django-DefectDojo/tests/endpoint_extended_test.py at master · Kasyap7/django-DefectDojo · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
import os
import sys
import time
import unittest

from base_test_class import BaseTestCase, on_exception_html_source_logger, set_suite_settings
from product_test import ProductTest
from selenium.webdriver.common.by import By


class EndpointExtendedTest(BaseTestCase):

    @on_exception_html_source_logger
    def test_vulnerable_endpoints_page(self):
        driver = self.driver
        driver.get(self.base_url + "endpoint/vulnerable")
        self.assertTrue(self.is_text_present_on_page(text="Endpoint"))

    @on_exception_html_source_logger
    def test_vulnerable_endpoint_hosts_page(self):
        driver = self.driver
        driver.get(self.base_url + "endpoint/host/vulnerable")
        self.assertTrue(self.is_text_present_on_page(text="Vulnerable Hosts"))

    @on_exception_html_source_logger
    def test_endpoint_host_list(self):
        driver = self.driver
        driver.get(self.base_url + "endpoint/host")
        self.assertTrue(self.is_text_present_on_page(text="All Hosts"))

    def _active_findings_sort_field(self):
        v3 = os.environ.get("DD_V3_FEATURE_LOCATIONS", "false").lower() == "true"
        return "active_findings" if v3 else "active_finding_count"

    @on_exception_html_source_logger
    def test_endpoint_list_sort_by_active_findings_asc(self):
        driver = self.driver
        field = self._active_findings_sort_field()
        driver.get(self.base_url + f"endpoint?o={field}")
        self.assertTrue(self.is_text_present_on_page(text="Endpoint"))

    @on_exception_html_source_logger
    def test_endpoint_list_sort_by_active_findings_desc(self):
        driver = self.driver
        field = self._active_findings_sort_field()
        driver.get(self.base_url + f"endpoint?o=-{field}")
        self.assertTrue(self.is_text_present_on_page(text="Endpoint"))

    @on_exception_html_source_logger
    def test_endpoint_host_list_sort_by_active_findings_asc(self):
        driver = self.driver
        field = self._active_findings_sort_field()
        driver.get(self.base_url + f"endpoint/host?o={field}")
        self.assertTrue(self.is_text_present_on_page(text="Hosts"))

    @on_exception_html_source_logger
    def test_endpoint_host_list_sort_by_active_findings_desc(self):
        driver = self.driver
        field = self._active_findings_sort_field()
        driver.get(self.base_url + f"endpoint/host?o=-{field}")
        self.assertTrue(self.is_text_present_on_page(text="Hosts"))

    @on_exception_html_source_logger
    def test_add_endpoint_meta_data(self):
        driver = self.driver
        # Navigate to the product and its endpoints
        self.goto_product_overview(driver)
        driver.find_element(By.LINK_TEXT, "QA Test").click()
        driver.find_element(By.PARTIAL_LINK_TEXT, "Endpoints").click()
        driver.find_element(By.LINK_TEXT, "View Endpoints").click()
        # Click on the first endpoint
        driver.find_element(By.CSS_SELECTOR, "table tbody tr td a").click()
        driver.find_element(By.ID, "dropdownMenu1").click()
        driver.find_element(By.LINK_TEXT, "Add Metadata").click()
        time.sleep(1)
        # Metadata uses Django formsets — field IDs are prefixed with form-0-
        driver.find_element(By.ID, "id_form-0-name").clear()
        driver.find_element(By.ID, "id_form-0-name").send_keys("Environment")
        driver.find_element(By.ID, "id_form-0-value").clear()
        driver.find_element(By.ID, "id_form-0-value").send_keys("Production")
        # Submit button is a <button class="btn btn-success">
        driver.find_element(By.CSS_SELECTOR, "button.btn.btn-success").click()

        self.assertTrue(
            self.is_success_message_present(text="Metadata updated successfully")
            or self.is_text_present_on_page(text="Endpoint"),
        )

    @on_exception_html_source_logger
    def test_edit_endpoint_meta_data(self):
        driver = self.driver
        self.goto_product_overview(driver)
        driver.find_element(By.LINK_TEXT, "QA Test").click()
        driver.find_element(By.PARTIAL_LINK_TEXT, "Endpoints").click()
        driver.find_element(By.LINK_TEXT, "View Endpoints").click()
        # Click on the first endpoint
        driver.find_element(By.CSS_SELECTOR, "table tbody tr td a").click()
        # Click the edit metadata icon button (title="Edit Information")
        edit_links = driver.find_elements(By.CSS_SELECTOR, "a[title='Edit Information']")
        if len(edit_links) > 0:
            edit_links[0].click()
            time.sleep(1)
            # Edit the value field
            value_fields = driver.find_elements(By.CSS_SELECTOR, "input[name$='-value']")
            if len(value_fields) > 0:
                value_fields[0].clear()
                value_fields[0].send_keys("Staging")
            driver.find_element(By.CSS_SELECTOR, "button.btn.btn-success").click()
            self.assertTrue(
                self.is_success_message_present(text="Metadata updated successfully")
                or self.is_text_present_on_page(text="Endpoint"),
            )
        else:
            # No edit link — just verify page loads
            self.assertTrue(self.is_text_present_on_page(text="Endpoint"))


def suite():
    suite = unittest.TestSuite()
    suite.addTest(BaseTestCase("test_login"))
    set_suite_settings(suite, jira=False, github=False, block_execution=False)
    suite.addTest(ProductTest("test_create_product"))
    suite.addTest(ProductTest("test_add_product_endpoints"))
    suite.addTest(ProductTest("test_add_product_finding"))
    suite.addTest(EndpointExtendedTest("test_vulnerable_endpoints_page"))
    suite.addTest(EndpointExtendedTest("test_vulnerable_endpoint_hosts_page"))
    suite.addTest(EndpointExtendedTest("test_endpoint_host_list"))
    suite.addTest(EndpointExtendedTest("test_endpoint_list_sort_by_active_findings_asc"))
    suite.addTest(EndpointExtendedTest("test_endpoint_list_sort_by_active_findings_desc"))
    suite.addTest(EndpointExtendedTest("test_endpoint_host_list_sort_by_active_findings_asc"))
    suite.addTest(EndpointExtendedTest("test_endpoint_host_list_sort_by_active_findings_desc"))
    suite.addTest(EndpointExtendedTest("test_add_endpoint_meta_data"))
    suite.addTest(EndpointExtendedTest("test_edit_endpoint_meta_data"))
    suite.addTest(ProductTest("test_delete_product"))
    return suite


if __name__ == "__main__":
    runner = unittest.TextTestRunner(descriptions=True, failfast=True, verbosity=2)
    ret = not runner.run(suite()).wasSuccessful()
    BaseTestCase.tearDownDriver()
    sys.exit(ret)