Merge pull request #1673 from bjoernricks/fix-report-cves

Fix report cves
greenbone · Oct 9, 2019 · cebc29b · cebc29b
2 parents 69e29e8 + f90d394
commit cebc29b
Show file tree

Hide file tree

Showing 26 changed files with 1,817 additions and 311 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ## [9.0.0] - unreleased
 
 ### Added
+- List NVT of the found CVEs at the report details page [#1673](https://github.com/greenbone/gsa/pull/1673)
 - Added links for GOS 6 manual for audits, policies and TLS certificates [#1657](https://github.com/greenbone/gsa/pull/1657)
 - Added OSP Sensor type to GSA [#1646](https://github.com/greenbone/gsa/pull/1646)
 - Added TLS certificate filter type [#1630](https://github.com/greenbone/gsa/pull/1630)
@@ -67,6 +68,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
   requests in gsad [#1355](https://github.com/greenbone/gsa/pull/1355)
 
 ### Fixed
+- Fixed parsing report details data [#1673](https://github.com/greenbone/gsa/pull/1673)
 - Fixed scanconfig clone icon tooltip does not show if permission is denied [#1664](https://github.com/greenbone/gsa/pull/1664)
 - Fixed feed status page does not render [#1628](https://github.com/greenbone/gsa/pull/1628)
 - fixed secinfo severitybars not displaying severity.[#1530](https://github.com/greenbone/gsa/pull/1530)
@@ -98,7 +100,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Changed
 - Removed Clone and Verify functionalities for report formats [#1650](https://github.com/greenbone/gsa/pull/1650)
 - Use new [React context API](https://reactjs.org/docs/context.html#api) [#1637](https://github.com/greenbone/gsa/pull/1637)
-- Update response data parsing in Model classes [#1633](https://github.com/greenbone/gsa/pull/1633)
+- Update response data parsing in Model classes
+  [#1633](https://github.com/greenbone/gsa/pull/1633),
+  [#1668](https://github.com/greenbone/gsa/pull/1668)
 - Fix statusbar content can be more than 100% and add progressbar colors to theme [1621](https://github.com/greenbone/gsa/pull/1621)
 - Allow to overwrite details=1 for command results.get() [#1618](https://github.com/greenbone/gsa/pull/1618)
 - Ensure not to request the report details when loading a list of reports [#1617](https://github.com/greenbone/gsa/pull/1617)

diff --git a/gsa/CMakeLists.txt b/gsa/CMakeLists.txt
@@ -156,7 +156,6 @@ set (GSA_JS_SRC_FILES
      ${GSA_SRC_DIR}/src/gmp/models/report/report.js
      ${GSA_SRC_DIR}/src/gmp/models/report/task.js
      ${GSA_SRC_DIR}/src/gmp/models/report/tlscertificate.js
-     ${GSA_SRC_DIR}/src/gmp/models/report/vulnerability.js
      ${GSA_SRC_DIR}/src/gmp/models/result.js
      ${GSA_SRC_DIR}/src/gmp/models/role.js
      ${GSA_SRC_DIR}/src/gmp/models/scanconfig.js

diff --git a/gsa/src/gmp/__tests__/parser.js b/gsa/src/gmp/__tests__/parser.js
@@ -330,6 +330,13 @@ describe('setProperties tests', () => {
     expect(obj.lorem).toEqual('ipsum');
 
     expect(Object.keys(obj)).toEqual(expect.arrayContaining(['foo', 'lorem']));
+  });
+
+  test('should not allow to override set properties', () => {
+    const obj = setProperties({
+      foo: 'bar',
+      lorem: 'ipsum',
+    });
 
     expect(() => {
       obj.foo = 'a';
@@ -339,6 +346,26 @@ describe('setProperties tests', () => {
     }).toThrow();
   });
 
+  test('should allow to override set properties if requested', () => {
+    const obj = setProperties(
+      {
+        foo: 'bar',
+        lorem: 'ipsum',
+      },
+      {},
+      {writable: true},
+    );
+
+    expect(obj.foo).toEqual('bar');
+    expect(obj.lorem).toEqual('ipsum');
+
+    obj.foo = 'a';
+    obj.lorem = 'b';
+
+    expect(obj.foo).toEqual('a');
+    expect(obj.lorem).toEqual('b');
+  });
+
   test('should skip properties starting with underscore', () => {
     const obj = setProperties({
       foo: 'bar',

diff --git a/gsa/src/gmp/models/__tests__/nvt.js b/gsa/src/gmp/models/__tests__/nvt.js
@@ -19,7 +19,7 @@
 
 /* eslint-disable max-len */
 
-import Nvt from 'gmp/models/nvt';
+import Nvt, {getRefs, hasRefType, getFilteredRefIds} from 'gmp/models/nvt';
 import Info from 'gmp/models/info';
 import {testModelFromElement, testModelMethods} from 'gmp/models/testing';
 
@@ -30,11 +30,14 @@ describe('nvt Model tests', () => {
   test('should parse NVT oid as id', () => {
     const nvt1 = Nvt.fromElement({_oid: '42.1337'});
     const nvt2 = Nvt.fromElement({});
+    const nvt3 = Nvt.fromElement({nvt: {_oid: '1.2.3'}});
 
     expect(nvt1.id).toEqual('42.1337');
     expect(nvt1.oid).toEqual('42.1337');
     expect(nvt2.id).toBeUndefined();
     expect(nvt2.oid).toBeUndefined();
+    expect(nvt3.oid).toEqual('1.2.3');
+    expect(nvt3.id).toEqual('1.2.3');
   });
 
   test('should not allow to overwrite id', () => {
@@ -52,21 +55,25 @@ describe('nvt Model tests', () => {
   });
 
   test('should parse nvt_type', () => {
-    const nvt = Nvt.fromElement({_type: 'foo'});
+    const nvt1 = Nvt.fromElement({_type: 'foo'});
+    const nvt2 = Nvt.fromElement({nvt: {_type: 'foo'}});
 
-    expect(nvt.nvtType).toEqual('foo');
+    expect(nvt1.nvtType).toEqual('foo');
+    expect(nvt2.nvtType).toEqual('foo');
   });
 
   test('should parse tags', () => {
     const nvt1 = Nvt.fromElement({tags: 'bv=/A:P|st=vf'});
     const nvt2 = Nvt.fromElement({});
+    const nvt3 = Nvt.fromElement({nvt: {tags: 'bv=/A:P|st=vf'}});
     const res = {
       bv: '/A:P',
       st: 'vf',
     };
 
     expect(nvt1.tags).toEqual(res);
     expect(nvt2.tags).toEqual({});
+    expect(nvt3.tags).toEqual(res);
   });
 
   test('should parse refs', () => {
@@ -110,6 +117,7 @@ describe('nvt Model tests', () => {
     };
     const nvt1 = Nvt.fromElement(elem);
     const nvt2 = Nvt.fromElement({});
+    const nvt3 = Nvt.fromElement({nvt: elem});
 
     expect(nvt1.cves).toEqual(['cveId', 'cve_idId']);
     expect(nvt2.cves).toEqual([]);
@@ -123,15 +131,28 @@ describe('nvt Model tests', () => {
     expect(nvt2.certs).toEqual([]);
     expect(nvt1.xrefs).toEqual([{ref: 'customId', type: 'custom-type'}]);
     expect(nvt2.xrefs).toEqual([]);
+
+    expect(nvt3.cves).toEqual(['cveId', 'cve_idId']);
+    expect(nvt3.bids).toEqual(['bidId', 'bugtraq_idId']);
+    expect(nvt3.certs).toEqual([
+      {id: 'dfn-certId', type: 'dfn-cert'},
+      {id: 'DFN-certId', type: 'dfn-cert'},
+      {id: 'cert-bundId', type: 'cert-bund'},
+    ]);
+    expect(nvt3.xrefs).toEqual([{ref: 'customId', type: 'custom-type'}]);
   });
 
   test('should parse severity', () => {
     const nvt1 = Nvt.fromElement({cvss_base: '8.5'});
     const nvt2 = Nvt.fromElement({cvss_base: ''});
+    const nvt3 = Nvt.fromElement({nvt: {cvss_base: '9.5'}});
 
     expect(nvt1.severity).toEqual(8.5);
     expect(nvt1.cvss_base).toBeUndefined();
     expect(nvt2.severity).toBeUndefined();
+    expect(nvt2.cvss_base).toBeUndefined();
+    expect(nvt3.cvss_base).toBeUndefined();
+    expect(nvt3.severity).toEqual(9.5);
   });
 
   test('should parse preferences', () => {
@@ -154,9 +175,11 @@ describe('nvt Model tests', () => {
     ];
     const nvt1 = Nvt.fromElement({});
     const nvt2 = Nvt.fromElement(elem);
+    const nvt3 = Nvt.fromElement({nvt: elem});
 
     expect(nvt1.preferences).toEqual([]);
     expect(nvt2.preferences).toEqual(res);
+    expect(nvt3.preferences).toEqual(res);
   });
 
   test('should parse xrefs with correct protocol', () => {
@@ -175,6 +198,11 @@ describe('nvt Model tests', () => {
       refs: {ref: [{_type: 'URL', _id: 'ftps://42'}]},
     });
     const nvt7 = Nvt.fromElement({refs: {ref: [{_id: 'ftps://42'}]}});
+    const nvt8 = Nvt.fromElement({
+      nvt: {
+        refs: {ref: [{_type: 'URL', _id: 'https://42'}]},
+      },
+    });
 
     expect(nvt1.xrefs).toEqual([{ref: '42', type: 'other'}]);
     expect(nvt2.xrefs).toEqual([{ref: 'http://42', type: 'url'}]);
@@ -184,6 +212,7 @@ describe('nvt Model tests', () => {
     expect(nvt6.xrefs).toEqual([{ref: 'ftps://42', type: 'url'}]);
     expect(nvt7.xrefs).toEqual([{ref: 'ftps://42', type: 'other'}]);
     expect(nvt7.xref).toBeUndefined();
+    expect(nvt8.xrefs).toEqual([{ref: 'https://42', type: 'url'}]);
   });
 
   test('should parse qod', () => {
@@ -193,33 +222,191 @@ describe('nvt Model tests', () => {
     const nvt4 = Nvt.fromElement({qod: {type: ''}});
     const nvt5 = Nvt.fromElement({qod: {type: 'foo'}});
     const nvt6 = Nvt.fromElement({qod: {value: '75.5', type: 'foo'}});
+    const nvt7 = Nvt.fromElement({nvt: {qod: {value: '75.5', type: 'foo'}}});
 
     expect(nvt1.qod).toBeUndefined();
     expect(nvt2.qod.value).toBeUndefined();
     expect(nvt3.qod.value).toEqual(75.5);
     expect(nvt4.qod.type).toBeUndefined();
     expect(nvt5.qod.type).toEqual('foo');
     expect(nvt6.qod).toEqual({value: 75.5, type: 'foo'});
+    expect(nvt7.qod).toEqual({value: 75.5, type: 'foo'});
   });
 
   test('should parse default_timeout', () => {
     const nvt1 = Nvt.fromElement({});
     const nvt2 = Nvt.fromElement({default_timeout: ''});
     const nvt3 = Nvt.fromElement({default_timeout: '123'});
+    const nvt4 = Nvt.fromElement({nvt: {default_timeout: '123'}});
 
     expect(nvt1.defaultTimeout).toBeUndefined();
     expect(nvt2.defaultTimeout).toBeUndefined();
     expect(nvt3.defaultTimeout).toEqual(123);
     expect(nvt3.default_timeout).toBeUndefined();
+    expect(nvt4.defaultTimeout).toEqual(123);
+    expect(nvt4.default_timeout).toBeUndefined();
   });
 
   test('should parse timeout', () => {
     const nvt1 = Nvt.fromElement({});
     const nvt2 = Nvt.fromElement({timeout: ''});
     const nvt3 = Nvt.fromElement({timeout: '123'});
+    const nvt4 = Nvt.fromElement({nvt: {timeout: '123'}});
 
     expect(nvt1.timeout).toBeUndefined();
     expect(nvt2.timeout).toBeUndefined();
     expect(nvt3.timeout).toEqual(123);
+    expect(nvt4.timeout).toEqual(123);
+  });
+});
+
+describe('getRefs tests', () => {
+  test('should return empty array for undefined element', () => {
+    const refs = getRefs();
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return empty array for empty object', () => {
+    const refs = getRefs({});
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return empty array for empty refs', () => {
+    const refs = getRefs({refs: {}});
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return refs ref', () => {
+    const refs = getRefs({
+      refs: {
+        ref: [],
+      },
+    });
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return array for single ref', () => {
+    const refs = getRefs({
+      refs: {
+        ref: [
+          {
+            foo: 'bar',
+          },
+        ],
+      },
+    });
+
+    expect(refs.length).toEqual(1);
+    expect(refs[0]).toEqual({foo: 'bar'});
+  });
+
+  test('should return all refs', () => {
+    const refs = getRefs({
+      refs: {
+        ref: [
+          {
+            foo: 'bar',
+          },
+          {
+            lorem: 'ipsum',
+          },
+        ],
+      },
+    });
+
+    expect(refs.length).toEqual(2);
+    expect(refs[0]).toEqual({foo: 'bar'});
+    expect(refs[1]).toEqual({lorem: 'ipsum'});
+  });
+});
+
+describe('hasRefType tests', () => {
+  test('should return false for undefined ref', () => {
+    expect(hasRefType('foo')()).toEqual(false);
+  });
+
+  test('should return false for empty ref', () => {
+    expect(hasRefType('foo')({})).toEqual(false);
+  });
+
+  test('should return false for non string type', () => {
+    expect(hasRefType('foo')({_type: 1})).toEqual(false);
+  });
+
+  test('should return false when searching for other type', () => {
+    expect(hasRefType('foo')({_type: 'bar'})).toEqual(false);
+  });
+
+  test('should return true when searching for same type', () => {
+    expect(hasRefType('foo')({_type: 'foo'})).toEqual(true);
+  });
+
+  test('should ignore case for type', () => {
+    expect(hasRefType('foo')({_type: 'Foo'})).toEqual(true);
+    expect(hasRefType('foo')({_type: 'FOO'})).toEqual(true);
+    expect(hasRefType('foo')({_type: 'FoO'})).toEqual(true);
+  });
+});
+
+describe('getFilteredRefIds tests', () => {
+  test('should return empty array for undefined refs', () => {
+    const refs = getFilteredRefIds(undefined, 'foo');
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return empty array for for emtpy refs', () => {
+    const refs = getFilteredRefIds([], 'foo');
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return empty array when searching for other ref types', () => {
+    const refs = getFilteredRefIds(
+      [
+        {
+          _type: 'bar',
+          _id: '1',
+        },
+        {
+          _type: 'ipsum',
+          _id: '2',
+        },
+      ],
+      'foo',
+    );
+
+    expect(refs).toEqual([]);
+  });
+
+  test('should return ids of same type only', () => {
+    const refs = getFilteredRefIds(
+      [
+        {
+          _type: 'bar',
+          _id: '1',
+        },
+        {
+          _type: 'foo',
+          _id: '2',
+        },
+        {
+          _type: 'ipsum',
+          _id: '3',
+        },
+        {
+          _type: 'foo',
+          _id: '4',
+        },
+      ],
+      'foo',
+    );
+
+    expect(refs.length).toEqual(2);
+    expect(refs).toEqual(['2', '4']);
   });
 });