|
| 1 | +import logging |
| 2 | + |
| 3 | +from django.contrib.contenttypes.models import ContentType |
| 4 | + |
| 5 | +from dojo.models import ( |
| 6 | + Development_Environment, |
| 7 | + Dojo_User, |
| 8 | + Endpoint, |
| 9 | + Endpoint_Status, |
| 10 | + Engagement, |
| 11 | + Finding, |
| 12 | + Product, |
| 13 | + Product_Type, |
| 14 | + Test, |
| 15 | + User, |
| 16 | + UserContactInfo, |
| 17 | +) |
| 18 | + |
| 19 | +from .dojo_test_case import DojoAPITestCase, get_unit_tests_scans_path |
| 20 | + |
| 21 | +logging.basicConfig(level=logging.DEBUG) |
| 22 | +logger = logging.getLogger(__name__) |
| 23 | + |
| 24 | + |
| 25 | +STACK_HAWK_FILENAME = get_unit_tests_scans_path("stackhawk") / "stackhawk_many_vul_without_duplicated_findings.json" |
| 26 | +STACK_HAWK_SUBSET_FILENAME = get_unit_tests_scans_path("stackhawk") / "stackhawk_many_vul_without_duplicated_findings_subset.json" |
| 27 | +STACK_HAWK_SCAN_TYPE = "StackHawk HawkScan" |
| 28 | + |
| 29 | + |
| 30 | +class TestDojoImportersDeduplication(DojoAPITestCase): |
| 31 | + |
| 32 | + def setUp(self): |
| 33 | + super().setUp() |
| 34 | + |
| 35 | + testuser = User.objects.create(username="admin") |
| 36 | + testuser.is_superuser = True |
| 37 | + testuser.is_staff = True |
| 38 | + testuser.save() |
| 39 | + UserContactInfo.objects.create(user=testuser, block_execution=False) |
| 40 | + |
| 41 | + # Authenticate API client as admin for import endpoints |
| 42 | + self.login_as_admin() |
| 43 | + |
| 44 | + self.system_settings(enable_webhooks_notifications=False) |
| 45 | + self.system_settings(enable_product_grade=False) |
| 46 | + self.system_settings(enable_github=False) |
| 47 | + |
| 48 | + # Warm up ContentType cache for relevant models. This is needed if we want to be able to run the test in isolation |
| 49 | + # As part of the test suite the ContentTYpe ids will already be cached and won't affect the query count. |
| 50 | + # But if we run the test in isolation, the ContentType ids will not be cached and will result in more queries. |
| 51 | + # By warming up the cache here, these queries are executed before we start counting queries |
| 52 | + for model in [Development_Environment, Dojo_User, Endpoint, Endpoint_Status, Engagement, Finding, Product, Product_Type, User, Test]: |
| 53 | + ContentType.objects.get_for_model(model) |
| 54 | + |
| 55 | + def test_one_import_no_duplicate_findings(self): |
| 56 | + response_json = self.import_scan_with_params( |
| 57 | + STACK_HAWK_FILENAME, |
| 58 | + scan_type=STACK_HAWK_SCAN_TYPE, |
| 59 | + minimum_severity="Info", |
| 60 | + active=True, |
| 61 | + verified=True, |
| 62 | + engagement=None, |
| 63 | + product_type_name="PT StackHawk", |
| 64 | + product_name="P StackHawk", |
| 65 | + engagement_name="E StackHawk", |
| 66 | + auto_create_context=True, |
| 67 | + ) |
| 68 | + |
| 69 | + test_id = response_json["test"] |
| 70 | + dup_count = Finding.objects.filter(test_id=test_id, duplicate=True).count() |
| 71 | + self.assertEqual(0, dup_count) |
0 commit comments