rspecs and bugfixing(Can't dup nilclass on missing readme.txt) #179
This commit is contained in:
Christian Mehlmauer
@@ -10,9 +10,12 @@ class WpItem
|
|||||||
# @return [ String ] The version number
|
# @return [ String ] The version number
|
||||||
def version
|
def version
|
||||||
unless @version
|
unless @version
|
||||||
|
# This check is needed because readme_url can return nil
|
||||||
|
if has_readme?
|
||||||
response = Browser.get(readme_url)
|
response = Browser.get(readme_url)
|
||||||
@version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
|
@version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
|
||||||
end
|
end
|
||||||
|
end
|
||||||
@version
|
@version
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@@ -12,7 +12,10 @@ shared_examples 'WpItem::Vulnerable' do
|
|||||||
describe '#vulnerabilities' do
|
describe '#vulnerabilities' do
|
||||||
let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' }
|
let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' }
|
||||||
|
|
||||||
before { stub_request(:get, /.*/) }
|
before do
|
||||||
|
stub_request(:get, /.*\/readme\.txt/i)
|
||||||
|
stub_request(:get, /.*\/style\.css/i)
|
||||||
|
end
|
||||||
|
|
||||||
after do
|
after do
|
||||||
subject.vulns_file = @vulns_file
|
subject.vulns_file = @vulns_file
|
||||||
@@ -36,4 +39,48 @@ shared_examples 'WpItem::Vulnerable' do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#vulnerable_to?' do
|
||||||
|
let(:version_orig) { '1.5.6' }
|
||||||
|
let(:version_newer) { '1.6' }
|
||||||
|
let(:version_older) { '1.0' }
|
||||||
|
let(:newer) { Vulnerability.new('Newer', 'XSS', ['ref'], nil, version_newer) }
|
||||||
|
let(:older) { Vulnerability.new('Older', 'XSS', ['ref'], nil, version_older) }
|
||||||
|
let(:same) { Vulnerability.new('Same', 'XSS', ['ref'], nil, version_orig) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
stub_request(:get, /.*\/readme\.txt/i).to_return(status: 200, body: "Stable Tag: #{version_orig}")
|
||||||
|
stub_request(:get, /.*\/style\.css/i).to_return(status: 200, body: "Version: #{version_orig}")
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'check basic version comparing' do
|
||||||
|
it 'should return true' do
|
||||||
|
subject.version.should == version_orig
|
||||||
|
subject.vulnerable_to?(newer).should be_true
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should return false' do
|
||||||
|
subject.version.should == version_orig
|
||||||
|
subject.vulnerable_to?(older).should be_false
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should return false' do
|
||||||
|
subject.version.should == version_orig
|
||||||
|
subject.vulnerable_to?(same).should be_false
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'no version found in wp_item' do
|
||||||
|
before do
|
||||||
|
stub_request(:get, /.*\/readme\.txt/i).to_return(status: 404)
|
||||||
|
stub_request(:get, /.*\/style\.css/i).to_return(status: 404)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should return true because no version can be detected' do
|
||||||
|
subject.vulnerable_to?(newer).should be_true
|
||||||
|
subject.vulnerable_to?(older).should be_true
|
||||||
|
subject.vulnerable_to?(same).should be_true
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|||||||
Reference in New Issue
Block a user