Vulnerability specs

lib/common/models/vulnerability.rb

@@ -7,6 +7,13 @@ class Vulnerability
 
   attr_accessor :title, :references, :type, :metasploit_modules
 
+  #
+  # @param [ String ] title The title of the vulnerability
+  # @param [ String ] type  The type of the vulnerability
+  # @param [ Array ] references References urls
+  # @param [ Array ] metasploit_modules Metasploit modules for the vulnerability
+  #
+  # @return [ Vulnerability ]
   def initialize(title, type, references, metasploit_modules = [])
     @title              = title
     @type               = type
@@ -14,6 +21,11 @@ class Vulnerability
     @metasploit_modules = metasploit_modules
   end
 
+  # Create the Vulnerability from the xml_node
+  #
+  # @param [ Nokogiri::XML::Node ] xml_node
+  #
+  # @return [ Vulnerability ]
   def self.load_from_xml_node(xml_node)
     new(
       xml_node.search('title').text,

spec/lib/common/models/vulnerability_spec.rb

@@ -0,0 +1,42 @@
+# encoding: UTF-8
+
+require 'spec_helper'
+
+describe Vulnerability do
+
+  describe '#new' do
+    subject(:vulnerability) { Vulnerability.new(title, type, references, modules) }
+    let(:title)             { 'A vulnerability title' }
+    let(:type)              { 'XSS' }
+    let(:references)        { %w{http://ref1.com http://ref2.com} }
+
+    context 'w/o metasploit modules argument' do
+      subject(:vulnerability) { Vulnerability.new(title, type, references) }
+
+      its(:title)              { should be title }
+      its(:references)         { should be references }
+      its(:type)               { should be type }
+      its(:metasploit_modules) { should be_empty }
+    end
+
+    context 'with metasploit modules argument' do
+      let(:modules) { %w{exploit/some_exploit exploit/unix/anotherone } }
+
+      its(:metasploit_modules) { should be modules }
+    end
+  end
+
+  describe '::load_from_xml_node' do
+    subject(:vulnerability) { Vulnerability.load_from_xml_node(node) }
+    let(:node) {
+      xml(MODELS_FIXTURES + '/vulnerability/load_from_xml_node.xml').
+        xpath('//vulnerability')
+    }
+
+    its(:title)              { should == 'Vuln Title' }
+    its(:type)               { should == 'CSRF' }
+    its(:references)         { should == ['Ref 1', 'Ref 2'] }
+    its(:metasploit_modules) { should == %w{exploit/ex1} }
+  end
+
+end

spec/samples/common/models/vulnerability/load_from_xml_node.xml

@@ -0,0 +1,7 @@
+<vulnerability>
+  <title>Vuln Title</title>
+  <reference>Ref 1</reference>
+  <reference>Ref 2</reference>
+  <type>CSRF</type>
+  <metasploit>exploit/ex1</metasploit>
+</vulnerability>

spec/spec_helper.rb

@@ -33,6 +33,8 @@ SPEC_FIXTURES_DIR             = SPEC_DIR + '/samples'
 SPEC_FIXTURES_CONF_DIR        = SPEC_FIXTURES_DIR + '/conf'
 SPEC_FIXTURES_WP_VERSIONS_DIR = SPEC_FIXTURES_DIR + '/wp_versions'
 
+MODELS_FIXTURES = SPEC_FIXTURES_DIR + '/common/models'
+
 def count_files_in_dir(absolute_dir_path, files_pattern = '*')
   Dir.glob(File.join(absolute_dir_path, files_pattern)).count
 end