metasploit_data_models 0.15.2 → 0.16.0

data/spec/app/models/mdm/tag_spec.rb

@@ -1,6 +1,97 @@
 require 'spec_helper'
+require 'securerandom'
 
 describe Mdm::Tag do
+
+  context 'associations' do
+    it { should have_many(:hosts_tags).class_name('Mdm::HostTag') }
+    it { should have_many(:hosts).class_name('Mdm::Host').through(:hosts_tags) }
+    it { should belong_to(:user).class_name('Mdm::User') }
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:user_id).of_type(:integer) }
+      it { should have_db_column(:name).of_type(:string) }
+      it { should have_db_column(:desc).of_type(:text) }
+      it { should have_db_column(:report_summary).of_type(:boolean).with_options(:null => false, :default =>false) }
+      it { should have_db_column(:report_detail).of_type(:boolean).with_options(:null => false, :default =>false) }
+      it { should have_db_column(:critical).of_type(:boolean).with_options(:null => false, :default =>false) }
+    end
+  end
+
+  context 'validations' do
+    context 'desc'  do
+      it 'should not ba valid for a length over 8k' do
+        desc = SecureRandom.hex(9001) #over 9000?!
+        large_tag = FactoryGirl.build(:mdm_tag, :desc => desc)
+        large_tag.should_not be_valid
+        large_tag.errors[:desc].should include('desc must be less than 8k.')
+      end
+    end
+
+    context 'name' do
+      it 'must be present' do
+        nameless_tag = FactoryGirl.build(:mdm_tag, :name => nil)
+        nameless_tag.should_not be_valid
+        nameless_tag.errors[:name].should include("can't be blank")
+      end
+
+      it 'may only contain alphanumerics, dot, dashes, and underscores' do
+        mytag = FactoryGirl.build(:mdm_tag, :name => 'A.1-B_2')
+        mytag.should be_valid
+        #Test for various bad inputs we should never allow
+        mytag = FactoryGirl.build(:mdm_tag, :name => "A'1")
+        mytag.should_not be_valid
+        mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
+        mytag = FactoryGirl.build(:mdm_tag, :name => "A;1")
+        mytag.should_not be_valid
+        mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
+        mytag = FactoryGirl.build(:mdm_tag, :name => "A%1")
+        mytag.should_not be_valid
+        mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
+        mytag = FactoryGirl.build(:mdm_tag, :name => "A=1")
+        mytag.should_not be_valid
+        mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
+        mytag = FactoryGirl.build(:mdm_tag, :name => "#A1")
+        mytag.should_not be_valid
+        mytag.errors[:name].should include('must be alphanumeric, dots, dashes, or underscores')
+      end
+    end
+  end
+
+  context 'callbacks' do
+    context 'before_destroy' do
+      it 'should call #cleanup_hosts' do
+        mytag = FactoryGirl.create(:mdm_tag)
+        mytag.should_receive(:cleanup_hosts)
+        mytag.destroy
+      end
+
+      it 'should destroy the host_tag joins' do
+        mytag = FactoryGirl.create(:mdm_tag)
+        FactoryGirl.create(:mdm_host_tag, :tag => mytag)
+        Mdm::HostTag.should_receive(:delete_all).with("tag_id = #{mytag.id}")
+        mytag.destroy
+      end
+    end
+  end
+
+  context 'instance methods' do
+    context '#to_s' do
+      it 'should return the name of the tag as a string' do
+        mytag = FactoryGirl.build(:mdm_tag, :name => 'mytag')
+        mytag.to_s.should == 'mytag'
+      end
+    end
+  end
+
   context 'factories' do
     context 'mdm_tag' do
       subject(:mdm_tag) do
@@ -10,4 +101,17 @@ describe Mdm::Tag do
       it { should be_valid }
     end
   end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      tag = FactoryGirl.create(:mdm_tag)
+      expect {
+        tag.destroy
+      }.to_not raise_error
+      expect {
+        tag.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
 end

data/spec/app/models/mdm/task_creds_spec.rb

@@ -2,6 +2,38 @@ require 'spec_helper'
 
 describe Mdm::TaskCred do
 
+  context 'factory' do
+    it 'should be valid' do
+      task_cred = FactoryGirl.build(:mdm_task_cred)
+      task_cred.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:task_id).of_type(:integer).with_options(:null => false) }
+      it { should have_db_column(:cred_id).of_type(:integer).with_options(:null => false) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      task_cred = FactoryGirl.create(:mdm_task_cred)
+      expect {
+        task_cred.destroy
+      }.to_not raise_error
+      expect {
+        task_cred.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
   context "Associations" do
     it { should belong_to(:task).class_name('Mdm::Task') }
     it { should belong_to(:cred).class_name('Mdm::Cred') }

data/spec/app/models/mdm/task_host_spec.rb

@@ -1,6 +1,39 @@
 require 'spec_helper'
 
 describe Mdm::TaskHost do
+
+  context 'factory' do
+    it 'should be valid' do
+      task_host = FactoryGirl.build(:mdm_task_host)
+      task_host.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:task_id).of_type(:integer).with_options(:null => false) }
+      it { should have_db_column(:host_id).of_type(:integer).with_options(:null => false) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      task_host = FactoryGirl.create(:mdm_task_host)
+      expect {
+        task_host.destroy
+      }.to_not raise_error
+      expect {
+        task_host.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
   context "Associations" do
     it { should belong_to(:task).class_name('Mdm::Task') }
     it { should belong_to(:host).class_name('Mdm::Host') }

data/spec/app/models/mdm/task_service_spec.rb

@@ -1,6 +1,39 @@
 require 'spec_helper'
 
 describe Mdm::TaskService do
+
+  context 'factory' do
+    it 'should be valid' do
+      task_service = FactoryGirl.build(:mdm_task_service)
+      task_service.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:task_id).of_type(:integer).with_options(:null => false) }
+      it { should have_db_column(:service_id).of_type(:integer).with_options(:null => false) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      task_service = FactoryGirl.create(:mdm_task_service)
+      expect {
+        task_service.destroy
+      }.to_not raise_error
+      expect {
+        task_service.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
   context "Associations" do
     it { should belong_to(:task).class_name('Mdm::Task') }
     it { should belong_to(:service).class_name('Mdm::Service') }

data/spec/app/models/mdm/task_spec.rb

@@ -2,8 +2,50 @@ require 'spec_helper'
 
 describe Mdm::Task do
 
-  context "Associations" do
+  context 'factory' do
+    it 'should be valid' do
+      task = FactoryGirl.build(:mdm_task)
+      task.should be_valid
+    end
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:completed_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:workspace_id).of_type(:integer).with_options(:null => false, :default =>1) }
+      it { should have_db_column(:created_by).of_type(:string) }
+      it { should have_db_column(:module).of_type(:string) }
+      it { should have_db_column(:path).of_type(:string) }
+      it { should have_db_column(:info).of_type(:string) }
+      it { should have_db_column(:description).of_type(:string) }
+      it { should have_db_column(:progress).of_type(:integer) }
+      it { should have_db_column(:options).of_type(:text) }
+      it { should have_db_column(:error).of_type(:text) }
+      it { should have_db_column(:result).of_type(:text) }
+      it { should have_db_column(:module_uuid).of_type(:string) }
+      it { should have_db_column(:settings).of_type(:binary) }
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      task = FactoryGirl.create(:mdm_task)
+      expect {
+        task.destroy
+      }.to_not raise_error
+      expect {
+        task.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
 
+  context "Associations" do
     it { should have_many(:task_creds).class_name('Mdm::TaskCred').dependent(:destroy) }
     it { should have_many(:creds).class_name('Mdm::Cred').through(:task_creds) }
     it { should have_many(:task_hosts).class_name('Mdm::TaskHost').dependent(:destroy) }
@@ -14,12 +56,24 @@ describe Mdm::Task do
     it { should have_many(:reports).class_name('Mdm::Report')}
   end
 
-  context "running" do
-    it "should exclude completed tasks" do
-      task = FactoryGirl.create(:mdm_task, :completed_at => Time.now)
-      Mdm::Task.running.should_not include(task)
+  context 'scopes' do
+    context "running" do
+      it "should exclude completed tasks" do
+        task = FactoryGirl.create(:mdm_task, :completed_at => Time.now)
+        Mdm::Task.running.should_not include(task)
+      end
     end
+  end
 
+  context 'callbacks' do
+    context 'before_destroy' do
+      it 'should call #delete_file' do
+        task = FactoryGirl.create(:mdm_task)
+        task.should_receive(:delete_file)
+        task.destroy
+      end
+    end
   end
 
+
 end

data/spec/app/models/mdm/user_spec.rb

@@ -0,0 +1,51 @@
+require 'spec_helper'
+
+describe Mdm::User do
+
+  context 'associations' do
+    it { should have_many(:owned_workspaces).class_name('Mdm::Workspace') }
+    it { should have_many(:tags).class_name('Mdm::Tag') }
+    it { should have_and_belong_to_many(:workspaces).class_name('Mdm::Workspace') }
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:created_at).of_type(:datetime).with_options(:null => false) }
+      it { should have_db_column(:updated_at).of_type(:datetime).with_options(:null => false) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:username).of_type(:string) }
+      it { should have_db_column(:crypted_password).of_type(:string) }
+      it { should have_db_column(:password_salt).of_type(:string) }
+      it { should have_db_column(:persistence_token).of_type(:string) }
+      it { should have_db_column(:fullname).of_type(:string) }
+      it { should have_db_column(:email).of_type(:string) }
+      it { should have_db_column(:phone).of_type(:string) }
+      it { should have_db_column(:company).of_type(:string) }
+      it { should have_db_column(:prefs).of_type(:string) }
+      it { should have_db_column(:admin).of_type(:boolean).with_options(:null => false, :default =>true) }
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      user = FactoryGirl.build(:mdm_user)
+      user.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      user = FactoryGirl.create(:mdm_user)
+      expect {
+        user.destroy
+      }.to_not raise_error
+      expect {
+        user.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+end

data/spec/app/models/mdm/vuln_attempt_spec.rb

@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe Mdm::VulnAttempt do
+
+  context 'association' do
+    it { should belong_to(:vuln).class_name('Mdm::Vuln') }
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:attempted_at).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:vuln_id).of_type(:integer) }
+      it { should have_db_column(:exploited).of_type(:boolean) }
+      it { should have_db_column(:fail_reason).of_type(:string) }
+      it { should have_db_column(:username).of_type(:string) }
+      it { should have_db_column(:module).of_type(:text) }
+      it { should have_db_column(:session_id).of_type(:integer) }
+      it { should have_db_column(:loot_id).of_type(:integer) }
+      it { should have_db_column(:fail_detail).of_type(:text) }
+    end
+  end
+
+  context 'validations' do
+    it 'should require a vuln_id' do
+      orphan_detail = FactoryGirl.build(:mdm_vuln_detail, :vuln => nil)
+      orphan_detail.should_not be_valid
+      orphan_detail.errors[:vuln_id].should include("can't be blank")
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      vuln_attempt = FactoryGirl.build(:mdm_vuln_attempt)
+      vuln_attempt.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      vuln_attempt = FactoryGirl.create(:mdm_vuln_attempt)
+      expect {
+        vuln_attempt.destroy
+      }.to_not raise_error
+      expect {
+        vuln_attempt.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+end

data/spec/app/models/mdm/vuln_details_spec.rb

@@ -0,0 +1,66 @@
+require 'spec_helper'
+
+describe Mdm::VulnDetail do
+
+  context 'association' do
+    it { should belong_to(:vuln).class_name('Mdm::Vuln') }
+  end
+
+  context 'database' do
+
+    context 'timestamps'do
+      it { should have_db_column(:nx_published).of_type(:datetime) }
+      it { should have_db_column(:nx_added).of_type(:datetime) }
+      it { should have_db_column(:nx_modified).of_type(:datetime) }
+      it { should have_db_column(:nx_vulnerable_since).of_type(:datetime) }
+    end
+
+    context 'columns' do
+      it { should have_db_column(:vuln_id).of_type(:integer)}
+      it { should have_db_column(:cvss_score).of_type(:float) }
+      it { should have_db_column(:cvss_vector).of_type(:string) }
+      it { should have_db_column(:title).of_type(:string) }
+      it { should have_db_column(:description).of_type(:text) }
+      it { should have_db_column(:solution).of_type(:text) }
+      it { should have_db_column(:proof).of_type(:binary) }
+      it { should have_db_column(:nx_console_id).of_type(:integer) }
+      it { should have_db_column(:nx_device_id).of_type(:integer) }
+      it { should have_db_column(:nx_severity).of_type(:float) }
+      it { should have_db_column(:nx_pci_severity).of_type(:float) }
+      it { should have_db_column(:nx_tags).of_type(:text) }
+      it { should have_db_column(:nx_vuln_status).of_type(:text) }
+      it { should have_db_column(:nx_proof_key).of_type(:text) }
+      it { should have_db_column(:src).of_type(:string) }
+      it { should have_db_column(:nx_scan_id).of_type(:integer) }
+      it { should have_db_column(:nx_pci_compliance_status).of_type(:string) }
+    end
+  end
+
+  context 'validations' do
+    it 'should require a vuln_id' do
+      orphan_detail = FactoryGirl.build(:mdm_vuln_detail, :vuln => nil)
+      orphan_detail.should_not be_valid
+      orphan_detail.errors[:vuln_id].should include("can't be blank")
+    end
+  end
+
+  context 'factory' do
+    it 'should be valid' do
+      vuln_detail = FactoryGirl.build(:mdm_vuln_detail)
+      vuln_detail.should be_valid
+    end
+  end
+
+  context '#destroy' do
+    it 'should successfully destroy the object' do
+      vuln_detail = FactoryGirl.create(:mdm_vuln_detail)
+      expect {
+        vuln_detail.destroy
+      }.to_not raise_error
+      expect {
+        vuln_detail.reload
+      }.to raise_error(ActiveRecord::RecordNotFound)
+    end
+  end
+
+end