WpTheme::Vulnerable specs
This commit is contained in:
erwanlr
@@ -2,6 +2,8 @@
|
|||||||
|
|
||||||
class WpTheme < WpItem
|
class WpTheme < WpItem
|
||||||
module Vulnerable
|
module Vulnerable
|
||||||
|
|
||||||
|
# @return [ String ] The path to the file containing vulnerabilities
|
||||||
def vulns_file
|
def vulns_file
|
||||||
unless @vulns_file
|
unless @vulns_file
|
||||||
@vulns_file = THEMES_VULNS_FILE
|
@vulns_file = THEMES_VULNS_FILE
|
||||||
@@ -9,8 +11,10 @@ class WpTheme < WpItem
|
|||||||
@vulns_file
|
@vulns_file
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# @return [ String ]
|
||||||
def vulns_xpath
|
def vulns_xpath
|
||||||
"//theme[@name='#{@name}']/vulnerability"
|
"//theme[@name='#{@name}']/vulnerability"
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -4,6 +4,12 @@ require 'spec_helper'
|
|||||||
|
|
||||||
describe WpTheme do
|
describe WpTheme do
|
||||||
it_behaves_like 'WpTheme::Versionable'
|
it_behaves_like 'WpTheme::Versionable'
|
||||||
|
it_behaves_like 'WpTheme::Vulnerable'
|
||||||
|
it_behaves_like 'WpItem::Vulnerable' do
|
||||||
|
let(:options) { { name: 'the-oracle' } }
|
||||||
|
let(:vulns_file) { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.xml' }
|
||||||
|
let(:expected_vulns) { Vulnerabilities.new << Vulnerability.new('I see you', 'FPD', ['http://ref.com']) }
|
||||||
|
end
|
||||||
|
|
||||||
subject(:wp_theme) { WpTheme.new(uri, options) }
|
subject(:wp_theme) { WpTheme.new(uri, options) }
|
||||||
let(:uri) { URI.parse('http://example.com/') }
|
let(:uri) { URI.parse('http://example.com/') }
|
||||||
|
|||||||
@@ -0,0 +1,19 @@
|
|||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
|
||||||
|
<vulnerabilities>
|
||||||
|
<theme name="not-this-one">
|
||||||
|
<vulnerability>
|
||||||
|
<title>I should not appear in the results</title>
|
||||||
|
<reference>http://some-ref.com</reference>
|
||||||
|
<type>SQLI</type>
|
||||||
|
</vulnerability>
|
||||||
|
</theme>
|
||||||
|
|
||||||
|
<theme name="the-oracle">
|
||||||
|
<vulnerability>
|
||||||
|
<title>I see you</title>
|
||||||
|
<reference>http://ref.com</reference>
|
||||||
|
<type>FPD</type>
|
||||||
|
</vulnerability>
|
||||||
|
</theme>
|
||||||
|
</vulnerabilities>
|
||||||
26
spec/shared_examples/wp_theme_vulnerable.rb
Normal file
26
spec/shared_examples/wp_theme_vulnerable.rb
Normal file
@@ -0,0 +1,26 @@
|
|||||||
|
# encoding: UTF-8
|
||||||
|
|
||||||
|
shared_examples 'WpTheme::Vulnerable' do
|
||||||
|
|
||||||
|
describe '#vulns_file' do
|
||||||
|
after { subject.vulns_file.should == @expected }
|
||||||
|
|
||||||
|
context 'when :vulns_file is no set' do
|
||||||
|
it 'returns the default one' do
|
||||||
|
@expected = THEMES_VULNS_FILE
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the :vulns_file is already set' do
|
||||||
|
it 'returns it' do
|
||||||
|
@expected = 'test.xml'
|
||||||
|
subject.vulns_file = @expected
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe '#vulns_xpath' do
|
||||||
|
its(:vulns_xpath) { should == "//theme[@name='theme-name']/vulnerability" }
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
Reference in New Issue
Block a user