From 7a7450f98e339a3a08d14d17b3a627cfda88c506 Mon Sep 17 00:00:00 2001
From: Christian Mehlmauer <firefart@gmail.com>
Date: Fri, 10 May 2013 19:24:17 +0200
Subject: [PATCH] rspecs and bugfixing(Can't dup nilclass on missing
 readme.txt) #179

---
 lib/common/models/wp_item/versionable.rb   |  7 +++-
 spec/shared_examples/wp_item_vulnerable.rb | 49 +++++++++++++++++++++-
 2 files changed, 53 insertions(+), 3 deletions(-)

diff --git a/lib/common/models/wp_item/versionable.rb b/lib/common/models/wp_item/versionable.rb
index 6370e550..9c31520d 100755
--- a/lib/common/models/wp_item/versionable.rb
+++ b/lib/common/models/wp_item/versionable.rb
@@ -10,8 +10,11 @@ class WpItem
     # @return [ String ] The version number
     def version
       unless @version
-        response = Browser.get(readme_url)
-        @version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
+        # This check is needed because readme_url can return nil
+        if has_readme?
+          response = Browser.get(readme_url)
+          @version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
+        end
       end
       @version
     end
diff --git a/spec/shared_examples/wp_item_vulnerable.rb b/spec/shared_examples/wp_item_vulnerable.rb
index dc591314..cd6640ef 100644
--- a/spec/shared_examples/wp_item_vulnerable.rb
+++ b/spec/shared_examples/wp_item_vulnerable.rb
@@ -12,7 +12,10 @@ shared_examples 'WpItem::Vulnerable' do
   describe '#vulnerabilities' do
     let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' }
 
-    before { stub_request(:get, /.*/) }
+    before do
+      stub_request(:get, /.*\/readme\.txt/i)
+      stub_request(:get, /.*\/style\.css/i)
+    end
 
     after do
       subject.vulns_file  = @vulns_file
@@ -36,4 +39,48 @@ shared_examples 'WpItem::Vulnerable' do
     end
   end
 
+  describe '#vulnerable_to?' do
+    let(:version_orig) { '1.5.6' }
+    let(:version_newer) { '1.6' }
+    let(:version_older) { '1.0' }
+    let(:newer) { Vulnerability.new('Newer', 'XSS', ['ref'], nil, version_newer) }
+    let(:older) { Vulnerability.new('Older', 'XSS', ['ref'], nil, version_older) }
+    let(:same) { Vulnerability.new('Same', 'XSS', ['ref'], nil, version_orig) }
+
+    before do
+      stub_request(:get, /.*\/readme\.txt/i).to_return(status: 200, body: "Stable Tag: #{version_orig}")
+      stub_request(:get, /.*\/style\.css/i).to_return(status: 200, body: "Version: #{version_orig}")
+    end
+
+    context 'check basic version comparing' do
+      it 'should return true' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(newer).should be_true
+      end
+
+      it 'should return false' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(older).should be_false
+      end
+
+      it 'should return false' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(same).should be_false
+      end
+    end
+
+    context 'no version found in wp_item' do
+      before do
+        stub_request(:get, /.*\/readme\.txt/i).to_return(status: 404)
+        stub_request(:get, /.*\/style\.css/i).to_return(status: 404)
+      end
+
+      it 'should return true because no version can be detected' do
+        subject.vulnerable_to?(newer).should be_true
+        subject.vulnerable_to?(older).should be_true
+        subject.vulnerable_to?(same).should be_true
+      end
+    end
+  end
+
 end