rspecs and bugfixing(Can't dup nilclass on missing readme.txt) #179

2013-05-10 19:24:17 +02:00
parent cdd74b535b
commit 7a7450f98e
2 changed files with 53 additions and 3 deletions
--- a/lib/common/models/wp_item/versionable.rb
+++ b/lib/common/models/wp_item/versionable.rb
@@ -10,9 +10,12 @@ class WpItem
    # @return [ String ] The version number
    def version
      unless @version
+        # This check is needed because readme_url can return nil
+        if has_readme?
          response = Browser.get(readme_url)
          @version = response.body[%r{stable tag: #{WpVersion.version_pattern}}i, 1]
        end
+      end
      @version
    end

--- a/spec/shared_examples/wp_item_vulnerable.rb
+++ b/spec/shared_examples/wp_item_vulnerable.rb
@@ -12,7 +12,10 @@ shared_examples 'WpItem::Vulnerable' do
  describe '#vulnerabilities' do
    let(:empty_file) { MODELS_FIXTURES + '/wp_item/vulnerable/empty.xml' }

-    before { stub_request(:get, /.*/) }
+    before do
+      stub_request(:get, /.*\/readme\.txt/i)
+      stub_request(:get, /.*\/style\.css/i)
+    end

    after do
      subject.vulns_file  = @vulns_file
@@ -36,4 +39,48 @@ shared_examples 'WpItem::Vulnerable' do
    end
  end

+  describe '#vulnerable_to?' do
+    let(:version_orig) { '1.5.6' }
+    let(:version_newer) { '1.6' }
+    let(:version_older) { '1.0' }
+    let(:newer) { Vulnerability.new('Newer', 'XSS', ['ref'], nil, version_newer) }
+    let(:older) { Vulnerability.new('Older', 'XSS', ['ref'], nil, version_older) }
+    let(:same) { Vulnerability.new('Same', 'XSS', ['ref'], nil, version_orig) }
+
+    before do
+      stub_request(:get, /.*\/readme\.txt/i).to_return(status: 200, body: "Stable Tag: #{version_orig}")
+      stub_request(:get, /.*\/style\.css/i).to_return(status: 200, body: "Version: #{version_orig}")
+    end
+
+    context 'check basic version comparing' do
+      it 'should return true' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(newer).should be_true
+      end
+
+      it 'should return false' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(older).should be_false
+      end
+
+      it 'should return false' do
+        subject.version.should == version_orig
+        subject.vulnerable_to?(same).should be_false
+      end
+    end
+
+    context 'no version found in wp_item' do
+      before do
+        stub_request(:get, /.*\/readme\.txt/i).to_return(status: 404)
+        stub_request(:get, /.*\/style\.css/i).to_return(status: 404)
+      end
+
+      it 'should return true because no version can be detected' do
+        subject.vulnerable_to?(newer).should be_true
+        subject.vulnerable_to?(older).should be_true
+        subject.vulnerable_to?(same).should be_true
+      end
+    end
+  end
+
 end