Test finding upload to PwnDoc

34286191 · Ondřej Borýsek · 0b13898f · 34286191 · 34286191 · 34286191
Commit 34286191 authored 2 years ago by Ondřej Borýsek
--- a/pwndoc_api.py
+++ b/pwndoc_api.py
+import random
+import string
 import time

 import requests
@@ -41,6 +43,7 @@ def refresh_token():


 def add_finding_to_audit(finding: 'TemplatePwndoc', audit_id: str):
+    # Note that this doesn't have a try-except
    data = finding.to_pwndoc_dict()
    upsert_raw_finding(audit_id, data)

@@ -270,3 +273,14 @@ def download_report(audit_id: str, report_filename: str):

    with open(report_filepath, "wb") as f:
        f.write(resp.content)
+
+
+def create_audit(locale: str = "cs") -> str:
+    data = {
+        "name": "TEST_" + "".join(random.choices(string.ascii_uppercase, k=10)),
+        "language": locale,
+        "auditType": "Example audit type"
+    }
+    resp = session.post(f"{PWNDOC_URL}/api/audits", data=data)
+    assert resp.status_code == 201
+    return resp.json()["datas"]["audit"]["_id"]
--- a/tests/requirements.txt
+++ b/tests/requirements.txt
 pytest==7.1.3
+pytest-steps==1.8.0
 # pytest-flask
--- a/tests/test_findings_parsing.py
+++ b/tests/test_findings_parsing.py
@@ -2,8 +2,10 @@ from pathlib import Path
 import os.path
 from typing import List, Optional
 import pytest
+from pytest_steps import test_steps

-from api_process_findings import ProcessingSettings, ProcessingStatus
+import pwndoc_api
+from api_process_findings import ProcessingSettings, ProcessingStatus, upload_scan_findings_to_pwndoc
 from tests.helper_anotate_tests import skip_and_anotate_problematic_test_files
 from tests.conftest import TMP_PATH, PWNDOC_DANGER_OVERRIDE
 import config
@@ -34,8 +36,17 @@ def skip_if_no_pwndoc():


 class TestFindingParsing:
+
+    @test_steps('PwnDoc Templates, Scan2Report, JSON', 'Upload to PwnDoc Audit')
    @pytest.mark.parametrize("filepath", find_all_test_files())
-    def test_parsing(self, client, filepath: str):
+    def test_full(self, client, filepath):
+        folder_name = self.to_json(client, filepath)
+        yield
+        self.upload_to_pwndoc(folder_name)
+        yield
+        # todo: check audit is downloadable
+
+    def to_json(self, client, filepath: str) -> str:
        response = client.post(
            '/import_automator/findings/upload_scanner_result',
            follow_redirects=True,
@@ -55,10 +66,10 @@ class TestFindingParsing:
            f.write(response.text)

        url_path = response.request.path
-        _, folder_id = url_path.rstrip("/").rsplit("/", 1)
+        _, folder_name = url_path.rstrip("/").rsplit("/", 1)
        # status_filepath = os.path.join(config.FLASK_UPLOAD_FOLDER, folder_id, '_pwndoc_importer_processing.json')
        # status = helpers.file_utils.json_safe_load(status_filepath)
-        ps = ProcessingSettings.load_from_folder_name(folder_id)
+        ps = ProcessingSettings.load_from_folder_name(folder_name)
        assert ps is not None, "Report of import should exist"

        for step_name, (step_status, _, _) in ps.steps_progress.items():
@@ -66,3 +77,16 @@ class TestFindingParsing:

        for level, msg in ps.user_msgs:
            assert level != 'error', f'There is at least one error msg displayed to user: {msg}'
+
+        return folder_name
+
+    def upload_to_pwndoc(self, folder_name):
+        audit_id = pwndoc_api.create_audit()
+        ps = ProcessingSettings.load_from_folder_name(folder_name)
+        assert ps is not None
+
+        ps.upload_to_pwndoc = True
+        ps.audit_id = audit_id
+        ps.save()
+
+        assert upload_scan_findings_to_pwndoc(folder_name)