From b5356f522afea5459b1db5c77ae70b3b927f4e49 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Mon, 13 Nov 2023 19:09:41 -0800 Subject: [PATCH 1/2] Auto generate ftplib tests Signed-off-by: Eric Brown --- .../python/stdlib/ftplib/examples/ftp.py | 5 + .../python/stdlib/ftplib/examples/ftp_tls.py | 1 + .../stdlib/ftplib/examples/ftplib_ftp.py | 5 + .../ftplib/examples/ftplib_ftp_context_mgr.py | 5 + .../stdlib/ftplib/examples/ftplib_ftp_tls.py | 1 + .../examples/ftplib_ftp_tls_user_password.py | 1 + .../examples/ftplib_ftp_user_password.py | 5 + .../stdlib/ftplib/test_ftp_cleartext.py | 106 +++++------------- 8 files changed, 48 insertions(+), 81 deletions(-) diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftp.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftp.py index f65622c7..fdb784df 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftp.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftp.py @@ -1,3 +1,8 @@ +# level: WARNING +# start_line: 9 +# end_line: 9 +# start_column: 6 +# end_column: 9 from ftplib import FTP diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftp_tls.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftp_tls.py index 39ef438c..bfb9fbdc 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftp_tls.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftp_tls.py @@ -1,3 +1,4 @@ +# level: NONE from ftplib import FTP diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp.py index 52c8a84f..c9f6c877 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp.py @@ -1,3 +1,8 @@ +# level: WARNING +# start_line: 9 +# end_line: 9 +# start_column: 6 +# end_column: 16 import ftplib diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_context_mgr.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_context_mgr.py index 892576e9..7359e346 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_context_mgr.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_context_mgr.py @@ -1,3 +1,8 @@ +# level: WARNING +# start_line: 9 +# end_line: 9 +# start_column: 5 +# end_column: 15 import ftplib diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls.py index b7cb52b0..b9d57417 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls.py @@ -1,3 +1,4 @@ +# level: NONE import ftplib diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_user_password.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_user_password.py index f4a91684..992e550d 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_user_password.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_tls_user_password.py @@ -1,3 +1,4 @@ +# level: NONE import ftplib diff --git a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_user_password.py b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_user_password.py index 3dca36a0..15e00aa6 100644 --- a/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_user_password.py +++ b/tests/unit/rules/python/stdlib/ftplib/examples/ftplib_ftp_user_password.py @@ -1,3 +1,8 @@ +# level: ERROR +# start_line: 9 +# end_line: 9 +# start_column: 6 +# end_column: 16 import ftplib diff --git a/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py b/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py index 6cb5eee3..466ca8c3 100644 --- a/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py +++ b/tests/unit/rules/python/stdlib/ftplib/test_ftp_cleartext.py @@ -1,17 +1,17 @@ # Copyright 2023 Secure Saurce LLC import os +from parameterized import parameterized + from precli.core.level import Level from precli.rules import Rule from tests.unit.rules.python import test_case -RULE_ID = "PRE0003" - - class FtpCleartextTests(test_case.TestCase): def setUp(self): super().setUp() + self.rule_id = "PRE0003" self.base_path = os.path.join( "tests", "unit", @@ -23,28 +23,30 @@ def setUp(self): ) def test_ftp_cleartext_rule_meta(self): - rule = Rule.get_by_id(RULE_ID) - self.assertEqual(RULE_ID, rule.id) + rule = Rule.get_by_id(self.rule_id) + self.assertEqual(self.rule_id, rule.id) self.assertEqual("cleartext_transmission", rule.name) self.assertEqual( - f"https://docs.securesauce.dev/rules/{RULE_ID}", rule.help_url + f"https://docs.securesauce.dev/rules/{self.rule_id}", rule.help_url ) self.assertEqual(True, rule.default_config.enabled) self.assertEqual(Level.WARNING, rule.default_config.level) self.assertEqual(-1.0, rule.default_config.rank) self.assertEqual("319", rule.cwe.cwe_id) - def test_ftp(self): - results = self.parser.parse(os.path.join(self.base_path, "ftp.py")) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(4, result.location.start_line) - self.assertEqual(4, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(9, result.location.end_column) - self.assertEqual(Level.WARNING, result.level) - self.assertEqual(-1.0, result.rank) + @parameterized.expand( + [ + "ftp", + "ftp_tls", + "ftplib_ftp", + "ftplib_ftp_context_mgr", + "ftplib_ftp_tls", + "ftplib_ftp_user_password", + "ftplib_ftp_tls_user_password", + ] + ) + def test(self, filename): + self.check(filename) def test_ftp_login(self): results = self.parser.parse( @@ -52,7 +54,7 @@ def test_ftp_login(self): ) self.assertEqual(2, len(results)) result = results[0] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(6, result.location.start_column) @@ -60,7 +62,7 @@ def test_ftp_login(self): self.assertEqual(Level.WARNING, result.level) self.assertEqual(-1.0, result.rank) result = results[1] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(5, result.location.start_line) self.assertEqual(5, result.location.end_line) self.assertEqual(4, result.location.start_column) @@ -68,45 +70,13 @@ def test_ftp_login(self): self.assertEqual(Level.ERROR, result.level) self.assertEqual(-1.0, result.rank) - def test_ftp_tls(self): - results = self.parser.parse(os.path.join(self.base_path, "ftp_tls.py")) - self.assertEqual(0, len(results)) - - def test_ftplib_ftp(self): - results = self.parser.parse( - os.path.join(self.base_path, "ftplib_ftp.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(4, result.location.start_line) - self.assertEqual(4, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(16, result.location.end_column) - self.assertEqual(Level.WARNING, result.level) - self.assertEqual(-1.0, result.rank) - - def test_ftplib_ftp_context_mgr(self): - results = self.parser.parse( - os.path.join(self.base_path, "ftplib_ftp_context_mgr.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(4, result.location.start_line) - self.assertEqual(4, result.location.end_line) - self.assertEqual(5, result.location.start_column) - self.assertEqual(15, result.location.end_column) - self.assertEqual(Level.WARNING, result.level) - self.assertEqual(-1.0, result.rank) - def test_ftplib_ftp_login(self): results = self.parser.parse( os.path.join(self.base_path, "ftplib_ftp_login.py") ) self.assertEqual(2, len(results)) result = results[0] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(6, result.location.start_column) @@ -114,7 +84,7 @@ def test_ftplib_ftp_login(self): self.assertEqual(Level.WARNING, result.level) self.assertEqual(-1.0, result.rank) result = results[1] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(5, result.location.start_line) self.assertEqual(5, result.location.end_line) self.assertEqual(4, result.location.start_column) @@ -130,7 +100,7 @@ def test_ftplib_ftp_login_single_statement(self): ) self.assertEqual(2, len(results)) result = results[0] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(32, result.location.start_column) @@ -138,36 +108,10 @@ def test_ftplib_ftp_login_single_statement(self): self.assertEqual(Level.ERROR, result.level) self.assertEqual(-1.0, result.rank) result = results[1] - self.assertEqual(RULE_ID, result.rule_id) + self.assertEqual(self.rule_id, result.rule_id) self.assertEqual(4, result.location.start_line) self.assertEqual(4, result.location.end_line) self.assertEqual(0, result.location.start_column) self.assertEqual(10, result.location.end_column) self.assertEqual(Level.WARNING, result.level) self.assertEqual(-1.0, result.rank) - - def test_ftplib_ftp_tls(self): - results = self.parser.parse( - os.path.join(self.base_path, "ftplib_ftp_tls.py") - ) - self.assertEqual(0, len(results)) - - def test_ftplib_ftp_user_password(self): - results = self.parser.parse( - os.path.join(self.base_path, "ftplib_ftp_user_password.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(4, result.location.start_line) - self.assertEqual(4, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(16, result.location.end_column) - self.assertEqual(Level.ERROR, result.level) - self.assertEqual(-1.0, result.rank) - - def test_ftplib_ftp_tls_user_password(self): - results = self.parser.parse( - os.path.join(self.base_path, "ftplib_ftp_tls_user_password.py") - ) - self.assertEqual(0, len(results)) From dec613a2edc625a6f34d23feb5f306e97e300e56 Mon Sep 17 00:00:00 2001 From: Eric Brown Date: Mon, 13 Nov 2023 19:16:15 -0800 Subject: [PATCH 2/2] Auto generate imaplib tests Signed-off-by: Eric Brown --- .../examples/imaplib_imap4_authenticate.py | 5 + .../examples/imaplib_imap4_context_mgr.py | 5 + .../imaplib/examples/imaplib_imap4_login.py | 5 + .../examples/imaplib_imap4_login_cram_md5.py | 5 + .../imaplib/examples/imaplib_imap4_ssl.py | 1 + .../examples/imaplib_imap4_starttls.py | 1 + .../imaplib/examples/imaplib_imap4_stream.py | 1 + .../stdlib/imaplib/test_imap_cleartext.py | 98 ++++--------------- 8 files changed, 42 insertions(+), 79 deletions(-) diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_authenticate.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_authenticate.py index d59ced11..bf73150d 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_authenticate.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_authenticate.py @@ -1,3 +1,8 @@ +# level: ERROR +# start_line: 12 +# end_line: 12 +# start_column: 6 +# end_column: 18 import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_context_mgr.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_context_mgr.py index 019fcc3b..f582329e 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_context_mgr.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_context_mgr.py @@ -1,3 +1,8 @@ +# level: ERROR +# start_line: 11 +# end_line: 11 +# start_column: 10 +# end_column: 15 import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login.py index 2e3709e2..92809358 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login.py @@ -1,3 +1,8 @@ +# level: ERROR +# start_line: 11 +# end_line: 11 +# start_column: 6 +# end_column: 11 import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login_cram_md5.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login_cram_md5.py index 797558bb..73623ece 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login_cram_md5.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_login_cram_md5.py @@ -1,3 +1,8 @@ +# level: ERROR +# start_line: 11 +# end_line: 11 +# start_column: 6 +# end_column: 20 import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_ssl.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_ssl.py index f7d56501..0c655988 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_ssl.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_ssl.py @@ -1,3 +1,4 @@ +# level: NONE import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_starttls.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_starttls.py index 7273c45e..8d7ff6a9 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_starttls.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_starttls.py @@ -1,3 +1,4 @@ +# level: NONE import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_stream.py b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_stream.py index b68b8327..f09a2dba 100644 --- a/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_stream.py +++ b/tests/unit/rules/python/stdlib/imaplib/examples/imaplib_imap4_stream.py @@ -1,3 +1,4 @@ +# level: NONE import getpass import imaplib diff --git a/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py b/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py index 1eec6087..b6041b0a 100644 --- a/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py +++ b/tests/unit/rules/python/stdlib/imaplib/test_imap_cleartext.py @@ -1,17 +1,17 @@ # Copyright 2023 Secure Saurce LLC import os +from parameterized import parameterized + from precli.core.level import Level from precli.rules import Rule from tests.unit.rules.python import test_case -RULE_ID = "PRE0007" - - class ImapCleartextTests(test_case.TestCase): def setUp(self): super().setUp() + self.rule_id = "PRE0007" self.base_path = os.path.join( "tests", "unit", @@ -23,87 +23,27 @@ def setUp(self): ) def test_imap_cleartext_rule_meta(self): - rule = Rule.get_by_id(RULE_ID) - self.assertEqual(RULE_ID, rule.id) + rule = Rule.get_by_id(self.rule_id) + self.assertEqual(self.rule_id, rule.id) self.assertEqual("cleartext_transmission", rule.name) self.assertEqual( - f"https://docs.securesauce.dev/rules/{RULE_ID}", rule.help_url + f"https://docs.securesauce.dev/rules/{self.rule_id}", rule.help_url ) self.assertEqual(True, rule.default_config.enabled) self.assertEqual(Level.WARNING, rule.default_config.level) self.assertEqual(-1.0, rule.default_config.rank) self.assertEqual("319", rule.cwe.cwe_id) - def test_imaplib_imap4_authenticate(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_authenticate.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(7, result.location.start_line) - self.assertEqual(7, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(18, result.location.end_column) - self.assertEqual(Level.ERROR, result.level) - self.assertEqual(-1.0, result.rank) - - def test_imaplib_imap4_context_mgr(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_context_mgr.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(6, result.location.start_line) - self.assertEqual(6, result.location.end_line) - self.assertEqual(10, result.location.start_column) - self.assertEqual(15, result.location.end_column) - self.assertEqual(Level.ERROR, result.level) - self.assertEqual(-1.0, result.rank) - - def test_imaplib_imap4_login(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_login.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(6, result.location.start_line) - self.assertEqual(6, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(11, result.location.end_column) - self.assertEqual(Level.ERROR, result.level) - self.assertEqual(-1.0, result.rank) - - def test_imaplib_imap4_login_cram_md5(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_login_cram_md5.py") - ) - self.assertEqual(1, len(results)) - result = results[0] - self.assertEqual(RULE_ID, result.rule_id) - self.assertEqual(6, result.location.start_line) - self.assertEqual(6, result.location.end_line) - self.assertEqual(6, result.location.start_column) - self.assertEqual(20, result.location.end_column) - self.assertEqual(Level.ERROR, result.level) - self.assertEqual(-1.0, result.rank) - - def test_imaplib_imap4_ssl(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_ssl.py") - ) - self.assertEqual(0, len(results)) - - def test_imaplib_imap4_starttls(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_starttls.py") - ) - self.assertEqual(0, len(results)) - - def test_imaplib_imap4_stream(self): - results = self.parser.parse( - os.path.join(self.base_path, "imaplib_imap4_stream.py") - ) - self.assertEqual(0, len(results)) + @parameterized.expand( + [ + "imaplib_imap4_authenticate", + "imaplib_imap4_context_mgr", + "imaplib_imap4_login", + "imaplib_imap4_login_cram_md5", + "imaplib_imap4_ssl", + "imaplib_imap4_starttls", + "imaplib_imap4_stream", + ] + ) + def test(self, filename): + self.check(filename)