metasploit_data_models 0.15.2 → 0.16.0

data/spec/app/models/mdm/host_tag_spec.rb

@@ -1,6 +1,19 @@
 require 'spec_helper'
 
 describe Mdm::HostTag do
+
+  context 'associations' do
+    it { should belong_to(:host).class_name('Mdm::Host') }
+    it { should belong_to(:tag).class_name('Mdm::Tag') }
+  end
+
+  context 'database' do
+    context 'columns' do
+      it { should have_db_column(:host_id).of_type(:integer) }
+      it { should have_db_column(:tag_id).of_type(:integer) }
+    end
+  end
+
   context 'factories' do
     context 'mdm_host_tag' do
       subject(:mdm_host_tag) do
@@ -10,4 +23,17 @@ describe Mdm::HostTag do
       it { should be_valid }
     end
   end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      host_tag = FactoryGirl.create(:mdm_host_tag)
+      expect {
+        host_tag.destroy
+      }.to_not raise_error
+      expect {
+        host_tag.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
 end

data/spec/app/models/mdm/listener_spec.rb

@@ -0,0 +1,108 @@
+require 'spec_helper'
+
+describe Mdm::Listener do
+
+  context 'associations' do
+    it { should belong_to(:workspace).class_name('Mdm::Workspace') }
+    it { should belong_to(:task).class_name('Mdm::Task') }
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+      it { should have_db_column(:task_id).of_type(:integer) }
+      it { should have_db_column(:enabled).of_type(:boolean).with_options(:default => true) }
+      it { should have_db_column(:owner).of_type(:text) }
+      it { should have_db_column(:payload).of_type(:text) }
+      it { should have_db_column(:address).of_type(:text) }
+      it { should have_db_column(:port).of_type(:integer) }
+      it { should have_db_column(:options).of_type(:binary) }
+      it { should have_db_column(:macro).of_type(:text) }
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      listener = FactoryGirl.build(:mdm_listener)
+      listener.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      listener = FactoryGirl.create(:mdm_listener)
+      expect {
+        listener.destroy
+      }.to_not raise_error
+      expect {
+        listener.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'validations' do
+    context 'port' do
+      it 'should require a port' do
+        portless_listener = FactoryGirl.build(:mdm_listener, :port => nil)
+        portless_listener.should_not be_valid
+        portless_listener.errors[:port].should include("can't be blank")
+      end
+
+      it 'should not be valid for out-of-range numbers' do
+        out_of_range = FactoryGirl.build(:mdm_listener, :port => 70000)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+
+      it 'should not be valid for port 0' do
+        out_of_range = FactoryGirl.build(:mdm_listener, :port => 0)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+
+      it 'should not be valid for decimal numbers' do
+        out_of_range = FactoryGirl.build(:mdm_listener, :port => 5.67)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("must be an integer")
+      end
+
+      it 'should not be valid for a negative number' do
+        out_of_range = FactoryGirl.build(:mdm_listener, :port => -8)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+    end
+
+    context 'address' do
+      it 'should require an address' do
+        addressless_listener = FactoryGirl.build(:mdm_listener, :address => nil)
+        addressless_listener.should_not be_valid
+        addressless_listener.errors[:address].should include("can't be blank")
+      end
+
+      it 'should be valid for IPv4 format' do
+        ipv4_listener = FactoryGirl.build(:mdm_listener, :address => '192.168.1.120')
+        ipv4_listener.should be_valid
+      end
+
+      it 'should be valid for IPv6 format' do
+        ipv6_listener = FactoryGirl.build(:mdm_listener, :address => '2001:0db8:85a3:0000:0000:8a2e:0370:7334')
+        ipv6_listener.should be_valid
+      end
+
+      it 'should not be valid for strings not conforming to IPv4 or IPv6' do
+        invalid_listener = FactoryGirl.build(:mdm_listener, :address => '1234-fark')
+        invalid_listener.should_not be_valid
+      end
+
+    end
+  end
+
+
+end

data/spec/app/models/mdm/loot_spec.rb

@@ -0,0 +1,77 @@
+require 'spec_helper'
+
+describe Mdm::Loot do
+   context 'associations' do
+     it { should belong_to(:workspace).class_name('Mdm::Workspace') }
+     it { should belong_to(:service).class_name('Mdm::Service') }
+     it { should belong_to(:host).class_name('Mdm::Host') }
+   end
+
+   context 'database' do
+
+     context 'timestamps'do
+       it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+       it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+     end
+
+     context 'columns' do
+       it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+       it { should have_db_column(:host_id).of_type(:integer) }
+       it { should have_db_column(:service_id).of_type(:integer) }
+       it { should have_db_column(:ltype).of_type(:string) }
+       it { should have_db_column(:path).of_type(:string) }
+       it { should have_db_column(:data).of_type(:text) }
+       it { should have_db_column(:content_type).of_type(:string) }
+       it { should have_db_column(:name).of_type(:text) }
+       it { should have_db_column(:info).of_type(:text) }
+     end
+   end
+
+   context 'factory' do
+     it 'should be valid' do
+       loot = FactoryGirl.build(:mdm_loot)
+       loot.should be_valid
+     end
+   end
+
+   context '#destroy' do
+     it 'should successfully destroy the object' do
+       loot = FactoryGirl.create(:mdm_loot)
+       expect {
+         loot.destroy
+       }.to_not raise_error
+       expect {
+         loot.reload
+       }.to raise_error(ActiveRecord::RecordNotFound)
+     end
+   end
+
+   context 'scopes' do
+     context 'search' do
+       it 'should match on ltype' do
+         myloot = FactoryGirl.create(:mdm_loot, :ltype => 'find.this.ltype')
+         Mdm::Loot.search('find.this.ltype').should include(myloot)
+       end
+
+       it 'should match on name' do
+         myloot = FactoryGirl.create(:mdm_loot, :name => 'Find This')
+         Mdm::Loot.search('Find This').should include(myloot)
+       end
+
+       it 'should match on info' do
+         myloot = FactoryGirl.create(:mdm_loot, :info => 'Find This')
+         Mdm::Loot.search('Find This').should include(myloot)
+       end
+     end
+   end
+
+   context 'callbacks' do
+     context 'before_destroy' do
+       it 'should call #delete_file' do
+         myloot =  FactoryGirl.create(:mdm_loot)
+         myloot.should_receive(:delete_file)
+         myloot.destroy
+       end
+     end
+   end
+end

data/spec/app/models/mdm/nexpose_console_spec.rb

@@ -0,0 +1,128 @@
+require 'spec_helper'
+
+describe Mdm::NexposeConsole do
+
+  context 'factory' do
+    it 'should be valid' do
+      nexpose_console = FactoryGirl.build(:mdm_nexpose_console)
+      nexpose_console.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:enabled).of_type(:boolean).with_options(:default => true) }
+      it { should have_db_column(:owner).of_type(:text) }
+      it { should have_db_column(:address).of_type(:text) }
+      it { should have_db_column(:port).of_type(:integer).with_options(:default => 3780) }
+      it { should have_db_column(:username).of_type(:text) }
+      it { should have_db_column(:password).of_type(:text) }
+      it { should have_db_column(:status).of_type(:text) }
+      it { should have_db_column(:version).of_type(:text) }
+      it { should have_db_column(:cert).of_type(:text) }
+      it { should have_db_column(:cached_sites).of_type(:binary) }
+      it { should have_db_column(:name).of_type(:text) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      nexpose_console = FactoryGirl.create(:mdm_nexpose_console)
+      expect {
+        nexpose_console.destroy
+      }.to_not raise_error
+      expect {
+        nexpose_console.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'validations' do
+    context 'address' do
+      it 'should require an address' do
+        addressless_nexpose_console = FactoryGirl.build(:mdm_nexpose_console, :address => nil)
+        addressless_nexpose_console.should_not be_valid
+        addressless_nexpose_console.errors[:address].should include("can't be blank")
+      end
+
+      it 'should be valid for IPv4 format' do
+        ipv4_nexpose_console = FactoryGirl.build(:mdm_nexpose_console, :address => '192.168.1.120')
+        ipv4_nexpose_console.should be_valid
+      end
+
+      it 'should be valid for IPv6 format' do
+        ipv6_nexpose_console = FactoryGirl.build(:mdm_nexpose_console, :address => '2001:0db8:85a3:0000:0000:8a2e:0370:7334')
+        ipv6_nexpose_console.should be_valid
+      end
+
+      it 'should not be valid for strings not conforming to IPv4 or IPv6' do
+        invalid_nexpose_console = FactoryGirl.build(:mdm_nexpose_console, :address => '1234-fark')
+        invalid_nexpose_console.should_not be_valid
+      end
+    end
+
+    context 'port' do
+      it 'should require a port' do
+        portless_nexpose_console = FactoryGirl.build(:mdm_nexpose_console, :port => nil)
+        portless_nexpose_console.should_not be_valid
+        portless_nexpose_console.errors[:port].should include("is not included in the list")
+      end
+
+      it 'should not be valid for out-of-range numbers' do
+        out_of_range = FactoryGirl.build(:mdm_nexpose_console, :port => 70000)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+
+      it 'should not be valid for port 0' do
+        out_of_range = FactoryGirl.build(:mdm_nexpose_console, :port => 0)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+
+      it 'should not be valid for decimal numbers' do
+        out_of_range = FactoryGirl.build(:mdm_nexpose_console, :port => 5.67)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("must be an integer")
+      end
+
+      it 'should not be valid for a negative number' do
+        out_of_range = FactoryGirl.build(:mdm_nexpose_console, :port => -8)
+        out_of_range.should_not be_valid
+        out_of_range.errors[:port].should include("is not included in the list")
+      end
+    end
+
+    context 'name' do
+      it 'should require a name' do
+        unnamed_console = FactoryGirl.build(:mdm_nexpose_console, :name => nil)
+        unnamed_console.should_not be_valid
+        unnamed_console.errors[:name].should include("can't be blank")
+      end
+    end
+
+    context 'username' do
+      it 'should require a name' do
+        console = FactoryGirl.build(:mdm_nexpose_console, :username => nil)
+        console.should_not be_valid
+        console.errors[:username].should include("can't be blank")
+      end
+    end
+
+    context 'password' do
+      it 'should require a password' do
+        console = FactoryGirl.build(:mdm_nexpose_console, :password => nil)
+        console.should_not be_valid
+        console.errors[:password].should include("can't be blank")
+      end
+    end
+
+  end
+
+end

data/spec/app/models/mdm/note_spec.rb

@@ -0,0 +1,84 @@
+require 'spec_helper'
+
+describe Mdm::Note do
+
+  context 'factory' do
+    it 'should be valid' do
+      note = FactoryGirl.build(:mdm_note)
+      note.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime) }
+      it { should have_db_column(:updated_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+      it { should have_db_column(:host_id).of_type(:integer) }
+      it { should have_db_column(:service_id).of_type(:integer) }
+      it { should have_db_column(:ntype).of_type(:string) }
+      it { should have_db_column(:critical).of_type(:boolean) }
+      it { should have_db_column(:seen).of_type(:boolean) }
+      it { should have_db_column(:data).of_type(:text) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      note = FactoryGirl.create(:mdm_note)
+      expect {
+        note.destroy
+      }.to_not raise_error
+      expect {
+        note.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+  context 'associations' do
+    it { should belong_to(:workspace).class_name('Mdm::Workspace') }
+    it { should belong_to(:host).class_name('Mdm::Host') }
+    it { should belong_to(:service).class_name('Mdm::Service') }
+  end
+
+  context 'scopes' do
+    context 'flagged' do
+      it 'should exclude non-critical note' do
+        flagged_note = FactoryGirl.create(:mdm_note, :critical => true, :seen => false)
+        non_critical_note = FactoryGirl.create(:mdm_note, :critical => false, :seen => false)
+        flagged_set = Mdm::Note.flagged
+        flagged_set.should include(flagged_note)
+        flagged_set.should_not include(non_critical_note)
+      end
+
+      it 'should exclude seen notes' do
+        flagged_note = FactoryGirl.create(:mdm_note, :critical => true, :seen => false)
+        non_critical_note = FactoryGirl.create(:mdm_note, :critical => false, :seen => true)
+        flagged_set = Mdm::Note.flagged
+        flagged_set.should include(flagged_note)
+        flagged_set.should_not include(non_critical_note)
+      end
+    end
+
+    context 'visible' do
+      it 'should only include visible notes' do
+        flagged_note = FactoryGirl.create(:mdm_note, :ntype => 'flag.me', :critical => true, :seen => false)
+        webform_note = FactoryGirl.create(:mdm_note, :ntype => 'web.form', :critical => true, :seen => false)
+        visible_set = Mdm::Note.visible
+        visible_set.should include(flagged_note)
+        visible_set.should_not include(webform_note)
+      end
+    end
+
+    context 'search' do
+      it 'should match on ntype' do
+        flagged_note = FactoryGirl.create(:mdm_note, :ntype => 'flag.me', :critical => true, :seen => false)
+        Mdm::Note.search('flag.me').should include(flagged_note)
+      end
+    end
+  end
+end

data/spec/app/models/mdm/ref_spec.rb

@@ -28,6 +28,7 @@ describe Mdm::Ref do
 
     # @todo https://www.pivotaltracker.com/story/show/48915453
     it { should have_many(:vulns_refs).class_name('Mdm::VulnRef') }
+    it { should have_many(:vulns).class_name('Mdm::Vuln').through(:vulns_refs) }
   end
 
   context 'database' do
@@ -56,6 +57,18 @@ describe Mdm::Ref do
     end
   end
 
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      mdm_ref = FactoryGirl.create(:mdm_ref)
+      expect {
+        mdm_ref.destroy
+      }.to_not raise_error
+      expect {
+        mdm_ref.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
   context 'mass assignment security' do
     it { should allow_mass_assignment_of(:name) }
   end