Merge pull request #5 from Accruent/unit_test_begin

Unit test begin
Accruent · Aug 27, 2020 · 951550f · 951550f
2 parents 1adbac2 + 7002bfb
commit 951550f
Show file tree

Hide file tree

Showing 12 changed files with 1,421 additions and 7 deletions.
diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml
@@ -0,0 +1,22 @@
+categories:
+  - title: '🚀 Features'
+    labels: 
+      - 'feature'
+      - 'enhancement'
+  - title: '🐛 Bug Fixes'
+    labels:
+      - 'fix'
+      - 'bugfix'
+      - 'bug'
+  - title: '🧰 Maintenance'
+    labels: 
+      - 'dependencies'
+      - 'maintenance'
+      - 'docs'
+      - 'tech debt'
+      - 'security fix'
+      - 'security vulnerability'
+template: |
+  ## What’s Changed
+  $CHANGES
+  
diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml
@@ -0,0 +1,16 @@
+name: Release Drafter
+
+on:
+  push:
+    # branches to consider in the event; optional, defaults to all
+    branches:
+      - master
+
+jobs:
+  update_release_draft:
+    runs-on: ubuntu-latest
+    steps:
+      # Drafts your next Release notes as Pull Requests are merged into "master"
+      - uses: release-drafter/release-drafter@v5.6.1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.travis.yml b/.travis.yml
@@ -0,0 +1,31 @@
+language: python
+python:
+- '3.6'
+- '3.7'
+- '3.8'
+branches:
+  except:
+  - "/^(documentation).*$/i"
+sudo: required
+dist: xenial
+services:
+  - xvfb
+cache: pip
+install:
+- pip install .
+- pip install coveralls
+- pip install pytest-cov
+script:
+- pytest --cov owasp_zap_historic_parser -v
+after_success:
+- coveralls
+deploy:
+  provider: pypi
+  user: __token__
+  password:
+    secure: PEIHchmcMH8O4xVaImS6OYinyWuyp46FArKrJGbId/sitmKL2CNy5C1qv5H6MobP6FRYQ8oRozV9w3aeVvVQgqfftu6OMdZ+vPwdNnU5xaAePWvVTuensAsMJUYXcWpLkmOax1zfM9EMfzLntg0z6NdnGq/T/iJGfEU1hW7/Gfj7/hm8q3KGAYchvl/7OamSvjh+BUC1/oxEMfAsXz0jo0/LodGUnyOKK0SJ49ILPF1Xpr6xVV+ESu/nCJCVVcwyBwEmD+vpi+vuDyf6OujM0M+o/+sUjo2mgaIeFRAALcCtWIoceMnIRdqq4sKjQ7IvA+wXGDdibS+Q0k9tH4HSvx9XSu+1sdVbx+mhFzO6oTAVpHaXtSPhF/c/6sUZ1rvcMQ2Iv9jKfd8LjDAXMX+a9e7DP3tDsUoEhac5ppVHis62NVtjsucMmfSxenuLlNJxWRrGShIcjSAWcP/S57JrepzxtpbFEBBUVBuysjkOALw75/V2WFh9grthRu8kbLZYDrjJHwc41qv+Rgz09V7cIq9kaBE5hZAFavPsVd+VdNlcu6LQydE4+5konLSgKMNiMqtZXIy2050oOCvXaNzyWPiTmLmyvI+cJd9kXx2lJ+XVICoEq3/nQcsP4mYFC6J51shpM4DHZKfA9lsIjum1NYBfcQ9G2O7Nt9//ir4yGRg=
+  on:
+    branch: master
+    tags: true
+  skip_existing: true
+  distributions: "sdist bdist_wheel"
diff --git a/owasp_zap_historic_parser/owasp_zap_historical.py b/owasp_zap_historic_parser/owasp_zap_historical.py
@@ -162,7 +162,7 @@ def process_zap_results(con, ocon, this_env, scantype, zapresults, projectname,
             .astimezone(CENTRAL).strftime('%b %d %Y %I:%M %p %Z')
         title += "<tr><td style='border: 1px;'><strong>Comparison Report Version:</strong></td>" +\
                  "<td style='border: 1px;'>" + str(last_version[0]) + "</td></tr><tr>" + \
-                 "<td style='border: 1px;'><strong>This Report Date:</strong></td>" + \
+                 "<td style='border: 1px;'><strong>Comparison Report Date:</strong></td>" + \
                  "<td style='border: 1px;'>" + compare_date + "</td></tr><tr>" + \
                  "<td style='border: 1px;'><strong>Comparison Report Link:</strong></td>" + \
                  "<td style='border: 1px;'><a href='" + compare_row[2].replace(' ', '%20') + "'>" +\

diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,5 @@
 setuptools~=47.3.1
 lxml~=4.5.0
-pytz~=2020.1
+pytz~=2020.1
+pytest-cov
+mysql-connector
diff --git a/setup.py b/setup.py
@@ -1,15 +1,18 @@
 """This module is the setup for OWASP ZAP Historic Parser"""
 from setuptools import find_packages, setup
-
+import version
 
 with open("README.md", "r") as fh:
     LONG_DESCRIPTION = fh.read()
     print(LONG_DESCRIPTION)
 
+with open('requirements.txt') as f:
+    REQUIREMENTS = f.read().splitlines()
+
 
 setup(
     name='owasp-zap-historic-parser',
-    version="0.1.5",
+    version=version.VERSION,
     description='Parser to push OWASP ZAP report data to MySQL and generate delta report',
     long_description=LONG_DESCRIPTION,
     long_description_content_type='text/markdown',
@@ -27,9 +30,7 @@
     include_package_data=True,
     zip_safe=False,
 
-    install_requires=[
-        'mysql-connector',
-    ],
+    install_requires=REQUIREMENTS,
     entry_points={
         'console_scripts': [
             'owaspzaphistoricparser=owasp_zap_historic_parser.runner:main',

diff --git a/test/.coveragerc b/test/.coveragerc
@@ -0,0 +1,9 @@
+[run]
+
+[paths]
+source = owasp_zap_historic_parser/
+
+[report]
+exclude_lines =
+    if __name__ == .__main__.:
+    model.password =
diff --git a/test/__init__.py b/test/__init__.py
diff --git a/test/function_test.py b/test/function_test.py
@@ -0,0 +1,62 @@
+"""Unit tests for functions used in OWASP ZAP Historic Parser"""
+import unittest
+import os
+
+from owasp_zap_historic_parser.owasp_zap_historical import convert_alert_to_dictionary
+from owasp_zap_historic_parser.owasp_zap_historical import html_parser
+
+ROOT_PATH = os.path.abspath(os.path.dirname(__file__))
+
+
+class TestFunctions(unittest.TestCase):
+    """Unit Tests for functions"""
+
+    def test_convert_alert_to_dictionary_one_tuple(self):
+        """This test verifies that convert_alert_to_dictionary converts a single
+        into a formatted dictionary. """
+        test_tuple = [("Test Level", "Test Alert", 3)]
+        expected_tuple = "{'Test Level | Test Alert': {'Alert Level': 'Test Level', " \
+                         "'Alert Type': 'Test Alert', 'URLs Affected': 3}}"
+        result_tuple = convert_alert_to_dictionary(test_tuple)
+        self.assertEqual(str(result_tuple), expected_tuple)
+
+    def test_convert_alert_to_dictionary_multi_tuple(self):
+        """This test verifies that convert_alert_to_dictionary converts a list of alerts
+        into a formatted dictionary. """
+        test_tuple = [("Test Level", "Test Alert A", 3), ("Test Level 2", "Test Alert B", 6)]
+        expected_tuple = "{'Test Level | Test Alert A': {'Alert Level': 'Test Level', " \
+                         "'Alert Type': 'Test Alert A', 'URLs Affected': 3}, 'Test Level 2 " \
+                         "| Test Alert B': {'Alert Level': 'Test Level 2', 'Alert Type': " \
+                         "'Test Alert B', 'URLs Affected': 6}}"
+        result_tuple = convert_alert_to_dictionary(test_tuple)
+        self.assertEqual(str(result_tuple), expected_tuple)
+
+    def test_convert_utc_to_cst_no_date_empty(self):
+        """This test verifies that convert_alert_to_dictionary returns an empty dictionary
+        if it is passed an empty list."""
+        test_tuple = []
+        expected_tuple = "{}"
+        result_tuple = convert_alert_to_dictionary(test_tuple)
+        self.assertEqual(str(result_tuple), expected_tuple)
+
+    def test_html_parser(self):
+        """This test verifies that the html parser correctly parses a zap file."""
+        file_path = ROOT_PATH + "/" + "test_files/testReport.html"
+        result = html_parser(file_path)
+        expected_result = "[['Medium', 'X-Frame-Options Header Not Set', 1], ['Low', 'Cookie " \
+                          "Without SameSite Attribute', 10], ['Low', 'X-Content-Type-Options " \
+                          "Header Missing', 8], ['Low', 'Server Leaks Information via " \
+                          "\"X-Powered-By\" HTTP Response Header Field(s)', 8], ['Low', 'Web " \
+                          "Browser XSS Protection Not Enabled', 1], ['Low', 'Cookie No HttpOnly " \
+                          "Flag', 3], ['Low', 'Incomplete or No Cache-control and Pragma HTTP " \
+                          "Header Set', 4], ['Low', 'Absence of Anti-CSRF Tokens', 2], " \
+                          "['Informational', 'Information Disclosure - Suspicious Comments', 4], " \
+                          "['Informational', 'Timestamp Disclosure - Unix', 4]]"
+        self.assertEqual(str(result), expected_result)
+
+    def test_html_parser_empty(self):
+        """This test verifies that the html parser correctly parses an empty file."""
+        file_path = ROOT_PATH + "/" + "test_files/empty.html"
+        result = html_parser(file_path)
+        expected_result = "[]"
+        self.assertEqual(str(result), expected_result)
diff --git a/test/test_files/empty.html b/test/test_files/empty.html
@@ -0,0 +1,5 @@
+
+<!-- saved from url=(0113)http://irongiant.accruentsystems.com/view/Security/job/VFA%20Legion%20ZAP/206/ZAP_20scanning_20report/report.html -->
+<html><script src="chrome-extension://ljdobmomdgdljniojadhoplhkpialdid/page/prompt.js"></script><script src="chrome-extension://ljdobmomdgdljniojadhoplhkpialdid/page/runScript.js"></script><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+
+<title>ZAP Scanning Report</title>