self): test = Test() test.engagement = Engagement() test.engagement.product = Product() - with open("unittests/scans/contrast/contrast-node-goat.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("contrast") / "contrast-node-goat.csv", encoding="utf-8") as testfile: parser = ContrastParser() findings = parser.get_findings(testfile, test) for finding in findings: @@ -56,7 +56,7 @@ def test_example2_report(self): test = Test() test.engagement = Engagement() test.engagement.product = Product() - with open("unittests/scans/contrast/vulnerabilities2020-09-21.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("contrast") / "vulnerabilities2020-09-21.csv", encoding="utf-8") as testfile: parser = ContrastParser() findings = parser.get_findings(testfile, test) for finding in findings: diff --git a/unittests/tools/test_coverity_api_parser.py b/unittests/tools/test_coverity_api_parser.py index f6f468cfa0..9be4e0d125 100644 --- a/unittests/tools/test_coverity_api_parser.py +++ b/unittests/tools/test_coverity_api_parser.py @@ -2,31 +2,31 @@ from dojo.models import Test from dojo.tools.coverity_api.parser import CoverityApiParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestZapParser(DojoTestCase): def test_parse_wrong_file(self): with self.assertRaises(ValueError): - with open("unittests/scans/coverity_api/wrong.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "wrong.json", encoding="utf-8") as testfile: parser = CoverityApiParser() parser.get_findings(testfile, Test()) def test_parse_no_findings(self): - with open("unittests/scans/coverity_api/empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "empty.json", encoding="utf-8") as testfile: parser = CoverityApiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_only_quality(self): """This report only have quality findings""" - with open("unittests/scans/coverity_api/only_quality.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "only_quality.json", encoding="utf-8") as testfile: parser = CoverityApiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_some_findings(self): - with open("unittests/scans/coverity_api/few_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "few_findings.json", encoding="utf-8") as testfile: parser = CoverityApiParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -43,7 +43,7 @@ def test_parse_some_findings(self): self.assertEqual(22463, finding.unique_id_from_tool) def test_parse_few_findings_triaged_as_bug(self): - with open("unittests/scans/coverity_api/few_findings_triaged_as_bug.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "few_findings_triaged_as_bug.json", encoding="utf-8") as testfile: parser = CoverityApiParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -60,7 +60,7 @@ def test_parse_few_findings_triaged_as_bug(self): self.assertEqual(22248, finding.unique_id_from_tool) def test_parse_some_findings_mitigated(self): - with open("unittests/scans/coverity_api/few_findings_mitigated.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("coverity_api") / "few_findings_mitigated.json", encoding="utf-8") as testfile: parser = CoverityApiParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) diff --git a/unittests/tools/test_coverity_scan_parser.py b/unittests/tools/test_coverity_scan_parser.py index c3720884e8..c5bcb59442 100644 --- a/unittests/tools/test_coverity_scan_parser.py +++ b/unittests/tools/test_coverity_scan_parser.py @@ -1,20 +1,20 @@ from dojo.models import Test from dojo.tools.coverity_scan.parser import CoverityScanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -SCANS_PATH = "unittests/scans/coverity_scan/" +SCANS_PATH = get_unit_tests_scans_path("coverity_scan") class TestCoverityScanParser(DojoTestCase): def test_parse_no_findings(self): - with open(f"{SCANS_PATH}/no_vuln.json", encoding="utf-8") as testfile: + with open(SCANS_PATH / "no_vuln.json", encoding="utf-8") as testfile: parser = CoverityScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open(f"{SCANS_PATH}/one_vuln.json", encoding="utf-8") as testfile: + with open(SCANS_PATH / "one_vuln.json", encoding="utf-8") as testfile: parser = CoverityScanParser() findings = parser.get_findings(testfile, Test()) @@ -31,7 +31,7 @@ def test_parse_one_finding(self): ) def test_parse_many_findings(self): - with open(f"{SCANS_PATH}/many_vulns.json", encoding="utf-8") as testfile: + with open(SCANS_PATH / "many_vulns.json", encoding="utf-8") as testfile: parser = CoverityScanParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_crashtest_security_parser.py b/unittests/tools/test_crashtest_security_parser.py index 88aa859cad..b708ab6090 100644 --- a/unittests/tools/test_crashtest_security_parser.py +++ b/unittests/tools/test_crashtest_security_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.crashtest_security.parser import CrashtestSecurityParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCrashtestSecurityParser(DojoTestCase): def test_crashtest_security_json_parser_empty_file_has_no_findings(self): - testfile = open("unittests/scans/crashtest_security/empty.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("crashtest_security") / "empty.json", encoding="utf-8") parser = CrashtestSecurityParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_crashtest_security_json_parser_full_file_has_many_findings(self): - testfile = open("unittests/scans/crashtest_security/full.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("crashtest_security") / "full.json", encoding="utf-8") parser = CrashtestSecurityParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -25,7 +25,7 @@ def test_crashtest_security_json_parser_full_file_has_many_findings(self): def test_crashtest_security_json_parser_extracted_data_file_has_many_findings(self): testfile = open( - get_unit_tests_path() + "/scans/crashtest_security/data_extracted.json", encoding="utf-8", + get_unit_tests_scans_path("crashtest_security") / "data_extracted.json", encoding="utf-8", ) parser = CrashtestSecurityParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_cred_scan_parser.py b/unittests/tools/test_cred_scan_parser.py index a913e591ed..8f5f976b37 100644 --- a/unittests/tools/test_cred_scan_parser.py +++ b/unittests/tools/test_cred_scan_parser.py @@ -2,19 +2,19 @@ from dojo.models import Test from dojo.tools.cred_scan.parser import CredScanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCredScanParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/cred_scan/cred_scan_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cred_scan") / "cred_scan_no_vuln.csv", encoding="utf-8") as testfile: parser = CredScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/cred_scan/cred_scan_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cred_scan") / "cred_scan_one_vuln.csv", encoding="utf-8") as testfile: parser = CredScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -25,7 +25,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual(datetime.date(2021, 4, 10), datetime.datetime.date(finding.date)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/cred_scan/cred_scan_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("cred_scan") / "cred_scan_many_vuln.csv", encoding="utf-8") as testfile: parser = CredScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_crunch42_parser.py b/unittests/tools/test_crunch42_parser.py index 79565e9502..099813fad6 100644 --- a/unittests/tools/test_crunch42_parser.py +++ b/unittests/tools/test_crunch42_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.crunch42.parser import Crunch42Parser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCrunch42Parser(DojoTestCase): def test_crunch42parser_single_has_many_findings(self): - with open("unittests/scans/crunch42/crunch42_many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("crunch42") / "crunch42_many_findings.json", encoding="utf-8") as testfile: parser = Crunch42Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) @@ -18,7 +18,7 @@ def test_crunch42parser_single_has_many_findings(self): self.assertGreater(len(finding.description), 0) def test_crunch42parser_single_has_many_findings2(self): - with open("unittests/scans/crunch42/crunch42_many_findings2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("crunch42") / "crunch42_many_findings2.json", encoding="utf-8") as testfile: parser = Crunch42Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_cyclonedx_parser.py b/unittests/tools/test_cyclonedx_parser.py index 65e377496f..0816b61e8f 100644 --- a/unittests/tools/test_cyclonedx_parser.py +++ b/unittests/tools/test_cyclonedx_parser.py @@ -2,12 +2,12 @@ from dojo.models import Finding, Test from dojo.tools.cyclonedx.parser import CycloneDXParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestCyclonedxParser(DojoTestCase): def test_grype_report(self): - with open("unittests/scans/cyclonedx/grype_dd_1_14_1.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "grype_dd_1_14_1.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = list(parser.get_findings(file, Test())) for finding in findings: @@ -31,7 +31,7 @@ def test_grype_report(self): def test_spec1_report(self): """Test a report from the spec itself""" - with open("unittests/scans/cyclonedx/spec1.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "spec1.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = list(parser.get_findings(file, Test())) for finding in findings: @@ -54,7 +54,7 @@ def test_spec1_report(self): def test_spec1_report_low_first(self): """Test a report from the spec itself""" - with open("unittests/scans/cyclonedx/spec1_lowfirst.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "spec1_lowfirst.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = list(parser.get_findings(file, Test())) for finding in findings: @@ -74,7 +74,7 @@ def test_spec1_report_low_first(self): self.assertEqual("Upgrade\n", finding.mitigation) def test_cyclonedx_bom_report(self): - with open("unittests/scans/cyclonedx/cyclonedx_bom.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "cyclonedx_bom.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -83,7 +83,7 @@ def test_cyclonedx_bom_report(self): def test_cyclonedx_jake_report(self): """Test a report generated by Jake""" - with open("unittests/scans/cyclonedx/jake.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "jake.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -92,7 +92,7 @@ def test_cyclonedx_jake_report(self): def test_cyclonedx_retirejs_report(self): """Test a report generated by RetireJS""" - with open("unittests/scans/cyclonedx/retirejs.latest.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "retirejs.latest.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -101,7 +101,7 @@ def test_cyclonedx_retirejs_report(self): def test_cyclonedx_grype_11_report(self): """Test a report generated by Grype 0.11""" - with open("unittests/scans/cyclonedx/dd_1_15_0.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "dd_1_15_0.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -142,7 +142,7 @@ def test_cyclonedx_grype_11_report(self): def test_cyclonedx_1_4_xml(self): """CycloneDX version 1.4 XML format""" - with open("unittests/scans/cyclonedx/valid-vulnerability-1.4.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "valid-vulnerability-1.4.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -188,7 +188,7 @@ def test_cyclonedx_1_4_xml(self): def test_cyclonedx_1_4_json(self): """CycloneDX version 1.4 JSON format""" - with open("unittests/scans/cyclonedx/valid-vulnerability-1.4.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "valid-vulnerability-1.4.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -232,7 +232,7 @@ def test_cyclonedx_1_4_json(self): def test_cyclonedx_1_4_jake_json(self): """CycloneDX version 1.4 JSON format produced by jake 1.4.1""" - with open("unittests/scans/cyclonedx/jake2.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "jake2.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) self.assertEqual(7, len(findings)) @@ -286,7 +286,7 @@ def test_cyclonedx_1_4_jake_json(self): def test_cyclonedx_1_4_xml_cvssv31(self): """CycloneDX version 1.4 XML format""" - with open("unittests/scans/cyclonedx/log4j.xml", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "log4j.xml", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -303,7 +303,7 @@ def test_cyclonedx_1_4_xml_cvssv31(self): def test_cyclonedx_1_4_json_cvssv31(self): """CycloneDX version 1.4 JSON format""" - with open("unittests/scans/cyclonedx/log4j.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "log4j.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -320,7 +320,7 @@ def test_cyclonedx_1_4_json_cvssv31(self): def test_cyclonedx_1_4_json_nested_cvssv31(self): """CycloneDX version 1.4 JSON format""" - with open("unittests/scans/cyclonedx/nested-component-log4j.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "nested-component-log4j.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -337,7 +337,7 @@ def test_cyclonedx_1_4_json_nested_cvssv31(self): def test_cyclonedx_issue_9277(self): """CycloneDX version 1.5 JSON format""" - with open("unittests/scans/cyclonedx/issue_9277.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "issue_9277.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -350,7 +350,7 @@ def test_cyclonedx_issue_9277(self): def test_cyclonedx_issue_8022(self): """CycloneDX version 1.4 JSON format""" - with open("unittests/scans/cyclonedx/issue_8022.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("cyclonedx") / "issue_8022.json", encoding="utf-8") as file: parser = CycloneDXParser() findings = parser.get_findings(file, Test()) for finding in findings: diff --git a/unittests/tools/test_dawnscanner_parser.py b/unittests/tools/test_dawnscanner_parser.py index 5b7a161cc9..811572c6f5 100644 --- a/unittests/tools/test_dawnscanner_parser.py +++ b/unittests/tools/test_dawnscanner_parser.py @@ -1,15 +1,13 @@ import datetime -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.dawnscanner.parser import DawnScannerParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDawnScannerParser(DojoTestCase): def test_burp_with_one_vuln_has_one_finding(self): - with open(path.join(Path(__file__).parent, "../scans/dawnscanner/dawnscanner_v1.6.9.json"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "dawnscanner/dawnscanner_v1.6.9.json", encoding="utf-8") as test_file: parser = DawnScannerParser() findings = parser.get_findings(test_file, Test()) for finding in findings: diff --git a/unittests/tools/test_deepfence_threatmapper_parser.py b/unittests/tools/test_deepfence_threatmapper_parser.py index e4e6070dfe..e97b9ce2af 100644 --- a/unittests/tools/test_deepfence_threatmapper_parser.py +++ b/unittests/tools/test_deepfence_threatmapper_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.deepfence_threatmapper.parser import DeepfenceThreatmapperParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDeepfenceThreatmapperParser(DojoTestCase): def test_parse_file_compliance_report(self): - with open("unittests/scans/deepfence_threatmapper/compliance_report.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("deepfence_threatmapper") / "compliance_report.xlsx", "rb") as testfile: parser = DeepfenceThreatmapperParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) @@ -14,7 +14,7 @@ def test_parse_file_compliance_report(self): self.assertEqual(findings[0].severity, "Info") def test_parse_file_malware_report(self): - with open("unittests/scans/deepfence_threatmapper/malware_report.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("deepfence_threatmapper") / "malware_report.xlsx", "rb") as testfile: parser = DeepfenceThreatmapperParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) @@ -23,7 +23,7 @@ def test_parse_file_malware_report(self): self.assertEqual(findings[0].file_path, "/tmp/Deepfence/YaraHunter/df_db09257b02e615049e0aecc05be2dc2401735e67db4ab74225df777c62c39753/usr/sbin/mkfs.cramfs") def test_parse_file_secret_report(self): - with open("unittests/scans/deepfence_threatmapper/secret_report.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("deepfence_threatmapper") / "secret_report.xlsx", "rb") as testfile: parser = DeepfenceThreatmapperParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) @@ -32,7 +32,7 @@ def test_parse_file_secret_report(self): self.assertEqual(findings[0].file_path, "usr/share/doc/curl-8.3.0/TheArtOfHttpScripting.md") def test_parse_file_vulnerability_report(self): - with open("unittests/scans/deepfence_threatmapper/vulnerability_report.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("deepfence_threatmapper") / "vulnerability_report.xlsx", "rb") as testfile: parser = DeepfenceThreatmapperParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_dependency_check_parser.py b/unittests/tools/test_dependency_check_parser.py index 4ad945a39c..fae192d183 100644 --- a/unittests/tools/test_dependency_check_parser.py +++ b/unittests/tools/test_dependency_check_parser.py @@ -1,13 +1,11 @@ import logging from datetime import UTC, datetime -from os import path -from pathlib import Path from dateutil.tz import tzlocal, tzoffset from dojo.models import Test from dojo.tools.dependency_check.parser import DependencyCheckParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path logger = logging.getLogger(__name__) @@ -23,13 +21,13 @@ def __init__(self, name, content): class TestDependencyCheckParser(DojoTestCase): def test_parse_empty_file(self): - with open("unittests/scans/dependency_check/single_dependency_with_related_no_vulnerability.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dependency_check") / "single_dependency_with_related_no_vulnerability.xml", encoding="utf-8") as testfile: parser = DependencyCheckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_single_vulnerability_has_single_finding(self): - with open("unittests/scans/dependency_check/single_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dependency_check") / "single_vuln.xml", encoding="utf-8") as testfile: parser = DependencyCheckParser() findings = parser.get_findings(testfile, Test()) items = findings @@ -47,14 +45,14 @@ def test_parse_file_with_single_vulnerability_has_single_finding(self): self.assertEqual(items[i].date, datetime(2016, 11, 5, 14, 52, 15, 748000, tzinfo=tzoffset(None, -14400))) def test_parse_file_with_single_dependency_with_related_no_vulnerability(self): - with open("unittests/scans/dependency_check/single_dependency_with_related_no_vulnerability.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dependency_check") / "single_dependency_with_related_no_vulnerability.xml", encoding="utf-8") as testfile: parser = DependencyCheckParser() findings = parser.get_findings(testfile, Test()) items = findings self.assertEqual(0, len(items)) def test_parse_file_with_multiple_vulnerabilities_has_multiple_findings(self): - with open("unittests/scans/dependency_check/multiple_vulnerabilities_has_multiple_findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dependency_check") / "multiple_vulnerabilities_has_multiple_findings.xml", encoding="utf-8") as testfile: parser = DependencyCheckParser() findings = parser.get_findings(testfile, Test()) items = findings @@ -256,7 +254,7 @@ def test_parse_file_with_multiple_vulnerabilities_has_multiple_findings(self): def test_parse_java_6_5_3(self): """Test with version 6.5.3""" - with open(path.join(Path(__file__).parent, "../scans/dependency_check/version-6.5.3.xml"), encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path() / "dependency_check/version-6.5.3.xml", encoding="utf-8") as test_file: parser = DependencyCheckParser() findings = parser.get_findings(test_file, Test()) items = findings @@ -275,7 +273,7 @@ def test_parse_java_6_5_3(self): self.assertEqual(items[i].date, datetime(2022, 1, 15, 14, 31, 13, 42600, tzinfo=UTC)) def test_parse_file_pr6439(self): - with open("unittests/scans/dependency_check/PR6439.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dependency_check") / "PR6439.xml", encoding="utf-8") as testfile: parser = DependencyCheckParser() findings = parser.get_findings(testfile, Test()) items = findings diff --git a/unittests/tools/test_dependency_track_parser.py b/unittests/tools/test_dependency_track_parser.py index 60db4cedc3..a98aebdd2c 100644 --- a/unittests/tools/test_dependency_track_parser.py +++ b/unittests/tools/test_dependency_track_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.dependency_track.parser import DependencyTrackParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDependencyTrackParser(DojoTestCase): def test_dependency_track_parser_with_empty_list_for_findings_key_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/dependency_track/no_findings_because_findings_key_is_empty_list.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "no_findings_because_findings_key_is_empty_list.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -15,7 +15,7 @@ def test_dependency_track_parser_with_empty_list_for_findings_key_has_no_finding def test_dependency_track_parser_with_missing_findings_key_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/dependency_track/no_findings_because_findings_key_is_missing.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "no_findings_because_findings_key_is_missing.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -23,7 +23,7 @@ def test_dependency_track_parser_with_missing_findings_key_has_no_findings(self) def test_dependency_track_parser_with_null_findings_key_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/dependency_track/no_findings_because_findings_key_is_null.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "no_findings_because_findings_key_is_null.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -31,7 +31,7 @@ def test_dependency_track_parser_with_null_findings_key_has_no_findings(self): def test_dependency_track_parser_has_many_findings(self): with open( - get_unit_tests_path() + "/scans/dependency_track/many_findings.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "many_findings.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -49,7 +49,7 @@ def test_dependency_track_parser_has_many_findings(self): def test_dependency_track_parser_has_one_finding(self): with open( - get_unit_tests_path() + "/scans/dependency_track/one_finding.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "one_finding.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -57,7 +57,7 @@ def test_dependency_track_parser_has_one_finding(self): def test_dependency_track_parser_v3_8_0(self): with open( - get_unit_tests_path() + "/scans/dependency_track/dependency_track_3.8.0_2021-01-18.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "dependency_track_3.8.0_2021-01-18.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -67,7 +67,7 @@ def test_dependency_track_parser_v3_8_0(self): def test_dependency_track_parser_findings_with_alias(self): with open( - get_unit_tests_path() + "/scans/dependency_track/many_findings_with_alias.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "many_findings_with_alias.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -79,7 +79,7 @@ def test_dependency_track_parser_findings_with_alias(self): def test_dependency_track_parser_findings_with_empty_alias(self): with open( - get_unit_tests_path() + "/scans/dependency_track/many_findings_with_empty_alias.json", encoding="utf-8", + get_unit_tests_scans_path("dependency_track") / "many_findings_with_empty_alias.json", encoding="utf-8", ) as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) @@ -88,7 +88,7 @@ def test_dependency_track_parser_findings_with_empty_alias(self): self.assertIn("CVE-2022-2053", findings[11].unsaved_vulnerability_ids) def test_dependency_track_parser_findings_with_cvssV3_score(self): - with open(f"{get_unit_tests_path()}/scans/dependency_track/many_findings_with_cvssV3_score.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/dependency_track/many_findings_with_cvssV3_score.json", encoding="utf-8") as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) @@ -98,7 +98,7 @@ def test_dependency_track_parser_findings_with_cvssV3_score(self): self.assertEqual(8.3, findings[0].cvssv3_score) def test_dependency_track_parser_findings_with_epss_score(self): - with open(f"{get_unit_tests_path()}/scans/dependency_track/dependency_track_4.10_2024_02_11.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/dependency_track/dependency_track_4.10_2024_02_11.json", encoding="utf-8") as testfile: parser = DependencyTrackParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_detect_secrets_parser.py b/unittests/tools/test_detect_secrets_parser.py index 421d393f84..b3e6a6ce19 100644 --- a/unittests/tools/test_detect_secrets_parser.py +++ b/unittests/tools/test_detect_secrets_parser.py @@ -4,19 +4,19 @@ from dojo.models import Test from dojo.tools.detect_secrets.parser import DetectSecretsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDetectSecretsParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/detect_secrets/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("detect_secrets") / "no_findings.json", encoding="utf-8") as testfile: parser = DetectSecretsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/detect_secrets/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("detect_secrets") / "many_findings.json", encoding="utf-8") as testfile: parser = DetectSecretsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) diff --git a/unittests/tools/test_dockerbench_parser.py b/unittests/tools/test_dockerbench_parser.py index 22c0d66f28..c1e8594609 100644 --- a/unittests/tools/test_dockerbench_parser.py +++ b/unittests/tools/test_dockerbench_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.dockerbench.parser import DockerBenchParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDockerBenchParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/dockerbench/docker-bench-report-zero-vulns.json", encoding="utf-8", + get_unit_tests_scans_path("dockerbench") / "docker-bench-report-zero-vulns.json", encoding="utf-8", ) as testfile: parser = DockerBenchParser() findings = parser.get_findings(testfile, Test()) @@ -15,7 +15,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): def test_parse_file_with_one_vuln_has_one_finding(self): with open( - get_unit_tests_path() + "/scans/dockerbench/docker-bench-report-single-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("dockerbench") / "docker-bench-report-single-vuln.json", encoding="utf-8", ) as testfile: parser = DockerBenchParser() findings = parser.get_findings(testfile, Test()) @@ -29,7 +29,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): def test_parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/dockerbench/docker-bench-report-many-vulns.json", encoding="utf-8", + get_unit_tests_scans_path("dockerbench") / "docker-bench-report-many-vulns.json", encoding="utf-8", ) as testfile: parser = DockerBenchParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_dockle_parser.py b/unittests/tools/test_dockle_parser.py index 314112299c..b614dd98c4 100644 --- a/unittests/tools/test_dockle_parser.py +++ b/unittests/tools/test_dockle_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.dockle.parser import DockleParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDockleParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/dockle/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dockle") / "no_findings.json", encoding="utf-8") as testfile: parser = DockleParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/dockle/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("dockle") / "many_findings.json", encoding="utf-8") as testfile: parser = DockleParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_drheader_parser.py b/unittests/tools/test_drheader_parser.py index 9eb07664bf..7f4cbbe095 100644 --- a/unittests/tools/test_drheader_parser.py +++ b/unittests/tools/test_drheader_parser.py @@ -1,40 +1,40 @@ from dojo.models import Test from dojo.tools.drheader.parser import DrHeaderParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDrHeaderParser(DojoTestCase): def test_parse_file_has_no_findings(self): - testfile = open("unittests/scans/drheader/no_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("drheader") / "no_vulns.json", encoding="utf-8") parser = DrHeaderParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_has_many_finding_one_tool(self): - testfile = open("unittests/scans/drheader/scan.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("drheader") / "scan.json", encoding="utf-8") parser = DrHeaderParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(6, len(findings)) def test_parse_file_has_many_finding_one_tool2(self): - testfile = open("unittests/scans/drheader/scan2.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("drheader") / "scan2.json", encoding="utf-8") parser = DrHeaderParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(6, len(findings)) def test_parse_file_has_many_finding_one_tool3(self): - testfile = open("unittests/scans/drheader/scan3.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("drheader") / "scan3.json", encoding="utf-8") parser = DrHeaderParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(11, len(findings)) def test_parse_file_has_many_finding_multiple_urls(self): - testfile = open("unittests/scans/drheader/multiple_urls.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("drheader") / "multiple_urls.json", encoding="utf-8") parser = DrHeaderParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_dsop_parser.py b/unittests/tools/test_dsop_parser.py index e3a1b8d984..c22abed839 100644 --- a/unittests/tools/test_dsop_parser.py +++ b/unittests/tools/test_dsop_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.dsop.parser import DsopParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestDsopParser(DojoTestCase): def test_zero_findings(self): - with open("unittests/scans/dsop/zero_vuln.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("dsop") / "zero_vuln.xlsx", "rb") as testfile: parser = DsopParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 0) def test_many_findings(self): - with open("unittests/scans/dsop/many_vuln.xlsx", "rb") as testfile: + with open(get_unit_tests_scans_path("dsop") / "many_vuln.xlsx", "rb") as testfile: parser = DsopParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 4) diff --git a/unittests/tools/test_eslint_parser.py b/unittests/tools/test_eslint_parser.py index c1574c574e..621cd738a1 100644 --- a/unittests/tools/test_eslint_parser.py +++ b/unittests/tools/test_eslint_parser.py @@ -1,25 +1,25 @@ from dojo.models import Test from dojo.tools.eslint.parser import ESLintParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestESLintParser(DojoTestCase): def test_parse_file_has_two_findings(self): - testfile = open("unittests/scans/eslint/scan.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("eslint") / "scan.json", encoding="utf-8") parser = ESLintParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(2, len(findings)) def test_parse_empty_file(self): - testfile = open("unittests/scans/eslint/empty.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("eslint") / "empty.json", encoding="utf-8") parser = ESLintParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_no_finding(self): - testfile = open("unittests/scans/eslint/no_finding.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("eslint") / "no_finding.json", encoding="utf-8") parser = ESLintParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_fortify_parser.py b/unittests/tools/test_fortify_parser.py index 43ab4a911e..ad532d7b71 100644 --- a/unittests/tools/test_fortify_parser.py +++ b/unittests/tools/test_fortify_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.fortify.parser import FortifyParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestFortifyParser(DojoTestCase): def test_fortify_many_findings(self): - with open("unittests/scans/fortify/fortify_many_findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "fortify_many_findings.xml", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(324, len(findings)) @@ -17,7 +17,7 @@ def test_fortify_many_findings(self): self.assertEqual(81, finding.line) def test_fortify_few_findings(self): - with open("unittests/scans/fortify/fortify_few_findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "fortify_few_findings.xml", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -30,7 +30,7 @@ def test_fortify_few_findings(self): self.assertEqual("53C25D2FC6950554F16D3CEF9E41EF6F", finding.unique_id_from_tool) def test_fortify_few_findings_count_chart(self): - with open("unittests/scans/fortify/fortify_few_findings_count_chart.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "fortify_few_findings_count_chart.xml", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -43,7 +43,7 @@ def test_fortify_few_findings_count_chart(self): self.assertEqual("53C25D2FC6950554F16D3CEF9E41EF6F", finding.unique_id_from_tool) def test_fortify_issue6260(self): - with open("unittests/scans/fortify/issue6260.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "issue6260.xml", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) @@ -56,7 +56,7 @@ def test_fortify_issue6260(self): self.assertEqual("7A2F1C728BDDBB17C7CB31CEDF5D8F85", finding.unique_id_from_tool) def test_fortify_issue6082(self): - with open("unittests/scans/fortify/issue6082.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "issue6082.xml", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -76,7 +76,7 @@ def test_fortify_issue6082(self): self.assertEqual("B5B15F27E10F4D7799BD0ED1E6D34C5D", finding.unique_id_from_tool) def test_fortify_many_fdr_findings(self): - with open("unittests/scans/fortify/many_findings.fpr", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("fortify") / "many_findings.fpr", encoding="utf-8") as testfile: parser = FortifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(61, len(findings)) diff --git a/unittests/tools/test_gcloud_artifact_scan_parser.py b/unittests/tools/test_gcloud_artifact_scan_parser.py index 88a2b0ec09..0d9960b17c 100644 --- a/unittests/tools/test_gcloud_artifact_scan_parser.py +++ b/unittests/tools/test_gcloud_artifact_scan_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.gcloud_artifact_scan.parser import GCloudArtifactScanParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGCloudArtifactScanParser(DojoTestCase): def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open(f"{get_unit_tests_path()}/scans/gcloud_artifact_scan/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gcloud_artifact_scan/many_vulns.json", encoding="utf-8") as testfile: parser = GCloudArtifactScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) diff --git a/unittests/tools/test_generic_parser.py b/unittests/tools/test_generic_parser.py index b7fce8efed..6d113e5b67 100644 --- a/unittests/tools/test_generic_parser.py +++ b/unittests/tools/test_generic_parser.py @@ -2,7 +2,7 @@ from dojo.models import Engagement, Finding, Product, Test from dojo.tools.generic.parser import GenericParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestFile: @@ -25,7 +25,7 @@ def setUp(self): self.test = Test(engagement=self.engagement) def test_parse_report1(self): - with open("unittests/scans/generic/generic_report1.csv", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report1.csv", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, self.test) for finding in findings: @@ -434,7 +434,7 @@ def test_column_order_is_flexible(self): self.assertEqual(fields1, fields2) def test_parse_json(self): - with open("unittests/scans/generic/generic_report1.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report1.json", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -465,7 +465,7 @@ def test_parse_json(self): self.assertIn(finding.severity, Finding.SEVERITIES) def test_parse_json2(self): - with open("unittests/scans/generic/generic_report2.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report2.json", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) for finding in findings: @@ -488,7 +488,7 @@ def test_parse_json2(self): self.assertEqual("Some mitigation", finding.mitigation) def test_parse_json3(self): - with open("unittests/scans/generic/generic_report3.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report3.json", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) self.assertEqual(3, len(findings)) @@ -526,7 +526,7 @@ def test_parse_json3(self): self.assertEqual("test-pest", endpoint.path) def test_parse_endpoints_and_vulnerability_ids_json(self): - with open("unittests/scans/generic/generic_report4.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report4.json", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) self.assertEqual(1, len(findings)) @@ -557,7 +557,7 @@ def test_parse_endpoints_and_vulnerability_ids_json(self): self.assertEqual("CVE-2015-9235", finding.unsaved_vulnerability_ids[1]) def test_parse_host_and_vulnerability_id_csv(self): - with open("unittests/scans/generic/generic_report4.csv", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_report4.csv", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) self.assertEqual(4, len(findings)) @@ -599,7 +599,7 @@ def test_parse_host_and_vulnerability_id_csv(self): self.assertIsNone(finding.unsaved_vulnerability_ids) def test_parse_json_with_image(self): - with open("unittests/scans/generic/test_with_image.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "test_with_image.json", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, Test()) self.assertEqual(1, len(findings)) @@ -612,7 +612,7 @@ def test_parse_json_with_image(self): self.assertIn("data", image) def test_parse_json_custom_test(self): - with open("unittests/scans/generic/generic_custom_test.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_custom_test.json", encoding="utf-8") as file: parser = GenericParser() tests = parser.get_tests(parser.get_scan_types()[0], file) self.assertEqual(1, len(tests)) @@ -637,21 +637,21 @@ def test_parse_json_custom_test(self): self.assertEqual("TEST1", finding.vuln_id_from_tool) def test_parse_json_empty_finding(self): - with open("unittests/scans/generic/generic_empty.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_empty.json", encoding="utf-8") as file: parser = GenericParser() with self.assertRaisesMessage(ValueError, "Required fields are missing: ['description', 'severity', 'title']"): parser.get_findings(file, Test()) def test_parse_json_invalid_finding(self): - with open("unittests/scans/generic/generic_invalid.json", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_invalid.json", encoding="utf-8") as file: parser = GenericParser() with self.assertRaisesMessage(ValueError, "Not allowed fields are present: ['invalid_field', 'last_status_update']"): parser.get_findings(file, Test()) def test_parse_csv_with_epss(self): - with open("unittests/scans/generic/generic_csv_with_epss.csv", encoding="utf-8") as file: + with open(get_unit_tests_scans_path("generic") / "generic_csv_with_epss.csv", encoding="utf-8") as file: parser = GenericParser() findings = parser.get_findings(file, self.test) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_ggshield_parser.py b/unittests/tools/test_ggshield_parser.py index 27d4e26766..03cdbfd96c 100644 --- a/unittests/tools/test_ggshield_parser.py +++ b/unittests/tools/test_ggshield_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.ggshield.parser import GgshieldParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGgshieldParser(DojoTestCase): def test_parse_empty(self): - with open("unittests/scans/ggshield/no_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ggshield") / "no_finding.json", encoding="utf-8") as testfile: parser = GgshieldParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/ggshield/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ggshield") / "one_finding.json", encoding="utf-8") as testfile: parser = GgshieldParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -23,7 +23,7 @@ def test_parse_one_finding(self): self.assertEqual("2021-07-05", finding.date) def test_parse_many_finding(self): - with open("unittests/scans/ggshield/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ggshield") / "many_findings.json", encoding="utf-8") as testfile: parser = GgshieldParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_github_vulnerability_parser.py b/unittests/tools/test_github_vulnerability_parser.py index 00321647bf..5fda63d312 100644 --- a/unittests/tools/test_github_vulnerability_parser.py +++ b/unittests/tools/test_github_vulnerability_parser.py @@ -4,20 +4,20 @@ from dojo.models import Test from dojo.tools.github_vulnerability.parser import GithubVulnerabilityParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGithubVulnerabilityParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): """Sample with zero vulnerability""" - with open("unittests/scans/github_vulnerability/github-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github-0-vuln.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): """Sample with one vulnerability""" - with open("unittests/scans/github_vulnerability/github-1-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github-1-vuln.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -37,7 +37,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): def test_parse_file_with_one_vuln_has_one_finding_and_dependabot_direct_link(self): """Sample with one vulnerability""" - with open("unittests/scans/github_vulnerability/github-1-vuln-repo-dependabot-link.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github-1-vuln-repo-dependabot-link.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -57,13 +57,13 @@ def test_parse_file_with_one_vuln_has_one_finding_and_dependabot_direct_link(sel def test_parse_file_with_multiple_vuln_has_multiple_findings(self): """Sample with five vulnerability""" - with open("unittests/scans/github_vulnerability/github-5-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github-5-vuln.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) def test_parse_file_issue2984(self): - with open("unittests/scans/github_vulnerability/github_issue2984.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_issue2984.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -87,7 +87,7 @@ def test_parse_file_issue2984(self): self.assertEqual(finding.unique_id_from_tool, "DASFMMFKLNKDSAKFSDLANJKKFDSNJSAKDFNJKDFS=") def test_parse_file_search(self): - with open("unittests/scans/github_vulnerability/github_search.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_search.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -115,7 +115,7 @@ def test_parse_file_search(self): def test_parse_file_search2(self): """Search result with more data/attributes""" - with open("unittests/scans/github_vulnerability/github_search2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_search2.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -143,7 +143,7 @@ def test_parse_file_search2(self): def test_parse_file_search3(self): """Search result with more data/attributes""" - with open("unittests/scans/github_vulnerability/github_search3.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_search3.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -175,7 +175,7 @@ def test_parse_file_search3(self): def test_parse_file_search4_null_cvss_vector(self): """Search result with more data/attributes""" - with open("unittests/scans/github_vulnerability/github_search4_null_cvss_vector.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_search4_null_cvss_vector.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -206,7 +206,7 @@ def test_parse_file_search4_null_cvss_vector(self): self.assertEqual(finding.unique_id_from_tool, "MDI4OlJlcG9zaXRvcnlWdWxuZXJhYmlsaXR5QWxlcnQ1NTE5NTI2OTM=") def test_parse_cwe_and_date(self): - with open("unittests/scans/github_vulnerability/github_h2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_h2.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -229,7 +229,7 @@ def test_parse_cwe_and_date(self): self.assertEqual(finding.active, True) def test_parse_state(self): - with open("unittests/scans/github_vulnerability/github_shiro.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github_shiro.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -253,7 +253,7 @@ def test_parse_state(self): self.assertEqual(finding.is_mitigated, True) def test_parser_version(self): - with open("unittests/scans/github_vulnerability/github-vuln-version.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "github-vuln-version.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -268,7 +268,7 @@ def test_parser_version(self): self.assertEqual(finding.component_version, "5.3.29") def test_parse_file_issue_9582(self): - with open("unittests/scans/github_vulnerability/issue_9582.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("github_vulnerability") / "issue_9582.json", encoding="utf-8") as testfile: parser = GithubVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_gitlab_api_fuzzing_parser.py b/unittests/tools/test_gitlab_api_fuzzing_parser.py index 0da1fadde8..9ccded6d30 100644 --- a/unittests/tools/test_gitlab_api_fuzzing_parser.py +++ b/unittests/tools/test_gitlab_api_fuzzing_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.gitlab_api_fuzzing.parser import GitlabAPIFuzzingParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabAPIFuzzingParser(DojoTestCase): def test_gitlab_api_fuzzing_parser_with_no_vuln_has_no_findings(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_api_fuzzing/gitlab_api_fuzzing_0_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_api_fuzzing/gitlab_api_fuzzing_0_vuln.json", encoding="utf-8") as testfile: parser = GitlabAPIFuzzingParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_gitlab_api_fuzzing_parser_with_one_criticle_vuln_has_one_findings_v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_api_fuzzing/gitlab_api_fuzzing_1_vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_api_fuzzing/gitlab_api_fuzzing_1_vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabAPIFuzzingParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -28,7 +28,7 @@ def test_gitlab_api_fuzzing_parser_with_one_criticle_vuln_has_one_findings_v14(s ) def test_gitlab_api_fuzzing_parser_with_one_criticle_vuln_has_one_findings_v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_api_fuzzing/gitlab_api_fuzzing_1_vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_api_fuzzing/gitlab_api_fuzzing_1_vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabAPIFuzzingParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -44,7 +44,7 @@ def test_gitlab_api_fuzzing_parser_with_one_criticle_vuln_has_one_findings_v15(s ) def test_gitlab_api_fuzzing_parser_with_invalid_json(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_api_fuzzing/gitlab_api_fuzzing_invalid.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_api_fuzzing/gitlab_api_fuzzing_invalid.json", encoding="utf-8") as testfile: # Something is wrong with JSON file with self.assertRaises((KeyError, ValueError)): parser = GitlabAPIFuzzingParser() diff --git a/unittests/tools/test_gitlab_container_scan_parser.py b/unittests/tools/test_gitlab_container_scan_parser.py index 4bc69cd809..1cb7aad2af 100644 --- a/unittests/tools/test_gitlab_container_scan_parser.py +++ b/unittests/tools/test_gitlab_container_scan_parser.py @@ -2,18 +2,18 @@ from dojo.models import Test from dojo.tools.gitlab_container_scan.parser import GitlabContainerScanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabContainerScanParser(DojoTestCase): def test_gitlab_container_scan_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/gitlab_container_scan/gl-container-scanning-report-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "gl-container-scanning-report-0-vuln.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_gitlab_container_scan_parser_with_one_vuln_has_one_findings_v14(self): - with open("unittests/scans/gitlab_container_scan/gl-container-scanning-report-1-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "gl-container-scanning-report-1-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -32,7 +32,7 @@ def test_gitlab_container_scan_parser_with_one_vuln_has_one_findings_v14(self): self.assertEqual("df52bc8ce9a2ae56bbcb0c4ecda62123fbd6f69b", first_finding.unique_id_from_tool) def test_gitlab_container_scan_parser_with_one_vuln_has_one_findings_v15(self): - with open("unittests/scans/gitlab_container_scan/gl-container-scanning-report-1-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "gl-container-scanning-report-1-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -51,7 +51,7 @@ def test_gitlab_container_scan_parser_with_one_vuln_has_one_findings_v15(self): self.assertEqual("df52bc8ce9a2ae56bbcb0c4ecda62123fbd6f69b", first_finding.unique_id_from_tool) def test_gitlab_container_scan_parser_with_five_vuln_has_five_findings_v14(self): - with open("unittests/scans/gitlab_container_scan/gl-container-scanning-report-5-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "gl-container-scanning-report-5-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -60,7 +60,7 @@ def test_gitlab_container_scan_parser_with_five_vuln_has_five_findings_v14(self) self.assertEqual(5, len(findings)) def test_gitlab_container_scan_parser_with_five_vuln_has_five_findings_v15(self): - with open("unittests/scans/gitlab_container_scan/gl-container-scanning-report-5-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "gl-container-scanning-report-5-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -69,7 +69,7 @@ def test_gitlab_container_scan_parser_with_five_vuln_has_five_findings_v15(self) self.assertEqual(5, len(findings)) def test_gitlab_container_scan_parser_with_fless_data_v14(self): - with open("unittests/scans/gitlab_container_scan/issue6639_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "issue6639_v14.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -104,7 +104,7 @@ def test_gitlab_container_scan_parser_with_fless_data_v14(self): self.assertEqual("CVE-2022-0778", finding.unique_id_from_tool) def test_gitlab_container_scan_parser_with_fless_data_v15(self): - with open("unittests/scans/gitlab_container_scan/issue6639_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_container_scan") / "issue6639_v15.json", encoding="utf-8") as testfile: parser = GitlabContainerScanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_gitlab_dast_parser.py b/unittests/tools/test_gitlab_dast_parser.py index 01107a3a93..56c94debd7 100644 --- a/unittests/tools/test_gitlab_dast_parser.py +++ b/unittests/tools/test_gitlab_dast_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.gitlab_dast.parser import GitlabDastParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabDastParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/gitlab_dast/gitlab_dast_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_dast") / "gitlab_dast_zero_vul.json", encoding="utf-8") as testfile: parser = GitlabDastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_v14(self): - with open("unittests/scans/gitlab_dast/gitlab_dast_one_vul_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_dast") / "gitlab_dast_one_vul_v14.json", encoding="utf-8") as testfile: parser = GitlabDastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -39,7 +39,7 @@ def test_parse_file_with_one_vuln_has_one_finding_v14(self): self.assertEqual(359, finding.cwe) def test_parse_file_with_one_vuln_has_one_finding_v15(self): - with open("unittests/scans/gitlab_dast/gitlab_dast_one_vul_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_dast") / "gitlab_dast_one_vul_v15.json", encoding="utf-8") as testfile: parser = GitlabDastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -67,7 +67,7 @@ def test_parse_file_with_one_vuln_has_one_finding_v15(self): self.assertEqual(359, finding.cwe) def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): - with open("unittests/scans/gitlab_dast/gitlab_dast_many_vul_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_dast") / "gitlab_dast_many_vul_v14.json", encoding="utf-8") as testfile: parser = GitlabDastParser() findings = parser.get_findings(testfile, Test()) @@ -105,7 +105,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): self.assertIn("Ensure that your web server,", finding.mitigation) def test_parse_file_with_multiple_vuln_has_multiple_findings_v15(self): - with open("unittests/scans/gitlab_dast/gitlab_dast_many_vul_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_dast") / "gitlab_dast_many_vul_v15.json", encoding="utf-8") as testfile: parser = GitlabDastParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_gitlab_dep_scan_parser.py b/unittests/tools/test_gitlab_dep_scan_parser.py index ea306247c2..d45b64e3f3 100644 --- a/unittests/tools/test_gitlab_dep_scan_parser.py +++ b/unittests/tools/test_gitlab_dep_scan_parser.py @@ -1,30 +1,30 @@ from dojo.models import Test from dojo.tools.gitlab_dep_scan.parser import GitlabDepScanParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabDepScanParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-0-vuln.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-1-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-1-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-1-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-1-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_two_vuln_has_one_missing_component__v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-2-vuln-missing-component_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-2-vuln-missing-component_v14.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -36,7 +36,7 @@ def test_parse_file_with_two_vuln_has_one_missing_component__v14(self): self.assertEqual("v0.0.0-20190308221718-c2843e01d9a2", finding.component_version) def test_parse_file_with_two_vuln_has_one_missing_component__v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-2-vuln-missing-component_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-2-vuln-missing-component_v15.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -48,7 +48,7 @@ def test_parse_file_with_two_vuln_has_one_missing_component__v15(self): self.assertEqual("v0.0.0-20190308221718-c2843e01d9a2", finding.component_version) def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-many-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-many-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertGreater(len(findings), 2) @@ -57,7 +57,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): self.assertEqual("CVE-2020-29652", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_multiple_vuln_has_multiple_findings_v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_dep_scan/gl-dependency-scanning-report-many-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_dep_scan/gl-dependency-scanning-report-many-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabDepScanParser() findings = parser.get_findings(testfile, Test()) self.assertGreater(len(findings), 2) diff --git a/unittests/tools/test_gitlab_sast_parser.py b/unittests/tools/test_gitlab_sast_parser.py index e0757ac669..94afe2ad0f 100644 --- a/unittests/tools/test_gitlab_sast_parser.py +++ b/unittests/tools/test_gitlab_sast_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.gitlab_sast.parser import GitlabSastParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabSastParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-0-vuln.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_v14(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-1-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-1-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln_has_one_finding_v14(self): self.assertEqual("Critical", finding.severity) def test_parse_file_with_one_vuln_has_one_finding_v15(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-1-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-1-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -30,7 +30,7 @@ def test_parse_file_with_one_vuln_has_one_finding_v15(self): self.assertEqual("Critical", finding.severity) def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_sast/gl-sast-report-many-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_sast/gl-sast-report-many-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(219, len(findings)) @@ -45,7 +45,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings_v14(self): self.assertEqual("Critical", finding.severity) def test_parse_file_with_multiple_vuln_has_multiple_findings_v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_sast/gl-sast-report-many-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_sast/gl-sast-report-many-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(219, len(findings)) @@ -60,7 +60,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings_v15(self): self.assertEqual("Critical", finding.severity) def test_parse_file_with_various_confidences_v14(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_sast/gl-sast-report-confidence_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_sast/gl-sast-report-confidence_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 8) @@ -79,7 +79,7 @@ def test_parse_file_with_various_confidences_v14(self): self.assertEqual("Certain", finding.get_scanner_confidence_text()) def test_parse_file_with_various_confidences_v15(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_sast/gl-sast-report-confidence_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_sast/gl-sast-report-confidence_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 8) @@ -98,7 +98,7 @@ def test_parse_file_with_various_confidences_v15(self): self.assertEqual("", finding.get_scanner_confidence_text()) def test_parse_file_with_various_cwes_v14(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-cwe_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-cwe_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 3) @@ -107,7 +107,7 @@ def test_parse_file_with_various_cwes_v14(self): self.assertEqual(None, findings[2].cwe) def test_parse_file_with_various_cwes_v15(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-cwe_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-cwe_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 3) @@ -116,7 +116,7 @@ def test_parse_file_with_various_cwes_v15(self): self.assertEqual(None, findings[2].cwe) def test_parse_file_issue4336_v14(self): - with open("unittests/scans/gitlab_sast/gl-sast-report_issue4344_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report_issue4344_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -124,7 +124,7 @@ def test_parse_file_issue4336_v14(self): self.assertEqual("[None severity] Potential XSS vulnerability", finding.title) def test_parse_file_issue4336_v15(self): - with open("unittests/scans/gitlab_sast/gl-sast-report_issue4344_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report_issue4344_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -132,7 +132,7 @@ def test_parse_file_issue4336_v15(self): self.assertEqual("[None severity] Potential XSS vulnerability", finding.title) def test_without_scan_v14(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-1-vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-1-vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() tests = parser.get_tests(None, testfile) self.assertEqual(1, len(tests)) @@ -144,7 +144,7 @@ def test_without_scan_v14(self): self.assertEqual(1, len(findings)) def test_without_scan_v15(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-1-vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-1-vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() tests = parser.get_tests(None, testfile) self.assertEqual(1, len(tests)) @@ -156,7 +156,7 @@ def test_without_scan_v15(self): self.assertEqual(1, len(findings)) def test_with_scan_v14(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-confidence_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-confidence_v14.json", encoding="utf-8") as testfile: parser = GitlabSastParser() tests = parser.get_tests(None, testfile) self.assertEqual(1, len(tests)) @@ -168,7 +168,7 @@ def test_with_scan_v14(self): self.assertEqual(8, len(findings)) def test_with_scan_v15(self): - with open("unittests/scans/gitlab_sast/gl-sast-report-confidence_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitlab_sast") / "gl-sast-report-confidence_v15.json", encoding="utf-8") as testfile: parser = GitlabSastParser() tests = parser.get_tests(None, testfile) self.assertEqual(1, len(tests)) diff --git a/unittests/tools/test_gitlab_secret_detection_report_parser.py b/unittests/tools/test_gitlab_secret_detection_report_parser.py index 2d1df5bbe1..d6aa1ef1a3 100644 --- a/unittests/tools/test_gitlab_secret_detection_report_parser.py +++ b/unittests/tools/test_gitlab_secret_detection_report_parser.py @@ -4,12 +4,12 @@ from dojo.tools.gitlab_secret_detection_report.parser import ( GitlabSecretDetectionReportParser, ) -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitlabSecretDetectionReportParser(DojoTestCase): def test_gitlab_secret_detection_report_parser_with_no_vuln_has_no_findings(self): - with open(f"{get_unit_tests_path()}/scans/gitlab_secret_detection_report/gitlab_secret_detection_report_0_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_secret_detection_report/gitlab_secret_detection_report_0_vuln.json", encoding="utf-8") as testfile: parser = GitlabSecretDetectionReportParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) @@ -17,7 +17,7 @@ def test_gitlab_secret_detection_report_parser_with_no_vuln_has_no_findings(self def test_gitlab_secret_detection_report_parser_with_one_vuln_has_one_findings_v14( self, ): - with open(f"{get_unit_tests_path()}/scans/gitlab_secret_detection_report/gitlab_secret_detection_report_1_vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_secret_detection_report/gitlab_secret_detection_report_1_vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabSecretDetectionReportParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -38,7 +38,7 @@ def test_gitlab_secret_detection_report_parser_with_one_vuln_has_one_findings_v1 def test_gitlab_secret_detection_report_parser_with_one_vuln_has_one_findings_v15( self, ): - with open(f"{get_unit_tests_path()}/scans/gitlab_secret_detection_report/gitlab_secret_detection_report_1_vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_secret_detection_report/gitlab_secret_detection_report_1_vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabSecretDetectionReportParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -59,7 +59,7 @@ def test_gitlab_secret_detection_report_parser_with_one_vuln_has_one_findings_v1 def test_gitlab_secret_detection_report_parser_with_many_vuln_has_many_findings_v14( self, ): - with open(f"{get_unit_tests_path()}/scans/gitlab_secret_detection_report/gitlab_secret_detection_report_3_vuln_v14.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_secret_detection_report/gitlab_secret_detection_report_3_vuln_v14.json", encoding="utf-8") as testfile: parser = GitlabSecretDetectionReportParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -70,7 +70,7 @@ def test_gitlab_secret_detection_report_parser_with_many_vuln_has_many_findings_ def test_gitlab_secret_detection_report_parser_with_many_vuln_has_many_findings_v15( self, ): - with open(f"{get_unit_tests_path()}/scans/gitlab_secret_detection_report/gitlab_secret_detection_report_3_vuln_v15.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "/gitlab_secret_detection_report/gitlab_secret_detection_report_3_vuln_v15.json", encoding="utf-8") as testfile: parser = GitlabSecretDetectionReportParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_gitleaks_parser.py b/unittests/tools/test_gitleaks_parser.py index 1b70f854dd..ebee0949ad 100644 --- a/unittests/tools/test_gitleaks_parser.py +++ b/unittests/tools/test_gitleaks_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.gitleaks.parser import GitleaksParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGitleaksParser(DojoTestCase): def test_parse_file_legacy_with_no_findings(self): - with open(get_unit_tests_path() + "/scans/gitleaks/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "no_findings.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_legacy_with_one_finding(self): - with open(get_unit_tests_path() + "/scans/gitleaks/data_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "data_one.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -24,7 +24,7 @@ def test_parse_file_legacy_with_one_finding(self): self.assertIn("AsymmetricPrivateKey", finding.unsaved_tags) def test_parse_file_legacy_with_multiple_finding(self): - with open(get_unit_tests_path() + "/scans/gitleaks/data_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "data_many.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) @@ -36,13 +36,13 @@ def test_parse_file_legacy_with_multiple_finding(self): self.assertIn("Github", finding.unsaved_tags) def test_parse_file_legacy_with_multiple_redacted_finding(self): - with open(get_unit_tests_path() + "/scans/gitleaks/redacted_data_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "redacted_data_many.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) def test_parse_file_legacy_from_issue4336(self): - with open(get_unit_tests_path() + "/scans/gitleaks/issue4336.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "issue4336.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -53,7 +53,7 @@ def test_parse_file_legacy_from_issue4336(self): self.assertEqual(23, finding.line) def test_parse_file_from_version_7_5_0(self): - with open(get_unit_tests_path() + "/scans/gitleaks/version_7.5.0.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "version_7.5.0.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -84,7 +84,7 @@ def test_parse_file_from_version_7_5_0(self): self.assertIn("AWS", finding.unsaved_tags) def test_parse_file_from_version_8(self): - with open(get_unit_tests_path() + "/scans/gitleaks/gitleaks8_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gitleaks") / "gitleaks8_many.json", encoding="utf-8") as testfile: parser = GitleaksParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_gosec_parser.py b/unittests/tools/test_gosec_parser.py index c696692a44..45d22664d8 100644 --- a/unittests/tools/test_gosec_parser.py +++ b/unittests/tools/test_gosec_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.gosec.parser import GosecParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGosecParser(DojoTestCase): def test_parse_file_with_one_finding(self): - with open("unittests/scans/gosec/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("gosec") / "many_vulns.json", encoding="utf-8") as testfile: parser = GosecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(28, len(findings)) diff --git a/unittests/tools/test_govulncheck_parser.py b/unittests/tools/test_govulncheck_parser.py index 1865ff3c5d..7d0bdbff26 100644 --- a/unittests/tools/test_govulncheck_parser.py +++ b/unittests/tools/test_govulncheck_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.govulncheck.parser import GovulncheckParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestGovulncheckParser(DojoTestCase): def test_parse_empty(self): with self.assertRaises(ValueError) as exp: - with open("unittests/scans/govulncheck/empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "empty.json", encoding="utf-8") as testfile: parser = GovulncheckParser() parser.get_findings(testfile, Test()) self.assertIn( @@ -15,13 +15,13 @@ def test_parse_empty(self): ) def test_parse_no_findings(self): - with open("unittests/scans/govulncheck/no_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "no_vulns.json", encoding="utf-8") as testfile: parser = GovulncheckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/govulncheck/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "many_vulns.json", encoding="utf-8") as testfile: parser = GovulncheckParser() findings = parser.get_findings(testfile, Test()) @@ -67,13 +67,13 @@ def test_parse_many_findings(self): self.assertEqual("https://groups.google.com/g/golang-announce/c/x49AQzIVX-s", finding.references) def test_parse_new_version_no_findings(self): - with open("unittests/scans/govulncheck/no_vulns_new_version.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "no_vulns_new_version.json", encoding="utf-8") as testfile: parser = GovulncheckParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_new_version_many_findings(self): - with open("unittests/scans/govulncheck/many_vulns_new_version.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "many_vulns_new_version.json", encoding="utf-8") as testfile: parser = GovulncheckParser() findings = parser.get_findings(testfile, Test()) @@ -94,7 +94,7 @@ def test_parse_new_version_many_findings(self): self.assertIsNotNone(finding.references) def test_parse_new_version_many_findings_custom_severity(self): - with open("unittests/scans/govulncheck/many_vulns_new_version_custom_severity.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("govulncheck") / "many_vulns_new_version_custom_severity.json", encoding="utf-8") as testfile: parser = GovulncheckParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_h1_parser.py b/unittests/tools/test_h1_parser.py index 36f1ef1724..0aee422f69 100644 --- a/unittests/tools/test_h1_parser.py +++ b/unittests/tools/test_h1_parser.py @@ -2,24 +2,24 @@ from dojo.models import Test from dojo.tools.h1.parser import H1Parser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class HackerOneVulnerabilityDisclosureProgramTests(DojoTestCase): def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/h1/vuln_disclosure_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "vuln_disclosure_many.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/h1/vuln_disclosure_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "vuln_disclosure_one.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_no_vuln_has_no_finding(self): - with open("unittests/scans/h1/vuln_disclosure_zero.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "vuln_disclosure_zero.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) @@ -27,7 +27,7 @@ def test_parse_file_with_no_vuln_has_no_finding(self): class HackerOneBugBountyProgramTests(DojoTestCase): def test_bug_bounty_hacker_one_many_findings_json(self): - with open("unittests/scans/h1/bug_bounty_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_many.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -71,7 +71,7 @@ def test_bug_bounty_hacker_one_many_findings_json(self): self.assertIn("CVE-2017-12615", finding.unsaved_vulnerability_ids) def test_bug_bounty_hacker_one_one_findings_json(self): - with open("unittests/scans/h1/bug_bounty_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_one.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -89,13 +89,13 @@ def test_bug_bounty_hacker_one_one_findings_json(self): self.assertIn("**Reporter**: reporter", finding.description) def test_bug_bounty_hacker_one_zero_findings_json(self): - with open("unittests/scans/h1/bug_bounty_zero.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_zero.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_bug_bounty_hacker_one_many_findings_csv(self): - with open("unittests/scans/h1/bug_bounty_many.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_many.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -139,7 +139,7 @@ def test_bug_bounty_hacker_one_many_findings_csv(self): self.assertIn("CVE-2017-12615", finding.unsaved_vulnerability_ids) def test_bug_bounty_hacker_one_one_findings_csv(self): - with open("unittests/scans/h1/bug_bounty_one.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_one.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -157,7 +157,7 @@ def test_bug_bounty_hacker_one_one_findings_csv(self): self.assertIn("**Reporter**: reporter", finding.description) def test_bug_bounty_hacker_one_zero_findings_csv(self): - with open("unittests/scans/h1/bug_bounty_zero.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("h1") / "bug_bounty_zero.json", encoding="utf-8") as testfile: parser = H1Parser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) diff --git a/unittests/tools/test_hadolint_parser.py b/unittests/tools/test_hadolint_parser.py index 1e96dfe287..74b24f5451 100644 --- a/unittests/tools/test_hadolint_parser.py +++ b/unittests/tools/test_hadolint_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.hadolint.parser import HadolintParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TesthadolintParser(DojoTestCase): def test_parse_file_with_one_dockerfile(self): - testfile = open("unittests/scans/hadolint/one_dockerfile.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("hadolint") / "one_dockerfile.json", encoding="utf-8") parser = HadolintParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -16,7 +16,7 @@ def test_parse_file_with_one_dockerfile(self): self.assertEqual(finding.file_path, "django-DefectDojo\\Dockerfile.django") def test_parse_file_with_many_dockerfile(self): - testfile = open("unittests/scans/hadolint/many_dockerfile.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("hadolint") / "many_dockerfile.json", encoding="utf-8") parser = HadolintParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_harbor_vulnerability_parser.py b/unittests/tools/test_harbor_vulnerability_parser.py index 6659f23d60..52347034c9 100644 --- a/unittests/tools/test_harbor_vulnerability_parser.py +++ b/unittests/tools/test_harbor_vulnerability_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.harbor_vulnerability.parser import HarborVulnerabilityParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHarborVulnerabilityParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/harbor_vulnerability/harbor-0-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("harbor_vulnerability") / "harbor-0-vuln.json", encoding="utf-8") as testfile: parser = HarborVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) @@ -14,7 +14,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): # Sample with One Test # + also verify data with one test def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/harbor_vulnerability/harbor-1-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("harbor_vulnerability") / "harbor-1-vuln.json", encoding="utf-8") as testfile: parser = HarborVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -35,7 +35,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): # Sample with Multiple Test def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/harbor_vulnerability/harbor-5-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("harbor_vulnerability") / "harbor-5-vuln.json", encoding="utf-8") as testfile: parser = HarborVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -47,7 +47,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): # Sample with Trivy Test def test_parse_file_with_multiple_vuln_has_multiple_trivy_findings(self): - with open("unittests/scans/harbor_vulnerability/harbor-trivy-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("harbor_vulnerability") / "harbor-trivy-vuln.json", encoding="utf-8") as testfile: parser = HarborVulnerabilityParser() findings = parser.get_findings(testfile, Test()) @@ -57,7 +57,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_trivy_findings(self): # Sample with harborapi pip def test_parse_file_with_multiple_vuln_has_harborapi_pip_package(self): - with open("unittests/scans/harbor_vulnerability/harborapipip.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("harbor_vulnerability") / "harborapipip.json", encoding="utf-8") as testfile: parser = HarborVulnerabilityParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_hcl_appscan_parser.py b/unittests/tools/test_hcl_appscan_parser.py index 6ee0f083cc..718cde5e37 100644 --- a/unittests/tools/test_hcl_appscan_parser.py +++ b/unittests/tools/test_hcl_appscan_parser.py @@ -1,18 +1,18 @@ from dojo.tools.hcl_appscan.parser import HCLAppScanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHCLAppScanParser(DojoTestCase): def test_no_findings(self): - my_file_handle = open("unittests/scans/hcl_appscan/no_findings.xml", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("hcl_appscan") / "no_findings.xml", encoding="utf-8") parser = HCLAppScanParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() self.assertEqual(0, len(findings)) def test_many_findings(self): - my_file_handle = open("unittests/scans/hcl_appscan/many_findings.xml", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("hcl_appscan") / "many_findings.xml", encoding="utf-8") parser = HCLAppScanParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() @@ -26,7 +26,7 @@ def test_many_findings(self): self.assertEqual(findings[9].cwe, 522) def test_issue_9279(self): - my_file_handle = open("unittests/scans/hcl_appscan/issue_9279.xml", encoding="utf-8") + my_file_handle = open(get_unit_tests_scans_path("hcl_appscan") / "issue_9279.xml", encoding="utf-8") parser = HCLAppScanParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() @@ -39,7 +39,7 @@ def test_issue_9279(self): self.assertEqual(findings[10].cwe, 1275) def test_issue_10074(self): - with open("unittests/scans/hcl_appscan/issue_10074.xml", encoding="utf-8") as my_file_handle: + with open(get_unit_tests_scans_path("hcl_appscan") / "issue_10074.xml", encoding="utf-8") as my_file_handle: parser = HCLAppScanParser() findings = parser.get_findings(my_file_handle, None) my_file_handle.close() diff --git a/unittests/tools/test_horusec_parser.py b/unittests/tools/test_horusec_parser.py index b2a39b75ca..e8d77e66ee 100644 --- a/unittests/tools/test_horusec_parser.py +++ b/unittests/tools/test_horusec_parser.py @@ -1,16 +1,14 @@ import datetime -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.horusec.parser import HorusecParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHorusecParser(DojoTestCase): def test_get_findings(self): """Version 2.6.3 with big project in Python""" - with open(path.join(Path(__file__).parent, "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/version_2.6.3.json", encoding="utf-8") as testfile: parser = HorusecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(267, len(findings)) @@ -18,7 +16,7 @@ def test_get_findings(self): def test_get_tests(self): """Version 2.6.3 with big project in Python""" - with open(path.join(Path(__file__).parent, "../scans/horusec/version_2.6.3.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/version_2.6.3.json", encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -50,7 +48,7 @@ def test_get_tests(self): def test_get_tests_ok(self): """Version 2.6.3 with big project in Python""" - with open(path.join(Path(__file__).parent, "../scans/horusec/horres3.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/horres3.json", encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -82,7 +80,7 @@ def test_get_tests_ok(self): def test_get_tests_issue_6258(self): """""" - with open(path.join(Path(__file__).parent, "../scans/horusec/issue_6258.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/issue_6258.json", encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -118,7 +116,7 @@ def test_get_tests_issue_6258(self): def test_get_tests_pr_6563(self): """""" - with open(path.join(Path(__file__).parent, "../scans/horusec/pr_6563.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/pr_6563.json", encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) @@ -137,7 +135,7 @@ def test_get_tests_pr_6563(self): def test_issue_9939(self): """""" - with open(path.join(Path(__file__).parent, "../scans/horusec/issue_9939.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "horusec/issue_9939.json", encoding="utf-8") as testfile: parser = HorusecParser() tests = parser.get_tests("Horusec Scan", testfile) self.assertEqual(1, len(tests)) diff --git a/unittests/tools/test_humble_parser.py b/unittests/tools/test_humble_parser.py index d4284e1692..85497d00f6 100644 --- a/unittests/tools/test_humble_parser.py +++ b/unittests/tools/test_humble_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.humble.parser import HumbleParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHumbleParser(DojoTestCase): def test_humble_parser_with_many_findings(self): - with open("unittests/scans/humble/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("humble") / "many_findings.json", encoding="utf-8") as testfile: parser = HumbleParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -19,7 +19,7 @@ def test_humble_parser_with_many_findings(self): self.assertEqual("Deprecated header: Strict-Transport-Security (Recommended Values)", finding.title) def test_humble_parser_with_many_findings2(self): - with open("unittests/scans/humble/many_findings2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("humble") / "many_findings2.json", encoding="utf-8") as testfile: parser = HumbleParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_huskyci_parser.py b/unittests/tools/test_huskyci_parser.py index 7c7bb1ad59..b2bb4147dc 100644 --- a/unittests/tools/test_huskyci_parser.py +++ b/unittests/tools/test_huskyci_parser.py @@ -1,19 +1,19 @@ from dojo.models import Test from dojo.tools.huskyci.parser import HuskyCIParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHuskyCIParser(DojoTestCase): def test_parse_file_no_finding(self): - with open("unittests/scans/huskyci/huskyci_report_no_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("huskyci") / "huskyci_report_no_finding.json", encoding="utf-8") as testfile: parser = HuskyCIParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_has_one_finding_one_tool(self): with open( - get_unit_tests_path() + "/scans/huskyci/huskyci_report_one_finding_one_tool.json", encoding="utf-8", + get_unit_tests_scans_path("huskyci") / "huskyci_report_one_finding_one_tool.json", encoding="utf-8", ) as testfile: parser = HuskyCIParser() findings = parser.get_findings(testfile, Test()) @@ -21,7 +21,7 @@ def test_parse_file_has_one_finding_one_tool(self): def test_parse_file_has_many_finding_one_tool(self): with open( - get_unit_tests_path() + "/scans/huskyci/huskyci_report_many_finding_one_tool.json", encoding="utf-8", + get_unit_tests_scans_path("huskyci") / "huskyci_report_many_finding_one_tool.json", encoding="utf-8", ) as testfile: parser = HuskyCIParser() findings = parser.get_findings(testfile, Test()) @@ -29,7 +29,7 @@ def test_parse_file_has_many_finding_one_tool(self): def test_parse_file_has_many_finding_two_tools(self): with open( - get_unit_tests_path() + "/scans/huskyci/huskyci_report_many_finding_two_tools.json", encoding="utf-8", + get_unit_tests_scans_path("huskyci") / "huskyci_report_many_finding_two_tools.json", encoding="utf-8", ) as testfile: parser = HuskyCIParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_hydra_parser.py b/unittests/tools/test_hydra_parser.py index a4045e2c26..e83b17acb8 100644 --- a/unittests/tools/test_hydra_parser.py +++ b/unittests/tools/test_hydra_parser.py @@ -2,32 +2,32 @@ from dojo.models import Finding, Test from dojo.tools.hydra.parser import HydraParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestHydraParser(DojoTestCase): __test_datetime = datetime(2019, 3, 1, 14, 44, 22) def test_invalid_json_format(self): - with open("unittests/scans/hydra/invalid.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "invalid.json", encoding="utf-8") as testfile: parser = HydraParser() with self.assertRaises(ValueError): parser.get_findings(testfile, Test()) def test_parser_ensures_data_is_for_hydra_before_parsing(self): - with open("unittests/scans/hydra/oddly_familiar_json_that_isnt_us.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "oddly_familiar_json_that_isnt_us.json", encoding="utf-8") as testfile: parser = HydraParser() with self.assertRaises(ValueError): parser.get_findings(testfile, Test()) def test_hydra_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/hydra/hydra_report_no_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "hydra_report_no_finding.json", encoding="utf-8") as testfile: parser = HydraParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_hydra_parser_with_one_finding_has_one_finding(self): - with open("unittests/scans/hydra/hydra_report_one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "hydra_report_one_finding.json", encoding="utf-8") as testfile: parser = HydraParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -45,7 +45,7 @@ def test_hydra_parser_with_one_finding_has_one_finding(self): ) def test_hydra_parser_with_one_finding_and_missing_date_has_one_finding(self): - with open("unittests/scans/hydra/hydra_report_one_finding_missing_date.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "hydra_report_one_finding_missing_date.json", encoding="utf-8") as testfile: parser = HydraParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -63,7 +63,7 @@ def test_hydra_parser_with_one_finding_and_missing_date_has_one_finding(self): ) def test_hydra_parser_with_two_findings_with_one_incomplete_has_one_finding(self): - with open("unittests/scans/hydra/hydra_report_two_findings_with_one_incomplete.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "hydra_report_two_findings_with_one_incomplete.json", encoding="utf-8") as testfile: parser = HydraParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -81,7 +81,7 @@ def test_hydra_parser_with_two_findings_with_one_incomplete_has_one_finding(self ) def test_hydra_parser_with_many_findings_has_many_findings(self): - with open("unittests/scans/hydra/hydra_report_many_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("hydra") / "hydra_report_many_finding.json", encoding="utf-8") as testfile: parser = HydraParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) diff --git a/unittests/tools/test_ibm_app_parser.py b/unittests/tools/test_ibm_app_parser.py index 7e6fc5d447..55d039ef32 100644 --- a/unittests/tools/test_ibm_app_parser.py +++ b/unittests/tools/test_ibm_app_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.ibm_app.parser import IbmAppParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestIbmAppParser(DojoTestCase): def test_parse_file(self): - testfile = open("unittests/scans/ibm_app/testfire.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ibm_app") / "testfire.xml", encoding="utf-8") parser = IbmAppParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_immuniweb_parser.py b/unittests/tools/test_immuniweb_parser.py index 413a2c0a1e..d8161f92a5 100644 --- a/unittests/tools/test_immuniweb_parser.py +++ b/unittests/tools/test_immuniweb_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.immuniweb.parser import ImmuniwebParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestImmuniwebParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/immuniweb/ImmuniWeb-0-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("immuniweb") / "ImmuniWeb-0-vuln.xml", encoding="utf-8") as testfile: parser = ImmuniwebParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/immuniweb/ImmuniWeb-1-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("immuniweb") / "ImmuniWeb-1-vuln.xml", encoding="utf-8") as testfile: parser = ImmuniwebParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/immuniweb/ImmuniWeb-multiple-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("immuniweb") / "ImmuniWeb-multiple-vuln.xml", encoding="utf-8") as testfile: parser = ImmuniwebParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_intsights_parser.py b/unittests/tools/test_intsights_parser.py index c4460d9464..b2bfb34c04 100644 --- a/unittests/tools/test_intsights_parser.py +++ b/unittests/tools/test_intsights_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.intsights.parser import IntSightsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestIntSightsParser(DojoTestCase): def test_intsights_parser_with_one_critical_vuln_has_one_findings_json( self): - with open("unittests/scans/intsights/intsights_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_one_vul.json", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) @@ -27,7 +27,7 @@ def test_intsights_parser_with_one_critical_vuln_has_one_findings_json( def test_intsights_parser_with_one_critical_vuln_has_one_findings_csv( self): - with open("unittests/scans/intsights/intsights_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_one_vuln.csv", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -42,31 +42,31 @@ def test_intsights_parser_with_one_critical_vuln_has_one_findings_csv( finding.title) def test_intsights_parser_with_many_vuln_has_many_findings_json(self): - with open("unittests/scans/intsights/intsights_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_many_vul.json", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_intsights_parser_with_many_vuln_has_many_findings_csv(self): - with open("unittests/scans/intsights/intsights_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_many_vuln.csv", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) def test_intsights_parser_invalid_text_with_error_csv(self): with self.assertRaises(ValueError): - with open("unittests/scans/intsights/intsights_invalid_file.txt", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_invalid_file.txt", encoding="utf-8") as testfile: parser = IntSightsParser() parser.get_findings(testfile, Test()) def test_intsights_parser_with_no_alerts_json(self): - with open("unittests/scans/intsights/intsights_zero_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_zero_vuln.json", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_intsights_parser_with_no_alerts_csv(self): - with open("unittests/scans/intsights/intsights_zero_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("intsights") / "intsights_zero_vuln.csv", encoding="utf-8") as testfile: parser = IntSightsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) diff --git a/unittests/tools/test_invicti_parser.py b/unittests/tools/test_invicti_parser.py index aca5bfadd7..324ba73ca3 100644 --- a/unittests/tools/test_invicti_parser.py +++ b/unittests/tools/test_invicti_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.invicti.parser import InvictiParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestInvictiParser(DojoTestCase): def test_parse_file_with_one_finding(self): - with open("unittests/scans/invicti/invicti_one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("invicti") / "invicti_one_finding.json", encoding="utf-8") as testfile: parser = InvictiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -26,7 +26,7 @@ def test_parse_file_with_one_finding(self): self.assertEqual(str(endpoint), "http://php.testsparker.com/auth/login.php") def test_parse_file_with_multiple_finding(self): - with open("unittests/scans/invicti/invicti_many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("invicti") / "invicti_many_findings.json", encoding="utf-8") as testfile: parser = InvictiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) @@ -70,7 +70,7 @@ def test_parse_file_with_multiple_finding(self): self.assertEqual(str(endpoint), "http://php.testsparker.com") def test_parse_file_issue_9816(self): - with open("unittests/scans/invicti/issue_9816.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("invicti") / "issue_9816.json", encoding="utf-8") as testfile: parser = InvictiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -84,7 +84,7 @@ def test_parse_file_issue_9816(self): self.assertEqual("03/02/2019", finding.date.strftime("%d/%m/%Y")) def test_parse_file_issue_10311(self): - with open("unittests/scans/invicti/issue_10311.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("invicti") / "issue_10311.json", encoding="utf-8") as testfile: parser = InvictiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py b/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py index dae2630232..945c8ac6c4 100644 --- a/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py +++ b/unittests/tools/test_jfrog_xray_api_summary_artifact_parser.py @@ -4,19 +4,19 @@ from dojo.tools.jfrog_xray_api_summary_artifact.parser import ( JFrogXrayApiSummaryArtifactParser, ) -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestJFrogXrayApiSummaryArtifactParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open("unittests/scans/jfrog_xray_api_summary_artifact/no_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_api_summary_artifact") / "no_vuln.json", encoding="utf-8") parser = JFrogXrayApiSummaryArtifactParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open("unittests/scans/jfrog_xray_api_summary_artifact/one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_api_summary_artifact") / "one_vuln.json", encoding="utf-8") parser = JFrogXrayApiSummaryArtifactParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -52,7 +52,7 @@ def test_parse_file_with_one_vuln(self): def test_parse_file_with_many_vulns(self): testfile = open( - "unittests/scans/jfrog_xray_api_summary_artifact/many_vulns.json", encoding="utf-8", + get_unit_tests_scans_path("jfrog_xray_api_summary_artifact") / "many_vulns.json", encoding="utf-8", ) parser = JFrogXrayApiSummaryArtifactParser() findings = parser.get_findings(testfile, Test()) @@ -64,7 +64,7 @@ def test_parse_file_with_many_vulns(self): def test_parse_file_with_malformed_cvssv3_score(self): testfile = open( - "unittests/scans/jfrog_xray_api_summary_artifact/malformed_cvssv3.json", encoding="utf-8", + get_unit_tests_scans_path("jfrog_xray_api_summary_artifact") / "malformed_cvssv3.json", encoding="utf-8", ) parser = JFrogXrayApiSummaryArtifactParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py b/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py index 257a88dd49..a8b89a1ee5 100644 --- a/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py +++ b/unittests/tools/test_jfrog_xray_on_demand_binary_scan_parser.py @@ -4,13 +4,13 @@ clean_title, get_component_name_version, ) -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestJFrogXrayOnDemandBinaryScanParser(DojoTestCase): def test_parse_file_with_one_vuln(self): - testfile = open("unittests/scans/jfrog_xray_on_demand_binary_scan/one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_on_demand_binary_scan") / "one_vuln.json", encoding="utf-8") parser = JFrogXrayOnDemandBinaryScanParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("High", item.severity) def test_parse_file_with_many_vulns(self): - testfile = open("unittests/scans/jfrog_xray_on_demand_binary_scan/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_on_demand_binary_scan") / "many_vulns.json", encoding="utf-8") parser = JFrogXrayOnDemandBinaryScanParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -50,14 +50,14 @@ def test_clean_title(self): self.assertEqual("Processing some specially crafted ASN.1 object identifiers or", clean_title("Issue summary: Processing some specially crafted ASN.1 object identifiers or\ndata containing them may be very slow.")) def test_parse_file_with_many_vulns_docker(self): - testfile = open("unittests/scans/jfrog_xray_on_demand_binary_scan/many_vulns_docker.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_on_demand_binary_scan") / "many_vulns_docker.json", encoding="utf-8") parser = JFrogXrayOnDemandBinaryScanParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(4, len(findings)) def test_parse_file_with_many_vulns_pypi(self): - testfile = open("unittests/scans/jfrog_xray_on_demand_binary_scan/many_vulns_pypi.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_on_demand_binary_scan") / "many_vulns_pypi.json", encoding="utf-8") parser = JFrogXrayOnDemandBinaryScanParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_jfrog_xray_unified_parser.py b/unittests/tools/test_jfrog_xray_unified_parser.py index 25349d8983..8325ca5224 100644 --- a/unittests/tools/test_jfrog_xray_unified_parser.py +++ b/unittests/tools/test_jfrog_xray_unified_parser.py @@ -2,20 +2,20 @@ from dojo.models import Test from dojo.tools.jfrog_xray_unified.parser import JFrogXrayUnifiedParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestJFrogXrayUnifiedParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open("unittests/scans/jfrog_xray_unified/no_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_unified") / "no_vuln.json", encoding="utf-8") parser = JFrogXrayUnifiedParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open("unittests/scans/jfrog_xray_unified/one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_unified") / "one_vuln.json", encoding="utf-8") parser = JFrogXrayUnifiedParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -45,14 +45,14 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("XRAY-139239", item.unique_id_from_tool) def test_parse_file_with_many_vulns(self): - testfile = open("unittests/scans/jfrog_xray_unified/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_unified") / "many_vulns.json", encoding="utf-8") parser = JFrogXrayUnifiedParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(3, len(findings)) def test_parse_file_with_very_many_vulns(self): - testfile = open("unittests/scans/jfrog_xray_unified/very_many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_unified") / "very_many_vulns.json", encoding="utf-8") parser = JFrogXrayUnifiedParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -339,7 +339,7 @@ def test_parse_file_with_very_many_vulns(self): # **finished various packages** def test_parse_file_with_another_report(self): - testfile = open("unittests/scans/jfrog_xray_unified/Vulnerabilities-Report-XRAY_Unified.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrog_xray_unified") / "Vulnerabilities-Report-XRAY_Unified.json", encoding="utf-8") parser = JFrogXrayUnifiedParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_jfrogxray_parser.py b/unittests/tools/test_jfrogxray_parser.py index 0a4aeb2e39..e7afb51ea2 100644 --- a/unittests/tools/test_jfrogxray_parser.py +++ b/unittests/tools/test_jfrogxray_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.jfrogxray.parser import JFrogXrayParser, decode_cwe_number -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestJfrogJFrogXrayParser(DojoTestCase): def test_parse_file_with_one_vuln(self): - testfile = open("unittests/scans/jfrogxray/one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrogxray") / "one_vuln.json", encoding="utf-8") parser = JFrogXrayParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -19,14 +19,14 @@ def test_parse_file_with_one_vuln(self): self.assertEqual(787, item.cwe) def test_parse_file_with_many_vulns(self): - testfile = open("unittests/scans/jfrogxray/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrogxray") / "many_vulns.json", encoding="utf-8") parser = JFrogXrayParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(3, len(findings)) def test_parse_file_with_many_vulns2(self): - testfile = open("unittests/scans/jfrogxray/many_vulns2.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("jfrogxray") / "many_vulns2.json", encoding="utf-8") parser = JFrogXrayParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_kics_parser.py b/unittests/tools/test_kics_parser.py index 03fe1ddaac..fdef69aa6d 100644 --- a/unittests/tools/test_kics_parser.py +++ b/unittests/tools/test_kics_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.kics.parser import KICSParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKICSParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/kics/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kics") / "no_findings.json", encoding="utf-8") as testfile: parser = KICSParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/kics/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kics") / "many_findings.json", encoding="utf-8") as testfile: parser = KICSParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(18, len(findings)) diff --git a/unittests/tools/test_kiuwan_parser.py b/unittests/tools/test_kiuwan_parser.py index d27f003bbb..90655ddaca 100644 --- a/unittests/tools/test_kiuwan_parser.py +++ b/unittests/tools/test_kiuwan_parser.py @@ -1,36 +1,36 @@ from dojo.models import Test from dojo.tools.kiuwan.parser import KiuwanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKiuwanParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/kiuwan/kiuwan_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan") / "kiuwan_no_vuln.csv", encoding="utf-8") as testfile: parser = KiuwanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_two_vuln_has_two_findings(self): - with open("unittests/scans/kiuwan/kiuwan_two_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan") / "kiuwan_two_vuln.csv", encoding="utf-8") as testfile: parser = KiuwanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/kiuwan/kiuwan_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan") / "kiuwan_many_vuln.csv", encoding="utf-8") as testfile: parser = KiuwanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(131, len(findings)) def test_parse_file_with_defects(self): - with open("unittests/scans/kiuwan/kiuwan_defects.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan") / "kiuwan_defects.csv", encoding="utf-8") as testfile: parser = KiuwanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_issue_9308(self): - with open("unittests/scans/kiuwan/issue_9308.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan") / "issue_9308.csv", encoding="utf-8") as testfile: parser = KiuwanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_kiuwan_sca_parser.py b/unittests/tools/test_kiuwan_sca_parser.py index 3c868c483c..1545480757 100644 --- a/unittests/tools/test_kiuwan_sca_parser.py +++ b/unittests/tools/test_kiuwan_sca_parser.py @@ -1,32 +1,32 @@ from dojo.models import Test from dojo.tools.kiuwan_sca.parser import KiuwanSCAParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path # ./dc-unittest.sh --profile postgres-redis --test-case unittests.tools.test_kiuwan_sca_parser.TestKiuwanSCAParser class TestKiuwanSCAParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/kiuwan_sca/kiuwan_sca_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan_sca") / "kiuwan_sca_no_vuln.json", encoding="utf-8") as testfile: parser = KiuwanSCAParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_two_vuln_has_two_findings(self): - with open("unittests/scans/kiuwan_sca/kiuwan_sca_two_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan_sca") / "kiuwan_sca_two_vuln.json", encoding="utf-8") as testfile: parser = KiuwanSCAParser() findings = parser.get_findings(testfile, Test()) # file contains 3, but we only get 2 as "muted" ones are ignored: self.assertEqual(2, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/kiuwan_sca/kiuwan_sca_many_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan_sca") / "kiuwan_sca_many_vuln.json", encoding="utf-8") as testfile: parser = KiuwanSCAParser() findings = parser.get_findings(testfile, Test()) # also tests deduplication as there are 28 findings in the file: self.assertEqual(27, len(findings)) def test_correct_mapping(self): - with open("unittests/scans/kiuwan_sca/kiuwan_sca_two_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kiuwan_sca") / "kiuwan_sca_two_vuln.json", encoding="utf-8") as testfile: parser = KiuwanSCAParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_krakend_audit_parser.py b/unittests/tools/test_krakend_audit_parser.py index 60f44d51ec..4d5f4d0394 100644 --- a/unittests/tools/test_krakend_audit_parser.py +++ b/unittests/tools/test_krakend_audit_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.krakend_audit.parser import KrakenDAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKrakenDAuditParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/krakend_audit/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("krakend_audit") / "no_findings.json", encoding="utf-8") as testfile: parser = KrakenDAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/krakend_audit/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("krakend_audit") / "many_findings.json", encoding="utf-8") as testfile: parser = KrakenDAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_kubeaudit_parser.py b/unittests/tools/test_kubeaudit_parser.py index dea4e51e5b..a7d74002ee 100644 --- a/unittests/tools/test_kubeaudit_parser.py +++ b/unittests/tools/test_kubeaudit_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.kubeaudit.parser import KubeAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKubeAuditParser(DojoTestCase): def test_parse_file_has_no_findings(self): - testfile = open("unittests/scans/kubeaudit/kubeaudit.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("kubeaudit") / "kubeaudit.json", encoding="utf-8") parser = KubeAuditParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_kubebench_parser.py b/unittests/tools/test_kubebench_parser.py index 25b77faaf7..8afc53f1b1 100644 --- a/unittests/tools/test_kubebench_parser.py +++ b/unittests/tools/test_kubebench_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.kubebench.parser import KubeBenchParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKubeBenchParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/kubebench/kube-bench-report-zero-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("kubebench") / "kube-bench-report-zero-vuln.json", encoding="utf-8", ) as testfile: parser = KubeBenchParser() findings = parser.get_findings(testfile, Test()) @@ -15,7 +15,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): def test_parse_file_with_one_vuln_has_one_finding(self): with open( - get_unit_tests_path() + "/scans/kubebench/kube-bench-report-one-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("kubebench") / "kube-bench-report-one-vuln.json", encoding="utf-8", ) as testfile: parser = KubeBenchParser() findings = parser.get_findings(testfile, Test()) @@ -23,7 +23,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): def test_parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/kubebench/kube-bench-report-many-vuln.json", encoding="utf-8", + get_unit_tests_scans_path("kubebench") / "kube-bench-report-many-vuln.json", encoding="utf-8", ) as testfile: parser = KubeBenchParser() findings = parser.get_findings(testfile, Test()) @@ -33,7 +33,7 @@ def test_parse_file_with_controls_tag(self): # The testfile has been derived from https://github.com/kubernetes-sigs/wg-policy-prototypes/blob/master/policy-report/kube-bench-adapter/samples/kube-bench-output.json with open( - get_unit_tests_path() + "/scans/kubebench/kube-bench-controls.json", encoding="utf-8", + get_unit_tests_scans_path("kubebench") / "kube-bench-controls.json", encoding="utf-8", ) as testfile: parser = KubeBenchParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_kubehunter_parser.py b/unittests/tools/test_kubehunter_parser.py index 2141d59bb1..0f2405b7bf 100644 --- a/unittests/tools/test_kubehunter_parser.py +++ b/unittests/tools/test_kubehunter_parser.py @@ -1,19 +1,19 @@ from django.test import TestCase from dojo.models import Test -from dojo.tools.kubehunter.parser import KubeHunterParser +from dojo.tools.kubehunter.parser import KubeHunterParser, get_unit_tests_scans_path class TestKubeHunterParser(TestCase): def test_kubehunter_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/kubehunter/kubehunter_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubehunter") / "kubehunter_zero_vul.json", encoding="utf-8") as testfile: parser = KubeHunterParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_kubehunter_parser_with_one_criticle_vuln_has_one_findings(self): - with open("unittests/scans/kubehunter/kubehunter_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubehunter") / "kubehunter_one_vul.json", encoding="utf-8") as testfile: parser = KubeHunterParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -28,7 +28,7 @@ def test_kubehunter_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual(finding.severity, "High") def test_kubehunter_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/kubehunter/kubehunter_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubehunter") / "kubehunter_many_vul.json", encoding="utf-8") as testfile: parser = KubeHunterParser() findings = parser.get_findings(testfile, Test()) @@ -36,7 +36,7 @@ def test_kubehunter_parser_with_many_vuln_has_many_findings(self): def test_kubehunter_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/kubehunter/empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubehunter") / "empty.json", encoding="utf-8") as testfile: parser = KubeHunterParser() parser.get_findings(testfile, Test()) @@ -45,7 +45,7 @@ def test_kubehunter_parser_empty_with_error(self): ) def test_kubehunter_parser_dupe(self): - with open("unittests/scans/kubehunter/dupe.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubehunter") / "dupe.json", encoding="utf-8") as testfile: parser = KubeHunterParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_kubescape_parser.py b/unittests/tools/test_kubescape_parser.py index 346cda0401..d0b62f6e96 100644 --- a/unittests/tools/test_kubescape_parser.py +++ b/unittests/tools/test_kubescape_parser.py @@ -1,23 +1,23 @@ from dojo.models import Test from dojo.tools.kubescape.parser import KubescapeParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestKubescapeParser(DojoTestCase): def test_parse_file_has_many_findings(self): - with open(get_unit_tests_path() + "/scans/kubescape/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubescape") / "many_findings.json", encoding="utf-8") as testfile: parser = KubescapeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(349, len(findings)) def test_parse_file_has_many_results(self): - with open(get_unit_tests_path() + "/scans/kubescape/results.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubescape") / "results.json", encoding="utf-8") as testfile: parser = KubescapeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_a_failure(self): - with open(get_unit_tests_path() + "/scans/kubescape/with_a_failure.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("kubescape") / "with_a_failure.json", encoding="utf-8") as testfile: parser = KubescapeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_legitify_parser.py b/unittests/tools/test_legitify_parser.py index 66f803258b..f5ffb33f0b 100644 --- a/unittests/tools/test_legitify_parser.py +++ b/unittests/tools/test_legitify_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.legitify.parser import LegitifyParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestLegitifyParser(DojoTestCase): def test_parse_file_with_many_findings(self): - with open(get_unit_tests_path() + "/scans/legitify/legitify_many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("legitify") / "legitify_many_findings.json", encoding="utf-8") as testfile: parser = LegitifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) @@ -21,7 +21,7 @@ def test_parse_file_with_many_findings(self): endpoint.clean() def test_parse_file_with_one_finding(self): - with open(get_unit_tests_path() + "/scans/legitify/legitify_one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("legitify") / "legitify_one_finding.json", encoding="utf-8") as testfile: parser = LegitifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -37,7 +37,7 @@ def test_parse_file_with_one_finding(self): endpoint.clean() def test_parse_file_with_no_findings(self): - with open(get_unit_tests_path() + "/scans/legitify/legitify_no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("legitify") / "legitify_no_findings.json", encoding="utf-8") as testfile: parser = LegitifyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) diff --git a/unittests/tools/test_mend_parser.py b/unittests/tools/test_mend_parser.py index cd544d503c..11b2009563 100644 --- a/unittests/tools/test_mend_parser.py +++ b/unittests/tools/test_mend_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.mend.parser import MendParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMendParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/mend/okhttp_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "okhttp_no_vuln.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/mend/okhttp_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "okhttp_one_vuln.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -23,21 +23,21 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual(5.3, finding.cvssv3_score) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/mend/okhttp_many_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "okhttp_many_vuln.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) def test_parse_file_with_multiple_vuln_cli_output(self): with open( - get_unit_tests_path() + "/scans/mend/cli_generated_many_vulns.json", encoding="utf-8", + get_unit_tests_scans_path("mend") / "cli_generated_many_vulns.json", encoding="utf-8", ) as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(20, len(findings)) def test_parse_file_with_one_sca_vuln_finding(self): - with open("unittests/scans/mend/mend_sca_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "mend_sca_vuln.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -45,13 +45,13 @@ def test_parse_file_with_one_sca_vuln_finding(self): self.assertEqual("D:\\MendRepo\\test-product\\test-project\\test-project-subcomponent\\path\\to\\the\\Java\\commons-codec-1.6_donotuse.jar", finding.file_path) def test_parse_file_with_no_vuln_has_no_findings_platform(self): - with open("unittests/scans/mend/mend-sca-platform-api3-no-findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "mend-sca-platform-api3-no-findings.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings_platform(self): - with open("unittests/scans/mend/mend-sca-platform-api3-one-finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "mend-sca-platform-api3-one-finding.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -62,7 +62,7 @@ def test_parse_file_with_one_vuln_has_one_findings_platform(self): self.assertEqual(3.1, finding.cvssv3_score) def test_parse_file_with_multiple_vuln_has_multiple_finding_platform(self): - with open("unittests/scans/mend/mend-sca-platform-api3-eleven-findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mend") / "mend-sca-platform-api3-eleven-findings.json", encoding="utf-8") as testfile: parser = MendParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(11, len(findings)) diff --git a/unittests/tools/test_meterian_parser.py b/unittests/tools/test_meterian_parser.py index 2a5a9f3c27..e119dc8df8 100644 --- a/unittests/tools/test_meterian_parser.py +++ b/unittests/tools/test_meterian_parser.py @@ -1,39 +1,39 @@ from dojo.models import Test from dojo.tools.meterian.parser import MeterianParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMeterianParser(DojoTestCase): def test_meterianParser_invalid_security_report_raise_ValueError_exception(self): with self.assertRaises(ValueError): - with open("unittests/scans/meterian/report_invalid.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_invalid.json", encoding="utf-8") as testfile: parser = MeterianParser() parser.get_findings(testfile, Test()) def test_meterianParser_report_has_no_finding(self): - with open("unittests/scans/meterian/report_no_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_no_vulns.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_meterianParser_report_has_one_findings(self): - with open("unittests/scans/meterian/report_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_one_vuln.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_meterianParser_report_has_many_findings(self): - with open("unittests/scans/meterian/report_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_many_vulns.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(20, len(findings)) def test_meterianParser_finding_has_fields(self): - with open("unittests/scans/meterian/report_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_one_vuln.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) @@ -63,7 +63,7 @@ def test_meterianParser_finding_has_fields(self): self.assertEqual(["nodejs"], finding.tags) def test_meterianParser_finding_has_no_remediation(self): - with open("unittests/scans/meterian/report_one_vuln_no_remediation.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_one_vuln_no_remediation.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) @@ -73,7 +73,7 @@ def test_meterianParser_finding_has_no_remediation(self): + "issue for the safety of your application.", finding.mitigation) def test_meterianParser_dual_language_report_has_two_findins(self): - with open("unittests/scans/meterian/report_multi_language.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("meterian") / "report_multi_language.json", encoding="utf-8") as testfile: parser = MeterianParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_microfocus_webinspect_parser.py b/unittests/tools/test_microfocus_webinspect_parser.py index 07f43bca93..9683168ad4 100644 --- a/unittests/tools/test_microfocus_webinspect_parser.py +++ b/unittests/tools/test_microfocus_webinspect_parser.py @@ -1,6 +1,6 @@ from dojo.models import Engagement, Product, Test from dojo.tools.microfocus_webinspect.parser import MicrofocusWebinspectParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMicrofocusWebinspectParser(DojoTestCase): @@ -10,7 +10,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): test.engagement = Engagement() test.engagement.product = Product() with open( - get_unit_tests_path() + "/scans/microfocus_webinspect/Webinspect_no_vuln.xml", encoding="utf-8", + get_unit_tests_scans_path("microfocus_webinspect") / "Webinspect_no_vuln.xml", encoding="utf-8", ) as testfile: parser = MicrofocusWebinspectParser() findings = parser.get_findings(testfile, test) @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): test.engagement = Engagement() test.engagement.product = Product() with open( - get_unit_tests_path() + "/scans/microfocus_webinspect/Webinspect_one_vuln.xml", encoding="utf-8", + get_unit_tests_scans_path("microfocus_webinspect") / "Webinspect_one_vuln.xml", encoding="utf-8", ) as testfile: parser = MicrofocusWebinspectParser() findings = parser.get_findings(testfile, test) @@ -42,7 +42,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding(self): test.engagement = Engagement() test.engagement.product = Product() with open( - get_unit_tests_path() + "/scans/microfocus_webinspect/Webinspect_many_vuln.xml", encoding="utf-8", + get_unit_tests_scans_path("microfocus_webinspect") / "Webinspect_many_vuln.xml", encoding="utf-8", )as testfile: parser = MicrofocusWebinspectParser() findings = parser.get_findings(testfile, test) @@ -73,7 +73,7 @@ def test_convert_severity(self): ) def test_parse_file_version_18_20(self): - with open("unittests/scans/microfocus_webinspect/Webinspect_V18_20.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("microfocus_webinspect") / "Webinspect_V18_20.xml", encoding="utf-8") as testfile: parser = MicrofocusWebinspectParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -121,7 +121,7 @@ def test_parse_file_issue7690(self): test.engagement = Engagement() test.engagement.product = Product() with open( - get_unit_tests_path() + "/scans/microfocus_webinspect/issue_7690.xml", encoding="utf-8", + get_unit_tests_scans_path("microfocus_webinspect") / "issue_7690.xml", encoding="utf-8", ) as testfile: parser = MicrofocusWebinspectParser() findings = parser.get_findings(testfile, test) diff --git a/unittests/tools/test_mobsf_parser.py b/unittests/tools/test_mobsf_parser.py index 31a40eb784..8ff22099d2 100644 --- a/unittests/tools/test_mobsf_parser.py +++ b/unittests/tools/test_mobsf_parser.py @@ -1,6 +1,6 @@ from dojo.models import Engagement, Product, Test from dojo.tools.mobsf.parser import MobSFParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMobSFParser(DojoTestCase): @@ -10,7 +10,7 @@ def test_parse_file(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/report1.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "report1.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -36,7 +36,7 @@ def test_parse_file2(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/report2.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "report2.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -50,7 +50,7 @@ def test_parse_file_3_1_9_android(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/android.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "android.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -73,7 +73,7 @@ def test_parse_file_3_1_9_ios(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/ios.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "ios.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -94,7 +94,7 @@ def test_parse_file_mobsf_3_7_9(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/mobsf_3_7_9.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "mobsf_3_7_9.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -109,7 +109,7 @@ def test_parse_issue_9132(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/issue_9132.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "issue_9132.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -120,7 +120,7 @@ def test_parse_allsafe(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/allsafe.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "allsafe.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() @@ -131,7 +131,7 @@ def test_parse_damnvulnrablebank(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - testfile = open("unittests/scans/mobsf/damnvulnrablebank.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("mobsf") / "damnvulnrablebank.json", encoding="utf-8") parser = MobSFParser() findings = parser.get_findings(testfile, test) testfile.close() diff --git a/unittests/tools/test_mobsf_scorecard_parser.py b/unittests/tools/test_mobsf_scorecard_parser.py index a873e6bcca..0351ba5adc 100644 --- a/unittests/tools/test_mobsf_scorecard_parser.py +++ b/unittests/tools/test_mobsf_scorecard_parser.py @@ -1,6 +1,6 @@ from dojo.models import Test from dojo.tools.mobsf_scorecard.parser import MobSFScorecardParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMobSFScorecardParser(DojoTestCase): @@ -9,7 +9,7 @@ def test_parse_android_empty_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvba_4_0_7_android_empty.json", encoding="utf-8") as android_empty_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvba_4_0_7_android_empty.json", encoding="utf-8") as android_empty_file: android_empty_findings = parser.get_findings(android_empty_file, Test()) self.assertEqual(0, len(android_empty_findings)) @@ -18,7 +18,7 @@ def test_parse_android_one_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvba_4_0_7_android_one.json", encoding="utf-8") as android_one_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvba_4_0_7_android_one.json", encoding="utf-8") as android_one_file: android_one_findings = parser.get_findings(android_one_file, Test()) self.assertEqual(1, len(android_one_findings)) @@ -31,7 +31,7 @@ def test_parse_android_full_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvba_4_0_7_android_full.json", encoding="utf-8") as android_full_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvba_4_0_7_android_full.json", encoding="utf-8") as android_full_file: android_full_findings = parser.get_findings(android_full_file, Test()) self.assertEqual(18, len(android_full_findings)) @@ -48,7 +48,7 @@ def test_parse_ios_empty_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvia2_4_0_7_ios_empty.json", encoding="utf-8") as ios_empty_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvia2_4_0_7_ios_empty.json", encoding="utf-8") as ios_empty_file: ios_empty_findings = parser.get_findings(ios_empty_file, Test()) self.assertEqual(0, len(ios_empty_findings)) @@ -57,7 +57,7 @@ def test_parse_ios_one_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvia2_4_0_7_ios_one.json", encoding="utf-8") as ios_one_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvia2_4_0_7_ios_one.json", encoding="utf-8") as ios_one_file: ios_one_findings = parser.get_findings(ios_one_file, Test()) self.assertEqual(1, len(ios_one_findings)) @@ -70,7 +70,7 @@ def test_parse_ios_full_file(self): parser = MobSFScorecardParser() - with open("unittests/scans/mobsf_scorecard/dvia2_4_0_7_ios_full.json", encoding="utf-8") as ios_full_file: + with open(get_unit_tests_scans_path("mobsf_scorecard") / "dvia2_4_0_7_ios_full.json", encoding="utf-8") as ios_full_file: ios_full_findings = parser.get_findings(ios_full_file, Test()) self.assertEqual(11, len(ios_full_findings)) diff --git a/unittests/tools/test_mobsfscan_parser.py b/unittests/tools/test_mobsfscan_parser.py index a4051bd3a5..c2c27f40b6 100644 --- a/unittests/tools/test_mobsfscan_parser.py +++ b/unittests/tools/test_mobsfscan_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.mobsfscan.parser import MobsfscanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMobsfscanParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/mobsfscan/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mobsfscan") / "no_findings.json", encoding="utf-8") as testfile: parser = MobsfscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/mobsfscan/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mobsfscan") / "many_findings.json", encoding="utf-8") as testfile: parser = MobsfscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) @@ -94,7 +94,7 @@ def test_parse_many_findings(self): self.assertIsNotNone(finding.references) def test_parse_many_findings_cwe_lower(self): - with open("unittests/scans/mobsfscan/many_findings_cwe_lower.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mobsfscan") / "many_findings_cwe_lower.json", encoding="utf-8") as testfile: parser = MobsfscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) diff --git a/unittests/tools/test_mozilla_observatory_parser.py b/unittests/tools/test_mozilla_observatory_parser.py index 96c5d0719e..d05f28c6e4 100644 --- a/unittests/tools/test_mozilla_observatory_parser.py +++ b/unittests/tools/test_mozilla_observatory_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.mozilla_observatory.parser import MozillaObservatoryParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMozillaObservatoryParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/mozilla_observatory/mozilla_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "mozilla_no_vuln.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -19,20 +19,20 @@ def test_parse_file_with_no_vuln_has_no_findings(self): self.assertIn("Preloaded via the HTTP Strict Transport Security (HSTS) preloading process", finding.description) def test_parse_file_with_two_vuln_has_two_findings(self): - with open("unittests/scans/mozilla_observatory/mozilla_gitlab_two_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "mozilla_gitlab_two_vuln.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/mozilla_observatory/mozilla_google_many_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "mozilla_google_many_vuln.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) def test_parse_file_cli_mozilla_org(self): """Test from the CLI""" - with open("unittests/scans/mozilla_observatory/mozilla_org.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "mozilla_org.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) @@ -49,7 +49,7 @@ def test_parse_file_cli_mozilla_org(self): def test_parse_file_cli_demo(self): """Test from the CLI""" - with open("unittests/scans/mozilla_observatory/demo.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "demo.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) @@ -79,7 +79,7 @@ def test_parse_file_cli_demo(self): def test_parse_file_cli_juicy(self): """Test from the CLI""" - with open("unittests/scans/mozilla_observatory/juicy.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "juicy.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) @@ -120,7 +120,7 @@ def test_parse_file_cli_juicy(self): def test_parse_file_cli_nmap_scanme(self): """Test from the CLI""" - with open("unittests/scans/mozilla_observatory/nmap_scanme.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "nmap_scanme.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) @@ -179,7 +179,7 @@ def test_parse_file_cli_nmap_scanme(self): def test_parse_file_cli_nmap_scanme_no_name_attribute(self): """Test from the CLI""" - with open("unittests/scans/mozilla_observatory/nmap_scanme_2022.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("mozilla_observatory") / "nmap_scanme_2022.json", encoding="utf-8") as testfile: parser = MozillaObservatoryParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(12, len(findings)) diff --git a/unittests/tools/test_ms_defender_parser.py b/unittests/tools/test_ms_defender_parser.py index 586bc401c5..272c21262f 100644 --- a/unittests/tools/test_ms_defender_parser.py +++ b/unittests/tools/test_ms_defender_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.ms_defender.parser import MSDefenderParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestMSDefenderParser(DojoTestCase): def test_parse_many_findings(self): - testfile = open("unittests/scans/ms_defender/report_many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "report_many_vulns.json", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -16,7 +16,7 @@ def test_parse_many_findings(self): self.assertEqual("CVE-5678-9887_wjeriowerjoiewrjoweirjeowij", finding.title) def test_parse_one_finding(self): - testfile = open("unittests/scans/ms_defender/report_one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "report_one_vuln.json", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -27,14 +27,14 @@ def test_parse_one_finding(self): self.assertEqual("CVE-1234-5678", finding.unsaved_vulnerability_ids[0]) def test_parse_no_finding(self): - testfile = open("unittests/scans/ms_defender/report_no_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "report_no_vuln.json", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parser_defender_zip(self): - testfile = open("unittests/scans/ms_defender/defender.zip", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "defender.zip", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -47,7 +47,7 @@ def test_parser_defender_zip(self): self.assertEqual("1.1.1.1", finding.unsaved_endpoints[0].host) def test_parser_defender_wrong_machines_zip(self): - testfile = open("unittests/scans/ms_defender/defender_wrong_machines.zip", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "defender_wrong_machines.zip", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -57,7 +57,7 @@ def test_parser_defender_wrong_machines_zip(self): self.assertEqual("CVE-5678-9887_wjeriowerjoiewrjoweirjeowij", finding.title) def test_parser_defender_multiple_files_zip(self): - testfile = open("unittests/scans/ms_defender/defender_multiple_files.zip", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "defender_multiple_files.zip", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -70,7 +70,7 @@ def test_parser_defender_multiple_files_zip(self): self.assertEqual("1.1.1.1", finding.unsaved_endpoints[0].host) def test_parser_defender_issue_11217(self): - testfile = open("unittests/scans/ms_defender/issue_11217.zip", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("ms_defender") / "issue_11217.zip", encoding="utf-8") parser = MSDefenderParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_nancy_parser.py b/unittests/tools/test_nancy_parser.py index 5de57ddd2e..e2d8a208ef 100644 --- a/unittests/tools/test_nancy_parser.py +++ b/unittests/tools/test_nancy_parser.py @@ -1,20 +1,18 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.nancy.parser import NancyParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNancyParser(DojoTestCase): def test_nancy_parser_with_no_vuln_has_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_no_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "nancy/nancy_no_findings.json", encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_nancy_parser_with_one_vuln_has_one_findings(self): - with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_one_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "nancy/nancy_one_findings.json", encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -28,7 +26,7 @@ def test_nancy_parser_with_one_vuln_has_one_findings(self): self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", finding.cvssv3) def test_nancy_plus_parser_with_many_vuln_has_many_findings(self): - with open(path.join(Path(__file__).parent, "../scans/nancy/nancy_many_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "nancy/nancy_many_findings.json", encoding="utf-8") as testfile: parser = NancyParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(13, len(findings)) diff --git a/unittests/tools/test_netsparker_parser.py b/unittests/tools/test_netsparker_parser.py index 8537686b97..0992cd6cb4 100644 --- a/unittests/tools/test_netsparker_parser.py +++ b/unittests/tools/test_netsparker_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.netsparker.parser import NetsparkerParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNetsparkerParser(DojoTestCase): def test_parse_file_with_one_finding(self): - with open("unittests/scans/netsparker/netsparker_one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("netsparker") / "netsparker_one_finding.json", encoding="utf-8") as testfile: parser = NetsparkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -26,7 +26,7 @@ def test_parse_file_with_one_finding(self): self.assertEqual(str(endpoint), "http://php.testsparker.com/auth/login.php") def test_parse_file_with_multiple_finding(self): - with open("unittests/scans/netsparker/netsparker_many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("netsparker") / "netsparker_many_findings.json", encoding="utf-8") as testfile: parser = NetsparkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) @@ -70,7 +70,7 @@ def test_parse_file_with_multiple_finding(self): self.assertEqual(str(endpoint), "http://php.testsparker.com") def test_parse_file_issue_9816(self): - with open("unittests/scans/netsparker/issue_9816.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("netsparker") / "issue_9816.json", encoding="utf-8") as testfile: parser = NetsparkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -84,7 +84,7 @@ def test_parse_file_issue_9816(self): self.assertEqual("03/02/2019", finding.date.strftime("%d/%m/%Y")) def test_parse_file_issue_10311(self): - with open("unittests/scans/netsparker/issue_10311.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("netsparker") / "issue_10311.json", encoding="utf-8") as testfile: parser = NetsparkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -98,7 +98,7 @@ def test_parse_file_issue_10311(self): self.assertEqual("03/02/2019", finding.date.strftime("%d/%m/%Y")) def test_parse_file_issue_11020(self): - with open("unittests/scans/netsparker/issue_11020.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("netsparker") / "issue_11020.json", encoding="utf-8") as testfile: parser = NetsparkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_neuvector_compliance_parser.py b/unittests/tools/test_neuvector_compliance_parser.py index 1370d61143..347f09dd60 100644 --- a/unittests/tools/test_neuvector_compliance_parser.py +++ b/unittests/tools/test_neuvector_compliance_parser.py @@ -1,21 +1,19 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.neuvector_compliance.parser import NeuVectorComplianceParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNeuVectorComplianceParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/no_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector_compliance/no_vuln.json", encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/one_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector_compliance/one_vuln.json", encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -23,7 +21,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("docker_D.1.1.11", findings[0].vuln_id_from_tool) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector_compliance/many_vulns.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector_compliance/many_vulns.json", encoding="utf-8") parser = NeuVectorComplianceParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_neuvector_parser.py b/unittests/tools/test_neuvector_parser.py index ed4507dd9d..4df93b51ee 100644 --- a/unittests/tools/test_neuvector_parser.py +++ b/unittests/tools/test_neuvector_parser.py @@ -1,21 +1,19 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.neuvector.parser import NeuVectorParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNeuVectorParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/no_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector/no_vuln.json", encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/one_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector/one_vuln.json", encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -24,7 +22,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("CVE-2015-8356", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(Path(__file__).parent, "../scans/neuvector/many_vulns.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "neuvector/many_vulns.json", encoding="utf-8") parser = NeuVectorParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_nexpose_parser.py b/unittests/tools/test_nexpose_parser.py index c6fc0b116e..c512ae5172 100644 --- a/unittests/tools/test_nexpose_parser.py +++ b/unittests/tools/test_nexpose_parser.py @@ -4,13 +4,13 @@ from dojo.models import Engagement, Product, Test from dojo.tools.nexpose.parser import NexposeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNexposeParser(DojoTestCase): def test_nexpose_parser_has_no_finding(self): - with open("unittests/scans/nexpose/no_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nexpose") / "no_vuln.xml", encoding="utf-8") as testfile: parser = NexposeParser() findings = parser.get_findings(testfile, Test()) @@ -29,7 +29,7 @@ def test_nexpose_parser_has_many_finding(self): test = Test() test.engagement = Engagement() test.engagement.product = Product() - with open("unittests/scans/nexpose/many_vulns.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nexpose") / "many_vulns.xml", encoding="utf-8") as testfile: parser = NexposeParser() findings = parser.get_findings(testfile, test) @@ -135,7 +135,7 @@ def test_nexpose_parser_has_many_finding(self): self.assertEqual("udp", endpoint.protocol) def test_nexpose_parser_tests_outside_endpoint(self): - with open("unittests/scans/nexpose/report_auth.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nexpose") / "report_auth.xml", encoding="utf-8") as testfile: parser = NexposeParser() findings = parser.get_findings(testfile, Test()) @@ -167,7 +167,7 @@ def test_nexpose_parser_tests_outside_endpoint(self): self.assertIsNone(finding.unsaved_vulnerability_ids) def test_nexpose_parser_dns(self): - with open("unittests/scans/nexpose/dns.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nexpose") / "dns.xml", encoding="utf-8") as testfile: parser = NexposeParser() findings = parser.get_findings(testfile, Test()) @@ -208,7 +208,7 @@ def test_nexpose_parser_dns(self): @override_settings(USE_FIRST_SEEN=True) def test_nexpose_parser_use_first_seen(self): - with open("unittests/scans/nexpose/dns.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nexpose") / "dns.xml", encoding="utf-8") as testfile: parser = NexposeParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_nikto_parser.py b/unittests/tools/test_nikto_parser.py index 1c4da0b6a1..9fd29fd301 100644 --- a/unittests/tools/test_nikto_parser.py +++ b/unittests/tools/test_nikto_parser.py @@ -1,6 +1,6 @@ from dojo.models import Engagement, Product, Test from dojo.tools.nikto.parser import NiktoParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNiktoParser(DojoTestCase): @@ -10,7 +10,7 @@ def test_parse_file_with_old_format(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - with open("unittests/scans/nikto/nikto-report-old-format.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "nikto-report-old-format.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, test) for finding in findings: @@ -19,7 +19,7 @@ def test_parse_file_with_old_format(self): self.assertEqual(1, len(findings)) def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/nikto/nikto-report-zero-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "nikto-report-zero-vuln.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) @@ -29,7 +29,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - with open("unittests/scans/nikto/nikto-report-one-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "nikto-report-one-vuln.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, test) for finding in findings: @@ -42,7 +42,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): engagement = Engagement() engagement.product = Product() test.engagement = engagement - with open("unittests/scans/nikto/nikto-report-many-vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "nikto-report-many-vuln.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, test) for finding in findings: @@ -51,7 +51,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): self.assertEqual(len(findings), 10) def test_parse_file_json_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/nikto/juice-shop.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "juice-shop.json", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -74,7 +74,7 @@ def test_parse_file_json_with_multiple_vuln_has_multiple_findings(self): self.assertEqual(140, len(finding.unsaved_endpoints)) def test_parse_file_json_with_uri_errors(self): - with open("unittests/scans/nikto/nikto-output.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "nikto-output.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -103,7 +103,7 @@ def test_parse_file_json_with_uri_errors(self): self.assertEqual("examples/servlets/index.html", endpoint.path) def test_parse_file_json_another(self): - with open("unittests/scans/nikto/tdh.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "tdh.json", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -134,7 +134,7 @@ def test_parse_file_json_another(self): self.assertIsNone(endpoint.path) def test_parse_file_xml_another(self): - with open("unittests/scans/nikto/tdh.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "tdh.xml", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -176,7 +176,7 @@ def test_parse_file_xml_another(self): self.assertIsNone(endpoint.path) def test_parse_file_issue_9274(self): - with open("unittests/scans/nikto/issue_9274.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nikto") / "issue_9274.json", encoding="utf-8") as testfile: parser = NiktoParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_nmap_parser.py b/unittests/tools/test_nmap_parser.py index 5a36d43cc1..9dbbfde77d 100644 --- a/unittests/tools/test_nmap_parser.py +++ b/unittests/tools/test_nmap_parser.py @@ -2,13 +2,13 @@ from dojo.models import Test from dojo.tools.nmap.parser import NmapParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNmapParser(DojoTestCase): def test_parse_file_with_no_open_ports_has_no_findings(self): - with open("unittests/scans/nmap/nmap_0port.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nmap") / "nmap_0port.xml", encoding="utf-8") as testfile: parser = NmapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -17,7 +17,7 @@ def test_parse_file_with_no_open_ports_has_no_findings(self): self.assertEqual(0, len(findings)) def test_parse_file_with_single_open_ports_has_single_finding(self): - with open("unittests/scans/nmap/nmap_1port.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nmap") / "nmap_1port.xml", encoding="utf-8") as testfile: parser = NmapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -37,7 +37,7 @@ def test_parse_file_with_single_open_ports_has_single_finding(self): self.assertEqual("tcp", endpoint.protocol) def test_parse_file_with_multiple_open_ports_has_multiple_finding(self): - with open("unittests/scans/nmap/nmap_multiple_port.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nmap") / "nmap_multiple_port.xml", encoding="utf-8") as testfile: parser = NmapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -57,7 +57,7 @@ def test_parse_file_with_multiple_open_ports_has_multiple_finding(self): self.assertEqual("tcp", endpoint.protocol) def test_parse_file_with_script_vulner(self): - with open("unittests/scans/nmap/nmap_script_vulners.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nmap") / "nmap_script_vulners.xml", encoding="utf-8") as testfile: parser = NmapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -83,7 +83,7 @@ def test_parse_file_with_script_vulner(self): self.assertEqual(datetime.datetime(2020, 2, 17, 9, 7, 25), findings[2].date) def test_parse_issue4406(self): - with open("unittests/scans/nmap/issue4406.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nmap") / "issue4406.xml", encoding="utf-8") as testfile: parser = NmapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_noseyparker_parser.py b/unittests/tools/test_noseyparker_parser.py index 714e8a4fa7..595017a618 100644 --- a/unittests/tools/test_noseyparker_parser.py +++ b/unittests/tools/test_noseyparker_parser.py @@ -1,19 +1,18 @@ -from django.test import TestCase - from dojo.models import Test from dojo.tools.noseyparker.parser import NoseyParkerParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestNoseyParkerParser(TestCase): +class TestNoseyParkerParser(DojoTestCase): def test_noseyparker_parser__no_vulns(self): - with open("unittests/scans/noseyparker/noseyparker_zero_vul.jsonl", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("noseyparker") / "noseyparker_zero_vul.jsonl", encoding="utf-8") as testfile: parser = NoseyParkerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_noseyparker_parser_one_vuln(self): - with open("unittests/scans/noseyparker/noseyparker_one_vul.jsonl", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("noseyparker") / "noseyparker_one_vul.jsonl", encoding="utf-8") as testfile: parser = NoseyParkerParser() findings = parser.get_findings(testfile, Test()) finding = findings[0] @@ -24,7 +23,7 @@ def test_noseyparker_parser_one_vuln(self): def test_noseyparker_parser_many_vulns(self): # Testfile contains 5 lines (Middle 2 are duplicates and line #4 has 2 of the same exact matches) - with open("unittests/scans/noseyparker/noseyparker_many_vul.jsonl", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("noseyparker") / "noseyparker_many_vul.jsonl", encoding="utf-8") as testfile: parser = NoseyParkerParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -34,7 +33,7 @@ def test_noseyparker_parser_many_vulns(self): def test_noseyparker_parser_error(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/noseyparker/empty_with_error.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("noseyparker") / "empty_with_error.json", encoding="utf-8") as testfile: parser = NoseyParkerParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_npm_audit_7_plus_parser.py b/unittests/tools/test_npm_audit_7_plus_parser.py index 0d937584c8..4e4f14102b 100644 --- a/unittests/tools/test_npm_audit_7_plus_parser.py +++ b/unittests/tools/test_npm_audit_7_plus_parser.py @@ -1,21 +1,19 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.npm_audit_7_plus.parser import NpmAudit7PlusParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNpmAudit7PlusParser(DojoTestCase): def test_npm_audit_7_plus_parser_with_no_vuln_has_no_findings(self): - testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/no_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "npm_audit_7_plus/no_vuln.json", encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_npm_audit_7_plus_parser_with_one_vuln_has_one_findings(self): - testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/one_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "npm_audit_7_plus/one_vuln.json", encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -29,7 +27,7 @@ def test_npm_audit_7_plus_parser_with_one_vuln_has_one_findings(self): self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", finding.cvssv3) def test_npm_audit_7_plus_parser_with_many_vuln_has_many_findings(self): - testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/many_vulns.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "npm_audit_7_plus/many_vulns.json", encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -43,7 +41,7 @@ def test_npm_audit_7_plus_parser_with_many_vuln_has_many_findings(self): self.assertEqual("@vercel/fun", finding.title) def test_npm_audit_7_plus_parser_issue_10801(self): - testfile = open(path.join(Path(__file__).parent, "../scans/npm_audit_7_plus/issue_10801.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "npm_audit_7_plus/issue_10801.json", encoding="utf-8") parser = NpmAudit7PlusParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_npm_audit_parser.py b/unittests/tools/test_npm_audit_parser.py index c15da91da7..b3e3058456 100644 --- a/unittests/tools/test_npm_audit_parser.py +++ b/unittests/tools/test_npm_audit_parser.py @@ -1,20 +1,18 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.npm_audit.parser import NpmAuditParser, censor_path_hashes -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNpmAuditParser(DojoTestCase): def test_npm_audit_parser_with_no_vuln_has_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/npm_audit/no_vuln.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/no_vuln.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_npm_audit_parser_with_one_criticle_vuln_has_one_findings(self): - with open(path.join(Path(__file__).parent, "../scans/npm_audit/one_vuln.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/one_vuln.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -23,7 +21,7 @@ def test_npm_audit_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual("1.9.2", findings[0].component_version) def test_npm_audit_parser_with_many_vuln_has_many_findings(self): - with open(path.join(Path(__file__).parent, "../scans/npm_audit/many_vuln.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/many_vuln.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -40,7 +38,7 @@ def test_npm_audit_parser_with_many_vuln_has_many_findings(self): def test_npm_audit_parser_multiple_cwes_per_finding(self): # cwes formatted as escaped list: "cwe": "[\"CWE-346\",\"CWE-453\"]", - with open(path.join(Path(__file__).parent, "../scans/npm_audit/multiple_cwes.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/multiple_cwes.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(41, len(findings)) @@ -49,14 +47,14 @@ def test_npm_audit_parser_multiple_cwes_per_finding(self): def test_npm_audit_parser_multiple_cwes_per_finding_list(self): # cwes formatted as proper list: "cwe": ["CWE-918","CWE-1333"], - with open(path.join(Path(__file__).parent, "../scans/npm_audit/multiple_cwes2.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/multiple_cwes2.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) self.assertEqual(918, findings[0].cwe) def test_npm_audit_parser_with_one_criticle_vuln_has_null_as_cwe(self): - with open(path.join(Path(__file__).parent, "../scans/npm_audit/cwe_null.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/cwe_null.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -66,7 +64,7 @@ def test_npm_audit_parser_with_one_criticle_vuln_has_null_as_cwe(self): def test_npm_audit_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open(path.join(Path(__file__).parent, "../scans/npm_audit/empty_with_error.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/empty_with_error.json", encoding="utf-8") as testfile: parser = NpmAuditParser() parser.get_findings(testfile, Test()) @@ -75,7 +73,7 @@ def test_npm_audit_parser_empty_with_error(self): def test_npm_audit_parser_many_vuln_npm7(self): with self.assertRaises(ValueError) as context: - with open(path.join(Path(__file__).parent, "../scans/npm_audit/many_vuln_npm7.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/many_vuln_npm7.json", encoding="utf-8") as testfile: parser = NpmAuditParser() parser.get_findings(testfile, Test()) @@ -91,7 +89,7 @@ def test_npm_audit_censored_hash(self): self.assertEqual(censored_path, "censored_by_npm_audit>censored_by_npm_audit>lodash") def test_npm_audit_parser_issue_7897(self): - with open(path.join(Path(__file__).parent, "../scans/npm_audit/issue_7897.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "npm_audit/issue_7897.json", encoding="utf-8") as testfile: parser = NpmAuditParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_nsp_parser.py b/unittests/tools/test_nsp_parser.py index 289c7a996c..099725e814 100644 --- a/unittests/tools/test_nsp_parser.py +++ b/unittests/tools/test_nsp_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.nsp.parser import NspParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNspParser(DojoTestCase): def test_parse_none(self): parser = NspParser() - with open("unittests/scans/nsp/none.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("nsp") / "none.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) self.assertEqual(0, len(findings)) def test_parse_ok(self): parser = NspParser() - with open("unittests/scans/nsp/scan.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("nsp") / "scan.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) self.assertEqual(9, len(findings)) diff --git a/unittests/tools/test_nuclei_parser.py b/unittests/tools/test_nuclei_parser.py index 6fb71d0b2f..9389b89127 100644 --- a/unittests/tools/test_nuclei_parser.py +++ b/unittests/tools/test_nuclei_parser.py @@ -4,25 +4,25 @@ from dojo.models import Test, Test_Type from dojo.tools.nuclei.parser import NucleiParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestNucleiParser(DojoTestCase): def test_parse_no_empty(self): - with open("unittests/scans/nuclei/empty.jsonl", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "empty.jsonl", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_no_findings(self): - with open("unittests/scans/nuclei/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "no_findings.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_issue_9201(self): - with open("unittests/scans/nuclei/issue_9201.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "issue_9201.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -32,7 +32,7 @@ def test_parse_issue_9201(self): self.assertEqual("example.com", finding.unsaved_endpoints[0].host) def test_parse_many_findings(self): - with open("unittests/scans/nuclei/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "many_findings.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -151,7 +151,7 @@ def test_parse_many_findings(self): self.assertEqual("mysql-native-password-bruteforce", finding.vuln_id_from_tool) def test_parse_many_findings_new(self): - with open("unittests/scans/nuclei/many_findings_new.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "many_findings_new.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -192,7 +192,7 @@ def test_parse_many_findings_new(self): self.assertEqual("prometheus-metrics", finding.vuln_id_from_tool) def test_parse_many_findings_third(self): - with open("unittests/scans/nuclei/many_findings_third.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "many_findings_third.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -226,7 +226,7 @@ def test_parse_many_findings_third(self): self.assertEqual("asp.net-favicon", finding.component_name) def test_parse_many_findings_v3(self): - with open("unittests/scans/nuclei/multiple_v3.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "multiple_v3.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -238,7 +238,7 @@ def test_parse_many_findings_v3(self): self.assertEqual("Info", finding.severity) def test_parse_invalid_cwe(self): - with open("unittests/scans/nuclei/invalid_cwe.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "invalid_cwe.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -249,7 +249,7 @@ def test_parse_invalid_cwe(self): self.assertEqual(0, finding.cwe) def test_parse_same_template_multiple_matches(self): - with open("unittests/scans/nuclei/multiple_matches.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("nuclei") / "multiple_matches.json", encoding="utf-8") as testfile: parser = NucleiParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_openscap_parser.py b/unittests/tools/test_openscap_parser.py index 0c2d5625f4..37c915cc81 100644 --- a/unittests/tools/test_openscap_parser.py +++ b/unittests/tools/test_openscap_parser.py @@ -1,19 +1,19 @@ from dojo.models import Test from dojo.tools.openscap.parser import OpenscapParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOpenscapParser(DojoTestCase): def test_openscap_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/openscap/no_vuln_rhsa.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("openscap") / "no_vuln_rhsa.xml", encoding="utf-8") parser = OpenscapParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_openscap_parser_with_one_criticle_vuln_has_one_findings(self): - testfile = open("unittests/scans/openscap/one_vuln_rhsa.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("openscap") / "one_vuln_rhsa.xml", encoding="utf-8") parser = OpenscapParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -26,7 +26,7 @@ def test_openscap_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual("CVE-2005-1038", finding.unsaved_vulnerability_ids[0]) def test_openscap_parser_with_many_vuln_has_many_findings(self): - testfile = open("unittests/scans/openscap/many_vuln_rhsa.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("openscap") / "many_vuln_rhsa.xml", encoding="utf-8") parser = OpenscapParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -51,7 +51,7 @@ def test_openscap_parser_with_many_vuln_has_many_findings(self): self.assertEqual("192.168.100.194", finding.unsaved_endpoints[6].host) def test_parser_from_spec_1_1_3(self): - testfile = open("unittests/scans/openscap/ios-sample-v1.1.3.xccdf.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("openscap") / "ios-sample-v1.1.3.xccdf.xml", encoding="utf-8") parser = OpenscapParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_openvas_parser.py b/unittests/tools/test_openvas_parser.py index 5a2ba5a17c..a5da585a64 100644 --- a/unittests/tools/test_openvas_parser.py +++ b/unittests/tools/test_openvas_parser.py @@ -1,11 +1,11 @@ from dojo.models import Engagement, Product, Test from dojo.tools.openvas.parser import OpenVASParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOpenVASParser(DojoTestCase): def test_openvas_csv_one_vuln(self): - with open("unittests/scans/openvas/one_vuln.csv", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "one_vuln.csv", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -26,7 +26,7 @@ def test_openvas_csv_one_vuln(self): self.assertEqual(22, findings[0].unsaved_endpoints[0].port) def test_openvas_csv_many_vuln(self): - with open("unittests/scans/openvas/many_vuln.csv", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "many_vuln.csv", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -51,7 +51,7 @@ def test_openvas_csv_many_vuln(self): self.assertEqual(finding.unsaved_vulnerability_ids[0], "CVE-2011-3389") def test_openvas_csv_report_usingCVE(self): - with open("unittests/scans/openvas/report_using_CVE.csv", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "report_using_CVE.csv", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -67,7 +67,7 @@ def test_openvas_csv_report_usingCVE(self): self.assertEqual(finding.unsaved_vulnerability_ids[0], "CVE-2014-0117") def test_openvas_csv_report_usingOpenVAS(self): - with open("unittests/scans/openvas/report_using_openVAS.csv", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "report_using_openVAS.csv", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -83,7 +83,7 @@ def test_openvas_csv_report_usingOpenVAS(self): self.assertEqual(finding.unsaved_vulnerability_ids, []) def test_openvas_xml_no_vuln(self): - with open("unittests/scans/openvas/no_vuln.xml", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "no_vuln.xml", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -92,7 +92,7 @@ def test_openvas_xml_no_vuln(self): self.assertEqual(0, len(findings)) def test_openvas_xml_one_vuln(self): - with open("unittests/scans/openvas/one_vuln.xml", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "one_vuln.xml", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() @@ -108,7 +108,7 @@ def test_openvas_xml_one_vuln(self): self.assertEqual("Critical", finding.severity) def test_openvas_xml_many_vuln(self): - with open("unittests/scans/openvas/many_vuln.xml", encoding="utf-8") as f: + with open(get_unit_tests_scans_path("openvas") / "many_vuln.xml", encoding="utf-8") as f: test = Test() test.engagement = Engagement() test.engagement.product = Product() diff --git a/unittests/tools/test_ort_parser.py b/unittests/tools/test_ort_parser.py index d42098d184..b33a222c50 100644 --- a/unittests/tools/test_ort_parser.py +++ b/unittests/tools/test_ort_parser.py @@ -1,6 +1,6 @@ from dojo.models import Test from dojo.tools.ort.parser import OrtParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOrtParser(DojoTestCase): @@ -11,7 +11,7 @@ def test_parse_without_file_has_no_finding(self): def test_parse_file_has_many_finding_one_tool(self): testfile = open( - get_unit_tests_path() + "/scans/ort/evaluated-model-reporter-test-output.json", encoding="utf-8", + get_unit_tests_scans_path("ort") / "evaluated-model-reporter-test-output.json", encoding="utf-8", ) parser = OrtParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_ossindex_devaudit_parser.py b/unittests/tools/test_ossindex_devaudit_parser.py index 9b11e19cee..ead37a6112 100644 --- a/unittests/tools/test_ossindex_devaudit_parser.py +++ b/unittests/tools/test_ossindex_devaudit_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.ossindex_devaudit.parser import OssIndexDevauditParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOssIndexDevauditParser(DojoTestCase): def test_ossindex_devaudit_parser_with_no_vulns_has_no_findings(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_no_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_no_vuln.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -16,7 +16,7 @@ def test_ossindex_devaudit_parser_with_no_vulns_has_no_findings(self): def test_ossindex_devaudit_parser_with_one_critical_vuln_has_one_finding(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_one_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_one_vuln.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -25,7 +25,7 @@ def test_ossindex_devaudit_parser_with_one_critical_vuln_has_one_finding(self): def test_ossindex_devaudit_parser_with_multiple_vulns_has_multiple_finding(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_multiple_vulns.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_multiple_vulns.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -34,7 +34,7 @@ def test_ossindex_devaudit_parser_with_multiple_vulns_has_multiple_finding(self) def test_ossindex_devaudit_parser_with_no_cve_returns_info_severity(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_vuln_no_cvssscore.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_vuln_no_cvssscore.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -43,7 +43,7 @@ def test_ossindex_devaudit_parser_with_no_cve_returns_info_severity(self): def test_ossindex_devaudit_parser_with_reference_shows_reference(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_one_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_one_vuln.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -55,7 +55,7 @@ def test_ossindex_devaudit_parser_with_reference_shows_reference(self): def test_ossindex_devaudit_parser_with_empty_reference_shows_empty_reference(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_empty_reference.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_empty_reference.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -66,7 +66,7 @@ def test_ossindex_devaudit_parser_with_empty_reference_shows_empty_reference(sel def test_ossindex_devaudit_parser_with_missing_reference_shows_empty(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_missing_reference.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_missing_reference.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -77,7 +77,7 @@ def test_ossindex_devaudit_parser_with_missing_reference_shows_empty(self): def test_ossindex_devaudit_parser_with_missing_cwe_shows_1035(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_missing_cwe.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_missing_cwe.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -88,7 +88,7 @@ def test_ossindex_devaudit_parser_with_missing_cwe_shows_1035(self): def test_ossindex_devaudit_parser_with_null_cwe_shows_1035(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_null_cwe.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_null_cwe.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -99,7 +99,7 @@ def test_ossindex_devaudit_parser_with_null_cwe_shows_1035(self): def test_ossindex_devaudit_parser_with_empty_cwe_shows_1035(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_empty_cwe.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_empty_cwe.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -110,7 +110,7 @@ def test_ossindex_devaudit_parser_with_empty_cwe_shows_1035(self): def test_ossindex_devaudit_parser_get_severity_shows_info(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_severity_info.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_severity_info.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -121,7 +121,7 @@ def test_ossindex_devaudit_parser_get_severity_shows_info(self): def test_ossindex_devaudit_parser_get_severity_shows_critical(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_severity_critical.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_severity_critical.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -132,7 +132,7 @@ def test_ossindex_devaudit_parser_get_severity_shows_critical(self): def test_ossindex_devaudit_parser_get_severity_shows_high(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_severity_high.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_severity_high.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -143,7 +143,7 @@ def test_ossindex_devaudit_parser_get_severity_shows_high(self): def test_ossindex_devaudit_parser_get_severity_shows_medium(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_severity_medium.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_severity_medium.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) @@ -154,7 +154,7 @@ def test_ossindex_devaudit_parser_get_severity_shows_medium(self): def test_ossindex_devaudit_parser_get_severity_shows_low(self): testfile = open( - get_unit_tests_path() + "/scans/ossindex_devaudit/ossindex_devaudit_severity_low.json", encoding="utf-8", + get_unit_tests_scans_path("ossindex_devaudit") / "ossindex_devaudit_severity_low.json", encoding="utf-8", ) parser = OssIndexDevauditParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_osv_scanner_parser.py b/unittests/tools/test_osv_scanner_parser.py index 196ff09336..c21ee1a601 100644 --- a/unittests/tools/test_osv_scanner_parser.py +++ b/unittests/tools/test_osv_scanner_parser.py @@ -1,20 +1,18 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.osv_scanner.parser import OSVScannerParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOSVScannerParser(DojoTestCase): def test_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/osv_scanner/no_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "osv_scanner/no_findings.json", encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_some_findings(self): - with open(path.join(Path(__file__).parent, "../scans/osv_scanner/some_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "osv_scanner/some_findings.json", encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -26,7 +24,7 @@ def test_some_findings(self): self.assertEqual(finding.severity, "Low") def test_many_findings(self): - with open(path.join(Path(__file__).parent, "../scans/osv_scanner/many_findings.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "osv_scanner/many_findings.json", encoding="utf-8") as testfile: parser = OSVScannerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(66, len(findings)) diff --git a/unittests/tools/test_outpost24_parser.py b/unittests/tools/test_outpost24_parser.py index fd132e649b..4807fe7fac 100644 --- a/unittests/tools/test_outpost24_parser.py +++ b/unittests/tools/test_outpost24_parser.py @@ -1,6 +1,6 @@ from dojo.models import Test from dojo.tools.outpost24.parser import Outpost24Parser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestOutpost24Parser(DojoTestCase): @@ -21,10 +21,10 @@ def assert_file_has_n_items(self, filename, item_count): self.assertEqual("CVE-2019-9315", findings[0].unsaved_vulnerability_ids[0]) def test_parser_no_items(self): - self.assert_file_has_n_items(get_unit_tests_path() + "/scans/outpost24/none.xml", 0) + self.assert_file_has_n_items(get_unit_tests_scans_path("outpost24") / "none.xml", 0) def test_parser_one_item(self): - self.assert_file_has_n_items(get_unit_tests_path() + "/scans/outpost24/one.xml", 1) + self.assert_file_has_n_items(get_unit_tests_scans_path("outpost24") / "one.xml", 1) def test_parser_sample_items(self): - self.assert_file_has_n_items(get_unit_tests_path() + "/scans/outpost24/sample.xml", 24) + self.assert_file_has_n_items(get_unit_tests_scans_path("outpost24") / "sample.xml", 24) diff --git a/unittests/tools/test_php_security_audit_v2_parser.py b/unittests/tools/test_php_security_audit_v2_parser.py index 4ae779e130..216738bf3c 100644 --- a/unittests/tools/test_php_security_audit_v2_parser.py +++ b/unittests/tools/test_php_security_audit_v2_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.php_security_audit_v2.parser import PhpSecurityAuditV2Parser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPhpSecurityAuditV2ParserParser(DojoTestCase): def test_php_symfony_security_check_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/php_security_audit_v2/php_security_audit_v2.0.0_unformatted.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("php_security_audit_v2") / "php_security_audit_v2.0.0_unformatted.json", encoding="utf-8") parser = PhpSecurityAuditV2Parser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -23,7 +23,7 @@ def test_php_symfony_security_check_parser_with_no_vuln_has_no_findings(self): def test_php_symfony_security_check_parser_with_many_vuln(self): """New report with latest version""" - testfile = open("unittests/scans/php_security_audit_v2/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("php_security_audit_v2") / "many_vulns.json", encoding="utf-8") parser = PhpSecurityAuditV2Parser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_php_symfony_security_check_parser.py b/unittests/tools/test_php_symfony_security_check_parser.py index 6786d54b9c..fa442000a1 100644 --- a/unittests/tools/test_php_symfony_security_check_parser.py +++ b/unittests/tools/test_php_symfony_security_check_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.php_symfony_security_check.parser import PhpSymfonySecurityCheckParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPhpSymfonySecurityCheckerParser(DojoTestCase): def test_php_symfony_security_check_parser_with_no_vuln_has_no_findings(self): testfile = open( - get_unit_tests_path() + "/scans/php_symfony_security_check/php_symfony_no_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("php_symfony_security_check") / "php_symfony_no_vuln.json", encoding="utf-8", ) parser = PhpSymfonySecurityCheckParser() findings = parser.get_findings(testfile, Test()) @@ -19,7 +19,7 @@ def test_php_symfony_security_check_parser_with_one_criticle_vuln_has_one_findin self, ): testfile = open( - get_unit_tests_path() + "/scans/php_symfony_security_check/php_symfony_one_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("php_symfony_security_check") / "php_symfony_one_vuln.json", encoding="utf-8", ) parser = PhpSymfonySecurityCheckParser() findings = parser.get_findings(testfile, Test()) @@ -28,7 +28,7 @@ def test_php_symfony_security_check_parser_with_one_criticle_vuln_has_one_findin def test_php_symfony_security_check_parser_with_many_vuln_has_many_findings(self): testfile = open( - get_unit_tests_path() + "/scans/php_symfony_security_check/php_symfony_many_vuln.json", encoding="utf-8", + get_unit_tests_scans_path("php_symfony_security_check") / "php_symfony_many_vuln.json", encoding="utf-8", ) parser = PhpSymfonySecurityCheckParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_pip_audit_parser.py b/unittests/tools/test_pip_audit_parser.py index 44c4e84085..6a4d1b5250 100644 --- a/unittests/tools/test_pip_audit_parser.py +++ b/unittests/tools/test_pip_audit_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.pip_audit.parser import PipAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPipAuditParser(DojoTestCase): def test_parser_empty(self): - testfiles = ["unittests/scans/pip_audit/empty.json", - "unittests/scans/pip_audit/empty_new.json"] + testfiles = [get_unit_tests_scans_path("pip_audit") / "empty.json", + get_unit_tests_scans_path("pip_audit") / "empty_new.json"] for path in testfiles: testfile = open(path, encoding="utf-8") parser = PipAuditParser() @@ -16,8 +16,8 @@ def test_parser_empty(self): self.assertEqual(0, len(findings)) def test_parser_zero_findings(self): - testfiles = ["unittests/scans/pip_audit/zero_vulns.json", - "unittests/scans/pip_audit/zero_vulns_new.json"] + testfiles = [get_unit_tests_scans_path("pip_audit") / "zero_vulns.json", + get_unit_tests_scans_path("pip_audit") / "zero_vulns_new.json"] for path in testfiles: testfile = open(path, encoding="utf-8") parser = PipAuditParser() @@ -26,8 +26,8 @@ def test_parser_zero_findings(self): self.assertEqual(0, len(findings)) def test_parser_many_vulns(self): - testfiles = ["unittests/scans/pip_audit/many_vulns.json", - "unittests/scans/pip_audit/many_vulns_new.json"] + testfiles = [get_unit_tests_scans_path("pip_audit") / "many_vulns.json", + get_unit_tests_scans_path("pip_audit") / "many_vulns_new.json"] for path in testfiles: testfile = open(path, encoding="utf-8") parser = PipAuditParser() diff --git a/unittests/tools/test_pmd_parser.py b/unittests/tools/test_pmd_parser.py index 5fbc74d9f7..6cd691f651 100644 --- a/unittests/tools/test_pmd_parser.py +++ b/unittests/tools/test_pmd_parser.py @@ -1,24 +1,24 @@ from dojo.models import Test from dojo.tools.pmd.parser import PmdParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPMDParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/pmd/pmd_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pmd") / "pmd_no_vuln.csv", encoding="utf-8") as testfile: parser = PmdParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/pmd/pmd_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pmd") / "pmd_one_vuln.csv", encoding="utf-8") as testfile: parser = PmdParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/pmd/pmd_many_vulns.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pmd") / "pmd_many_vulns.csv", encoding="utf-8") as testfile: parser = PmdParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(16, len(findings)) diff --git a/unittests/tools/test_popeye_parser.py b/unittests/tools/test_popeye_parser.py index 17bb5b6b8e..d378ac1284 100644 --- a/unittests/tools/test_popeye_parser.py +++ b/unittests/tools/test_popeye_parser.py @@ -1,19 +1,19 @@ from dojo.models import Test from dojo.tools.popeye.parser import PopeyeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPopeyeParser(DojoTestCase): def test_popeye_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/popeye/popeye_zero_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("popeye") / "popeye_zero_vul.json", encoding="utf-8") parser = PopeyeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_popeye_parser_with_one_warning_has_one_findings(self): - testfile = open("unittests/scans/popeye/popeye_one_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("popeye") / "popeye_one_vul.json", encoding="utf-8") parser = PopeyeParser() findings = parser.get_findings(testfile, Test()) finding_title = "pods test-namespace/6cff44dc94-d92km [POP-106] No resources requests/limits defined" @@ -31,7 +31,7 @@ def test_popeye_parser_with_one_warning_has_one_findings(self): self.assertEqual(finding_vuln_id_from_tool, findings[0].vuln_id_from_tool) def test_popeye_parser_with_many_vuln_has_many_findings(self): - testfile = open("unittests/scans/popeye/popeye_many_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("popeye") / "popeye_many_vul.json", encoding="utf-8") parser = PopeyeParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_progpilot_parser.py b/unittests/tools/test_progpilot_parser.py index 9cc11fb6c3..ce4369af28 100644 --- a/unittests/tools/test_progpilot_parser.py +++ b/unittests/tools/test_progpilot_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.progpilot.parser import ProgpilotParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestProgpilotParser(DojoTestCase): def test_progpilotparser_single_has_many_findings(self): - testfile = open("unittests/scans/progpilot/progpilot.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("progpilot") / "progpilot.json", encoding="utf-8") parser = ProgpilotParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -22,21 +22,21 @@ def test_progpilotparser_single_has_many_findings(self): self.assertEqual(593, finding.line) def test_progpilotparser_single_has_one_finding(self): - testfile = open("unittests/scans/progpilot/progpilot2.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("progpilot") / "progpilot2.json", encoding="utf-8") parser = ProgpilotParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(1, len(findings)) def test_progpilotparser_single_has_many_findings3(self): - testfile = open("unittests/scans/progpilot/progpilot3.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("progpilot") / "progpilot3.json", encoding="utf-8") parser = ProgpilotParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(3, len(findings)) def test_progpilotparser_single_has_many_findings4(self): - testfile = open("unittests/scans/progpilot/progpilot4.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("progpilot") / "progpilot4.json", encoding="utf-8") parser = ProgpilotParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_ptart_parser.py b/unittests/tools/test_ptart_parser.py index 83be6417b3..010044071c 100644 --- a/unittests/tools/test_ptart_parser.py +++ b/unittests/tools/test_ptart_parser.py @@ -1,10 +1,9 @@ -from django.test import TestCase - from dojo.models import Engagement, Product, Test from dojo.tools.ptart.parser import PTARTParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestPTARTParser(TestCase): +class TestPTARTParser(DojoTestCase): def setUp(self): self.product = Product(name="sample product", @@ -411,19 +410,19 @@ def test_ptart_parser_tools_parse_references_from_hit(self): self.assertEqual("Reference1: https://ref.example.com\nReference: https://ref3.example.com", parse_references_from_hit(hit)) def test_ptart_parser_with_empty_json_throws_error(self): - with open("unittests/scans/ptart/empty_with_error.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "empty_with_error.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(0, len(findings)) def test_ptart_parser_with_no_assessments_has_no_findings(self): - with open("unittests/scans/ptart/ptart_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_zero_vul.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(0, len(findings)) def test_ptart_parser_with_one_assessment_has_one_finding(self): - with open("unittests/scans/ptart/ptart_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_one_vul.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(1, len(findings)) @@ -462,7 +461,7 @@ def test_ptart_parser_with_one_assessment_has_one_finding(self): self.assertEqual("Reference: https://ref.example.com", finding.references) def test_ptart_parser_with_one_assessment_has_many_findings(self): - with open("unittests/scans/ptart/ptart_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_many_vul.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(2, len(findings)) @@ -510,7 +509,7 @@ def test_ptart_parser_with_one_assessment_has_many_findings(self): self.assertEqual(None, finding.references) def test_ptart_parser_with_multiple_assessments_has_many_findings_correctly_grouped(self): - with open("unittests/scans/ptart/ptart_vulns_with_mult_assessments.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_vulns_with_mult_assessments.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(3, len(findings)) @@ -578,7 +577,7 @@ def test_ptart_parser_with_multiple_assessments_has_many_findings_correctly_grou self.assertEqual(None, finding.references) def test_ptart_parser_with_single_vuln_on_import_test(self): - with open("unittests/scans/ptart/ptart_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_one_vul.json", encoding="utf-8") as testfile: parser = PTARTParser() tests = parser.get_tests("PTART Report", testfile) self.assertEqual(1, len(tests)) @@ -624,7 +623,7 @@ def test_ptart_parser_with_single_vuln_on_import_test(self): self.assertEqual("Reference: https://ref.example.com", finding.references) def test_ptart_parser_with_retest_campaign(self): - with open("unittests/scans/ptart/ptart_vuln_plus_retest.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ptart") / "ptart_vuln_plus_retest.json", encoding="utf-8") as testfile: parser = PTARTParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_pwn_sast_parser.py b/unittests/tools/test_pwn_sast_parser.py index c4b9f6033e..f6c8ded484 100644 --- a/unittests/tools/test_pwn_sast_parser.py +++ b/unittests/tools/test_pwn_sast_parser.py @@ -1,39 +1,39 @@ from dojo.models import Test from dojo.tools.pwn_sast.parser import PWNSASTParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestPWNSASTParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/pwn_sast/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pwn_sast") / "no_findings.json", encoding="utf-8") as testfile: parser = PWNSASTParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/pwn_sast/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pwn_sast") / "one_finding.json", encoding="utf-8") as testfile: parser = PWNSASTParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) self.assertEqual(1, len(findings)) def test_parse_many_finding(self): - with open("unittests/scans/pwn_sast/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pwn_sast") / "many_findings.json", encoding="utf-8") as testfile: parser = PWNSASTParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) self.assertEqual(3, len(findings)) def test_one_dup_finding(self): - with open("unittests/scans/pwn_sast/one_dup_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pwn_sast") / "one_dup_finding.json", encoding="utf-8") as testfile: parser = PWNSASTParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) self.assertEqual(1, len(findings)) def test_title_is_not_none(self): - with open("unittests/scans/pwn_sast/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("pwn_sast") / "one_finding.json", encoding="utf-8") as testfile: parser = PWNSASTParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) diff --git a/unittests/tools/test_qualys_hacker_guardian_parser.py b/unittests/tools/test_qualys_hacker_guardian_parser.py index 47bd820ffb..4d8d92f946 100644 --- a/unittests/tools/test_qualys_hacker_guardian_parser.py +++ b/unittests/tools/test_qualys_hacker_guardian_parser.py @@ -1,21 +1,19 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.qualys_hacker_guardian.parser import QualysHackerGuardianParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestQualysHackerGuardianParser(DojoTestCase): def test_qualys_hacker_guardian_parser_with_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/zero_finding.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "qualys_hacker_guardian/zero_finding.csv", encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_qualys_hacker_guardian_parser_with_one_findings(self): - with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/one_finding.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "qualys_hacker_guardian/one_finding.csv", encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -26,7 +24,7 @@ def test_qualys_hacker_guardian_parser_with_one_findings(self): self.assertEqual(len(finding.unsaved_endpoints), 2) def test_qualys_hacker_guardian_parser_with_many_findings(self): - with open(path.join(Path(__file__).parent, "../scans/qualys_hacker_guardian/many_finding.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "qualys_hacker_guardian/many_finding.csv", encoding="utf-8") as testfile: parser = QualysHackerGuardianParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_qualys_infrascan_webgui_parser.py b/unittests/tools/test_qualys_infrascan_webgui_parser.py index b76aeba84d..c335f428ee 100644 --- a/unittests/tools/test_qualys_infrascan_webgui_parser.py +++ b/unittests/tools/test_qualys_infrascan_webgui_parser.py @@ -4,14 +4,14 @@ from dojo.models import Test from dojo.tools.qualys_infrascan_webgui.parser import QualysInfrascanWebguiParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestQualysInfrascanWebguiParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_0.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_infrascan_webgui") / "qualys_infrascan_webgui_0.xml", encoding="utf-8", ) as testfile: parser = QualysInfrascanWebguiParser() findings = parser.get_findings(testfile, Test()) @@ -21,7 +21,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): # + also verify data with one test def test_parse_file_with_one_vuln_has_one_findings(self): with open( - get_unit_tests_path() + "/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_1.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_infrascan_webgui") / "qualys_infrascan_webgui_1.xml", encoding="utf-8", ) as testfile: parser = QualysInfrascanWebguiParser() findings = parser.get_findings(testfile, Test()) @@ -38,7 +38,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): # Sample with Multiple Test def test_parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_multiple.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_infrascan_webgui") / "qualys_infrascan_webgui_multiple.xml", encoding="utf-8", ) as testfile: parser = QualysInfrascanWebguiParser() findings = parser.get_findings(testfile, Test()) @@ -61,7 +61,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): # Sample with Multiple Test def test_parse_file_with_finding_no_dns(self): with open( - get_unit_tests_path() + "/scans/qualys_infrascan_webgui/qualys_infrascan_webgui_3.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_infrascan_webgui") / "qualys_infrascan_webgui_3.xml", encoding="utf-8", ) as testfile: parser = QualysInfrascanWebguiParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_qualys_parser.py b/unittests/tools/test_qualys_parser.py index 15840f8561..5551c0537d 100644 --- a/unittests/tools/test_qualys_parser.py +++ b/unittests/tools/test_qualys_parser.py @@ -4,7 +4,7 @@ from dojo.models import Test from dojo.tools.qualys.parser import QualysParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestQualysParser(DojoTestCase): @@ -18,7 +18,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): def parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/qualys/empty.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "empty.xml", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -35,7 +35,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings(self): def parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/qualys/Qualys_Sample_Report.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "Qualys_Sample_Report.xml", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -82,7 +82,7 @@ def test_parse_file_with_no_vuln_has_no_findings_csv(self): def parse_file_with_no_vuln_has_no_findings_csv(self): with open( - get_unit_tests_path() + "/scans/qualys/empty.csv", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "empty.csv", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -99,7 +99,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_findings_csv(self): def parse_file_with_multiple_vuln_has_multiple_findings_csv(self): with open( - get_unit_tests_path() + "/scans/qualys/Qualys_Sample_Report.csv", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "Qualys_Sample_Report.csv", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -136,7 +136,7 @@ def parse_file_with_multiple_vuln_has_multiple_findings_csv(self): def test_parse_file_monthly_pci_issue6932(self): with open( - get_unit_tests_path() + "/scans/qualys/monthly_pci_issue6932.csv", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "monthly_pci_issue6932.csv", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -144,7 +144,7 @@ def test_parse_file_monthly_pci_issue6932(self): def test_parse_file_with_cvss_values_and_scores(self): with open( - get_unit_tests_path() + "/scans/qualys/Qualys_Sample_Report.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys") / "Qualys_Sample_Report.xml", encoding="utf-8", ) as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) @@ -179,7 +179,7 @@ def test_parse_file_with_cvss_values_and_scores(self): ) def test_get_severity_legacy(self): - with open(get_unit_tests_path() + "/scans/qualys/Qualys_Sample_Report.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("qualys") / "Qualys_Sample_Report.xml", encoding="utf-8") as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) counts = {} @@ -197,7 +197,7 @@ def test_get_severity_legacy(self): @override_settings(USE_QUALYS_LEGACY_SEVERITY_PARSING=False) def test_get_severity(self): - with open(get_unit_tests_path() + "/scans/qualys/Qualys_Sample_Report.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("qualys") / "Qualys_Sample_Report.xml", encoding="utf-8") as testfile: parser = QualysParser() findings = parser.get_findings(testfile, Test()) counts = {} diff --git a/unittests/tools/test_qualys_webapp_parser.py b/unittests/tools/test_qualys_webapp_parser.py index 71bd295634..1f68e022f0 100644 --- a/unittests/tools/test_qualys_webapp_parser.py +++ b/unittests/tools/test_qualys_webapp_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.qualys_webapp.parser import QualysWebAppParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestQualysWebAppParser(DojoTestCase): def test_qualys_webapp_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/qualys_webapp/qualys_webapp_no_vuln.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("qualys_webapp") / "qualys_webapp_no_vuln.xml", encoding="utf-8") parser = QualysWebAppParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -18,7 +18,7 @@ def test_qualys_webapp_parser_with_no_vuln_has_no_findings(self): self.assertEqual(17, len(findings)) def test_qualys_webapp_parser_with_one_criticle_vuln_has_one_findings(self): - testfile = open("unittests/scans/qualys_webapp/qualys_webapp_one_vuln.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("qualys_webapp") / "qualys_webapp_one_vuln.xml", encoding="utf-8") parser = QualysWebAppParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -31,7 +31,7 @@ def test_qualys_webapp_parser_with_one_criticle_vuln_has_one_findings(self): def test_qualys_webapp_parser_with_many_vuln_has_many_findings(self): testfile = open( - get_unit_tests_path() + "/scans/qualys_webapp/qualys_webapp_many_vuln.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_webapp") / "qualys_webapp_many_vuln.xml", encoding="utf-8", ) parser = QualysWebAppParser() findings = parser.get_findings(testfile, Test()) @@ -45,7 +45,7 @@ def test_qualys_webapp_parser_with_many_vuln_has_many_findings(self): def test_qualys_webapp_parser_info_is_vuln(self): testfile = open( - get_unit_tests_path() + "/scans/qualys_webapp/qualys_webapp_many_vuln.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_webapp") / "qualys_webapp_many_vuln.xml", encoding="utf-8", ) parser = QualysWebAppParser() findings = parser.get_findings(testfile, Test(), enable_weakness=True) @@ -59,7 +59,7 @@ def test_qualys_webapp_parser_info_is_vuln(self): def test_discussion_10239(self): testfile = open( - get_unit_tests_path() + "/scans/qualys_webapp/discussion_10239.xml", encoding="utf-8", + get_unit_tests_scans_path("qualys_webapp") / "discussion_10239.xml", encoding="utf-8", ) parser = QualysWebAppParser() findings = parser.get_findings(testfile, Test(), enable_weakness=True) diff --git a/unittests/tools/test_rapplex_parser.py b/unittests/tools/test_rapplex_parser.py index 97937cbd4d..0c7cb66b9d 100644 --- a/unittests/tools/test_rapplex_parser.py +++ b/unittests/tools/test_rapplex_parser.py @@ -1,21 +1,19 @@ -from os import path -from pathlib import Path from dojo.models import Test from dojo.tools.rapplex.parser import RapplexParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRapplexParser(DojoTestCase): def test_rapplex_parser_with_no_findings(self): - with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_zero_vul.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "rapplex/rapplex_zero_vul.json", encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_rapplex_parser_with_one_findings(self): - with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_one_vul.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "rapplex/rapplex_one_vul.json", encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -27,7 +25,7 @@ def test_rapplex_parser_with_one_findings(self): self.assertIsNotNone(finding.references) def test_rapplex_parser_with_many_findings(self): - with open(path.join(Path(__file__).parent, "../scans/rapplex/rapplex_many_vul.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "rapplex/rapplex_many_vul.json", encoding="utf-8") as testfile: parser = RapplexParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) diff --git a/unittests/tools/test_redhatsatellite_parser.py b/unittests/tools/test_redhatsatellite_parser.py index 63ab8ba3e4..1414782836 100644 --- a/unittests/tools/test_redhatsatellite_parser.py +++ b/unittests/tools/test_redhatsatellite_parser.py @@ -1,24 +1,24 @@ from dojo.models import Test from dojo.tools.redhatsatellite.parser import RedHatSatelliteParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRedHatSatelliteParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/redhatsatellite/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("redhatsatellite") / "no_findings.json", encoding="utf-8") as testfile: parser = RedHatSatelliteParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_finding(self): - with open("unittests/scans/redhatsatellite/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("redhatsatellite") / "one_finding.json", encoding="utf-8") as testfile: parser = RedHatSatelliteParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_findingse(self): - with open("unittests/scans/redhatsatellite/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("redhatsatellite") / "many_findings.json", encoding="utf-8") as testfile: parser = RedHatSatelliteParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -27,7 +27,7 @@ def test_parse_file_with_multiple_findingse(self): self.assertEqual("CVE-1990-2", findings[0].unsaved_vulnerability_ids[2]) def test_parse_file_with_many_packages(self): - with open("unittests/scans/redhatsatellite/many_packages.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("redhatsatellite") / "many_packages.json", encoding="utf-8") as testfile: parser = RedHatSatelliteParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_retirejs_parser.py b/unittests/tools/test_retirejs_parser.py index 80090385ae..d1c0aafabd 100644 --- a/unittests/tools/test_retirejs_parser.py +++ b/unittests/tools/test_retirejs_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.retirejs.parser import RetireJsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRetireJsParser(DojoTestCase): def test_parse(self): - with open("unittests/scans/retirejs/latest.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("retirejs") / "latest.json", encoding="utf-8") as testfile: parser = RetireJsParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) diff --git a/unittests/tools/test_risk_recon_parser.py b/unittests/tools/test_risk_recon_parser.py index 38c8b496be..f24b249007 100644 --- a/unittests/tools/test_risk_recon_parser.py +++ b/unittests/tools/test_risk_recon_parser.py @@ -2,25 +2,25 @@ from dojo.models import Test from dojo.tools.risk_recon.parser import RiskReconParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRiskReconAPIParser(DojoTestCase): def test_api_with_bad_url(self): - with open("unittests/scans/risk_recon/bad_url.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("risk_recon") / "bad_url.json", encoding="utf-8") as testfile: with self.assertRaises(Exception): parser = RiskReconParser() parser.get_findings(testfile, Test()) def test_api_with_bad_key(self): - with open("unittests/scans/risk_recon/bad_key.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("risk_recon") / "bad_key.json", encoding="utf-8") as testfile: with self.assertRaises(Exception): parser = RiskReconParser() parser.get_findings(testfile, Test()) def test_parser_without_api(self): - with open("unittests/scans/risk_recon/findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("risk_recon") / "findings.json", encoding="utf-8") as testfile: parser = RiskReconParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_rubocop_parser.py b/unittests/tools/test_rubocop_parser.py index 0fa5d3cbdb..8c13d30aa0 100644 --- a/unittests/tools/test_rubocop_parser.py +++ b/unittests/tools/test_rubocop_parser.py @@ -1,25 +1,25 @@ from dojo.models import Test from dojo.tools.rubocop.parser import RubocopParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRubocopParser(DojoTestCase): def test_parser_empty(self): - testfile = open("unittests/scans/rubocop/empty.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("rubocop") / "empty.json", encoding="utf-8") parser = RubocopParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parser_zero_findings(self): - testfile = open("unittests/scans/rubocop/zero_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("rubocop") / "zero_vulns.json", encoding="utf-8") parser = RubocopParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parser_one_vuln(self): - testfile = open("unittests/scans/rubocop/one_finding.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("rubocop") / "one_finding.json", encoding="utf-8") parser = RubocopParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -33,7 +33,7 @@ def test_parser_one_vuln(self): self.assertEqual("Security/MarshalLoad", finding.vuln_id_from_tool) def test_parser_many_vulns(self): - testfile = open("unittests/scans/rubocop/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("rubocop") / "many_vulns.json", encoding="utf-8") parser = RubocopParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_rusty_hog_parser.py b/unittests/tools/test_rusty_hog_parser.py index 3d7df04ea0..b6e75f7c66 100644 --- a/unittests/tools/test_rusty_hog_parser.py +++ b/unittests/tools/test_rusty_hog_parser.py @@ -1,29 +1,29 @@ from dojo.models import Test from dojo.tools.rusty_hog.parser import RustyhogParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestRustyhogParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_finding_choctawhog(self): - with open("unittests/scans/rusty_hog/choctawhog_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "choctawhog_no_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Rusty Hog", Test()) # The outputfile is empty. A subscanner can't be classified self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_choctawhog(self): - with open("unittests/scans/rusty_hog/choctawhog_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "choctawhog_one_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Choctaw Hog", Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_choctawhog(self): - with open("unittests/scans/rusty_hog/choctawhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "choctawhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Choctaw Hog", Test()) self.assertEqual(13, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_choctawhog_content(self): - with open("unittests/scans/rusty_hog/choctawhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "choctawhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Choctaw Hog", Test()) self.assertEqual(findings[0].title, "Email address found in Git path .github/workflows/main.yml (a7bce96377c4ff2ac16cd51fb0da7fe7ea678829)") @@ -36,25 +36,25 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_choctawhog_content(s self.assertIn("Please ensure no secret material nor confidential information is kept in clear within git repositories.", findings[0].mitigation) def test_parse_file_with_no_vuln_has_no_finding_duorchog(self): - with open("unittests/scans/rusty_hog/durochog_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "durochog_no_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Rusty Hog", Test()) # The outputfile is empty. A subscanner can't be classified self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_durochog(self): - with open("unittests/scans/rusty_hog/durochog_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "durochog_one_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Duroc Hog", Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_durochog(self): - with open("unittests/scans/rusty_hog/durochog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "durochog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Duroc Hog", Test()) self.assertEqual(4, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_durochog_content(self): - with open("unittests/scans/rusty_hog/durochog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "durochog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Duroc Hog", Test()) self.assertEqual(findings[0].title, "password (Password) found in path /scan_folder/unittests/scans/sonarqube/sonar-no-finding.html") @@ -65,25 +65,25 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_durochog_content(sel self.assertIn("Please ensure no secret material nor confidential information is kept in clear within directories, files, and archives.", findings[0].mitigation) def test_parse_file_with_no_vuln_has_no_finding_gottingenhog(self): - with open("unittests/scans/rusty_hog/gottingenhog_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "gottingenhog_no_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Rusty Hog", Test()) # The outputfile is empty. A subscanner can't be classified self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_gottingenhog(self): - with open("unittests/scans/rusty_hog/gottingenhog_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "gottingenhog_one_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Gottingen Hog", Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_gottingenhog(self): - with open("unittests/scans/rusty_hog/gottingenhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "gottingenhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Gottingen Hog", Test()) self.assertEqual(10, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_gottingenhog_content(self): - with open("unittests/scans/rusty_hog/gottingenhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "gottingenhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Gottingen Hog", Test()) self.assertEqual(findings[0].title, "password found in Jira ID TEST-123 (Issue Description)") @@ -94,25 +94,25 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding_gottingenhog_content self.assertIn("Please ensure no secret material nor confidential information is kept in clear within JIRA Tickets.", findings[0].mitigation) def test_parse_file_with_no_vuln_has_no_finding_essexhog(self): - with open("unittests/scans/rusty_hog/essexhog_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "essexhog_no_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Rusty Hog", Test()) # The outputfile is empty. A subscanner can't be classified self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding_essexhog(self): - with open("unittests/scans/rusty_hog/essexhog_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "essexhog_one_vuln.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Essex Hog", Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog(self): - with open("unittests/scans/rusty_hog/essexhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "essexhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Essex Hog", Test()) self.assertEqual(3, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding_essexhog_content(self): - with open("unittests/scans/rusty_hog/essexhog_many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("rusty_hog") / "essexhog_many_vulns.json", encoding="utf-8") as testfile: parser = RustyhogParser() findings = parser.get_items(testfile, "Essex Hog", Test()) self.assertEqual(findings[0].title, "SSH (EC) private key found in Confluence Page ID 12345") diff --git a/unittests/tools/test_sarif_parser.py b/unittests/tools/test_sarif_parser.py index 4b63b2e348..09f67bd866 100644 --- a/unittests/tools/test_sarif_parser.py +++ b/unittests/tools/test_sarif_parser.py @@ -1,10 +1,8 @@ import datetime -from os import path -from pathlib import Path from dojo.models import Finding, Test from dojo.tools.sarif.parser import SarifParser, get_fingerprints_hashes -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSarifParser(DojoTestCase): @@ -18,9 +16,8 @@ def common_checks(self, finding): def test_example_report(self): with open( - path.join( - get_unit_tests_path() + "/scans/sarif/DefectDojo_django-DefectDojo__2020-12-11_13 42 10__export.sarif", - ), encoding="utf-8", + get_unit_tests_scans_path("sarif") / "DefectDojo_django-DefectDojo__2020-12-11_13 42 10__export.sarif", + encoding="utf-8", )as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) @@ -30,7 +27,7 @@ def test_example_report(self): def test_suppression_report(self): """Test report file having different suppression definitions""" - with open(path.join(Path(__file__).parent, "../scans/sarif/suppression_test.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/suppression_test.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -42,7 +39,7 @@ def test_suppression_report(self): self.assertEqual(True, finding.active) def test_example2_report(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -70,13 +67,13 @@ def test_example2_report(self): self.common_checks(finding) def test_example_k1_report(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k1.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k1.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_example_k2_report(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k2.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k2.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -91,7 +88,7 @@ def test_example_k2_report(self): self.common_checks(finding) def test_example_k3_report(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k3.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k3.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -101,7 +98,7 @@ def test_example_k3_report(self): self.common_checks(finding) def test_example_k4_report_mitigation(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k4.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k4.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -118,7 +115,7 @@ def test_example_k4_report_mitigation(self): def test_example_report_ms(self): """Report file come from Microsoft SARIF sdk on GitHub""" - with open(path.join(Path(__file__).parent, "../scans/sarif/SuppressionTestCurrent.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/SuppressionTestCurrent.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -128,7 +125,7 @@ def test_example_report_ms(self): self.common_checks(finding) def test_example_report_semgrep(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/semgrepowasp-benchmark-sample.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/semgrepowasp-benchmark-sample.sarif", encoding="utf-8") as testfile: test = Test() parser = SarifParser() findings = parser.get_findings(testfile, test) @@ -142,7 +139,7 @@ def test_example_report_semgrep(self): self.common_checks(finding) def test_example_report_scanlift_dependency_check(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/dependency_check.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/dependency_check.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(13, len(findings)) @@ -165,7 +162,7 @@ def test_example_report_scanlift_dependency_check(self): self.common_checks(finding) def test_example_report_scanlift_bash(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/bash-report.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/bash-report.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(27, len(findings)) @@ -194,7 +191,7 @@ def test_example_report_scanlift_bash(self): self.common_checks(finding) def test_example_report_taint_python(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/taint-python-report.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(11, len(findings)) @@ -236,7 +233,7 @@ def test_example_report_taint_python(self): def test_njsscan(self): """Generated with opensecurity/njsscan (https://github.com/ajinabraham/njsscan)""" - with open(path.join(Path(__file__).parent, "../scans/sarif/njsscan.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/njsscan.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -263,7 +260,7 @@ def test_njsscan(self): def test_dockle(self): """Generated with goodwithtech/dockle (https://github.com/goodwithtech/dockle)""" - with open(path.join(Path(__file__).parent, "../scans/sarif/dockle_0_3_15.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/dockle_0_3_15.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -311,7 +308,7 @@ def test_dockle(self): ) def test_mobsfscan(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/mobsfscan.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/mobsfscan.json", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(18, len(findings)) @@ -319,7 +316,7 @@ def test_mobsfscan(self): self.common_checks(finding) def test_gitleaks(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/gitleaks_7.5.0.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/gitleaks_7.5.0.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(8, len(findings)) @@ -369,7 +366,7 @@ def test_gitleaks(self): self.assertEqual(37, finding.line) def test_flawfinder(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/flawfinder.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(53, len(findings)) @@ -445,7 +442,7 @@ def test_flawfinder(self): self.assertEqual("https://cwe.mitre.org/data/definitions/120.html", finding.references) def test_flawfinder_interfacev2(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/flawfinder.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/flawfinder.sarif", encoding="utf-8") as testfile: parser = SarifParser() tests = parser.get_tests(parser.get_scan_types()[0], testfile) self.assertEqual(1, len(tests)) @@ -514,7 +511,7 @@ def test_flawfinder_interfacev2(self): self.assertEqual("https://cwe.mitre.org/data/definitions/120.html", finding.references) def test_appendix_k1_double_interfacev2(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/appendix_k1_double.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/appendix_k1_double.sarif", encoding="utf-8") as testfile: parser = SarifParser() tests = parser.get_tests(parser.get_scan_types()[0], testfile) self.assertEqual(2, len(tests)) @@ -530,7 +527,7 @@ def test_appendix_k1_double_interfacev2(self): self.assertEqual(0, len(findings)) def test_codeql_snippet_report(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/codeQL-output.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/codeQL-output.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(72, len(findings)) @@ -556,7 +553,7 @@ def test_codeql_snippet_report(self): self.common_checks(finding) def test_severity_cvss_from_grype(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/cxf-3.4.6.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/cxf-3.4.6.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(22, len(findings)) @@ -585,14 +582,14 @@ def test_get_fingerprints_hashes(self): ) def test_tags_from_result_properties(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/taint-python-report.sarif"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/taint-python-report.sarif", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) item = findings[0] self.assertEqual(["Scan"], item.tags) def test_severity_in_properties(self): - with open(path.join(Path(__file__).parent, "../scans/sarif/issue_10191.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sarif/issue_10191.json", encoding="utf-8") as testfile: parser = SarifParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(77, len(findings)) diff --git a/unittests/tools/test_scantist_parser.py b/unittests/tools/test_scantist_parser.py index a2c6618b09..ce0a433f9a 100644 --- a/unittests/tools/test_scantist_parser.py +++ b/unittests/tools/test_scantist_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.scantist.parser import ScantistParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestScantistParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/scantist/scantist-no-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("scantist") / "scantist-no-vuln.json", encoding="utf-8") as testfile: parser = ScantistParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/scantist/scantist-one-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("scantist") / "scantist-one-vuln.json", encoding="utf-8") as testfile: parser = ScantistParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -30,7 +30,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): ) # Negligible is translated to Informational def test_parse_file_with_multiple_vuln_has_multiple_findings(self): - with open("unittests/scans/scantist/scantist-many-vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("scantist") / "scantist-many-vuln.json", encoding="utf-8") as testfile: parser = ScantistParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(17, len(findings)) diff --git a/unittests/tools/test_scout_suite_parser.py b/unittests/tools/test_scout_suite_parser.py index f689fcc874..52192f1960 100644 --- a/unittests/tools/test_scout_suite_parser.py +++ b/unittests/tools/test_scout_suite_parser.py @@ -2,18 +2,18 @@ from dojo.models import Test from dojo.tools.scout_suite.parser import ScoutSuiteParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestScoutSuiteParser(DojoTestCase): def test_scout_suite_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/scout_suite/no_vuln.js", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("scout_suite") / "no_vuln.js", encoding="utf-8") as test_file: parser = ScoutSuiteParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(0, len(findings)) def test_scout_suite_parser_with_two_findings(self): - with open("unittests/scans/scout_suite/two_findings.js", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("scout_suite") / "two_findings.js", encoding="utf-8") as test_file: parser = ScoutSuiteParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(4, len(findings)) @@ -32,7 +32,7 @@ def test_scout_suite_parser_with_two_findings(self): self.assertEqual("gcp:cloudstorage-bucket-no-versioning", finding.vuln_id_from_tool) def test_get_findings(self): - with open("unittests/scans/scout_suite/new2.js", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("scout_suite") / "new2.js", encoding="utf-8") as test_file: parser = ScoutSuiteParser() findings = parser.get_findings(test_file, Test()) self.assertEqual(356, len(findings)) @@ -56,7 +56,7 @@ def test_get_findings(self): self.assertEqual("aws:config-recorder-not-configured", finding.vuln_id_from_tool) def test_get_tests(self): - with open("unittests/scans/scout_suite/new2.js", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("scout_suite") / "new2.js", encoding="utf-8") as test_file: parser = ScoutSuiteParser() scan_type = parser.get_scan_types()[0] tests = parser.get_tests(scan_type, test_file) diff --git a/unittests/tools/test_semgrep_parser.py b/unittests/tools/test_semgrep_parser.py index 5517077e97..8dae44b20e 100644 --- a/unittests/tools/test_semgrep_parser.py +++ b/unittests/tools/test_semgrep_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.semgrep.parser import SemgrepParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSemgrepParser(DojoTestCase): def test_parse_empty(self): - with open("unittests/scans/semgrep/empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "empty.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/semgrep/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "one_finding.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -27,7 +27,7 @@ def test_parse_one_finding(self): self.assertIn("Using CBC with PKCS5Padding is susceptible to padding orcale attacks", finding.description) def test_parse_many_finding(self): - with open("unittests/scans/semgrep/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "many_findings.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -47,7 +47,7 @@ def test_parse_many_finding(self): self.assertEqual("java.lang.security.audit.cbc-padding-oracle.cbc-padding-oracle", finding.vuln_id_from_tool) def test_parse_repeated_finding(self): - with open("unittests/scans/semgrep/repeated_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "repeated_findings.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -61,7 +61,7 @@ def test_parse_repeated_finding(self): self.assertEqual(2, finding.nb_occurences) def test_parse_many_vulns(self): - with open("unittests/scans/semgrep/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "many_vulns.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -91,7 +91,7 @@ def test_parse_many_vulns(self): self.assertEqual("python.lang.security.unquoted-csv-writer.unquoted-csv-writer", finding.vuln_id_from_tool) def test_parse_cwe_list(self): - with open("unittests/scans/semgrep/cwe_list.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "cwe_list.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -105,10 +105,10 @@ def test_parse_cwe_list(self): self.assertIn("A CSRF middleware was not detected in your express application. Ensure you are either using one such as `csurf` or `csrf` (see rule references) and/or you are properly doing CSRF validation in your routes with a token or cookies.", finding.description) def test_different_lines_same_fingerprint(self): - with open("unittests/scans/semgrep/semgrep_version_1_30_0_line_26.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "semgrep_version_1_30_0_line_26.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings_first = parser.get_findings(testfile, Test()) - with open("unittests/scans/semgrep/semgrep_version_1_30_0_line_27.json", encoding="utf-8") as testfile2: + with open(get_unit_tests_scans_path("semgrep") / "semgrep_version_1_30_0_line_27.json", encoding="utf-8") as testfile2: parser = SemgrepParser() findings_second = parser.get_findings(testfile2, Test()) self.assertEqual(len(findings_first), len(findings_second)) @@ -116,19 +116,19 @@ def test_different_lines_same_fingerprint(self): self.assertEqual(first.unique_id_from_tool, second.unique_id_from_tool) def test_parse_issue_8435(self): - with open("unittests/scans/semgrep/issue_8435.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "issue_8435.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_low_medium_high_severity(self): - with open("unittests/scans/semgrep/high-medium-low-severities.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "high-medium-low-severities.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_sca_deployments_vulns(self): - with open("unittests/scans/semgrep/sca-deployments-vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("semgrep") / "sca-deployments-vulns.json", encoding="utf-8") as testfile: parser = SemgrepParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(18, len(findings)) diff --git a/unittests/tools/test_skf_parser.py b/unittests/tools/test_skf_parser.py index 655395cd6b..8ff8410baa 100644 --- a/unittests/tools/test_skf_parser.py +++ b/unittests/tools/test_skf_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.skf.parser import SKFParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSkfParser(DojoTestCase): def test_single_has_no_finding(self): - with open("unittests/scans/skf/export.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("skf") / "export.csv", encoding="utf-8") as testfile: parser = SKFParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(27, len(findings)) diff --git a/unittests/tools/test_snyk_code_parser.py b/unittests/tools/test_snyk_code_parser.py index 8d9fe8bd85..2c93fa1dcb 100644 --- a/unittests/tools/test_snyk_code_parser.py +++ b/unittests/tools/test_snyk_code_parser.py @@ -1,19 +1,19 @@ from dojo.models import Test from dojo.tools.snyk_code.parser import SnykCodeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSnykCodeParser(DojoTestCase): def test_snykParser_single_has_many_findings(self): - testfile = open("unittests/scans/snyk_code/single_project_many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk_code") / "single_project_many_vulns.json", encoding="utf-8") parser = SnykCodeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(206, len(findings)) def test_snykcode_issue_9270(self): - with open("unittests/scans/snyk_code/snykcode_issue_9270.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk_code") / "snykcode_issue_9270.json", encoding="utf-8") as testfile: parser = SnykCodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(39, len(findings)) diff --git a/unittests/tools/test_snyk_parser.py b/unittests/tools/test_snyk_parser.py index 17efff35a1..ea2f70ec4c 100644 --- a/unittests/tools/test_snyk_parser.py +++ b/unittests/tools/test_snyk_parser.py @@ -1,54 +1,54 @@ from dojo.models import Test from dojo.tools.snyk.parser import SnykParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSnykParser(DojoTestCase): def test_snykParser_single_has_no_finding(self): - testfile = open("unittests/scans/snyk/single_project_no_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "single_project_no_vulns.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) testfile.close() def test_snykParser_allprojects_has_no_finding(self): - testfile = open("unittests/scans/snyk/all-projects_no_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "all-projects_no_vulns.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) testfile.close() def test_snykParser_single_has_one_finding(self): - testfile = open("unittests/scans/snyk/single_project_one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "single_project_one_vuln.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) testfile.close() def test_snykParser_allprojects_has_one_finding(self): - testfile = open("unittests/scans/snyk/all-projects_one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "all-projects_one_vuln.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(1, len(findings)) def test_snykParser_single_has_many_findings(self): - testfile = open("unittests/scans/snyk/single_project_many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "single_project_many_vulns.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(41, len(findings)) def test_snykParser_allprojects_has_many_findings(self): - testfile = open("unittests/scans/snyk/all-projects_many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "all-projects_many_vulns.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(4, len(findings)) def test_snykParser_finding_has_fields(self): - testfile = open("unittests/scans/snyk/single_project_one_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "single_project_one_vuln.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -89,7 +89,7 @@ def test_snykParser_finding_has_fields(self): ) def test_snykParser_file_path_with_ampersand_is_preserved(self): - testfile = open("unittests/scans/snyk/single_project_one_vuln_with_ampersands.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "single_project_one_vuln_with_ampersands.json", encoding="utf-8") parser = SnykParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -102,7 +102,7 @@ def test_snykParser_file_path_with_ampersand_is_preserved(self): def test_snykParser_allprojects_issue4277(self): """Report to linked to issue 4277""" - testfile = open("unittests/scans/snyk/all_projects_issue4277.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("snyk") / "all_projects_issue4277.json", encoding="utf-8") parser = SnykParser() findings = list(parser.get_findings(testfile, Test())) testfile.close() @@ -139,7 +139,7 @@ def test_snykParser_allprojects_issue4277(self): self.assertEqual("CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C", finding.cvssv3) def test_snykParser_cvssscore_none(self): - with open("unittests/scans/snyk/single_project_None_cvss.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "single_project_None_cvss.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -150,7 +150,7 @@ def test_snykParser_cvssscore_none(self): ) def test_snykParser_target_file(self): - with open("unittests/scans/snyk/all_containers_target_output.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "all_containers_target_output.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(40, len(findings)) @@ -160,7 +160,7 @@ def test_snykParser_target_file(self): self.assertIn("target_file:Mobile-Security-Framework-MobSF/requirements.txt", finding.unsaved_tags) def test_snykParser_update_libs_tag(self): - with open("unittests/scans/snyk/single_project_upgrade_libs.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "single_project_upgrade_libs.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(254, len(findings)) @@ -172,19 +172,19 @@ def test_snykParser_update_libs_tag(self): self.assertIn("shell-quote@1.7.2", finding.mitigation) def test_snykcontainer_issue_9270(self): - with open("unittests/scans/snyk/snykcontainer_issue_9270.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "snykcontainer_issue_9270.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(25, len(findings)) def test_snykcode_issue_9270(self): - with open("unittests/scans/snyk/snykcode_issue_9270.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "snykcode_issue_9270.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(39, len(findings)) def test_snykcode_issue_9270_epss(self): - with open("unittests/scans/snyk/snykcontainer_issue_epss.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("snyk") / "snykcontainer_issue_epss.json", encoding="utf-8") as testfile: parser = SnykParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_solar_appscreener_parser.py b/unittests/tools/test_solar_appscreener_parser.py index b6e327c184..3aaa0d506e 100644 --- a/unittests/tools/test_solar_appscreener_parser.py +++ b/unittests/tools/test_solar_appscreener_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.solar_appscreener.parser import SolarAppscreenerParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSolarAppscreenerParser(DojoTestCase): def test_solar_appscreener_parser_with_no_vuln_has_no_findings(self): testfile = open( - get_unit_tests_path() + "/scans/solar_appscreener/solar_appscreener_zero_vul.csv", encoding="utf-8") + get_unit_tests_scans_path("solar_appscreener") / "solar_appscreener_zero_vul.csv", encoding="utf-8") parser = SolarAppscreenerParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -15,7 +15,7 @@ def test_solar_appscreener_parser_with_no_vuln_has_no_findings(self): def test_solar_appscreener_parser_with_one_criticle_vuln_has_one_findings(self): testfile = open( - get_unit_tests_path() + "/scans/solar_appscreener/solar_appscreener_one_vul.csv", encoding="utf-8") + get_unit_tests_scans_path("solar_appscreener") / "solar_appscreener_one_vul.csv", encoding="utf-8") parser = SolarAppscreenerParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -33,7 +33,7 @@ def test_solar_appscreener_parser_with_one_criticle_vuln_has_one_findings(self): def test_solar_appscreener_parser_with_many_vuln_has_many_findings(self): testfile = open( - get_unit_tests_path() + "/scans/solar_appscreener/solar_appscreener_many_vul.csv", encoding="utf-8") + get_unit_tests_scans_path("solar_appscreener") / "solar_appscreener_many_vul.csv", encoding="utf-8") parser = SolarAppscreenerParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_sonarqube_parser.py b/unittests/tools/test_sonarqube_parser.py index ef4912510b..09e791bd6c 100644 --- a/unittests/tools/test_sonarqube_parser.py +++ b/unittests/tools/test_sonarqube_parser.py @@ -1,6 +1,6 @@ from dojo.models import Engagement, Product, Test from dojo.tools.sonarqube.parser import SonarQubeParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSonarQubeParser(DojoTestCase): @@ -21,7 +21,7 @@ def test_file_name_aggregated_parse_file_with_no_vulnerabilities_has_no_findings self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-no-finding.html", + get_unit_tests_scans_path("sonarqube") / "sonar-no-finding.html", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -31,7 +31,7 @@ def test_file_name_aggregated_parse_file_with_no_vulnerabilities_has_no_findings # SonarQube Scan detailed - no finding def test_detailed_parse_file_with_no_vulnerabilities_has_no_findings(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-no-finding.html", + get_unit_tests_scans_path("sonarqube") / "sonar-no-finding.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -44,7 +44,7 @@ def test_file_name_aggregated_parse_file_with_single_vulnerability_has_single_fi self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-single-finding.html", + get_unit_tests_scans_path("sonarqube") / "sonar-single-finding.html", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -93,7 +93,7 @@ def test_file_name_aggregated_parse_file_with_single_vulnerability_has_single_fi def test_detailed_parse_file_with_single_vulnerability_has_single_finding(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-single-finding.html", + get_unit_tests_scans_path("sonarqube") / "sonar-single-finding.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -141,7 +141,7 @@ def test_detailed_parse_file_with_multiple_vulnerabilities_has_multiple_findings self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-6-findings.html", + get_unit_tests_scans_path("sonarqube") / "sonar-6-findings.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -154,7 +154,7 @@ def test_file_name_aggregated_parse_file_with_multiple_vulnerabilities_has_multi self, ): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-6-findings.html", + get_unit_tests_scans_path("sonarqube") / "sonar-6-findings.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -167,7 +167,7 @@ def test_file_name_aggregated_parse_file_with_multiple_vulnerabilities_has_multi def test_detailed_parse_file_with_table_in_table(self): """Test parsing when the vulnerability details include a table, with tr and td that should be ignored when looking for list of rules""" my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-table-in-table.html", + get_unit_tests_scans_path("sonarqube") / "sonar-table-in-table.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -247,7 +247,7 @@ def test_detailed_parse_file_with_table_in_table(self): def test_detailed_parse_file_with_rule_undefined(self): """The vulnerability's rule is not in the list of rules""" my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-rule-undefined.html", + get_unit_tests_scans_path("sonarqube") / "sonar-rule-undefined.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -293,7 +293,7 @@ def test_detailed_parse_file_with_rule_undefined(self): # SonarQube Scan - report with aggregations to be made def test_file_name_aggregated_parse_file_with_vuln_on_same_filename(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-4-findings-3-to-aggregate.html", + get_unit_tests_scans_path("sonarqube") / "sonar-4-findings-3-to-aggregate.html", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -356,7 +356,7 @@ def test_file_name_aggregated_parse_file_with_vuln_on_same_filename(self): # SonarQube Scan detailed - report with aggregations to be made def test_detailed_parse_file_with_vuln_on_same_filename(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-4-findings-3-to-aggregate.html", + get_unit_tests_scans_path("sonarqube") / "sonar-4-findings-3-to-aggregate.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -370,7 +370,7 @@ def test_detailed_parse_file_with_vuln_issue_3725(self): SonarQube Scan detailed - report that crash see: https://github.com/DefectDojo/django-DefectDojo/issues/3725 """ - my_file_handle, _product, _engagement, test = self.init(get_unit_tests_path() + "/scans/sonarqube/sonar.html") + my_file_handle, _product, _engagement, test = self.init(get_unit_tests_scans_path("sonarqube") / "sonar.html") parser = SonarQubeParser() parser.set_mode("detailed") findings = parser.get_findings(my_file_handle, test) @@ -385,7 +385,7 @@ def test_detailed_parse_file_table_has_whitespace(self): Data table will have some whitespaces, parser should strip it before compare or use these properties. """ my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-table-in-table-with-whitespace.html", + get_unit_tests_scans_path("sonarqube") / "sonar-table-in-table-with-whitespace.html", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -464,7 +464,7 @@ def test_detailed_parse_file_table_has_whitespace(self): def test_detailed_parse_json_file_with_no_vulnerabilities_has_no_findings(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-no-finding.json", + get_unit_tests_scans_path("sonarqube") / "sonar-no-finding.json", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -474,7 +474,7 @@ def test_detailed_parse_json_file_with_no_vulnerabilities_has_no_findings(self): def test_detailed_parse_json_file_with_single_vulnerability_has_single_finding(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-single-finding.json", + get_unit_tests_scans_path("sonarqube") / "sonar-single-finding.json", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -553,7 +553,7 @@ def test_detailed_parse_json_file_with_single_vulnerability_has_single_finding(s def test_detailed_parse_json_file_with_multiple_vulnerabilities_has_multiple_findings(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/sonar-6-findings.json", + get_unit_tests_scans_path("sonarqube") / "sonar-6-findings.json", ) parser = SonarQubeParser() parser.set_mode("detailed") @@ -565,7 +565,7 @@ def test_detailed_parse_json_file_with_multiple_vulnerabilities_has_multiple_fin def test_parse_json_file_from_api_with_multiple_findings_json(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/findings_over_api.json", + get_unit_tests_scans_path("sonarqube") / "findings_over_api.json", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -597,7 +597,7 @@ def test_parse_json_file_from_api_with_multiple_findings_json(self): def test_parse_json_file_from_api_with_multiple_findings_hotspots_json(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/findings_over_api_hotspots.json", + get_unit_tests_scans_path("sonarqube") / "findings_over_api_hotspots.json", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -616,7 +616,7 @@ def test_parse_json_file_from_api_with_multiple_findings_hotspots_json(self): def test_parse_json_file_from_api_with_empty_json(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/findings_over_api_empty.json", + get_unit_tests_scans_path("sonarqube") / "findings_over_api_empty.json", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -625,7 +625,7 @@ def test_parse_json_file_from_api_with_empty_json(self): def test_parse_json_file_from_api_with_emppty_zip(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/empty_zip.zip", + get_unit_tests_scans_path("sonarqube") / "empty_zip.zip", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -634,7 +634,7 @@ def test_parse_json_file_from_api_with_emppty_zip(self): def test_parse_json_file_from_api_with_multiple_findings_zip(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/findings_over_api.zip", + get_unit_tests_scans_path("sonarqube") / "findings_over_api.zip", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) @@ -654,7 +654,7 @@ def test_parse_json_file_from_api_with_multiple_findings_zip(self): def test_parse_json_file_issue_10150(self): my_file_handle, _product, _engagement, test = self.init( - get_unit_tests_path() + "/scans/sonarqube/issue_10150.json", + get_unit_tests_scans_path("sonarqube") / "issue_10150.json", ) parser = SonarQubeParser() findings = parser.get_findings(my_file_handle, test) diff --git a/unittests/tools/test_sonatype_parser.py b/unittests/tools/test_sonatype_parser.py index 7e6fd88fb3..a6b2018fd8 100644 --- a/unittests/tools/test_sonatype_parser.py +++ b/unittests/tools/test_sonatype_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.sonatype.parser import SonatypeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSonatypeParser(DojoTestCase): def test_parse_file_with_two_vulns(self): - testfile = open("unittests/scans/sonatype/two_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "two_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -14,28 +14,28 @@ def test_parse_file_with_two_vulns(self): self.assertEqual("CVE-2016-2402", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vulns(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(6, len(findings)) def test_parse_file_with_long_file_path(self): - testfile = open("unittests/scans/sonatype/long_file_path.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "long_file_path.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(3, len(findings)) def test_find_no_vuln(self): - testfile = open("unittests/scans/sonatype/no_vuln.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "no_vuln.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_component_parsed_correctly(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -44,7 +44,7 @@ def test_component_parsed_correctly(self): self.assertEqual("2.6.0", findings[5].component_version) def test_severity_parsed_correctly(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -56,21 +56,21 @@ def test_severity_parsed_correctly(self): self.assertEqual("Medium", findings[5].severity) def test_cwe_parsed_correctly(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual("693", findings[5].cwe) def test_cvssv3_parsed_correctly(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual("CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", findings[5].cvssv3) def test_filepath_parsed_correctly(self): - testfile = open("unittests/scans/sonatype/many_vulns.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("sonatype") / "many_vulns.json", encoding="utf-8") parser = SonatypeParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_spotbugs_parser.py b/unittests/tools/test_spotbugs_parser.py index 7a549f3639..7f2c93df3a 100644 --- a/unittests/tools/test_spotbugs_parser.py +++ b/unittests/tools/test_spotbugs_parser.py @@ -1,46 +1,46 @@ from dojo.models import Test from dojo.tools.spotbugs.parser import SpotbugsParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSpotbugsParser(DojoTestCase): def test_no_findings(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/no_finding.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "no_finding.xml", Test()) self.assertEqual(0, len(findings)) def test_parse_many_finding(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) self.assertEqual(81, len(findings)) def test_find_sast_source_line(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] self.assertEqual(95, test_finding.sast_source_line) def test_find_sast_source_path(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] self.assertEqual("securitytest/command/IdentityFunctionCommandInjection.kt", test_finding.sast_source_file_path) def test_find_source_line(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] self.assertEqual(95, test_finding.line) def test_find_file_path(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] self.assertEqual("securitytest/command/IdentityFunctionCommandInjection.kt", test_finding.file_path) def test_file(self): parser = SpotbugsParser() - testfile = open("unittests/scans/spotbugs/many_findings.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", encoding="utf-8") findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(81, len(findings)) @@ -71,7 +71,7 @@ def test_file(self): def test_description(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] # Test if line 13 is correct self.assertEqual( @@ -80,14 +80,14 @@ def test_description(self): def test_mitigation(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] # Test if line 8 is correct self.assertEqual("#### Example", test_finding.mitigation.splitlines()[7]) def test_references(self): parser = SpotbugsParser() - findings = parser.get_findings(get_unit_tests_path() + "/scans/spotbugs/many_findings.xml", Test()) + findings = parser.get_findings(get_unit_tests_scans_path("spotbugs") / "many_findings.xml", Test()) test_finding = findings[0] # Test if line 2 is correct self.assertEqual( @@ -100,7 +100,7 @@ def test_version_4_4(self): There was a big difference between version < 4.4.x and after The dictionnary is not in the report anymore """ - testfile = open("unittests/scans/spotbugs/version_4.4.0.xml", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("spotbugs") / "version_4.4.0.xml", encoding="utf-8") parser = SpotbugsParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_ssh_audit_parser.py b/unittests/tools/test_ssh_audit_parser.py index ba8fd4a16f..e30d13a1a4 100644 --- a/unittests/tools/test_ssh_audit_parser.py +++ b/unittests/tools/test_ssh_audit_parser.py @@ -1,12 +1,12 @@ from dojo.models import Test from dojo.tools.ssh_audit.parser import SSHAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSSHAuditParser(DojoTestCase): def test_parse_file_with_many_vuln_has_many_findings(self): - with open("unittests/scans/ssh_audit/many_vulns.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ssh_audit") / "many_vulns.json", encoding="utf-8") as testfile: parser = SSHAuditParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -20,7 +20,7 @@ def test_parse_file_with_many_vuln_has_many_findings(self): self.assertEqual("CVE-2021-41617", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vuln_has_many_findings2(self): - with open("unittests/scans/ssh_audit/many_vulns2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ssh_audit") / "many_vulns2.json", encoding="utf-8") as testfile: parser = SSHAuditParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -33,7 +33,7 @@ def test_parse_file_with_many_vuln_has_many_findings2(self): self.assertEqual(findings[9].severity, "Medium") def test_parse_file_with_many_vuln_bug_fix(self): - with open("unittests/scans/ssh_audit/bug_fix.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("ssh_audit") / "bug_fix.json", encoding="utf-8") as testfile: parser = SSHAuditParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_ssl_labs_parser.py b/unittests/tools/test_ssl_labs_parser.py index 575b63dbb4..10e6de7d23 100644 --- a/unittests/tools/test_ssl_labs_parser.py +++ b/unittests/tools/test_ssl_labs_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.ssl_labs.parser import SslLabsParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSslLabsParser(DojoTestCase): def test_parse_none(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/none.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "none.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) self.assertEqual(0, len(findings)) def test_parse_ok(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/ssl_labs_ok_v1.5.0.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "ssl_labs_ok_v1.5.0.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) for finding in findings: for endpoint in finding.unsaved_endpoints: @@ -26,7 +26,7 @@ def test_parse_ok(self): def test_parse_dh1024(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/ssl_labs_dh1024_v1.5.0.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "ssl_labs_dh1024_v1.5.0.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) for finding in findings: for endpoint in finding.unsaved_endpoints: @@ -41,7 +41,7 @@ def test_parse_dh1024(self): def test_parse_3des(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/ssl_labs_3des_v1.5.0.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "ssl_labs_3des_v1.5.0.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) for finding in findings: for endpoint in finding.unsaved_endpoints: @@ -56,7 +56,7 @@ def test_parse_3des(self): def test_parse_revoked(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/ssl_labs_revoked_v1.5.0.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "ssl_labs_revoked_v1.5.0.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) for finding in findings: for endpoint in finding.unsaved_endpoints: @@ -71,7 +71,7 @@ def test_parse_revoked(self): def test_parse_multiple(self): parser = SslLabsParser() - with open("unittests/scans/ssl_labs/ssl_labs_multiple_v1.5.0.json", encoding="utf-8") as test_file: + with open(get_unit_tests_scans_path("ssl_labs") / "ssl_labs_multiple_v1.5.0.json", encoding="utf-8") as test_file: findings = parser.get_findings(test_file, Test()) for finding in findings: for endpoint in finding.unsaved_endpoints: diff --git a/unittests/tools/test_sslscan_parser.py b/unittests/tools/test_sslscan_parser.py index c7bfe5abba..32eab6cdf7 100644 --- a/unittests/tools/test_sslscan_parser.py +++ b/unittests/tools/test_sslscan_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.sslscan.parser import SslscanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSslscanParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/sslscan/sslscan_no_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sslscan") / "sslscan_no_vuln.xml", encoding="utf-8") as testfile: parser = SslscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/sslscan/sslscan_one_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sslscan") / "sslscan_one_vuln.xml", encoding="utf-8") as testfile: parser = SslscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): endpoint.clean() def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/sslscan/sslscan_many_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sslscan") / "sslscan_many_vuln.xml", encoding="utf-8") as testfile: parser = SslscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) diff --git a/unittests/tools/test_sslyze_parser.py b/unittests/tools/test_sslyze_parser.py index 05349de67a..758634ea85 100644 --- a/unittests/tools/test_sslyze_parser.py +++ b/unittests/tools/test_sslyze_parser.py @@ -1,26 +1,23 @@ -from os import path -from pathlib import Path - from dojo.models import Test from dojo.tools.sslyze.parser import SslyzeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestSslyzeJSONParser(DojoTestCase): def test_parse_json_file_with_one_target_has_zero_vuln_old(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_zero_vuln_old.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_zero_vuln_old.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_json_file_issue_9848(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/issue_9848.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/issue_9848.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_json_file_with_one_target_has_one_vuln_old(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_one_vuln_old.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_one_vuln_old.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -42,7 +39,7 @@ def test_parse_json_file_with_one_target_has_one_vuln_old(self): self.assertEqual(443, endpoint.port) def test_parse_json_file_with_one_target_has_four_vuln_old(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_many_vuln_old.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_many_vuln_old.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -55,20 +52,20 @@ def test_parse_json_file_with_one_target_has_four_vuln_old(self): self.assertEqual("CVE-2014-0224", findings[1].unsaved_vulnerability_ids[0]) def test_parse_json_file_with_two_target_has_many_vuln_old(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/two_targets_two_vuln_old.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/two_targets_two_vuln_old.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(2, len(findings)) def test_parse_json_file_with_one_target_has_zero_vuln_new(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_zero_vuln_new.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_zero_vuln_new.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_json_file_with_one_target_has_one_vuln_new(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_one_vuln_new.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_one_vuln_new.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) @@ -105,13 +102,13 @@ def test_parse_json_file_with_one_target_has_one_vuln_new(self): self.assertEqual(443, endpoint.port) def test_parse_json_file_with_one_target_has_three_vuln_new(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/one_target_many_vuln_new.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/one_target_many_vuln_new.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_json_file_with_two_target_has_many_vuln_new(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/two_targets_many_vuln_new.json"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/two_targets_many_vuln_new.json", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) @@ -160,7 +157,7 @@ def test_parse_json_file_with_two_target_has_many_vuln_new(self): class TestSSLyzeXMLParser(DojoTestCase): def test_parse_file_with_one_target_has_three_vuln(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/report_one_target_three_vuln.xml", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -169,7 +166,7 @@ def test_parse_file_with_one_target_has_three_vuln(self): self.assertEqual(3, len(findings)) def test_parse_xml_file_with_one_target_has_one_vuln(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_one_vuln.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/report_one_target_one_vuln.xml", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -178,7 +175,7 @@ def test_parse_xml_file_with_one_target_has_one_vuln(self): self.assertEqual(1, len(findings)) def test_parse_xml_file_with_one_target_has_three_vuln(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/report_one_target_three_vuln.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/report_one_target_three_vuln.xml", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -187,7 +184,7 @@ def test_parse_xml_file_with_one_target_has_three_vuln(self): self.assertEqual(3, len(findings)) def test_parse_xml_file_with_two_target_has_many_vuln(self): - with open(path.join(Path(__file__).parent, "../scans/sslyze/report_two_target_many_vuln.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "sslyze/report_two_target_many_vuln.xml", encoding="utf-8") as testfile: parser = SslyzeParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_stackhawk_parser.py b/unittests/tools/test_stackhawk_parser.py index 7f63ea1d45..10dcd41e86 100644 --- a/unittests/tools/test_stackhawk_parser.py +++ b/unittests/tools/test_stackhawk_parser.py @@ -2,32 +2,32 @@ from dojo.models import Finding, Test from dojo.tools.stackhawk.parser import StackHawkParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestStackHawkParser(DojoTestCase): __test_datetime = datetime.datetime(2022, 2, 16, 23, 7, 19, 575000, datetime.UTC) def test_invalid_json_format(self): - with open("unittests/scans/stackhawk/invalid.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "invalid.json", encoding="utf-8") as testfile: parser = StackHawkParser() with self.assertRaises(ValueError): parser.get_findings(testfile, Test()) def test_parser_ensures_data_is_for_stackhawk_before_parsing(self): - with open("unittests/scans/stackhawk/oddly_familiar_json_that_isnt_us.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "oddly_familiar_json_that_isnt_us.json", encoding="utf-8") as testfile: parser = StackHawkParser() with self.assertRaises(ValueError): parser.get_findings(testfile, Test()) def test_stackhawk_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/stackhawk/stackhawk_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_zero_vul.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_stackhawk_parser_with_one_high_vuln_has_one_findings(self): - with open("unittests/scans/stackhawk/stackhawk_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_one_vul.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -50,7 +50,7 @@ def test_stackhawk_parser_with_one_high_vuln_has_one_findings(self): ) def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicates(self): - with open("unittests/scans/stackhawk/stackhawk_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_many_vul.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -141,7 +141,7 @@ def test_stackhawk_parser_with_many_vuln_has_many_findings_and_removes_duplicate ) def test_that_a_scan_import_updates_the_test_description(self): - with open("unittests/scans/stackhawk/stackhawk_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_zero_vul.json", encoding="utf-8") as testfile: parser = StackHawkParser() test = Test() parser.get_findings(testfile, test) @@ -153,7 +153,7 @@ def test_that_a_scan_import_updates_the_test_description(self): ) def test_that_a_scan_with_all_false_positive_endpoints_on_a_finding_marks_as_false_positive(self): - with open("unittests/scans/stackhawk/stackhawk_one_vuln_all_endpoints_false_positive.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_one_vuln_all_endpoints_false_positive.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -173,7 +173,7 @@ def test_that_a_scan_with_all_false_positive_endpoints_on_a_finding_marks_as_fal ) def test_that_a_scan_with_all_risk_accepted_endpoints_on_a_finding_marks_as_risk_accepted(self): - with open("unittests/scans/stackhawk/stackhawk_one_vuln_all_endpoints_risk_accepted.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_one_vuln_all_endpoints_risk_accepted.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) @@ -193,7 +193,7 @@ def test_that_a_scan_with_all_risk_accepted_endpoints_on_a_finding_marks_as_risk ) def test_that_a_scan_with_endpoints_in_differing_statuses_does_not_mark_as_risk_accepted_or_false_positive(self): - with open("unittests/scans/stackhawk/stackhawk_one_vuln_all_endpoints_have_different_status.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("stackhawk") / "stackhawk_one_vuln_all_endpoints_have_different_status.json", encoding="utf-8") as testfile: parser = StackHawkParser() findings = parser.get_findings(testfile, Test()) self.__assertAllEndpointsAreClean(findings) diff --git a/unittests/tools/test_sysdig_reports_parser.py b/unittests/tools/test_sysdig_reports_parser.py index d67ea363c0..5afc7eb243 100644 --- a/unittests/tools/test_sysdig_reports_parser.py +++ b/unittests/tools/test_sysdig_reports_parser.py @@ -1,19 +1,18 @@ -from django.test import TestCase - from dojo.models import Test from dojo.tools.sysdig_reports.parser import SysdigReportsParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestSysdigParser(TestCase): +class TestSysdigParser(DojoTestCase): def test_sysdig_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/sysdig_reports/sysdig_reports_zero_vul.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig_reports_zero_vul.csv", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_sysdig_parser_with_one_criticle_vuln_has_one_findings(self): - with open("unittests/scans/sysdig_reports/sysdig_reports_one_vul.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig_reports_one_vul.csv", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -25,7 +24,7 @@ def test_sysdig_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual("CVE-2018-19360", findings[0].unsaved_vulnerability_ids[0]) def test_sysdig_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/sysdig_reports/sysdig_reports_many_vul.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig_reports_many_vul.csv", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -35,7 +34,7 @@ def test_sysdig_parser_with_many_vuln_has_many_findings(self): def test_sysdig_parser_missing_cve_field_id_from_csv_file(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/sysdig_reports/sysdig_reports_missing_cve_field.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig_reports_missing_cve_field.csv", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -47,7 +46,7 @@ def test_sysdig_parser_missing_cve_field_id_from_csv_file(self): def test_sysdig_parser_missing_cve_field_not_starting_with_cve(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/sysdig_reports/sysdig_reports_not_starting_with_cve.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig_reports_not_starting_with_cve.csv", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -58,7 +57,7 @@ def test_sysdig_parser_missing_cve_field_not_starting_with_cve(self): ) def test_sysdig_parser_json_with_many_findings(self): - with open("unittests/scans/sysdig_reports/sysdig.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("sysdig_reports") / "sysdig.json", encoding="utf-8") as testfile: parser = SysdigReportsParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_talisman_parser.py b/unittests/tools/test_talisman_parser.py index 5f41d1da24..65be4218d0 100644 --- a/unittests/tools/test_talisman_parser.py +++ b/unittests/tools/test_talisman_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.talisman.parser import TalismanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTalismanParser(DojoTestCase): def test_parse_empty(self): - with open("unittests/scans/talisman/no_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("talisman") / "no_finding.json", encoding="utf-8") as testfile: parser = TalismanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/talisman/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("talisman") / "one_finding.json", encoding="utf-8") as testfile: parser = TalismanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -21,7 +21,7 @@ def test_parse_one_finding(self): self.assertIsNotNone(finding.description) def test_parse_many_finding(self): - with open("unittests/scans/talisman/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("talisman") / "many_findings.json", encoding="utf-8") as testfile: parser = TalismanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) diff --git a/unittests/tools/test_tenable_parser.py b/unittests/tools/test_tenable_parser.py index 449510393c..d277ed9658 100644 --- a/unittests/tools/test_tenable_parser.py +++ b/unittests/tools/test_tenable_parser.py @@ -1,9 +1,6 @@ -from os import path -from pathlib import Path - from dojo.models import Engagement, Finding, Product, Test from dojo.tools.tenable.parser import TenableParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTenableParser(DojoTestCase): @@ -14,7 +11,7 @@ def create_test(self): return test def test_parse_some_findings_nessus_legacy(self): - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln.xml", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -31,7 +28,7 @@ def test_parse_some_findings_nessus_legacy(self): def test_parse_some_findings_csv_nessus_legacy(self): """Test one report provided by a user""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -61,7 +58,7 @@ def test_parse_some_findings_csv_nessus_legacy(self): def test_parse_some_findings_csv2_nessus_legacy(self): """Test that use default columns of Nessus Pro 8.13.1 (#257)""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-default.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln2-default.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -83,7 +80,7 @@ def test_parse_some_findings_csv2_nessus_legacy(self): def test_parse_some_findings_csv2_all_nessus_legacy(self): """Test that use a report with all columns of Nessus Pro 8.13.1 (#257)""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln2-all.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -105,19 +102,19 @@ def test_parse_some_findings_csv2_all_nessus_legacy(self): def test_parse_some_findings_csv_bytes_nessus_legacy(self): """This tests is designed to test the parser with different read modes""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln2-all.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: for endpoint in finding.unsaved_endpoints: endpoint.clean() - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln2-all.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: for endpoint in finding.unsaved_endpoints: endpoint.clean() - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_many_vuln2-all.csv"), "rb") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_many_vuln2-all.csv", "rb") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -126,7 +123,7 @@ def test_parse_some_findings_csv_bytes_nessus_legacy(self): def test_parse_some_findings_samples_nessus_legacy(self): """Test that come from samples repo""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_v_unknown.xml"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_v_unknown.xml", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -157,7 +154,7 @@ def test_parse_some_findings_samples_nessus_legacy(self): def test_parse_some_findings_with_cvssv3_nessus_legacy(self): """Test with cvssv3""" - with open(path.join(Path(__file__).parent, "../scans/tenable/nessus/nessus_with_cvssv3.nessus"), encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path() / "tenable/nessus/nessus_with_cvssv3.nessus", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -172,7 +169,7 @@ def test_parse_some_findings_with_cvssv3_nessus_legacy(self): self.assertEqual("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", finding.cvssv3) def test_parse_many_findings_xml_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_many_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_many_vuln.xml", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -188,7 +185,7 @@ def test_parse_many_findings_xml_nessus_was_legacy(self): self.assertEqual("Cross-Site Scripting (XSS)", finding.title) def test_parse_one_findings_xml_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_one_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_one_vuln.xml", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -202,7 +199,7 @@ def test_parse_one_findings_xml_nessus_was_legacy(self): self.assertEqual("Cross-Site Scripting (XSS)", finding.title) def test_parse_no_findings_xml_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_no_vuln.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_no_vuln.xml", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -211,7 +208,7 @@ def test_parse_no_findings_xml_nessus_was_legacy(self): self.assertEqual(0, len(findings)) def test_parse_many_findings_csv_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_many_vuln.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -229,7 +226,7 @@ def test_parse_many_findings_csv_nessus_was_legacy(self): self.assertEqual("http", finding.unsaved_endpoints[0].protocol) def test_parse_one_findings_csv_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_one_vuln.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -245,13 +242,13 @@ def test_parse_one_findings_csv_nessus_was_legacy(self): self.assertEqual("http", finding.unsaved_endpoints[0].protocol) def test_parse_no_findings_csv_nessus_was_legacy(self): - with open("unittests/scans/tenable/nessus_was/nessus_was_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus_was") / "nessus_was_no_vuln.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) self.assertEqual(0, len(findings)) def test_parse_many_tenable_vulns(self): - with open("unittests/scans/tenable/tenable_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable") / "tenable_many_vuln.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -271,7 +268,7 @@ def test_parse_many_tenable_vulns(self): self.assertEqual("CVE-2023-32233", vulnerability_id) def test_parse_issue_6992(self): - with open("unittests/scans/tenable/nessus/issue_6992.nessus", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus") / "issue_6992.nessus", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -281,7 +278,7 @@ def test_parse_issue_6992(self): self.assertEqual("High", findings[0].severity) def test_parse_nessus_new(self): - with open("unittests/scans/tenable/nessus/nessus_new.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable/nessus") / "nessus_new.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) self.assertEqual(99, len(findings)) @@ -292,7 +289,7 @@ def test_parse_nessus_new(self): self.assertEqual("3.1", finding.cvssv3_score) def test_parse_issue_9612(self): - with open("unittests/scans/tenable/issue_9612.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable") / "issue_9612.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -302,7 +299,7 @@ def test_parse_issue_9612(self): self.assertEqual("Critical", findings[0].severity) def test_parse_issue_11102(self): - with open("unittests/scans/tenable/issue_11102.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable") / "issue_11102.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: @@ -312,7 +309,7 @@ def test_parse_issue_11102(self): self.assertEqual("Reconfigure the affected application if possible to avoid use of medium strength ciphers.", findings[0].mitigation) def test_parse_issue_11127(self): - with open("unittests/scans/tenable/issue_11102.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tenable") / "issue_11102.csv", encoding="utf-8") as testfile: parser = TenableParser() findings = parser.get_findings(testfile, self.create_test()) for finding in findings: diff --git a/unittests/tools/test_terrascan_parser.py b/unittests/tools/test_terrascan_parser.py index 9046908ea2..531fd269c6 100644 --- a/unittests/tools/test_terrascan_parser.py +++ b/unittests/tools/test_terrascan_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.terrascan.parser import TerrascanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTerrascanParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/terrascan/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("terrascan") / "no_findings.json", encoding="utf-8") as testfile: parser = TerrascanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_many_findings(self): - with open("unittests/scans/terrascan/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("terrascan") / "many_findings.json", encoding="utf-8") as testfile: parser = TerrascanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) diff --git a/unittests/tools/test_testssl_parser.py b/unittests/tools/test_testssl_parser.py index 978a48b794..22dffec634 100644 --- a/unittests/tools/test_testssl_parser.py +++ b/unittests/tools/test_testssl_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.testssl.parser import TestsslParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTestsslParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_finding(self): - with open("unittests/scans/testssl/defectdojo_no_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "defectdojo_no_vuln.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln_has_one_finding(self): - with open("unittests/scans/testssl/defectdojo_one_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "defectdojo_one_vuln.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -21,7 +21,7 @@ def test_parse_file_with_one_vuln_has_one_finding(self): self.assertEqual(1, len(findings)) def test_parse_file_with_many_vuln_has_many_findings(self): - with open("unittests/scans/testssl/defectdojo_many_vuln.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "defectdojo_many_vuln.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -45,7 +45,7 @@ def test_parse_file_with_many_vuln_has_many_findings(self): self.assertEqual(310, finding.cwe) def test_parse_file_with_many_cves(self): - with open("unittests/scans/testssl/many_cves.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "many_cves.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -66,7 +66,7 @@ def test_parse_file_with_many_cves(self): self.assertEqual(310, finding.cwe) def test_parse_file_with_31_version(self): - with open("unittests/scans/testssl/demo.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "demo.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -75,7 +75,7 @@ def test_parse_file_with_31_version(self): self.assertEqual(12, len(findings)) def test_parse_file_with_31_version2(self): - with open("unittests/scans/testssl/demo2.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "demo2.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -84,7 +84,7 @@ def test_parse_file_with_31_version2(self): self.assertEqual(3, len(findings)) def test_parse_file_with_one_vuln_has_overall_medium(self): - with open("unittests/scans/testssl/overall_medium.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "overall_medium.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -93,7 +93,7 @@ def test_parse_file_with_one_vuln_has_overall_medium(self): self.assertEqual(2, len(findings)) def test_parse_file_with_one_vuln_has_overall_critical(self): - with open("unittests/scans/testssl/overall_critical.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "overall_critical.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -102,7 +102,7 @@ def test_parse_file_with_one_vuln_has_overall_critical(self): self.assertEqual(145, len(findings)) def test_parse_file_with_one_vuln_has_failed_target(self): - with open("unittests/scans/testssl/failed_target.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("testssl") / "failed_target.csv", encoding="utf-8") as testfile: parser = TestsslParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_tfsec_parser.py b/unittests/tools/test_tfsec_parser.py index 814a5154d6..18d0ea1339 100644 --- a/unittests/tools/test_tfsec_parser.py +++ b/unittests/tools/test_tfsec_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.tfsec.parser import TFSecParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTFSecParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/tfsec/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tfsec") / "no_findings.json", encoding="utf-8") as testfile: parser = TFSecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding_legacy(self): - with open("unittests/scans/tfsec/one_finding_legacy.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tfsec") / "one_finding_legacy.json", encoding="utf-8") as testfile: parser = TFSecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -31,7 +31,7 @@ def test_parse_one_finding_legacy(self): self.assertEqual(1, finding.nb_occurences) def test_parse_many_findings_legacy(self): - with open("unittests/scans/tfsec/many_findings_legacy.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tfsec") / "many_findings_legacy.json", encoding="utf-8") as testfile: parser = TFSecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -76,7 +76,7 @@ def test_parse_many_findings_legacy(self): self.assertEqual(1, finding.nb_occurences) def test_parse_many_findings_current(self): - with open("unittests/scans/tfsec/many_findings_current.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("tfsec") / "many_findings_current.json", encoding="utf-8") as testfile: parser = TFSecParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(13, len(findings)) diff --git a/unittests/tools/test_threagile_parser.py b/unittests/tools/test_threagile_parser.py index 8bfe657fce..71e9720644 100644 --- a/unittests/tools/test_threagile_parser.py +++ b/unittests/tools/test_threagile_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.threagile.parser import ThreagileParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestThreAgileParser(DojoTestCase): def test_non_threagile_file_raises_error(self): - with open("unittests/scans/threagile/bad_formatted_risks_file.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "bad_formatted_risks_file.json", encoding="utf-8") as testfile: parser = ThreagileParser() with self.assertRaises(TypeError) as exc_context: parser.get_findings(testfile, Test()) @@ -13,13 +13,13 @@ def test_non_threagile_file_raises_error(self): self.assertEqual("Invalid ThreAgile risks file", str(exc)) def test_empty_file_returns_no_findings(self): - with open("unittests/scans/threagile/empty_file_no_risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "empty_file_no_risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_file_with_vulnerabilities_returns_correct_findings(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(6, len(findings)) @@ -33,28 +33,28 @@ def test_file_with_vulnerabilities_returns_correct_findings(self): self.assertEqual("policies-rego-storage-ta", finding.component_name) def test_in_discussion_is_under_review(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) finding = findings[1] self.assertTrue(finding.under_review) def test_accepted_finding_is_accepted(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) finding = findings[2] self.assertTrue(finding.risk_accepted) def test_in_progress_is_verified(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) finding = findings[3] self.assertTrue(finding.verified) def test_mitigated_is_mitigated(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) finding = findings[4] @@ -62,7 +62,7 @@ def test_mitigated_is_mitigated(self): self.assertEqual("some-runtime", finding.component_name) def test_false_positive_is_false_positive(self): - with open("unittests/scans/threagile/risks.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("threagile") / "risks.json", encoding="utf-8") as testfile: parser = ThreagileParser() findings = parser.get_findings(testfile, Test()) finding = findings[5] diff --git a/unittests/tools/test_threat_composer_parser.py b/unittests/tools/test_threat_composer_parser.py index 9dfbf524c6..93a7b41314 100644 --- a/unittests/tools/test_threat_composer_parser.py +++ b/unittests/tools/test_threat_composer_parser.py @@ -1,24 +1,24 @@ -import os + from dojo.models import Test from dojo.tools.threat_composer.parser import ThreatComposerParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name: str): - return os.path.join("/scans/threat_composer", file_name) + return get_unit_tests_scans_path("threat_composer") / file_name class TestThreatComposerParser(DojoTestCase): def test_threat_composer_parser_with_no_threat_has_no_findings(self): - with open(get_unit_tests_path() + sample_path("threat_composer_zero_threats.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_zero_threats.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_threat_composer_parser_with_one_threat_has_one_finding(self): - with open(get_unit_tests_path() + sample_path("threat_composer_one_threat.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_one_threat.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -38,28 +38,28 @@ def test_threat_composer_parser_with_one_threat_has_one_finding(self): self.assertFalse(finding.verified) def test_threat_composer_parser_with_many_threats_has_many_findings(self): - with open(get_unit_tests_path() + sample_path("threat_composer_many_threats.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_many_threats.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(21, len(findings)) def test_threat_composer_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open(get_unit_tests_path() + sample_path("threat_composer_no_threats_with_error.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_no_threats_with_error.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() parser.get_findings(testfile, Test()) self.assertNotIn("No threats found in the JSON file", str(context.exception)) def test_threat_composer_parser_with_one_threat_has_not_assumptions(self): - with open(get_unit_tests_path() + sample_path("threat_composer_broken_assumptions.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_broken_assumptions.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() findings = parser.get_findings(testfile, Test()) finding = findings[0] self.assertNotIn("Assumption", str(finding.description)) def test_threat_composer_parser_with_one_threat_has_not_mitigations(self): - with open(get_unit_tests_path() + sample_path("threat_composer_broken_mitigations.json"), encoding="utf-8") as testfile: + with open(sample_path("threat_composer_broken_mitigations.json"), encoding="utf-8") as testfile: parser = ThreatComposerParser() findings = parser.get_findings(testfile, Test()) finding = findings[0] diff --git a/unittests/tools/test_trivy_operator_parser.py b/unittests/tools/test_trivy_operator_parser.py index 2c657d5bae..395339292a 100644 --- a/unittests/tools/test_trivy_operator_parser.py +++ b/unittests/tools/test_trivy_operator_parser.py @@ -1,12 +1,11 @@ -import os.path from dojo.models import Test from dojo.tools.trivy_operator.parser import TrivyOperatorParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path() + "/scans/trivy_operator", file_name) + return get_unit_tests_scans_path("trivy_operator") / file_name class TestTrivyOperatorParser(DojoTestCase): diff --git a/unittests/tools/test_trivy_parser.py b/unittests/tools/test_trivy_parser.py index 0201368798..f566adac98 100644 --- a/unittests/tools/test_trivy_parser.py +++ b/unittests/tools/test_trivy_parser.py @@ -1,13 +1,12 @@ -import os.path import re from dojo.models import Test from dojo.tools.trivy.parser import TrivyParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path() + "/scans/trivy", file_name) + return get_unit_tests_scans_path("trivy") / file_name class TestTrivyParser(DojoTestCase): diff --git a/unittests/tools/test_trufflehog3_parser.py b/unittests/tools/test_trufflehog3_parser.py index 2e8a8523c2..f46482b35d 100644 --- a/unittests/tools/test_trufflehog3_parser.py +++ b/unittests/tools/test_trufflehog3_parser.py @@ -1,13 +1,12 @@ import datetime -import os.path from dojo.models import Test from dojo.tools.trufflehog3.parser import TruffleHog3Parser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path() + "/scans/trufflehog3", file_name) + return get_unit_tests_scans_path("trufflehog3") / file_name class TestTruffleHog3Parser(DojoTestCase): diff --git a/unittests/tools/test_trufflehog_parser.py b/unittests/tools/test_trufflehog_parser.py index cfb7a6f86e..43252645b5 100644 --- a/unittests/tools/test_trufflehog_parser.py +++ b/unittests/tools/test_trufflehog_parser.py @@ -1,12 +1,11 @@ -import os.path from dojo.models import Test from dojo.tools.trufflehog.parser import TruffleHogParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path() + "/scans/trufflehog", file_name) + return get_unit_tests_scans_path("trufflehog") / file_name class TestTruffleHogParser(DojoTestCase): diff --git a/unittests/tools/test_trustwave_fusion_api_parser.py b/unittests/tools/test_trustwave_fusion_api_parser.py index c11c1eeb68..673e5355b6 100644 --- a/unittests/tools/test_trustwave_fusion_api_parser.py +++ b/unittests/tools/test_trustwave_fusion_api_parser.py @@ -1,19 +1,19 @@ from dojo.models import Test from dojo.tools.trustwave_fusion_api.parser import TrustwaveFusionAPIParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTrustwaveFusionAPIParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with open( - get_unit_tests_path() + "/scans/trustwave_fusion_api/trustwave_fusion_api_zero_vul.json", encoding="utf-8", + get_unit_tests_scans_path("trustwave_fusion_api") / "trustwave_fusion_api_zero_vul.json", encoding="utf-8", ) as testfile: parser = TrustwaveFusionAPIParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_vuln_with_valid_cve(self): - with open("unittests/scans/trustwave_fusion_api/test_cve.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("trustwave_fusion_api") / "test_cve.json", encoding="utf-8") as testfile: parser = TrustwaveFusionAPIParser() findings = parser.get_findings(testfile, Test()) @@ -42,7 +42,7 @@ def test_vuln_with_valid_cve(self): def test_parse_file_with_multiple_vuln_has_multiple_findings(self): with open( - get_unit_tests_path() + "/scans/trustwave_fusion_api/trustwave_fusion_api_many_vul.json", encoding="utf-8", + get_unit_tests_scans_path("trustwave_fusion_api") / "trustwave_fusion_api_many_vul.json", encoding="utf-8", ) as testfile: parser = TrustwaveFusionAPIParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_trustwave_parser.py b/unittests/tools/test_trustwave_parser.py index 8f8d7150eb..5a53268d04 100644 --- a/unittests/tools/test_trustwave_parser.py +++ b/unittests/tools/test_trustwave_parser.py @@ -1,12 +1,11 @@ -import os.path from dojo.models import Engagement, Product, Test from dojo.tools.trustwave.parser import TrustwaveParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path def sample_path(file_name): - return os.path.join(get_unit_tests_path() + "/scans/trustwave", file_name) + return get_unit_tests_scans_path("trustwave") / file_name class TestTrustwaveParser(DojoTestCase): diff --git a/unittests/tools/test_twistlock_parser.py b/unittests/tools/test_twistlock_parser.py index b774c70462..8374d02ba5 100644 --- a/unittests/tools/test_twistlock_parser.py +++ b/unittests/tools/test_twistlock_parser.py @@ -1,21 +1,18 @@ -from os import path -from pathlib import Path - from dojo.models import Test from dojo.tools.twistlock.parser import TwistlockParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestTwistlockParser(DojoTestCase): def test_parse_file_with_no_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/no_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "twistlock/no_vuln.json", encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_parse_file_with_one_vuln(self): - testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/one_vuln.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "twistlock/one_vuln.json", encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -24,7 +21,7 @@ def test_parse_file_with_one_vuln(self): self.assertEqual("CVE-2013-7459", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_no_link(self): - testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/one_vuln_no_link.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "twistlock/one_vuln_no_link.json", encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -33,14 +30,14 @@ def test_parse_file_with_no_link(self): self.assertEqual("PRISMA-2021-0013", findings[0].unsaved_vulnerability_ids[0]) def test_parse_file_with_many_vulns(self): - testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/many_vulns.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "twistlock/many_vulns.json", encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(5, len(findings)) def test_parse_file_which_contain_packages_info(self): - testfile = open(path.join(Path(__file__).parent, "../scans/twistlock/findings_include_packages.json"), encoding="utf-8") + testfile = open(get_unit_tests_scans_path() / "twistlock/findings_include_packages.json", encoding="utf-8") parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -48,7 +45,7 @@ def test_parse_file_which_contain_packages_info(self): def test_parse_file_prisma_twistlock_images_no_vuln(self): testfile = open( - path.join(Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_no_vuln.csv"), encoding="utf-8", + get_unit_tests_scans_path() / "twistlock/scan_report_prisma_twistlock_images_no_vuln.csv", encoding="utf-8", ) parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) @@ -57,7 +54,7 @@ def test_parse_file_prisma_twistlock_images_no_vuln(self): def test_parse_file_prisma_twistlock_images_four_vulns(self): testfile = open( - path.join(Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_four_vulns.csv"), encoding="utf-8", + get_unit_tests_scans_path() / "twistlock/scan_report_prisma_twistlock_images_four_vulns.csv", encoding="utf-8", ) parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) @@ -68,9 +65,8 @@ def test_parse_file_prisma_twistlock_images_four_vulns(self): def test_parse_file_prisma_twistlock_images_long_package_name(self): testfile = open( - path.join( - Path(__file__).parent, "../scans/twistlock/scan_report_prisma_twistlock_images_long_package_name.csv", - ), encoding="utf-8", + get_unit_tests_scans_path() / "twistlock/scan_report_prisma_twistlock_images_long_package_name.csv", + encoding="utf-8", ) parser = TwistlockParser() findings = parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_veracode_parser.py b/unittests/tools/test_veracode_parser.py index 1f2ab6626a..64861a3a04 100644 --- a/unittests/tools/test_veracode_parser.py +++ b/unittests/tools/test_veracode_parser.py @@ -4,7 +4,7 @@ from dojo.models import Endpoint, Engagement, Product, Product_Type, Test from dojo.tools.veracode.parser import VeracodeParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestVeracodeScannerParser(DojoTestCase): @@ -24,7 +24,7 @@ def test_parse_file_with_one_finding(self): self.parse_file_with_one_finding() def parse_file_with_one_finding(self): - with open("unittests/scans/veracode/one_finding.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "one_finding.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -37,7 +37,7 @@ def test_parse_file_many_findings_different_hash_code_different_unique_id(self): self.parse_file_many_findings_different_hash_code_different_unique_id() def parse_file_many_findings_different_hash_code_different_unique_id(self): - with open("unittests/scans/veracode/many_findings_different_hash_code_different_unique_id.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "many_findings_different_hash_code_different_unique_id.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -68,7 +68,7 @@ def test_parse_file_with_multiple_finding(self): self.parse_file_with_multiple_finding() def parse_file_with_multiple_finding(self): - with open("unittests/scans/veracode/many_findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "many_findings.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(4, len(findings)) @@ -113,7 +113,7 @@ def test_parse_file_with_multiple_finding2(self): self.assertEqual(datetime.datetime.today().date(), finding.date) def parse_file_with_multiple_finding2(self): - with open("unittests/scans/veracode/veracode_scan.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "veracode_scan.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) @@ -147,7 +147,7 @@ def test_parse_file_with_mitigated_finding(self): self.parse_file_with_mitigated_finding() def parse_file_with_mitigated_finding(self): - with open("unittests/scans/veracode/mitigated_finding.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "mitigated_finding.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, self.test) self.assertEqual(1, len(findings)) @@ -166,7 +166,7 @@ def test_parse_file_with_mitigated_fixed_finding(self): self.parse_file_with_mitigated_fixed_finding() def parse_file_with_mitigated_fixed_finding(self): - with open("unittests/scans/veracode/mitigated_fixed_finding.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "mitigated_fixed_finding.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -183,7 +183,7 @@ def test_parse_file_with_mitigated_sca_finding(self): self.parse_file_with_mitigated_sca_finding() def parse_file_with_mitigated_sca_finding(self): - with open("unittests/scans/veracode/veracode_scan_sca_mitigated.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "veracode_scan_sca_mitigated.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -202,7 +202,7 @@ def test_parse_file_with_dynamic_finding(self): self.assertEqual(datetime.datetime.today().date(), finding.date) def parse_file_with_dynamic_finding(self): - with open("unittests/scans/veracode/dynamic_finding.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "dynamic_finding.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -230,7 +230,7 @@ def test_parse_file_with_changed_severity(self): self.parse_file_with_changed_severity() def parse_file_with_changed_severity(self): - with open("unittests/scans/veracode/veracode_scan_changed_severity.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "veracode_scan_changed_severity.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) @@ -252,7 +252,7 @@ def test_maven_component_name(self): self.maven_component_name() def maven_component_name(self): - with open("unittests/scans/veracode/veracode_maven.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode") / "veracode_maven.xml", encoding="utf-8") as testfile: parser = VeracodeParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -329,7 +329,7 @@ def test_json_static_findings_list_format(self): self.json_static_findings_list_format() def json_static_findings_list_format(self): - self.json_static_findings_test("unittests/scans/veracode/static_findings_list_format.json") + self.json_static_findings_test(get_unit_tests_scans_path("veracode") / "static_findings_list_format.json") @override_settings(USE_FIRST_SEEN=True) def test_json_static_embedded_format_first_seen(self): @@ -339,7 +339,7 @@ def test_json_static_embedded_format(self): self.json_static_embedded_format() def json_static_embedded_format(self): - self.json_static_findings_test("unittests/scans/veracode/static_embedded_format.json") + self.json_static_findings_test(get_unit_tests_scans_path("veracode") / "static_embedded_format.json") def json_dynamic_findings_test(self, file_name): with open(file_name, encoding="utf-8") as testfile: @@ -401,7 +401,7 @@ def test_json_dynamic_findings_list_format(self): self.json_dynamic_findings_list_format() def json_dynamic_findings_list_format(self): - self.json_dynamic_findings_test("unittests/scans/veracode/dynamic_findings_list_format.json") + self.json_dynamic_findings_test(get_unit_tests_scans_path("veracode") / "dynamic_findings_list_format.json") @override_settings(USE_FIRST_SEEN=True) def test_json_dynamic_embedded_format_first_seen(self): @@ -411,7 +411,7 @@ def test_json_dynamic_embedded_format(self): self.json_dynamic_embedded_format() def json_dynamic_embedded_format(self): - self.json_dynamic_findings_test("unittests/scans/veracode/dynamic_embedded_format.json") + self.json_dynamic_findings_test(get_unit_tests_scans_path("veracode") / "dynamic_embedded_format.json") def json_sca_findings_test(self, file_name): with open(file_name, encoding="utf-8") as testfile: @@ -490,7 +490,7 @@ def test_json_sca_findings_list_format(self): self.json_sca_findings_list_format() def json_sca_findings_list_format(self): - self.json_sca_findings_test("unittests/scans/veracode/sca_findings_list_format.json") + self.json_sca_findings_test(get_unit_tests_scans_path("veracode") / "sca_findings_list_format.json") @override_settings(USE_FIRST_SEEN=True) def test_json_sca_embedded_format_first_seen(self): @@ -500,4 +500,4 @@ def test_json_sca_embedded_format(self): self.json_sca_embedded_format() def json_sca_embedded_format(self): - self.json_sca_findings_test("unittests/scans/veracode/sca_embedded_format.json") + self.json_sca_findings_test(get_unit_tests_scans_path("veracode") / "sca_embedded_format.json") diff --git a/unittests/tools/test_veracode_sca_parser.py b/unittests/tools/test_veracode_sca_parser.py index 0951f5024d..2c3ebe3f32 100644 --- a/unittests/tools/test_veracode_sca_parser.py +++ b/unittests/tools/test_veracode_sca_parser.py @@ -5,7 +5,7 @@ from dojo.models import Test from dojo.tools.veracode_sca.parser import VeracodeScaParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestVeracodeScaScannerParser(DojoTestCase): @@ -18,7 +18,7 @@ def test_parse_csv(self): self.parse_csv() def parse_csv(self): - with open("unittests/scans/veracode_sca/veracode_sca.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode_sca") / "veracode_sca.csv", encoding="utf-8") as testfile: parser = VeracodeScaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) @@ -67,7 +67,7 @@ def test_parse_json(self): self.parse_json() def parse_json(self): - with open("unittests/scans/veracode_sca/veracode_sca.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode_sca") / "veracode_sca.json", encoding="utf-8") as testfile: parser = VeracodeScaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -93,7 +93,7 @@ def test_parse_json_fixed(self): self.parse_json_fixed() def parse_json_fixed(self): - with open("unittests/scans/veracode_sca/veracode_sca_fixed.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("veracode_sca") / "veracode_sca_fixed.json", encoding="utf-8") as testfile: parser = VeracodeScaParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) diff --git a/unittests/tools/test_wapiti_parser.py b/unittests/tools/test_wapiti_parser.py index 2227890442..147f95f572 100644 --- a/unittests/tools/test_wapiti_parser.py +++ b/unittests/tools/test_wapiti_parser.py @@ -1,13 +1,13 @@ from dojo.models import Test from dojo.tools.wapiti.parser import WapitiParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWapitiParser(DojoTestCase): def test_parse_file_3_0_4(self): """Generated with version 3.0.4 on OWASP Juicy Shop""" - with open("unittests/scans/wapiti/juicyshop.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wapiti") / "juicyshop.xml", encoding="utf-8") as testfile: parser = WapitiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -28,7 +28,7 @@ def test_parse_file_3_0_4(self): def test_parse_file_demo(self): """""" - with open("unittests/scans/wapiti/demo.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wapiti") / "demo.xml", encoding="utf-8") as testfile: parser = WapitiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -41,7 +41,7 @@ def test_parse_file_demo(self): def test_parse_file_example(self): """""" - with open("unittests/scans/wapiti/example.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wapiti") / "example.xml", encoding="utf-8") as testfile: parser = WapitiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -54,7 +54,7 @@ def test_parse_file_example(self): def test_parse_cwe(self): """File to test CWE""" - with open("unittests/scans/wapiti/cwe.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wapiti") / "cwe.xml", encoding="utf-8") as testfile: parser = WapitiParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_wazuh_parser.py b/unittests/tools/test_wazuh_parser.py index 3c8a33b003..67c1c90d30 100644 --- a/unittests/tools/test_wazuh_parser.py +++ b/unittests/tools/test_wazuh_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.wazuh.parser import WazuhParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWazuhParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/wazuh/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wazuh") / "no_findings.json", encoding="utf-8") as testfile: parser = WazuhParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/wazuh/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wazuh") / "one_finding.json", encoding="utf-8") as testfile: parser = WazuhParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -26,7 +26,7 @@ def test_parse_one_finding(self): self.assertEqual(5.5, finding.cvssv3_score) def test_parse_many_finding(self): - with open("unittests/scans/wazuh/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wazuh") / "many_findings.json", encoding="utf-8") as testfile: parser = WazuhParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -36,7 +36,7 @@ def test_parse_many_finding(self): self.assertEqual("2023-02-08", finding.date) def test_parse_one_finding_with_endpoint(self): - with open("unittests/scans/wazuh/one_finding_with_endpoint.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wazuh") / "one_finding_with_endpoint.json", encoding="utf-8") as testfile: parser = WazuhParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_wfuzz_parser.py b/unittests/tools/test_wfuzz_parser.py index 0434f41996..672a1b75a5 100644 --- a/unittests/tools/test_wfuzz_parser.py +++ b/unittests/tools/test_wfuzz_parser.py @@ -1,18 +1,18 @@ from dojo.models import Test from dojo.tools.wfuzz.parser import WFuzzParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWFuzzParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/wfuzz/no_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "no_findings.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_one_finding(self): - with open("unittests/scans/wfuzz/one_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "one_finding.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -21,7 +21,7 @@ def test_parse_one_finding(self): self.assertEqual(1, len(findings)) def test_parse_many_finding(self): - with open("unittests/scans/wfuzz/many_findings.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "many_findings.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -30,7 +30,7 @@ def test_parse_many_finding(self): self.assertEqual(4, len(findings)) def test_one_dup_finding(self): - with open("unittests/scans/wfuzz/one_dup_finding.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "one_dup_finding.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -39,7 +39,7 @@ def test_one_dup_finding(self): self.assertEqual(4, len(findings)) def test_issue_7863(self): - with open("unittests/scans/wfuzz/issue_7863.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "issue_7863.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -49,7 +49,7 @@ def test_issue_7863(self): self.assertEqual("Medium", findings[0].severity) def test_one_finding_responsecode_missing(self): - with open("unittests/scans/wfuzz/one_finding_responsecode_missing.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wfuzz") / "one_finding_responsecode_missing.json", encoding="utf-8") as testfile: parser = WFuzzParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_whispers_parser.py b/unittests/tools/test_whispers_parser.py index e155660526..fdf4b700ca 100644 --- a/unittests/tools/test_whispers_parser.py +++ b/unittests/tools/test_whispers_parser.py @@ -1,15 +1,14 @@ -from django.test import TestCase - from dojo.models import Test from dojo.tools.whispers.parser import WhispersParser +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path -class TestWhispersParser(TestCase): +class TestWhispersParser(DojoTestCase): def test_whispers_parser_severity_map(self): fixtures = [ - "unittests/scans/whispers/whispers_one_vul.json", # v2.1 format - "unittests/scans/whispers/whispers_one_vul_v2.2.json", # v2.2 format + get_unit_tests_scans_path("whispers") / "whispers_one_vul.json", # v2.1 format + get_unit_tests_scans_path("whispers") / "whispers_one_vul_v2.2.json", # v2.2 format ] expected_severity = "High" @@ -21,14 +20,14 @@ def test_whispers_parser_severity_map(self): self.assertEqual(expected_severity, findings[0].severity) def test_whispers_parser_with_no_vuln_has_no_findings(self): - testfile = open("unittests/scans/whispers/whispers_zero_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("whispers") / "whispers_zero_vul.json", encoding="utf-8") parser = WhispersParser() findings = parser.get_findings(testfile, Test()) testfile.close() self.assertEqual(0, len(findings)) def test_whispers_parser_with_one_critical_vuln_has_one_findings(self): - testfile = open("unittests/scans/whispers/whispers_one_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("whispers") / "whispers_one_vul.json", encoding="utf-8") parser = WhispersParser() findings = parser.get_findings(testfile, Test()) testfile.close() @@ -41,7 +40,7 @@ def test_whispers_parser_with_one_critical_vuln_has_one_findings(self): self.assertEqual("pip.conf Password", findings[0].vuln_id_from_tool) def test_whispers_parser_with_many_vuln_has_many_findings(self): - testfile = open("unittests/scans/whispers/whispers_many_vul.json", encoding="utf-8") + testfile = open(get_unit_tests_scans_path("whispers") / "whispers_many_vul.json", encoding="utf-8") parser = WhispersParser() findings = parser.get_findings(testfile, Test()) testfile.close() diff --git a/unittests/tools/test_whitehat_sentinel_parser.py b/unittests/tools/test_whitehat_sentinel_parser.py index 7cfd1ba6bb..fa2c020302 100644 --- a/unittests/tools/test_whitehat_sentinel_parser.py +++ b/unittests/tools/test_whitehat_sentinel_parser.py @@ -1,30 +1,30 @@ from dojo.models import Test from dojo.tools.whitehat_sentinel.parser import WhiteHatSentinelParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWhiteHatSentinelParser(DojoTestCase): def test_parse_file_with_no_vuln_has_no_findings(self): with self.assertRaises(ValueError): - with open("unittests/scans/whitehat_sentinel/empty_file.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("whitehat_sentinel") / "empty_file.json", encoding="utf-8") as testfile: parser = WhiteHatSentinelParser() parser.get_findings(testfile, Test()) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/whitehat_sentinel/one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("whitehat_sentinel") / "one_vuln.json", encoding="utf-8") as testfile: parser = WhiteHatSentinelParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/whitehat_sentinel/many_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("whitehat_sentinel") / "many_vuln.json", encoding="utf-8") as testfile: parser = WhiteHatSentinelParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(3, len(findings)) def test_parse_file_with_invalid_data(self): with self.assertRaises(ValueError): - with open("unittests/scans/whitehat_sentinel/invalid_data.txt", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("whitehat_sentinel") / "invalid_data.txt", encoding="utf-8") as testfile: parser = WhiteHatSentinelParser() parser.get_findings(testfile, Test()) diff --git a/unittests/tools/test_wiz_parser.py b/unittests/tools/test_wiz_parser.py index a2d3975e4e..16261ae5fe 100644 --- a/unittests/tools/test_wiz_parser.py +++ b/unittests/tools/test_wiz_parser.py @@ -1,11 +1,11 @@ from dojo.models import Test from dojo.tools.wiz.parser import WizParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWizParser(DojoTestCase): def test_no_findings(self): - with open("unittests/scans/wiz/no_findings.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wiz") / "no_findings.csv", encoding="utf-8") as testfile: parser = WizParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -14,7 +14,7 @@ def test_no_findings(self): self.assertEqual(0, len(findings)) def test_one_findings(self): - with open("unittests/scans/wiz/one_finding.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wiz") / "one_finding.csv", encoding="utf-8") as testfile: parser = WizParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -26,7 +26,7 @@ def test_one_findings(self): self.assertEqual("Informational", finding.severity) def test_multiple_findings(self): - with open("unittests/scans/wiz/multiple_findings.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wiz") / "multiple_findings.csv", encoding="utf-8") as testfile: parser = WizParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -46,7 +46,7 @@ def test_multiple_findings(self): self.assertEqual("Informational", finding.severity) def test_sca_format(self): - with open("unittests/scans/wiz/sca_format.csv", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wiz") / "sca_format.csv", encoding="utf-8") as testfile: parser = WizParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(5, len(findings)) diff --git a/unittests/tools/test_wizcli_dir_parser.py b/unittests/tools/test_wizcli_dir_parser.py index 7075aa42f9..8ebf71e43d 100644 --- a/unittests/tools/test_wizcli_dir_parser.py +++ b/unittests/tools/test_wizcli_dir_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.wizcli_dir.parser import WizcliDirParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWizcliDirParser(DojoTestCase): def test_no_findings(self): - with open("unittests/scans/wizcli_dir/wizcli_dir_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_dir") / "wizcli_dir_zero_vul.json", encoding="utf-8") as testfile: parser = WizcliDirParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 0) def test_one_findings(self): - with open("unittests/scans/wizcli_dir/wizcli_dir_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_dir") / "wizcli_dir_one_vul.json", encoding="utf-8") as testfile: parser = WizcliDirParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -35,7 +35,7 @@ def test_one_findings(self): ) def test_multiple_findings(self): - with open("unittests/scans/wizcli_dir/wizcli_dir_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_dir") / "wizcli_dir_many_vul.json", encoding="utf-8") as testfile: parser = WizcliDirParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(7, len(findings)) diff --git a/unittests/tools/test_wizcli_iac_parser.py b/unittests/tools/test_wizcli_iac_parser.py index 4d9d9d6154..3bef429ee0 100644 --- a/unittests/tools/test_wizcli_iac_parser.py +++ b/unittests/tools/test_wizcli_iac_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.wizcli_iac.parser import WizcliIaCParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWizcliIaCParser(DojoTestCase): def test_no_findings(self): - with open("unittests/scans/wizcli_iac/wizcli_iac_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_iac") / "wizcli_iac_zero_vul.json", encoding="utf-8") as testfile: parser = WizcliIaCParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 0) def test_one_findings(self): - with open("unittests/scans/wizcli_iac/wizcli_iac_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_iac") / "wizcli_iac_one_vul.json", encoding="utf-8") as testfile: parser = WizcliIaCParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -33,7 +33,7 @@ def test_one_findings(self): ) def test_multiple_findings(self): - with open("unittests/scans/wizcli_iac/wizcli_iac_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_iac") / "wizcli_iac_many_vul.json", encoding="utf-8") as testfile: parser = WizcliIaCParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(25, len(findings)) diff --git a/unittests/tools/test_wizcli_img_parser.py b/unittests/tools/test_wizcli_img_parser.py index 36d2f7c9db..a21b07a282 100644 --- a/unittests/tools/test_wizcli_img_parser.py +++ b/unittests/tools/test_wizcli_img_parser.py @@ -1,17 +1,17 @@ from dojo.models import Test from dojo.tools.wizcli_img.parser import WizcliImgParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWizcliImgParser(DojoTestCase): def test_no_findings(self): - with open("unittests/scans/wizcli_img/wizcli_img_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_img") / "wizcli_img_zero_vul.json", encoding="utf-8") as testfile: parser = WizcliImgParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(len(findings), 0) def test_one_findings(self): - with open("unittests/scans/wizcli_img/wizcli_img_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_img") / "wizcli_img_one_vul.json", encoding="utf-8") as testfile: parser = WizcliImgParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) @@ -31,7 +31,7 @@ def test_one_findings(self): ) def test_multiple_findings(self): - with open("unittests/scans/wizcli_img/wizcli_img_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wizcli_img") / "wizcli_img_many_vul.json", encoding="utf-8") as testfile: parser = WizcliImgParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) diff --git a/unittests/tools/test_wpscan_parser.py b/unittests/tools/test_wpscan_parser.py index 0b44ee4965..68845f407c 100644 --- a/unittests/tools/test_wpscan_parser.py +++ b/unittests/tools/test_wpscan_parser.py @@ -2,20 +2,20 @@ from dojo.models import Test from dojo.tools.wpscan.parser import WpscanParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestWpscanParser(DojoTestCase): def test_parse_file_empty(self): """Report from the tool wich have no data""" - with open("unittests/scans/wpscan/empty.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "empty.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_exemple(self): - with open("unittests/scans/wpscan/sample.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "sample.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -29,7 +29,7 @@ def test_parse_file_exemple(self): self.assertEqual(datetime.datetime(2021, 3, 26, 11, 50, 50, tzinfo=datetime.UTC), finding.date) def test_parse_file_with_no_vuln_has_no_findings(self): - with open("unittests/scans/wpscan/wordpress_no_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "wordpress_no_vuln.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -38,7 +38,7 @@ def test_parse_file_with_no_vuln_has_no_findings(self): self.assertEqual(7, len(findings)) def test_parse_file_with_one_vuln_has_one_findings(self): - with open("unittests/scans/wpscan/wordpress_one_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "wordpress_one_vuln.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -52,7 +52,7 @@ def test_parse_file_with_one_vuln_has_one_findings(self): self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.UTC), finding.date) def test_parse_file_with_multiple_vuln_has_multiple_finding(self): - with open("unittests/scans/wpscan/wordpress_many_vuln.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "wordpress_many_vuln.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -66,7 +66,7 @@ def test_parse_file_with_multiple_vuln_has_multiple_finding(self): self.assertEqual(datetime.datetime(2019, 7, 2, 19, 11, 16, tzinfo=datetime.UTC), finding.date) def test_parse_file_with_multiple_vuln(self): - with open("unittests/scans/wpscan/wpscan.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "wpscan.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -93,7 +93,7 @@ def test_parse_file_with_multiple_vuln(self): self.assertEqual("", finding.get_scanner_confidence_text()) # data are => "confidence": 100, def test_parse_file_with_multiple_vuln_in_version(self): - with open("unittests/scans/wpscan/wordpress_vuln_version.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "wordpress_vuln_version.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -110,7 +110,7 @@ def test_parse_file_with_multiple_vuln_in_version(self): self.assertEqual("", finding.get_scanner_confidence_text()) # data are => 100% def test_parse_file_issue5774(self): - with open("unittests/scans/wpscan/issue5774.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("wpscan") / "issue5774.json", encoding="utf-8") as testfile: parser = WpscanParser() findings = parser.get_findings(testfile, Test()) for finding in findings: diff --git a/unittests/tools/test_xanitizer_parser.py b/unittests/tools/test_xanitizer_parser.py index 22b15010c9..b46a4f9695 100644 --- a/unittests/tools/test_xanitizer_parser.py +++ b/unittests/tools/test_xanitizer_parser.py @@ -1,24 +1,24 @@ from dojo.models import Test from dojo.tools.xanitizer.parser import XanitizerParser -from unittests.dojo_test_case import DojoTestCase, get_unit_tests_path +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestXanitizerParser(DojoTestCase): def test_parse_file_with_no_findings(self): - with open("unittests/scans/xanitizer/no-findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("xanitizer") / "no-findings.xml", encoding="utf-8") as testfile: parser = XanitizerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(0, len(findings)) def test_parse_file_with_one_findings(self): - with open("unittests/scans/xanitizer/one-findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("xanitizer") / "one-findings.xml", encoding="utf-8") as testfile: parser = XanitizerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(1, len(findings)) def test_parse_file_with_multiple_findings(self): - with open("unittests/scans/xanitizer/multiple-findings.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("xanitizer") / "multiple-findings.xml", encoding="utf-8") as testfile: parser = XanitizerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) @@ -27,7 +27,7 @@ def test_parse_file_with_multiple_findings(self): self.assertEqual("CVE-2015-5211", finding.unsaved_vulnerability_ids[0]) def test_parse_file_with_multiple_findings_no_details(self): - with open(get_unit_tests_path() + "/scans/xanitizer/multiple-findings-no-details.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("xanitizer") / "multiple-findings-no-details.xml", encoding="utf-8") as testfile: parser = XanitizerParser() findings = parser.get_findings(testfile, Test()) self.assertEqual(9, len(findings)) diff --git a/unittests/tools/test_yarn_audit_parser.py b/unittests/tools/test_yarn_audit_parser.py index 6c95592960..428b4ac1c5 100644 --- a/unittests/tools/test_yarn_audit_parser.py +++ b/unittests/tools/test_yarn_audit_parser.py @@ -1,6 +1,6 @@ from dojo.models import Engagement, Product, Test from dojo.tools.yarn_audit.parser import YarnAuditParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestYarnAuditParser(DojoTestCase): @@ -16,13 +16,13 @@ def test_yarn_audit_parser_without_file_has_no_findings(self): self.assertEqual(0, len(findings)) def test_yarn_audit_parser_with_no_vuln_has_no_findings(self): - with open("unittests/scans/yarn_audit/yarn_audit_zero_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn_audit_zero_vul.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) self.assertEqual(0, len(findings)) def test_yarn_audit_parser_with_one_criticle_vuln_has_one_findings(self): - with open("unittests/scans/yarn_audit/yarn_audit_one_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn_audit_one_vul.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) self.assertEqual(1, len(findings)) @@ -30,14 +30,14 @@ def test_yarn_audit_parser_with_one_criticle_vuln_has_one_findings(self): self.assertEqual("4.5.2", findings[0].component_version) def test_yarn_audit_parser_with_many_vuln_has_many_findings(self): - with open("unittests/scans/yarn_audit/yarn_audit_many_vul.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn_audit_many_vul.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) self.assertEqual(3, len(findings)) def test_yarn_audit_parser_with_multiple_cwes_per_finding(self): # cwes formatted as escaped list: "cwe": "[\"CWE-346\",\"CWE-453\"]", - with open("unittests/scans/yarn_audit/yarn_audit_multiple_cwes.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn_audit_multiple_cwes.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) self.assertEqual(3, len(findings)) @@ -53,7 +53,7 @@ def test_yarn_audit_parser_with_multiple_cwes_per_finding(self): def test_yarn_audit_parser_with_multiple_cwes_per_finding_list(self): # cwes formatted as proper list: "cwe": ["CWE-918","CWE-1333"], - with open("unittests/scans/yarn_audit/yarn_audit_multiple_cwes2.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn_audit_multiple_cwes2.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) self.assertEqual(2, len(findings)) @@ -64,7 +64,7 @@ def test_yarn_audit_parser_with_multiple_cwes_per_finding_list(self): def test_yarn_audit_parser_empty_with_error(self): with self.assertRaises(ValueError) as context: - with open("unittests/scans/yarn_audit/empty_with_error.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "empty_with_error.json", encoding="utf-8") as testfile: parser = YarnAuditParser() parser.get_findings(testfile, self.get_test()) self.assertIn( @@ -73,7 +73,7 @@ def test_yarn_audit_parser_empty_with_error(self): self.assertIn("ECONNREFUSED", str(context.exception)) def test_yarn_audit_parser_issue_6495(self): - with open("unittests/scans/yarn_audit/issue_6495.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "issue_6495.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) testfile.close() @@ -83,7 +83,7 @@ def test_yarn_audit_parser_issue_6495(self): self.assertEqual(findings[1].cve, None) def test_yarn_audit_parser_yarn2_audit_issue9911(self): - with open("unittests/scans/yarn_audit/yarn2_audit_issue9911.json", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("yarn_audit") / "yarn2_audit_issue9911.json", encoding="utf-8") as testfile: parser = YarnAuditParser() findings = parser.get_findings(testfile, self.get_test()) testfile.close() diff --git a/unittests/tools/test_zap_parser.py b/unittests/tools/test_zap_parser.py index 914bb05757..7d7fb29630 100644 --- a/unittests/tools/test_zap_parser.py +++ b/unittests/tools/test_zap_parser.py @@ -1,18 +1,18 @@ from dojo.models import Finding, Test from dojo.tools.zap.parser import ZapParser -from unittests.dojo_test_case import DojoTestCase +from unittests.dojo_test_case import DojoTestCase, get_unit_tests_scans_path class TestZapParser(DojoTestCase): def test_parse_no_findings(self): - with open("unittests/scans/zap/empty_2.9.0.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "empty_2.9.0.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) self.assertEqual(0, len(findings)) def test_parse_some_findings(self): - with open("unittests/scans/zap/some_2.9.0.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "some_2.9.0.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -23,7 +23,7 @@ def test_parse_some_findings(self): endpoint.clean() def test_parse_some_findings_0(self): - with open("unittests/scans/zap/0_zap_sample.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "0_zap_sample.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -34,7 +34,7 @@ def test_parse_some_findings_0(self): endpoint.clean() def test_parse_some_findings_1(self): - with open("unittests/scans/zap/1_zap_sample_0_and_new_absent.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "1_zap_sample_0_and_new_absent.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -45,7 +45,7 @@ def test_parse_some_findings_1(self): endpoint.clean() def test_parse_some_findings_2(self): - with open("unittests/scans/zap/2_zap_sample_0_and_new_endpoint.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "2_zap_sample_0_and_new_endpoint.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -56,7 +56,7 @@ def test_parse_some_findings_2(self): endpoint.clean() def test_parse_some_findings_3(self): - with open("unittests/scans/zap/3_zap_sampl_0_and_different_severities.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "3_zap_sampl_0_and_different_severities.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -67,7 +67,7 @@ def test_parse_some_findings_3(self): endpoint.clean() def test_parse_some_findings_5(self): - with open("unittests/scans/zap/5_zap_sample_one.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "5_zap_sample_one.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -82,7 +82,7 @@ def test_parse_issue4360(self): Report from GitHub issue 4360 see: https://github.com/DefectDojo/django-DefectDojo/issues/4360 """ - with open("unittests/scans/zap/dvwa_baseline_dojo.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "dvwa_baseline_dojo.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) self.assertIsInstance(findings, list) @@ -117,7 +117,7 @@ def test_parse_issue4697(self): Report from GitHub issue 4697 see: https://github.com/DefectDojo/django-DefectDojo/issues/4697 """ - with open("unittests/scans/zap/zap-results-first-scan.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "zap-results-first-scan.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -158,7 +158,7 @@ def test_parse_issue4697(self): def test_parse_juicy(self): """Generated with OWASP Juicy shop""" - with open("unittests/scans/zap/juicy2.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "juicy2.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: @@ -198,7 +198,7 @@ def test_parse_juicy(self): self.assertEqual("assets", endpoint.path) def test_parse_xml_plus_format(self): - with open("unittests/scans/zap/zap-xml-plus-format.xml", encoding="utf-8") as testfile: + with open(get_unit_tests_scans_path("zap") / "zap-xml-plus-format.xml", encoding="utf-8") as testfile: parser = ZapParser() findings = parser.get_findings(testfile, Test()) for finding in findings: