metasploit_data_models 0.12.1-java → 0.14.1-java

data/app/models/mdm/web_vuln.rb

@@ -121,6 +121,7 @@ class Mdm::WebVuln < ActiveRecord::Base
                 :in => METHODS
             }
   validates :name, :presence => true
+  validates :params, :parameters => true
   validates :path, :presence => true
   validates :pname, :presence => true
   validates :proof, :presence => true
@@ -137,7 +138,7 @@ class Mdm::WebVuln < ActiveRecord::Base
   # @!attribute [rw] params
   #   Parameters sent as part of request
   #
-  #   @return [Array<Array<(String, String)>>] Array of parameter key value pairs
+  #   @return [Array<Array(String, String)>] Array of parameter key value pairs
   serialize :params, MetasploitDataModels::Base64Serializer.new(:default => DEFAULT_PARAMS)
 
   #

data/app/validators/parameters_validator.rb

@@ -0,0 +1,117 @@
+# Validates that attribute's value is Array<Array(String, String)> which is the only valid type signature for serialized
+# parameters.
+class ParametersValidator < ActiveModel::EachValidator
+  # Sentence explaining the valid type signature for parameters.
+  TYPE_SIGNATURE_SENTENCE = 'Valid parameters are an Array<Array(String, String)>.'
+
+  def validate_each(record, attribute, value)
+    if value.is_a? Array
+      value.each_with_index do |element, index|
+        if element.is_a? Array
+          if element.length != 2
+            extreme = :few
+
+            if element.length > 2
+              extreme = :many
+            end
+
+            length_error = length_error_at(
+                :extreme => extreme,
+                :element => element,
+                :index => index
+            )
+
+            record.errors[attribute] << length_error
+          else
+            parameter_name = element.first
+
+            if parameter_name.is_a? String
+              unless parameter_name.present?
+                error = error_at(
+                    :element => element,
+                    :index => index,
+                    :prefix => "has blank parameter name"
+                )
+                record.errors[attribute] << error
+              end
+            else
+              error = error_at(
+                  :element => element,
+                  :index => index,
+                  :prefix => "has non-String parameter name (#{parameter_name.inspect})"
+              )
+              record.errors[attribute] << error
+            end
+
+            parameter_value = element.second
+
+            unless parameter_value.is_a? String
+              error = error_at(
+                  :element => element,
+                  :index => index,
+                  :prefix => "has non-String parameter value (#{parameter_value.inspect})"
+              )
+              record.errors[attribute] << error
+            end
+          end
+        else
+          error = error_at(
+              :element => element,
+              :index => index,
+              :prefix => 'has non-Array'
+          )
+          record.errors[attribute] << error
+        end
+      end
+    else
+      record.errors[attribute] << "is not an Array.  #{TYPE_SIGNATURE_SENTENCE}"
+    end
+  end
+
+  private
+
+  def error_at(options={})
+    options.assert_valid_keys(:element, :index, :prefix)
+    prefix = options.fetch(:prefix)
+
+    clause = location_clause(
+        :element => options[:element],
+        :index => options[:index]
+    )
+    sentence = "#{prefix} #{clause}."
+
+    sentences = [
+        sentence,
+        TYPE_SIGNATURE_SENTENCE
+    ]
+
+    error = sentences.join("  ")
+
+    error
+  end
+
+  def length_error_at(options={})
+    options.assert_valid_keys(:element, :extreme, :index)
+    extreme = options.fetch(:extreme)
+
+    prefix = "has too #{extreme} elements"
+    error = error_at(
+        :element => options[:element],
+        :index => options[:index],
+        :prefix => prefix
+    )
+
+    error
+  end
+
+  def location_clause(options={})
+    options.assert_valid_keys(:element, :index)
+
+    element = options.fetch(:element)
+    index = options.fetch(:index)
+
+    clause = "at index #{index} (#{element.inspect})"
+
+    clause
+  end
+end

data/db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb

@@ -0,0 +1,48 @@
+# Changes web_vulns.confidence from text to integer as it is populated with integers.
+class ChangeWebVulnsConfidenceToInteger < ActiveRecord::Migration
+  #
+  # CONSTANTS
+  #
+
+  # Columns in {TABLE} whose type needs to be change.
+  COLUMN = :confidence
+  # The correct type for {COLUMN}.
+  NEW_TYPE = :integer
+  # The incorrect type for {COLUMN}.
+  OLD_TYPE = :text
+  # The table in which {COLUMN} is defined.
+  TABLE = :web_vulns
+
+  #
+  # Methods
+  #
+
+  # Changes web_vulns.confidence back to text
+  #
+  # @return [void]
+  def down
+    alter_type(:to => OLD_TYPE)
+  end
+
+  # Changes web_vulns.confidence to integer
+  #
+  # @return [void]
+  def up
+    alter_type(:to => NEW_TYPE)
+  end
+
+  private
+
+  # Alters {COLUMN} type in {TABLE} from old to new type
+  #
+  # @param options [Hash{Symbol => #to_s}]
+  # @option options [#to_s] :from The old type name.
+  # @option options [#to_s] :to The new type name.
+  def alter_type(options={})
+    options.assert_valid_keys(:to)
+
+    new = options.fetch(:to)
+
+    execute "ALTER TABLE #{TABLE} ALTER COLUMN #{COLUMN} TYPE #{new} USING confidence::#{new}"
+  end
+end

data/db/migrate/20130515172727_valid_mdm_web_vuln_params.rb

@@ -0,0 +1,30 @@
+class ValidMdmWebVulnParams < ActiveRecord::Migration
+  # Don't put back the bad format because there's not way to figure our which of the [] were '' before {#up} and
+  # which were `[]` before {#up}.
+  #
+  # @return [void]
+  def down
+  end
+
+  # Changes any Mdm::WebVuln#params with value `''` to value `[]`.
+  #
+  # @return [void]
+  def up
+    # Can't search serialized columns, so have to load all the Mdm::WebVulns in memory
+    Mdm::WebVuln.find_each do |web_vuln|
+      if web_vuln.invalid?
+        # cast nil, '' and {} to correct [].
+        if web_vuln.params.blank?
+          web_vuln.params = []
+        end
+
+        # If its still invalid have to destroy the Mdm::WebVuln or a different export error could occur.
+        if web_vuln.invalid?
+          web_vuln.destroy
+        else
+          web_vuln.save!
+        end
+      end
+    end
+  end
+end

data/lib/metasploit_data_models.rb

@@ -16,12 +16,10 @@ require 'active_support/dependencies'
 #
 require 'mdm'
 require 'mdm/module'
+require 'metasploit_data_models/base64_serializer'
+require 'metasploit_data_models/models'
 require 'metasploit_data_models/version'
 require 'metasploit_data_models/serialized_prefs'
-require 'metasploit_data_models/base64_serializer'
-
-require 'metasploit_data_models/validators/ip_format_validator'
-require 'metasploit_data_models/validators/password_is_strong_validator'
 
 # Only include the Rails engine when using Rails.  This allows the non-Rails projects, like metasploit-framework to use
 # the models by calling MetasploitDataModels.require_models.
@@ -30,16 +28,10 @@ if defined? Rails
 end
 
 module MetasploitDataModels
-  def self.models_pathname
-    root.join('app', 'models')
-  end
-
-  def self.require_models
-    models_globs = models_pathname.join('**', '*.rb')
+  extend MetasploitDataModels::Models
 
-    Dir.glob(models_globs) do |model_path|
-      require model_path
-    end
+  def self.app_pathname
+    root.join('app')
   end
 
   def self.root

data/lib/metasploit_data_models/models.rb

@@ -0,0 +1,21 @@
+require 'metasploit_data_models/validators'
+
+module MetasploitDataModels
+  module Models
+    include MetasploitDataModels::Validators
+
+    def models_pathname
+      app_pathname.join('models')
+    end
+
+    def require_models
+      autoload_validators
+
+      models_globs = models_pathname.join('**', '*.rb')
+
+      Dir.glob(models_globs) do |model_path|
+        require model_path
+      end
+    end
+  end
+end

data/lib/metasploit_data_models/validators.rb

@@ -0,0 +1,19 @@
+module MetasploitDataModels
+  module Validators
+    # Mimics behavior of `app/validators` in Rails projects by adding it to
+    # `ActiveSupport::Dependencies.autoload_paths` if it is not already in the Array.
+    #
+    # @return [void]
+    def autoload_validators
+      validators_path = validators_pathname.to_s
+
+      unless ActiveSupport::Dependencies.autoload_paths.include? validators_path
+        ActiveSupport::Dependencies.autoload_paths << validators_path
+      end
+    end
+
+    def validators_pathname
+      app_pathname.join('validators')
+    end
+  end
+end

data/lib/metasploit_data_models/version.rb

@@ -4,5 +4,5 @@ module MetasploitDataModels
   # metasploit-framework/data/sql/migrate to db/migrate in this project, not all models have specs that verify the
   # migrations (with have_db_column and have_db_index) and certain models may not be shared between metasploit-framework
   # and pro, so models may be removed in the future.  Because of the unstable API the version should remain below 1.0.0
-  VERSION = '0.12.1'
+  VERSION = '0.14.1'
 end

data/spec/app/models/mdm/web_vuln_spec.rb

@@ -48,7 +48,7 @@ describe Mdm::WebVuln do
     context 'columns' do
       it { should have_db_column(:blame).of_type(:text) }
       it { should have_db_column(:category).of_type(:text).with_options(:null => false) }
-      it { should have_db_column(:confidence).of_type(:text).with_options(:null => false) }
+      it { should have_db_column(:confidence).of_type(:integer).with_options(:null => false) }
       it { should have_db_column(:description).of_type(:text) }
       it { should have_db_column(:method).of_type(:string).with_options(:limit => 1024, :null => false) }
       it { should have_db_column(:name).of_type(:string).with_options(:limit => 1024, :null => false) }
@@ -76,6 +76,25 @@ describe Mdm::WebVuln do
     end
   end
 
+  context 'factories' do
+    context 'mdm_web_vuln' do
+      subject(:mdm_web_vuln) do
+        FactoryGirl.build(:mdm_web_vuln)
+      end
+
+      it { should be_valid }
+
+      context 'after reloading' do
+        before(:each) do
+          mdm_web_vuln.save!
+          mdm_web_vuln.reload
+        end
+
+        it { should be_valid }
+      end
+    end
+  end
+
   context 'validations' do
     it { should validate_presence_of :category }
     it { should ensure_inclusion_of(:confidence).in_range(confidence_range) }
@@ -83,8 +102,168 @@ describe Mdm::WebVuln do
     it { should validate_presence_of :name }
     it { should validate_presence_of :path }
 
-    it 'should not validate presence of params because it default to [] and can never be nil' do
-      web_vuln.should_not validate_presence_of(:params)
+    context 'params' do
+      it 'should not validate presence of params because it default to [] and can never be nil' do
+        web_vuln.should_not validate_presence_of(:params)
+      end
+
+      context 'validates parameters' do
+        let(:type_signature_sentence) do
+          "Valid parameters are an Array<Array(String, String)>."
+        end
+
+        it 'should validate params is an Array' do
+          web_vuln.params = ''
+
+          web_vuln.params.should_not be_an Array
+          web_vuln.should_not be_valid
+          web_vuln.errors[:params].should include(
+                                              "is not an Array.  #{type_signature_sentence}"
+                                          )
+        end
+
+        it 'should allow empty Array' do
+          web_vuln.params = []
+          web_vuln.valid?
+
+          web_vuln.errors[:params].should be_empty
+        end
+
+        context 'with bad element' do
+          let(:index) do
+            web_vuln.params.index(element)
+          end
+
+          before(:each) do
+            web_vuln.params = [element]
+          end
+
+          context 'without Array' do
+            let(:element) do
+              {}
+            end
+
+            it 'should not be an Array' do
+              web_vuln.params.first.should_not be_an Array
+            end
+
+            it 'should validate elements of params are Arrays' do
+              web_vuln.should_not be_valid
+              web_vuln.errors[:params].should include(
+                                                  "has non-Array at index #{index} (#{element.inspect}).  " \
+                                                  "#{type_signature_sentence}"
+                                              )
+            end
+          end
+
+          context 'with element length < 2' do
+            let(:element) do
+              ['']
+            end
+
+            it 'should have length < 2' do
+              web_vuln.params.first.length.should < 2
+            end
+
+            it 'should validate elements of params are not too short' do
+              web_vuln.should_not be_valid
+              web_vuln.errors[:params].should include(
+                                                  "has too few elements at index #{index} (#{element.inspect}).  " \
+                                                  "#{type_signature_sentence}"
+                                              )
+            end
+          end
+
+          context 'with element length > 2' do
+            let(:element) do
+              ['', '', '']
+            end
+
+            it 'should have length > 2' do
+              web_vuln.params.first.length.should > 2
+            end
+
+            it 'should validate elements of params are not too long' do
+              web_vuln.should_not be_valid
+              web_vuln.errors[:params].should include(
+                                                  "has too many elements at index #{index} (#{element.inspect}).  " \
+                                                  "#{type_signature_sentence}"
+                                              )
+            end
+          end
+
+          context 'parameter name' do
+            let(:element) do
+              [parameter_name, 'parameter_value']
+            end
+
+            context 'with String' do
+              context 'with blank' do
+                let(:parameter_name) do
+                  ''
+                end
+
+                it 'should have blank parameter name' do
+                  web_vuln.params.first.first.should be_empty
+                end
+
+                it 'should validate that parameter name is not empty' do
+                  web_vuln.should_not be_valid
+                  web_vuln.errors[:params].should include(
+                                                      "has blank parameter name at index #{index} " \
+                                                      "(#{element.inspect}).  " \
+                                                      "#{type_signature_sentence}"
+                                                  )
+                end
+              end
+            end
+
+            context 'without String' do
+              let(:parameter_name) do
+                :parameter_name
+              end
+
+              it 'should not have String for parameter name' do
+                web_vuln.params.first.first.should_not be_a String
+              end
+
+              it 'should validate that parameter name is a String' do
+                web_vuln.should_not be_valid
+                web_vuln.errors[:params].should include(
+                                                    "has non-String parameter name (#{parameter_name.inspect}) " \
+                                                    "at index #{index} (#{element.inspect}).  " \
+                                                    "#{type_signature_sentence}"
+                                                )
+              end
+            end
+          end
+
+          context 'parameter value' do
+            let(:element) do
+              ['parameter_name', parameter_value]
+            end
+
+            context 'without String' do
+              let(:parameter_value) do
+                0
+              end
+
+              it 'should not have String for parameter name' do
+                web_vuln.params.first.second.should_not be_a String
+              end
+
+              it 'should validate that parameter value is a String' do
+                web_vuln.should_not be_valid
+                web_vuln.errors[:params].should include(
+                                                    "has non-String parameter value (#{parameter_value}) " \
+                                                    "at index #{index} (#{element.inspect}).  " \
+                                                    "#{type_signature_sentence}"
+                                                )
+              end
+            end
+          end
+        end
+      end
     end
 
     it { should validate_presence_of :pname }

data/spec/app/validators/parameters_validator_spec.rb

@@ -0,0 +1,342 @@
+require 'spec_helper'
+
+describe ParametersValidator do
+  subject(:parameters_validator) do
+    described_class.new(
+        :attributes => attributes
+    )
+  end
+
+  let(:attribute) do
+    :params
+  end
+
+  let(:attributes) do
+    attribute
+  end
+
+  let(:element) do
+    []
+  end
+
+  let(:index) do
+    rand(100)
+  end
+
+  let(:type_signature_sentence) do
+    'Valid parameters are an Array<Array(String, String)>.'
+  end
+
+  context 'CONSTANTS' do
+    it 'should define TYPE_SIGNATURE_SENTENCE' do
+      described_class::TYPE_SIGNATURE_SENTENCE.should == type_signature_sentence
+    end
+  end
+
+  context '#error_at' do
+    subject(:error_at) do
+      parameters_validator.send(
+          :error_at,
+          :element => element,
+          :index => index,
+          :prefix => prefix
+      )
+    end
+
+    let(:prefix) do
+      'has a prefix'
+    end
+
+    it 'should include prefix' do
+      error_at.should include(prefix)
+    end
+
+    it 'should include location_clause in same sentence as prefix' do
+      location_clause = parameters_validator.send(
+          :location_clause,
+          :element => element,
+          :index => index
+      )
+
+      error_at.should include("#{prefix} #{location_clause}.")
+    end
+
+    it 'should include TYPE_SIGNATURE_SENTENCE' do
+      error_at.should include(type_signature_sentence)
+    end
+  end
+
+  context '#length_error_at' do
+    subject(:length_error_at) do
+      parameters_validator.send(
+          :length_error_at,
+          :element => element,
+          :extreme => extreme,
+          :index => index
+      )
+    end
+
+    let(:extreme) do
+      [:few, :many].sample
+    end
+
+    it 'should include extreme in prefix' do
+      parameters_validator.should_receive(:error_at) do |*args|
+        options = args.first
+        options[:prefix].should include(extreme.to_s)
+      end
+
+      length_error_at
+    end
+  end
+
+  context '#location_clause' do
+    subject(:location_clause) do
+      parameters_validator.send(
+          :location_clause,
+          :element => element,
+          :index => index
+      )
+    end
+
+    it 'should include numerical index' do
+      location_clause.should include("at index #{index}")
+    end
+
+    it 'should include inspect of element' do
+      location_clause.should include(element.inspect)
+    end
+  end
+
+  context '#validate_each' do
+    subject(:errors) do
+      record.errors[attribute]
+    end
+
+    def validate_each
+      parameters_validator.validate_each(record, attribute, value)
+    end
+
+    let(:record) do
+      Object.new.tap { |object|
+        object.extend ActiveModel::Validations
+      }
+    end
+
+    context 'with Array' do
+      let(:value) do
+        []
+      end
+
+      context 'element' do
+        let(:value) do
+          [element]
+        end
+
+        context 'with Array' do
+          let(:element) do
+            []
+          end
+
+          context 'with length < 2' do
+            let(:element) do
+              []
+            end
+
+            it 'should call #length_error_at with :extreme => :few' do
+              parameters_validator.should_receive(:length_error_at).with(
+                  hash_including(
+                      :extreme => :few
+                  )
+              )
+
+              validate_each
+            end
+
+            it 'should record error' do
+              validate_each
+
+              errors.should_not be_empty
+            end
+          end
+
+          context 'with length > 2' do
+            let(:element) do
+              ['', '', '']
+            end
+
+            it 'should call #length_error_at with :extreme => :many' do
+              parameters_validator.should_receive(:length_error_at).with(
+                  hash_including(
+                      :extreme => :many
+                  )
+              )
+
+              validate_each
+            end
+
+            it 'should record error' do
+              validate_each
+
+              errors.should_not be_empty
+            end
+          end
+
+          context 'with length == 2' do
+            let(:element) do
+              [parameter_name, parameter_value]
+            end
+
+            let(:parameter_name) do
+              'parameter_name'
+            end
+
+            let(:parameter_value) do
+              'parameter_value'
+            end
+
+            context 'parameter name' do
+              context 'with String' do
+                context 'with blank' do
+                  let(:parameter_name) do
+                    ''
+                  end
+
+                  it 'should call error_at with blank parameter name prefix' do
+                    parameters_validator.should_receive(:error_at).with(
+                        hash_including(
+                          :prefix => 'has blank parameter name'
+                        )
+                    )
+
+                    validate_each
+                  end
+
+                  it 'should record error' do
+                    validate_each
+
+                    errors.should_not be_empty
+                  end
+                end
+
+                context 'without blank' do
+                  let(:parameter_name) do
+                    'parameter_name'
+                  end
+
+                  it 'should not record error' do
+                    validate_each
+
+                    errors.should be_blank
+                  end
+                end
+              end
+
+              context 'without String' do
+                let(:parameter_name) do
+                  :parameter_name
+                end
+
+                it 'should call error_at with non-String prefix' do
+                  parameters_validator.should_receive(:error_at).with(
+                      hash_including(
+                          :prefix => "has non-String parameter name (#{parameter_name.inspect})"
+                      )
+                  )
+
+                  validate_each
+                end
+
+                it 'should record error' do
+                  validate_each
+
+                  errors.should_not be_empty
+                end
+              end
+            end
+
+            context 'parameter value' do
+              context 'with String' do
+                let(:parameter_value) do
+                  'parameter_value'
+                end
+
+                it 'should not record error' do
+                  validate_each
+
+                  errors.should be_blank
+                end
+              end
+
+              context 'without String' do
+                let(:parameter_value) do
+                  0
+                end
+
+                it 'should call error_at with non-String prefix' do
+                  parameters_validator.should_receive(:error_at).with(
+                      hash_including(
+                          :prefix => "has non-String parameter value (#{parameter_value.inspect})"
+                      )
+                  )
+
+                  validate_each
+                end
+
+                it 'should record error' do
+                  validate_each
+
+                  errors.should_not be_empty
+                end
+              end
+            end
+          end
+        end
+
+        context 'without Array' do
+          let(:element) do
+            {}
+          end
+
+          it 'should use #error_at with has non-Array for prefix' do
+            parameters_validator.should_receive(:error_at).with(
+                hash_including(
+                    :prefix => 'has non-Array'
+                )
+            )
+
+            validate_each
+          end
+
+          it 'should record error' do
+            validate_each
+
+            errors.should_not be_empty
+          end
+        end
+      end
+    end
+
+    context 'without Array' do
+      let(:value) do
+        ''
+      end
+
+      before(:each) do
+        validate_each
+      end
+
+      it 'should error that attribute is not an array' do
+        errors.any? { |error|
+          error.include? 'is not an Array.'
+        }.should be_true
+      end
+
+      it 'should include TYPE_SIGNATURE_SENTENCE' do
+        errors.each do |error|
+          error.should include(type_signature_sentence)
+        end
+      end
+    end
+  end
+end

data/spec/dummy/db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20130430162145) do
+ActiveRecord::Schema.define(:version => 20130515172727) do
 
   create_table "api_keys", :force => true do |t|
     t.text     "token"
@@ -581,7 +581,7 @@ ActiveRecord::Schema.define(:version => 20130430162145) do
     t.string   "name",        :limit => 1024, :null => false
     t.text     "query"
     t.text     "category",                    :null => false
-    t.text     "confidence",                  :null => false
+    t.integer  "confidence",                  :null => false
     t.text     "description"
     t.text     "blame"
     t.binary   "request"

metadata

@@ -2,7 +2,7 @@
 name: metasploit_data_models
 version: !ruby/object:Gem::Version
   prerelease:
-  version: 0.12.1
+  version: 0.14.1
 platform: java
 authors:
 - Samuel Huckins
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-15 00:00:00.000000000 Z
+date: 2013-05-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rake
@@ -222,6 +222,9 @@ files:
 - app/models/mdm/wmap_request.rb
 - app/models/mdm/wmap_target.rb
 - app/models/mdm/workspace.rb
+- app/validators/ip_format_validator.rb
+- app/validators/parameters_validator.rb
+- app/validators/password_is_strong_validator.rb
 - bin/mdm_console
 - console_db.yml
 - db/migrate/000_create_tables.rb
@@ -319,6 +322,8 @@ files:
 - db/migrate/20130423211152_add_creds_counter_cache.rb
 - db/migrate/20130430151353_change_required_columns_to_null_false_in_hosts.rb
 - db/migrate/20130430162145_enforce_address_uniqueness_in_workspace_in_hosts.rb
+- db/migrate/20130515164311_change_web_vulns_confidence_to_integer.rb
+- db/migrate/20130515172727_valid_mdm_web_vuln_params.rb
 - lib/mdm.rb
 - lib/mdm/host/operating_system_normalization.rb
 - lib/mdm/module.rb
@@ -326,9 +331,9 @@ files:
 - lib/metasploit_data_models/base64_serializer.rb
 - lib/metasploit_data_models/change_required_columns_to_null_false.rb
 - lib/metasploit_data_models/engine.rb
+- lib/metasploit_data_models/models.rb
 - lib/metasploit_data_models/serialized_prefs.rb
-- lib/metasploit_data_models/validators/ip_format_validator.rb
-- lib/metasploit_data_models/validators/password_is_strong_validator.rb
+- lib/metasploit_data_models/validators.rb
 - lib/metasploit_data_models/version.rb
 - lib/tasks/yard.rake
 - metasploit_data_models.gemspec
@@ -348,6 +353,7 @@ files:
 - spec/app/models/mdm/vuln_ref_spec.rb
 - spec/app/models/mdm/vuln_spec.rb
 - spec/app/models/mdm/web_vuln_spec.rb
+- spec/app/validators/parameters_validator_spec.rb
 - spec/dummy/Rakefile
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css
@@ -450,6 +456,7 @@ test_files:
 - spec/app/models/mdm/vuln_ref_spec.rb
 - spec/app/models/mdm/vuln_spec.rb
 - spec/app/models/mdm/web_vuln_spec.rb
+- spec/app/validators/parameters_validator_spec.rb
 - spec/dummy/Rakefile
 - spec/dummy/app/assets/javascripts/application.js
 - spec/dummy/app/assets/stylesheets/application.css