Merge pull request #862 from wpscanteam/apiv2

Apiv2

spec/shared_examples/wp_item_vulnerable.rb

@@ -3,8 +3,8 @@
 shared_examples 'WpItem::Vulnerable' do
 
   # 2 variables have to be set in the described class or subject:
-  #   let(:vulns_file)     { }
-  #   let(:expected_vulns) { } The expected Vulnerabilities when using vulns_file and vulns_xpath
+  #   let(:db_file)     { }
+  #   let(:expected_vulns) { } The expected Vulnerabilities when using db_file and vulns_xpath
   #
   # 1 variable is optional, used if supplied, otherwise subject.vulns_xpath is used
   #   let(:vulns_xpath)    { }
@@ -18,7 +18,7 @@ shared_examples 'WpItem::Vulnerable' do
     end
 
     after do
-      subject.vulns_file  = @vulns_file
+      subject.db_file    = @db_file
       subject.identifier = identifier if defined?(identifier)
 
       result = subject.vulnerabilities
@@ -26,16 +26,16 @@ shared_examples 'WpItem::Vulnerable' do
       expect(result).to eq @expected
     end
 
-    context 'when the vulns_file is empty' do
+    context 'when the db_file is empty' do
       it 'returns an empty Vulnerabilities' do
-        @vulns_file = empty_file
-        @expected   = Vulnerabilities.new
+        @db_file  = empty_file
+        @expected = Vulnerabilities.new
       end
     end
 
     it 'returns the expected vulnerabilities' do
-      @vulns_file = vulns_file
-      @expected   = expected_vulns
+      @db_file   = db_file
+      @expected  = expected_vulns
     end
   end
 

spec/shared_examples/wp_items_detectable.rb

@@ -39,68 +39,8 @@ shared_examples 'WpItems::Detectable' do
     end
   end
 
-  describe '::targets_items_from_file' do
-    after do
-      results = subject.send(:targets_items_from_file, file, wp_target, item_class, vulns_file)
-
-      expect(results.map { |i| i.name }).to eq @expected.map { |i| i.name }
-
-      unless results.empty?
-        results.each do |item|
-          expect(item).to be_a item_class
-        end
-      end
-    end
-
-    # should raise error.
-    # context 'when an empty file' do
-    #   let(:file) { empty_file }
-
-    #   it 'returns an empty Array' do
-    #     @expected = []
-    #   end
-    # end
-
-    context 'when a file' do
-      let(:file) { targets_items_file }
-
-      it 'returns the expected Array of WpItem' do
-        @expected = expected[:targets_items_from_file]
-      end
-    end
-  end
-
-  describe '::vulnerable_targets_items' do
-    after do
-      results = subject.send(:vulnerable_targets_items, wp_target, item_class, vulns_file)
-
-      expect(results.map { |i| i.name }).to eq @expected.map { |i| i.name }
-
-      unless results.empty?
-        results.each do |item|
-          expect(item).to be_a item_class
-        end
-      end
-    end
-
-    # should raise error.
-    # context 'when an empty file' do
-    #   let(:file) { empty_file }
-
-    #   it 'returns an empty Array' do
-    #     @expected = []
-    #   end
-    # end
-
-    context 'when a file' do
-      it 'returns the expected Array of WpItem' do
-        @expected = expected[:vulnerable_targets_items]
-      end
-    end
-  end
-
   describe '::targets_items' do
-    let(:options) { {} }
+    let(:options) { { type: :all } }
 
     after do
       if @expected
@@ -110,29 +50,13 @@ shared_examples 'WpItems::Detectable' do
       end
     end
 
-    context 'when :only_vulnerable' do
-      let(:options) { { only_vulnerable: true } }
+    context 'when :type = :vulnerable' do
+      let(:options) { { type: :vulnerable } }
 
       it 'returns the expected Array of WpItem' do
         @expected = expected[:vulnerable_targets_items]
       end
     end
-
-    context 'when not :only_vulnerable' do
-      context 'when no :file' do
-        it 'raises an error' do
-          expect { subject.send(:targets_items, wp_target, options) }.to raise_error('A file must be supplied')
-        end
-      end
-
-      context 'when :file' do
-        let(:options) { { file: targets_items_file } }
-
-        it 'returns the expected Array of WpItem' do
-          @expected = (expected[:targets_items_from_file] + expected[:vulnerable_targets_items]).uniq {|t| t.name }
-        end
-      end
-    end
   end
 
   describe '::passive_detection' do
@@ -176,8 +100,8 @@ shared_examples 'WpItems::Detectable' do
       expect(result.sort.map { |i| i.name }).to eq @expected.sort.map { |i| i.name }
     end
 
-    context 'when :only_vulnerable' do
-      let(:options) { { only_vulnerable: true } }
+    context 'when :type = :vulnerable' do
+      let(:options) { { type: :vulnerable } }
       let(:targets) { expected[:vulnerable_targets_items] }
 
       it 'only checks and return vulnerable targets' do
@@ -207,7 +131,7 @@ shared_examples 'WpItems::Detectable' do
       end
     end
 
-    context 'when no :only_vulnerable' do
+    context 'when no :type = :vulnerable' do
       let(:targets) { (expected[:vulnerable_targets_items] + expected[:targets_items_from_file]).uniq { |t| t.name } }
 
       it 'checks all targets, and merge the results with passive_detection' do

spec/shared_examples/wp_plugin_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpPlugin::Vulnerable' do
 
-  describe '#vulns_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+  describe '#db_file' do
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is no set' do
+    context 'when :db_file is no set' do
       it 'returns the default one' do
-        @expected = PLUGINS_VULNS_FILE
+        @expected = PLUGINS_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
-        subject.vulns_file = @expected
+        @expected       = 'test.json'
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq 'plugin-name' }
+    its(:identifier) { should eq 'plugin-name' }
   end
 
 end

spec/shared_examples/wp_theme_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpTheme::Vulnerable' do
 
-  describe '#vulns_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+  describe '#db_file' do
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is not set' do
+    context 'when :db_file is not set' do
       it 'returns the default one' do
-        @expected = THEMES_VULNS_FILE
+        @expected = THEMES_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
-        subject.vulns_file = @expected
+        @expected       = 'test.json'
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq 'theme-name' }
+    its(:identifier) { should eq 'theme-name' }
   end
 
 end

spec/shared_examples/wp_version_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpVersion::Vulnerable' do
 
-  describe '#vulns_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+  describe '#db_file' do
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is no set' do
+    context 'when :db_file is no set' do
       it 'returns the default one' do
-        @expected = WP_VULNS_FILE
+        @expected = WORDPRESSES_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
-        subject.vulns_file = @expected
+        @expected       = 'test.json'
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq '1.2' }
+    its(:identifier) { should eq '1.2' }
   end
 
 end