Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Harmonization of some endpoints #70

Merged
merged 7 commits into from
Nov 26, 2024
Merged

Harmonization of some endpoints #70

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
04c176f
Updated somen endpoints path
cedricbonhomme Nov 25, 2024
35d49ca
chg: fix a test
cedricbonhomme Nov 25, 2024
499c8f6
Merge branch 'main' into api-changes
cedricbonhomme Nov 25, 2024
6ace0ee
chg: keep path inget_last
cedricbonhomme Nov 25, 2024
6ceb31d
chg: changed test login name
cedricbonhomme Nov 25, 2024
920f76c
chg: Used .local TLD and added the test test_create_user_not_allowed_…
cedricbonhomme Nov 25, 2024
e4a8994
chg: Removed double quotes.
cedricbonhomme Nov 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 10 additions & 10 deletions pyvulnerabilitylookup/api.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,19 +68,19 @@ def is_up(self) -> bool:

def redis_up(self) -> bool:
'''Check if redis is up and running'''
r = self.session.get(urljoin(self.root_url, 'redis_up'))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'system','redis_up'))))
return r.json()

# #### DB status ####

def get_info(self) -> dict[str, Any]:
'''Get more information about the current databases in use and when it was updated'''
r = self.session.get(urljoin(self.root_url, 'info'))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'system','dbInfo'))))
return r.json()

def get_config_info(self) -> dict[str, Any]:
'''Get more information about the current databases in use and when it was updated'''
r = self.session.get(urljoin(self.root_url, 'configInfo'))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'system', 'configInfo'))))
return r.json()

# #### Vulnerabilities ####
Expand All @@ -90,15 +90,15 @@ def get_vulnerability(self, vulnerability_id: str) -> dict[str, Any]:

:param vulnerability_id: The ID of the vulnerability to get (can be from any source, as long as it is a valid ID)
'''
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('vulnerability', vulnerability_id))))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', vulnerability_id))))
return r.json()

def create_vulnerability(self, vulnerability: dict[str, Any]) -> dict[str, Any]:
'''Create a vulnerability.

:param vulnerability: The vulnerability
'''
r = self.session.post(urljoin(self.root_url, str(PurePosixPath('vulnerability'))),
r = self.session.post(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability'))),
json=vulnerability)
return r.json()

Expand All @@ -107,7 +107,7 @@ def delete_vulnerability(self, vulnerability_id: str) -> int:

:param vulnerability_id: The vulnerability ID
'''
r = self.session.delete(urljoin(self.root_url, str(PurePosixPath('vulnerability', vulnerability_id))))
r = self.session.delete(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', vulnerability_id))))
return r.status_code

def get_last(self, number: int | None=None, source: str | None = None) -> list[dict[str, Any]]:
Expand All @@ -121,20 +121,20 @@ def get_last(self, number: int | None=None, source: str | None = None) -> list[d
path /= source
if number is not None:
path /= str(number)
r = self.session.get(urljoin(self.root_url, str(path)))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', path))))
return r.json()

def get_vendors(self) -> list[str]:
'''Get the known vendors'''
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'browse'))))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', 'browse'))))
return r.json()

def get_vendor_products(self, vendor: str) -> list[str]:
'''Get the known products for a vendor

:params vendor: A vendor owning products (must be in the known vendor list)
'''
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'browse', vendor))))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', 'browse', vendor))))
return r.json()

def get_vendor_product_vulnerabilities(self, vendor: str, product: str) -> list[str]:
Expand All @@ -143,7 +143,7 @@ def get_vendor_product_vulnerabilities(self, vendor: str, product: str) -> list[
:param vendor: A vendor owning products (must be in the known vendor list)
:param product: A product owned by that vendor
'''
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'search', vendor, product))))
r = self.session.get(urljoin(self.root_url, str(PurePosixPath('api', 'vulnerability', 'browse', vendor, product))))
return r.json()

# #### Comments ####
Expand Down
16 changes: 14 additions & 2 deletions tests/test_web.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -260,6 +260,18 @@ def test_bundles_local(self) -> None:
self.assertTrue(len(comments["data"]) == 0)

# Test User
def test_create_user_not_allowed_login(self) -> None:
if self.public_test:
# Do not run that test against the public instance, it would create users.
return None
instance_config = self.client.get_config_info()
if not instance_config.get('registration'):
return None
for login in ['login', 'user', 'username', 'help', 'test', 'about', 'administration', 'account']:
user = self.client.create_user(name='test Name', login=login,
organisation='test Organization', email='test@testorg.local')
self.assertEqual(user['message'], 'Username not allowed.')

def test_users_info(self) -> None:
if not self.admin_token:
# this test is only working if the admin token is set
Expand Down Expand Up @@ -298,7 +310,7 @@ def test_create_user_comment(self) -> None:
if not instance_config.get('registration'):
return None

user = self.client.create_user(name='test_Name', login='test_Login',
user = self.client.create_user(name='test Name', login='alan',
organisation='test Organization', email='test@testorg.local')
self.assertTrue(user)
self.assertTrue('id' in user, user)
Expand All @@ -314,7 +326,7 @@ def test_create_user_comment(self) -> None:
created_comment = self.client.create_comment(comment=comment)
new_comment_uuid = created_comment['data'][0]['uuid']
comments = self.client.get_comments(uuid=new_comment_uuid)
self.assertTrue(len(comments['data']) == 0, comments)
self.assertTrue(len(comments['data']) == 1, comments)
deleted_comment = self.client.delete_comment(new_comment_uuid)
self.assertTrue(deleted_comment < 300)

Expand Down
Loading