Adds the latest_version, last_updated and popular? attributes - Ref #853

lib/common/models/wp_item.rb

@@ -22,7 +22,7 @@ class WpItem
   # @return [ Array ]
   # Make it private ?
   def allowed_options
-    [:name, :wp_content_dir, :wp_plugins_dir, :path, :version, :vulns_file]
+    [:name, :wp_content_dir, :wp_plugins_dir, :path, :version, :db_file]
   end
 
   # @param [ URI ] target_base_uri
@@ -37,6 +37,27 @@ class WpItem
     forge_uri(target_base_uri)
   end
 
+  def identifier
+    @identifier ||= name
+  end
+
+  # @return [ Hash ]
+  def db_data
+    @db_data ||= json(db_file)[identifier] || {}
+  end
+
+  def latest_version
+    db_data['latest_version']
+  end
+
+  def last_updated
+    db_data['last_ipdated']
+  end
+
+  def popular?
+    db_data['popular']
+  end
+
   # @param [ Hash ] options
   #
   # @return [ void ]

lib/common/models/wp_item/output.rb

@@ -7,8 +7,8 @@ class WpItem
     def output(verbose = false)
       puts
       puts info("Name: #{self}") #this will also output the version number if detected
-      puts " |  Latest version:"
+      puts " |  Latest version: #{latest_version}" if latest_version
-      puts " |  Last updated:"
+      puts " |  Last updated: #{last_updated}" if last_updated
       puts " |  Location: #{url}"
       #puts " | WordPress: #{wordpress_url}" if wordpress_org_item?
       puts " |  Readme: #{readme_url}" if has_readme?

lib/common/models/wp_item/vulnerable.rb

@@ -2,24 +2,23 @@
 
 class WpItem
   module Vulnerable
-    attr_accessor :vulns_file, :identifier
+    attr_accessor :db_file, :identifier
 
     # Get the vulnerabilities associated to the WpItem
     # Filters out already fixed vulnerabilities
     #
     # @return [ Vulnerabilities ]
     def vulnerabilities
-      json = json(vulns_file)
+      return @vulnerabilities if @vulnerabilities
-      vulnerabilities = Vulnerabilities.new
 
-      return vulnerabilities if json.empty?
+      @vulnerabilities = Vulnerabilities.new
 
-      json[identifier]['vulnerabilities'].each do |vulnerability|
+      [*db_data['vulnerabilities']].each do |vulnerability|
         vulnerability = Vulnerability.load_from_json_item(vulnerability)
-        vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
+        @vulnerabilities << vulnerability if vulnerable_to?(vulnerability)
       end
 
-      vulnerabilities
+      @vulnerabilities
     end
 
     def vulnerable?

lib/common/models/wp_plugin.rb

@@ -1,10 +1,6 @@
 # encoding: UTF-8
 
-require 'wp_plugin/vulnerable'
-
 class WpPlugin < WpItem
-  include WpPlugin::Vulnerable
-
   # Sets the @uri
   #
   # @param [ URI ] target_base_uri The URI of the wordpress blog
@@ -14,4 +10,7 @@ class WpPlugin < WpItem
     @uri = target_base_uri.merge(URI.encode(wp_plugins_dir + '/' + name + '/'))
   end
 
+  def db_file
+    @db_file ||= PLUGINS_FILE
+  end
 end

lib/common/models/wp_plugin/vulnerable.rb

@@ -1,15 +0,0 @@
-# encoding: UTF-8
-
-class WpPlugin < WpItem
-  module Vulnerable
-    # @return [ String ] The path to the file containing vulnerabilities
-    def vulns_file
-      @vulns_file ||= PLUGINS_FILE
-    end
-
-    # @return [ String ]
-    def identifier
-      @name
-    end
-  end
-end

lib/common/models/wp_theme.rb

@@ -2,7 +2,6 @@
 
 require 'wp_theme/findable'
 require 'wp_theme/versionable'
-require 'wp_theme/vulnerable'
 require 'wp_theme/info'
 require 'wp_theme/output'
 require 'wp_theme/childtheme'
@@ -10,7 +9,6 @@ require 'wp_theme/childtheme'
 class WpTheme < WpItem
   extend WpTheme::Findable
   include WpTheme::Versionable
-  include WpTheme::Vulnerable
   include WpTheme::Info
   include WpTheme::Output
   include WpTheme::Childtheme
@@ -33,4 +31,7 @@ class WpTheme < WpItem
     @uri.merge('style.css').to_s
   end
 
+  def db_file
+    @db_file ||= THEMES_FILE
+  end
 end

lib/common/models/wp_theme/vulnerable.rb

@@ -1,15 +0,0 @@
-# encoding: UTF-8
-
-class WpTheme < WpItem
-  module Vulnerable
-    # @return [ String ] The path to the file containing vulnerabilities
-    def vulns_file
-      @vulns_file ||= THEMES_FILE
-    end
-
-    # @return [ String ]
-    def identifier
-      @name
-    end
-  end
-end

lib/common/models/wp_version.rb

@@ -1,13 +1,10 @@
 # encoding: UTF-8
 
 require 'wp_version/findable'
-require 'wp_version/vulnerable'
 require 'wp_version/output'
 
 class WpVersion < WpItem
-
   extend  WpVersion::Findable
-  include WpVersion::Vulnerable
   include WpVersion::Output
 
   # The version number
@@ -17,6 +14,14 @@ class WpVersion < WpItem
   # @return [ Array ]
   def allowed_options; super << :number << :found_from end
 
+  def identifier
+    @identifier ||= number
+  end
+
+  def db_file
+    @db_file ||= WORDPRESSES_FILE
+  end
+
   # @param [ WpVersion ] other
   #
   # @return [ Boolean ]

lib/common/models/wp_version/vulnerable.rb

@@ -1,15 +0,0 @@
-# encoding: UTF-8
-
-class WpVersion < WpItem
-  module Vulnerable
-    # @return [ String ] The path to the file containing vulnerabilities
-    def vulns_file
-      @vulns_file ||= WORDPRESSES_FILE
-    end
-
-    # @return [ String ]
-    def identifier
-      @number
-    end
-  end
-end

spec/lib/common/models/wp_item_spec.rb

@@ -11,7 +11,7 @@ describe WpItem do
   end
   it_behaves_like 'WpItem::Versionable'
   it_behaves_like 'WpItem::Vulnerable' do
-    let(:vulns_file)     { MODELS_FIXTURES + '/wp_item/vulnerable/items_vulns.json' }
+    let(:db_file)       { MODELS_FIXTURES + '/wp_item/vulnerable/items_vulns.json' }
     let(:identifier)    { 'neo' }
     let(:expected_refs)  { {
         'id'  => [2993],

spec/lib/common/models/wp_plugin_spec.rb

@@ -5,8 +5,8 @@ require 'spec_helper'
 describe WpPlugin do
   it_behaves_like 'WpPlugin::Vulnerable'
   it_behaves_like 'WpItem::Vulnerable' do
-    let(:options)        { { name: 'white-rabbit' } }
+    let(:options) { { name: 'white-rabbit' } }
-    let(:vulns_file)     { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins.json' }
+    let(:db_file) { MODELS_FIXTURES + '/wp_plugin/vulnerable/plugins.json' }
     let(:expected_refs)  { {
         'id'  => [2993],
         'url' => ['Ref 1', 'Ref 2'],

spec/lib/common/models/wp_theme_spec.rb

@@ -7,7 +7,7 @@ describe WpTheme do
   it_behaves_like 'WpTheme::Vulnerable'
   it_behaves_like 'WpItem::Vulnerable' do
     let(:options)        { { name: 'the-oracle' } }
-    let(:vulns_file)     { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.json' }
+    let(:db_file)     { MODELS_FIXTURES + '/wp_theme/vulnerable/themes_vulns.json' }
     let(:expected_refs)  { {
         'id' => [2993],
         'url' => ['Ref 1', 'Ref 2'],

spec/shared_examples/wp_item_vulnerable.rb

@@ -3,8 +3,8 @@
 shared_examples 'WpItem::Vulnerable' do
 
   # 2 variables have to be set in the described class or subject:
-  #   let(:vulns_file)     { }
+  #   let(:db_file)     { }
-  #   let(:expected_vulns) { } The expected Vulnerabilities when using vulns_file and vulns_xpath
+  #   let(:expected_vulns) { } The expected Vulnerabilities when using db_file and vulns_xpath
   #
   # 1 variable is optional, used if supplied, otherwise subject.vulns_xpath is used
   #   let(:vulns_xpath)    { }
@@ -18,7 +18,7 @@ shared_examples 'WpItem::Vulnerable' do
     end
 
     after do
-      subject.vulns_file  = @vulns_file
+      subject.db_file    = @db_file
       subject.identifier = identifier if defined?(identifier)
 
       result = subject.vulnerabilities
@@ -26,16 +26,16 @@ shared_examples 'WpItem::Vulnerable' do
       expect(result).to eq @expected
     end
 
-    context 'when the vulns_file is empty' do
+    context 'when the db_file is empty' do
       it 'returns an empty Vulnerabilities' do
-        @vulns_file = empty_file
+        @db_file  = empty_file
-        @expected   = Vulnerabilities.new
+        @expected = Vulnerabilities.new
       end
     end
 
     it 'returns the expected vulnerabilities' do
-      @vulns_file = vulns_file
+      @db_file   = db_file
-      @expected   = expected_vulns
+      @expected  = expected_vulns
     end
   end
 

spec/shared_examples/wp_plugin_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpPlugin::Vulnerable' do
 
-  describe '#vulns_file' do
+  describe '#db_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is no set' do
+    context 'when :db_file is no set' do
       it 'returns the default one' do
         @expected = PLUGINS_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
+        @expected       = 'test.json'
-        subject.vulns_file = @expected
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq 'plugin-name' }
+    its(:identifier) { should eq 'plugin-name' }
   end
 
 end

spec/shared_examples/wp_theme_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpTheme::Vulnerable' do
 
-  describe '#vulns_file' do
+  describe '#db_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is not set' do
+    context 'when :db_file is not set' do
       it 'returns the default one' do
         @expected = THEMES_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
+        @expected       = 'test.json'
-        subject.vulns_file = @expected
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq 'theme-name' }
+    its(:identifier) { should eq 'theme-name' }
   end
 
 end

spec/shared_examples/wp_version_vulnerable.rb

@@ -2,25 +2,25 @@
 
 shared_examples 'WpVersion::Vulnerable' do
 
-  describe '#vulns_file' do
+  describe '#db_file' do
-    after { expect(subject.vulns_file).to eq @expected }
+    after { expect(subject.db_file).to eq @expected }
 
-    context 'when :vulns_file is no set' do
+    context 'when :db_file is no set' do
       it 'returns the default one' do
         @expected = WORDPRESSES_FILE
       end
     end
 
-    context 'when the :vulns_file is already set' do
+    context 'when the :db_file is already set' do
       it 'returns it' do
-        @expected          = 'test.json'
+        @expected       = 'test.json'
-        subject.vulns_file = @expected
+        subject.db_file = @expected
       end
     end
   end
 
   describe '#identifier' do
-    its(:identifier) { is_expected.to eq '1.2' }
+    its(:identifier) { should eq '1.2' }
   end
 
 end