[PATCH 23 of 54] Add tests + method to change a ProductID

Wald Commits scm-commit at wald.intevation.org
Wed Jan 7 10:56:40 CET 2015 

# HG changeset patch
# User Benoît Allard <benoit.allard at greenbone.net>
# Date 1414160210 -7200
# Node ID 4004b67216a9217aa21033d35e0fcfa7f8d5cb9e
# Parent  4b53e7bcff0d40108f14322206a5841c8216d853
Add tests + method to change a ProductID

diff -r 4b53e7bcff0d -r 4004b67216a9 farolluz/cvrf.py
--- a/farolluz/cvrf.py	Wed Oct 15 09:50:32 2014 +0200
+++ b/farolluz/cvrf.py	Fri Oct 24 16:16:50 2014 +0200
@@ -897,7 +897,7 @@
             raise ValidationError('A CVSS Score Set must have a Base Score')
         if self._vector and not self.vector:
             raise ValidationError('Syntax Error in CVSS Vector')
-        if abs(self._basescore - self.baseScore()) >= 0.05:
+        if self.vector and (abs(self._basescore - self.baseScore()) >= 0.05):
             raise ValidationError('Inconsistency in CVSS Score Set between Vector (%f) and Base Score (%f)' % (self.baseScore(), self._basescore))
         for productid in self._productids:
             if productid not in productids:
@@ -949,6 +949,7 @@
             if groupid not in groupids:
                 raise ValidationError('Unknown GroupID: %s' % groupid)
 
+
 class CVRF(object):
     def __init__(self, title, _type):
         self._title = title
@@ -1036,27 +1037,39 @@
                         products.add(productid)
         return set(self.getProductForID(p) for p in products)
 
-    def isProductOrphan(self, productid):
-        """ Returns if a productid is mentioned nowhere in the document """
+    def mentionsProductId(self, productid):
         # We first look at the ProductTree
         ptree = self._producttree
         for relation in ptree._relationships:
             if productid == relation._productreference:
-                return False
-            if productid == relation._relatestoproductreference:
-                return False
-        groupids = [g._groupid for g in ptree._groups if productid in g._productids]
-        if len(groupids) > 0:
-            return False
-        # Go through all the Vulnerabilities
+                yield relation
+            elif productid == relation._relatestoproductreference:
+                yield relation
+        # Then go through the groups
+        for group in ptree._groups:
+            if productid in group._productids:
+                yield group
+        # Finally, go through all the Vulnerabilities
         for vulnerability in self._vulnerabilities:
-            if vulnerability.isMentioningProdId(productid):
-                return False
-            for groupid in groupids:
-                # This will never be executed as we bail out on len(groups) > 0
-                if vulnerability.isMentioningGroupId(groupid):
-                    return False
-        return True
+            for item in vulnerability.mentionsProdId(productid):
+                yield item
+
+    def isProductOrphan(self, productid):
+        """ Returns if a productid is mentioned nowhere in the document """
+        for item in self.mentionsProductId(productid):
+            return True
+        return False
+
+    def changeProductID(self, old, new):
+        for item in self.mentionsProductId(old):
+            if isinstance(item, CVRFRelationship):
+                if old == item._productreference:
+                    item._productreference = new
+                elif old == item._relatestoproductreference:
+                    item._relatestoproductreference = new
+            else:
+                item._productids.remove(old)
+                item._productids.append(new)
 
     def isGroupOrphan(self, groupid):
         """ Returns if a group can be safely deleted """
diff -r 4b53e7bcff0d -r 4004b67216a9 setup.py
--- a/setup.py	Wed Oct 15 09:50:32 2014 +0200
+++ b/setup.py	Fri Oct 24 16:16:50 2014 +0200
@@ -40,4 +40,5 @@
     include_package_data=True,
     scripts=['parse_cvrf', 'render'],
     install_requires=['Jinja2'],
+    test_suite='tests',
 )
diff -r 4b53e7bcff0d -r 4004b67216a9 tests/testProductIdRename.py
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/tests/testProductIdRename.py	Fri Oct 24 16:16:50 2014 +0200
@@ -0,0 +1,48 @@
+import unittest
+
+from datetime import datetime
+
+from farolluz.cvrf import CVRF, CVRFPublisher, CVRFTracking, CVRFTrackingID, CVRFRevision, CVRFFullProductName, CVRFVulnerability, CVRFProductStatus, CVRFRelationship
+
+class TestProductIdRename(unittest.TestCase):
+
+    def setUp(self):
+        self.doc = CVRF('title', 'type')
+        self.doc.setPublisher(CVRFPublisher('Other'))
+        initial = datetime.now()
+        current = datetime.now()
+        track = CVRFTracking(CVRFTrackingID('1234'), 'Draft', (0,0), initial, current)
+        track.addRevision(CVRFRevision((0,0), current, '1st'))
+        self.doc.setTracking(track)
+        self.doc.validate()
+
+
+    def testChangeProductId(self):
+        ptree = self.doc.createProductTree()
+        prod = CVRFFullProductName('1', 'a', ptree)
+        ptree.addProduct(prod)
+        vuln = CVRFVulnerability(1)
+        st = CVRFProductStatus('Fixed')
+        st.addProductID('1')
+        vuln.addProductStatus(st)
+        self.doc.addVulnerability(vuln)
+        self.doc.validate()
+        prod._productid = '2'
+        self.doc.changeProductID('1', '2')
+        self.doc.validate()
+
+    def testChangeProductIdRelation(self):
+        ptree = self.doc.createProductTree()
+        prod1 = CVRFFullProductName('1', 'a', ptree)
+        ptree.addProduct(prod1)
+        prod2 = CVRFFullProductName('2', 'b', ptree)
+        ptree.addProduct(prod2)
+        rel = CVRFRelationship('1', 'Installed On', '2')
+        ptree.addRelationship(rel)
+        self.doc.validate()
+        prod1._productid = '3'
+        self.doc.changeProductID('1', '3')
+        self.doc.validate()
+        prod2._productid = '1'
+        self.doc.changeProductID('2', '1')
+        self.doc.validate()

More information about the Farol-commits mailing list