Vulnerability specs

2013-03-20 19:29:34 +01:00
parent 4c5f02865f
commit 543a6fbaa2
4 changed files with 63 additions and 0 deletions
--- a/lib/common/models/vulnerability.rb
+++ b/lib/common/models/vulnerability.rb
@@ -7,6 +7,13 @@ class Vulnerability

  attr_accessor :title, :references, :type, :metasploit_modules

+  #
+  # @param [ String ] title The title of the vulnerability
+  # @param [ String ] type  The type of the vulnerability
+  # @param [ Array ] references References urls
+  # @param [ Array ] metasploit_modules Metasploit modules for the vulnerability
+  #
+  # @return [ Vulnerability ]
  def initialize(title, type, references, metasploit_modules = [])
    @title              = title
    @type               = type
@@ -14,6 +21,11 @@ class Vulnerability
    @metasploit_modules = metasploit_modules
  end

+  # Create the Vulnerability from the xml_node
+  #
+  # @param [ Nokogiri::XML::Node ] xml_node
+  #
+  # @return [ Vulnerability ]
  def self.load_from_xml_node(xml_node)
    new(
      xml_node.search('title').text,
--- a/spec/lib/common/models/vulnerability_spec.rb
+++ b/spec/lib/common/models/vulnerability_spec.rb
@@ -0,0 +1,42 @@
+# encoding: UTF-8
+
+require 'spec_helper'
+
+describe Vulnerability do
+
+  describe '#new' do
+    subject(:vulnerability) { Vulnerability.new(title, type, references, modules) }
+    let(:title)             { 'A vulnerability title' }
+    let(:type)              { 'XSS' }
+    let(:references)        { %w{http://ref1.com http://ref2.com} }
+
+    context 'w/o metasploit modules argument' do
+      subject(:vulnerability) { Vulnerability.new(title, type, references) }
+
+      its(:title)              { should be title }
+      its(:references)         { should be references }
+      its(:type)               { should be type }
+      its(:metasploit_modules) { should be_empty }
+    end
+
+    context 'with metasploit modules argument' do
+      let(:modules) { %w{exploit/some_exploit exploit/unix/anotherone } }
+
+      its(:metasploit_modules) { should be modules }
+    end
+  end
+
+  describe '::load_from_xml_node' do
+    subject(:vulnerability) { Vulnerability.load_from_xml_node(node) }
+    let(:node) {
+      xml(MODELS_FIXTURES + '/vulnerability/load_from_xml_node.xml').
+        xpath('//vulnerability')
+    }
+
+    its(:title)              { should == 'Vuln Title' }
+    its(:type)               { should == 'CSRF' }
+    its(:references)         { should == ['Ref 1', 'Ref 2'] }
+    its(:metasploit_modules) { should == %w{exploit/ex1} }
+  end
+
+end
--- a/spec/samples/common/models/vulnerability/load_from_xml_node.xml
+++ b/spec/samples/common/models/vulnerability/load_from_xml_node.xml
@@ -0,0 +1,7 @@
+<vulnerability>
+  <title>Vuln Title</title>
+  <reference>Ref 1</reference>
+  <reference>Ref 2</reference>
+  <type>CSRF</type>
+  <metasploit>exploit/ex1</metasploit>
+</vulnerability>
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -33,6 +33,8 @@ SPEC_FIXTURES_DIR             = SPEC_DIR + '/samples'
 SPEC_FIXTURES_CONF_DIR        = SPEC_FIXTURES_DIR + '/conf'
 SPEC_FIXTURES_WP_VERSIONS_DIR = SPEC_FIXTURES_DIR + '/wp_versions'

+MODELS_FIXTURES = SPEC_FIXTURES_DIR + '/common/models'
+
 def count_files_in_dir(absolute_dir_path, files_pattern = '*')
  Dir.glob(File.join(absolute_dir_path, files_pattern)).count
 end