feat: add more tests for productvulnerabilities

csaf-poc · Aug 29, 2023 · 631e76d · 631e76d
1 parent 372ec9d
commit 631e76d
Show file tree

Hide file tree

Showing 4 changed files with 82 additions and 20 deletions.
diff --git a/src/lib/ProductVulnerabilities.svelte b/src/lib/ProductVulnerabilities.svelte
@@ -10,6 +10,7 @@
 
 <script lang="ts">
   import { appStore } from "$lib/store";
+  import { ProductStatusSymbol } from "./productvulnerabilities/productvulnerabilitiestypes";
   let headerColumns: any = [];
   let productLines: string[][];
   $: if ($appStore.doc) {
@@ -40,16 +41,21 @@
                 {:else if column === "N.A"}
                   <td>{column}</td>
                 {:else}
-                  <td
-                    ><i
-                      class:bx={true}
-                      class:bx-x={column === "K"}
-                      class:bx-check={column === "F"}
-                      class:bx-error={column === "U"}
-                      class:bx-minus={column === "N"}
-                      class:bx-heart={column === "R"}
-                    /></td
-                  >
+                  <td>
+                    {#if column === ProductStatusSymbol.NOT_AFFECTED + ProductStatusSymbol.RECOMMENDED}
+                      <i class="bx bx-heart" />
+                      <i class="bx b-minus" />
+                    {:else}
+                      <i
+                        class:bx={true}
+                        class:bx-x={column === ProductStatusSymbol.KNOWN_AFFECTED}
+                        class:bx-check={column === ProductStatusSymbol.FIXED}
+                        class:bx-error={column === ProductStatusSymbol.UNDER_INVESTIGATION}
+                        class:bx-minus={column === ProductStatusSymbol.NOT_AFFECTED}
+                        class:bx-heart={column === ProductStatusSymbol.RECOMMENDED}
+                      />
+                    {/if}
+                  </td>
                 {/if}
               {/each}
             </tr>

diff --git a/src/lib/productvulnerabilities/productvulnerabilities.test.ts b/src/lib/productvulnerabilities/productvulnerabilities.test.ts
@@ -12,6 +12,7 @@ import {
   extractVulnerabilities,
   generateProductVulnerabilities
 } from "./productvulnerabilities";
+import { ProductStatusSymbol } from "./productvulnerabilitiestypes";
 
 const emptyObject = {};
 
@@ -301,11 +302,66 @@ describe("Productvulnerabilities test", () => {
 describe("Productvulnerabilities test", () => {
   it("Crosstable: generate headers", () => {
     const result = generateProductVulnerabilities(jsonDocument);
-    console.log(result);
     const header = result[0];
+    const expectedHeader = [
+      "Product",
+      "Total result",
+      "CVE-2016-0173",
+      "CVE-2018-0172",
+      "CVE-2019-0171",
+      "CVE-2020-0174"
+    ];
     expect(result.length).toBeGreaterThan(0);
-    expect(header[0]).toBe("Product");
-    expect(header[1]).toBe("Total result");
+    expect(header).toStrictEqual(expectedHeader);
     expect(header.length).toBe(jsonDocument.vulnerabilities.length + 2);
   });
 });
+
+describe("Productvulnerabilities test", () => {
+  it("Crosstable: generate body", () => {
+    const result = generateProductVulnerabilities(jsonDocument);
+    const line1 = result[1];
+    const line2 = result[2];
+    const line3 = result[3];
+    const line4 = result[4];
+    const line5 = result[5];
+    const PRODUCT_COLUMN = 0;
+    const CVE_2016_0173_COLUMN = 2;
+    const CVE_2018_0172_COLUMN = 3;
+    const CVE_2019_0171_COLUMN = 4;
+    const CVE_2020_0174_COLUMN = 5;
+    expect(result.length).toBe(6);
+    // Product A
+    expect(line1[PRODUCT_COLUMN]).toBe("Product A");
+    expect(line1[CVE_2016_0173_COLUMN]).toBe("");
+    expect(line1[CVE_2018_0172_COLUMN]).toBe("");
+    expect(line1[CVE_2019_0171_COLUMN]).toBe(ProductStatusSymbol.KNOWN_AFFECTED);
+    expect(line1[CVE_2020_0174_COLUMN]).toBe("");
+    // Product B
+    expect(line2[PRODUCT_COLUMN]).toBe("Product B");
+    expect(line2[CVE_2016_0173_COLUMN]).toBe("");
+    expect(line2[CVE_2018_0172_COLUMN]).toBe("");
+    expect(line2[CVE_2019_0171_COLUMN]).toBe(ProductStatusSymbol.KNOWN_AFFECTED);
+    expect(line2[CVE_2020_0174_COLUMN]).toBe("");
+    // Product C
+    expect(line3[PRODUCT_COLUMN]).toBe("Product C");
+    expect(line3[CVE_2016_0173_COLUMN]).toBe("");
+    expect(line3[CVE_2018_0172_COLUMN]).toBe(ProductStatusSymbol.KNOWN_AFFECTED);
+    expect(line3[CVE_2019_0171_COLUMN]).toBe("");
+    expect(line3[CVE_2020_0174_COLUMN]).toBe("");
+    // Product D
+    expect(line4[PRODUCT_COLUMN]).toBe("Product D");
+    expect(line4[CVE_2016_0173_COLUMN]).toBe("");
+    expect(line4[CVE_2018_0172_COLUMN]).toBe("");
+    expect(line4[CVE_2019_0171_COLUMN]).toBe("");
+    expect(line4[CVE_2020_0174_COLUMN]).toBe(ProductStatusSymbol.FIXED);
+    //Product E
+    expect(line5[PRODUCT_COLUMN]).toBe("Product E");
+    expect(line5[CVE_2016_0173_COLUMN]).toBe(
+      ProductStatusSymbol.NOT_AFFECTED + ProductStatusSymbol.RECOMMENDED
+    );
+    expect(line5[CVE_2018_0172_COLUMN]).toBe("");
+    expect(line5[CVE_2019_0171_COLUMN]).toBe("");
+    expect(line5[CVE_2020_0174_COLUMN]).toBe("");
+  });
+});
diff --git a/src/lib/productvulnerabilities/productvulnerabilities.ts b/src/lib/productvulnerabilities/productvulnerabilities.ts
@@ -6,7 +6,7 @@
 // SPDX-FileCopyrightText: 2023 German Federal Office for Information Security (BSI) <https://www.bsi.bund.de>
 // Software-Engineering: 2023 Intevation GmbH <https://intevation.de>
 
-import { ProductStatusSymbols, type Vulnerability } from "./productvulnerabilitiestypes";
+import { ProductStatusSymbol, type Vulnerability } from "./productvulnerabilitiestypes";
 
 const generateProductVulnerabilities = (jsonDocument: any) => {
   const products = extractProducts(jsonDocument);
@@ -46,19 +46,19 @@ const generateLineWith = (product: any, vulnerabilities: any) => {
   vulnerabilities.forEach((vulnerability: any) => {
     let column = "";
     if (vulnerability.fixed?.[product.product_id]) {
-      column += ProductStatusSymbols.FIXED;
+      column += ProductStatusSymbol.FIXED;
     }
     if (vulnerability.under_investigation?.[product.product_id]) {
-      column += ProductStatusSymbols.UNDER_INVESTIGATION;
+      column += ProductStatusSymbol.UNDER_INVESTIGATION;
     }
     if (vulnerability.known_affected?.[product.product_id]) {
-      column += ProductStatusSymbols.KNOWN_AFFECTED;
+      column += ProductStatusSymbol.KNOWN_AFFECTED;
     }
     if (vulnerability.known_not_affected?.[product.product_id]) {
-      column += ProductStatusSymbols.NOT_AFFECTED;
+      column += ProductStatusSymbol.NOT_AFFECTED;
     }
     if (vulnerability.recommended?.[product.product_id]) {
-      column += ProductStatusSymbols.RECOMMENDED;
+      column += ProductStatusSymbol.RECOMMENDED;
     }
     line.push(column);
   });

diff --git a/src/lib/productvulnerabilities/productvulnerabilitiestypes.ts b/src/lib/productvulnerabilities/productvulnerabilitiestypes.ts
@@ -14,7 +14,7 @@ export const ProductStatus = {
   RECOMMENDED: "RECOMMENDED"
 } as const;
 
-export const ProductStatusSymbols = {
+export const ProductStatusSymbol = {
   FIXED: "F",
   UNDER_INVESTIGATION: "U",
   KNOWN_AFFECTED: "K",