Add rudimentary verdicts view. Progress on #6062. (#7207)

* Add rudimentary verdicts view. Progress on #6062. Also, add some better testing logic for wiped_out condition. * Code review changes. - Conditionally show fields that are populated - JSON pretty formatting * Fix unit test bug. - Use `get` instead of `filter` to look up verdict by pkey. * simplify unit tests for verdicts view
pypi · Jan 10, 2020 · 84eac93 · 84eac93
1 parent aca136d
commit 84eac93
Show file tree

Hide file tree

Showing 12 changed files with 350 additions and 4 deletions.
diff --git a/tests/common/db/malware.py b/tests/common/db/malware.py
@@ -51,6 +51,12 @@ class Meta:
 
     check = factory.SubFactory(MalwareCheckFactory)
     release_file = factory.SubFactory(FileFactory)
+    release = None
+    project = None
+    manually_reviewed = True
+    administrator_verdict = factory.fuzzy.FuzzyChoice(list(VerdictClassification))
     classification = factory.fuzzy.FuzzyChoice(list(VerdictClassification))
     confidence = factory.fuzzy.FuzzyChoice(list(VerdictConfidence))
     message = factory.fuzzy.FuzzyText(length=80)
+    full_report_link = None
+    details = None
diff --git a/tests/common/db/packaging.py b/tests/common/db/packaging.py
@@ -83,6 +83,7 @@ class Meta:
 
     release = factory.SubFactory(ReleaseFactory)
     python_version = "source"
+    filename = factory.fuzzy.FuzzyText(length=12)
     md5_digest = factory.LazyAttribute(
         lambda o: hashlib.md5(o.filename.encode("utf8")).hexdigest()
     )

diff --git a/tests/unit/admin/test_routes.py b/tests/unit/admin/test_routes.py
@@ -132,4 +132,8 @@ def test_includeme():
             "/admin/checks/{check_name}/change_state",
             domain=warehouse,
         ),
+        pretend.call("admin.verdicts.list", "/admin/verdicts/", domain=warehouse),
+        pretend.call(
+            "admin.verdicts.detail", "/admin/verdicts/{verdict_id}", domain=warehouse
+        ),
     ]
diff --git a/tests/unit/admin/views/test_verdicts.py b/tests/unit/admin/views/test_verdicts.py
@@ -0,0 +1,63 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import uuid
+
+from random import randint
+
+import pretend
+import pytest
+
+from pyramid.httpexceptions import HTTPBadRequest, HTTPNotFound
+
+from warehouse.admin.views import verdicts as views
+
+from ....common.db.malware import MalwareVerdictFactory
+
+
+class TestListVerdicts:
+    def test_none(self, db_request):
+        assert views.get_verdicts(db_request) == {"verdicts": []}
+
+    def test_some(self, db_request):
+        verdicts = [MalwareVerdictFactory.create() for _ in range(10)]
+
+        assert views.get_verdicts(db_request) == {"verdicts": verdicts}
+
+    def test_some_with_multipage(self, db_request):
+        verdicts = [MalwareVerdictFactory.create() for _ in range(60)]
+
+        db_request.GET["page"] = "2"
+
+        assert views.get_verdicts(db_request) == {"verdicts": verdicts[25:50]}
+
+    def test_with_invalid_page(self):
+        request = pretend.stub(params={"page": "not an integer"})
+
+        with pytest.raises(HTTPBadRequest):
+            views.get_verdicts(request)
+
+
+class TestGetVerdict:
+    def test_found(self, db_request):
+        verdicts = [MalwareVerdictFactory.create() for _ in range(10)]
+        index = randint(0, 9)
+        lookup_id = verdicts[index].id
+        db_request.matchdict["verdict_id"] = lookup_id
+
+        assert views.get_verdict(db_request) == {"verdict": verdicts[index]}
+
+    def test_not_found(self, db_request):
+        db_request.matchdict["verdict_id"] = uuid.uuid4()
+
+        with pytest.raises(HTTPNotFound):
+            views.get_verdict(db_request)
diff --git a/tests/unit/malware/test_tasks.py b/tests/unit/malware/test_tasks.py
@@ -266,13 +266,14 @@ def test_no_verdicts(self, db_session):
             log=pretend.stub(info=pretend.call_recorder(lambda *args, **kwargs: None),),
         )
         task = pretend.stub()
-        remove_verdicts(task, request, check.name)
+        removed = remove_verdicts(task, request, check.name)
 
         assert request.log.info.calls == [
             pretend.call(
                 "Removing 0 malware verdicts associated with %s version 1." % check.name
             ),
         ]
+        assert removed == 0
 
     @pytest.mark.parametrize(("check_with_verdicts"), [True, False])
     def test_many_verdicts(self, db_session, check_with_verdicts):
@@ -286,6 +287,8 @@ def test_many_verdicts(self, db_session, check_with_verdicts):
         for i in range(num_verdicts):
             MalwareVerdictFactory.create(check=check1, release_file=file0)
 
+        assert db_session.query(MalwareVerdict).count() == num_verdicts
+
         request = pretend.stub(
             db=db_session,
             log=pretend.stub(info=pretend.call_recorder(lambda *args, **kwargs: None),),
@@ -299,11 +302,13 @@ def test_many_verdicts(self, db_session, check_with_verdicts):
             wiped_out_check = check0
             num_verdicts = 0
 
-        remove_verdicts(task, request, wiped_out_check.name)
+        removed = remove_verdicts(task, request, wiped_out_check.name)
 
         assert request.log.info.calls == [
             pretend.call(
                 "Removing %d malware verdicts associated with %s version 1."
                 % (num_verdicts, wiped_out_check.name)
             ),
         ]
+
+        assert removed == num_verdicts
diff --git a/warehouse/admin/routes.py b/warehouse/admin/routes.py
@@ -139,3 +139,7 @@ def includeme(config):
         "/admin/checks/{check_name}/change_state",
         domain=warehouse,
     )
+    config.add_route("admin.verdicts.list", "/admin/verdicts/", domain=warehouse)
+    config.add_route(
+        "admin.verdicts.detail", "/admin/verdicts/{verdict_id}", domain=warehouse
+    )
diff --git a/warehouse/admin/templates/admin/base.html b/warehouse/admin/templates/admin/base.html
@@ -130,6 +130,11 @@
             <i class="fa fa-check"></i> <span>Checks</span>
           </a>
         </li>
+        <li>
+          <a href="{{ request.route_path('admin.verdicts.list') }}">
+            <i class="fa fa-gavel"></i> <span>Verdicts</span>
+          </a>
+        </li>
       </ul>
     </section>
   </aside>

diff --git a/warehouse/admin/templates/admin/malware/verdicts/detail.html b/warehouse/admin/templates/admin/malware/verdicts/detail.html
@@ -0,0 +1,80 @@
+{#
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+-#}
+{% extends "admin/base.html" %}
+
+{% block title %}Verdict {{ verdict.id }}{% endblock %}
+
+{% block breadcrumb %}
+  <li><a href="{{ request.route_path('admin.verdicts.list') }}">Verdicts</a></li>
+  <li class="active">{{ verdict.id }}</li>
+{% endblock %}
+
+{% block content %}
+  <div class="box box-primary">
+    <div class="box-body box-profile">
+      <table class="table table-hover">
+        <tr>
+          <th scope="row">Message</th>
+          <td>{{ verdict.message }}</td>
+        </tr>
+        <tr>
+          <th scope="row">Run Date</th>
+          <td>{{ verdict.run_date }}</td>
+        </tr>
+        <tr>
+          <th scope="row">Check</th>
+          <td>
+            <a href="{{ request.route_path('admin.checks.detail', check_name=verdict.check.name) }}">
+              {{ verdict.check.name }} v{{ verdict.check.version }}
+            </a>
+          </td>
+        </tr>
+        <tr>
+          <th scope="row">Object</th>
+          <td>{% include 'object_link.html' %}</td>
+        </tr>
+        <tr>
+          <th scope="row">Verdict Classification</th>
+          <td>{{ verdict.classification.value }}</td>
+        </tr>
+        <tr>
+          <th scope="row">Verdict Confidence</th>
+          <td>{{ verdict.confidence.value }}</td>
+        </tr>
+        <tr>
+          <th scope="row">Manually Reviewed</th>
+          <td>{{ verdict.manually_reviewed }}</td>
+        </tr>
+        {% if verdict.manually_reviewed %}
+        <tr>
+          <th scope="row">Administrator Verdict</th>
+          <td>{{ verdict.administrator_verdict }}</td>
+        </tr>
+        {% endif %}
+        {% if verdict.full_report_link %}
+        <tr>
+          <th scope="row">Full Report Link</th>
+          <td>{{ verdict.full_report_link }}</td>
+        </tr>
+        {% endif %}
+        {% if verdict.details %}
+        <tr>
+          <th scope="row">Details</th>
+          <td><pre>{{ verdict.details|tojson(indent=4) }}</pre></td>
+        </tr>
+        {% endif %}
+      </table>
+    </div>
+  </div>
+{% endblock %}
diff --git a/warehouse/admin/templates/admin/malware/verdicts/index.html b/warehouse/admin/templates/admin/malware/verdicts/index.html
@@ -0,0 +1,93 @@
+{#
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+-#}
+{% extends "admin/base.html" %}
+
+{% import "admin/utils/pagination.html" as pagination %}
+
+{% block title %}Malware Verdicts{% endblock %}
+
+{% block breadcrumb %}
+  <li class="active">Verdicts</li>
+{% endblock %}
+
+{% block content %}
+<div class="box box-primary">
+  <div class="box-body table-responsive no-padding">
+    <table class="table table-hover">
+      <tr>
+        <th>Object</th>
+        <th>Check</th>
+        <th>Classification</th>
+        <th>Confidence</th>
+        <th>Detail</th>
+      </tr>
+      {% for verdict in verdicts %}
+      <tr>
+        <td>{% include 'object_link.html' %}</td>
+        <td>
+          <a href="{{ request.route_path('admin.checks.detail', check_name=verdict.check.name) }}">
+            {{ verdict.check.name }} v{{ verdict.check.version }}
+          </a>
+        </td>
+        <td>
+          <span title="{{ verdict.classification.value }}">
+            <i class="fa fa-exclamation"></i>
+            {% if verdict.classification.value == 'indeterminate' %}
+            <i class="fa fa-exclamation"></i>
+            {% elif verdict.classification.value == 'threat' %}
+            <i class="fa fa-exclamation"></i>
+            <i class="fa fa-exclamation"></i>
+            {% endif %}
+          </span>
+        </td>
+        <td>
+          <span title="{{ verdict.confidence.value }}">
+            <i class="fa fa-star"></i>
+            {% if verdict.confidence.value == 'medium' %}
+            <i class="fa fa-star"></i>
+            {% elif verdict.confidence.value == 'high' %}
+            <i class="fa fa-star"></i>
+            <i class="fa fa-star"></i>
+            {% endif %}
+          </span>
+        </td>
+        <td>
+          <a href="{{ request.route_path('admin.verdicts.detail', verdict_id=verdict.id) }}">
+            Detail
+          </a>
+        </td>
+      </tr>
+      {% else %}
+      <tr>
+        <td colspan="5">
+          <center>
+            <i>No verdicts!</i>
+          </center>
+        </td>
+      </tr>
+      {% endfor %}
+    </table>
+    <div class="box-footer">
+      <div class="col-sm-5">
+        {{ pagination.summary(verdicts) }}
+      </div>
+      <div class="col-sm-7">
+        <div class="pull-right">
+          {{ pagination.paginate(verdicts) }}
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
+{% endblock content %}
diff --git a/warehouse/admin/templates/admin/malware/verdicts/object_link.html b/warehouse/admin/templates/admin/malware/verdicts/object_link.html
@@ -0,0 +1,21 @@
+{#
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+-#}
+
+{% if verdict.project %}
+  <a href="{{ request.route_path('admin.project.detail', project_name=verdict.project.normalized_name) }}"><i class="fa fa-cube"></i> {{ verdict.project.name }} </a>
+{% elif verdict.release %}
+  <a href="{{ request.route_path('admin.project.release', project_name=verdict.release.project.normalized_name, version=verdict.release.version) }}"><i class="far fa-folder"></i> {{ verdict.release.project.name }}-{{ verdict.release.version }} </a>
+{% else %}
+  <a href="{{ request.route_path('admin.project.release', project_name=verdict.release_file.release.project.normalized_name, version=verdict.release_file.release.version) }}"><i class="far fa-file"></i> {{ verdict.release_file.filename}} </a>
+{% endif %}