RubyGems - metasploit_data_models - Versions diffs - 0.17.1-java → 0.17.2-java - Mend

metasploit_data_models 0.17.1-java → 0.17.2-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (33) hide show

data/spec/app/models/metasploit_data_models/search/visitor/relation_spec.rb ADDED

@@ -0,0 +1,253 @@
+require 'spec_helper'
+describe MetasploitDataModels::Search::Visitor::Relation do
+  subject(:visitor) do
+    described_class.new(
+        :query => query
+    )
+  end
+  let(:formatted) do
+    # needs to be a valid operation so that query is valid
+    "name:\"#{value}\""
+  end
+  let(:query) do
+    Metasploit::Model::Search::Query.new(
+        :formatted => formatted,
+        :klass => Mdm::Host
+    )
+  end
+  let(:value) {
+    FactoryGirl.generate :mdm_host_name
+  }
+  context 'validations' do
+    context 'query' do
+      it { should validate_presence_of(:query) }
+      context 'valid' do
+        let(:error) do
+          I18n.translate('errors.messages.invalid')
+        end
+        let(:errors) do
+          visitor.errors[:query]
+        end
+        context 'with query' do
+          let(:query) do
+            double('Query')
+          end
+          before(:each) do
+            query.stub(:valid? => query)
+            visitor.valid?
+          end
+          context 'with valid' do
+            let(:valid) do
+              true
+            end
+            it 'should not record error' do
+              errors.should_not include(error)
+            end
+          end
+          context 'without valid' do
+            let(:valid) do
+              false
+            end
+            it 'should record error' do
+              errors.should_not include(error)
+            end
+          end
+        end
+        context 'without query' do
+          let(:query) do
+            nil
+          end
+          it 'should not record error' do
+            errors.should_not include(error)
+          end
+        end
+      end
+    end
+  end
+  context '#visit' do
+    subject(:visit) do
+      visitor.visit
+    end
+    context 'MetasploitDataModels::Search::Visitor::Includes' do
+      subject(:includes_visitor) do
+        visitor.visitor_by_relation_method[:includes]
+      end
+      it 'should visit Metasploit::Model::Search::Query#tree' do
+        includes_visitor.should_receive(:visit).with(query.tree)
+        visit
+      end
+      it 'should pass visited to ActiveRecord::Relation#includes' do
+        visited = double('Visited')
+        includes_visitor.stub(:visit).with(query.tree).and_return(visited)
+        ActiveRecord::Relation.any_instance.should_receive(:includes).with(visited).and_return(query.klass.scoped)
+        visit
+      end
+    end
+    context 'MetasploitDataModels::Search::Visitor::Joins' do
+      subject(:joins_visitor) do
+        visitor.visitor_by_relation_method[:joins]
+      end
+      it 'should visit Metasploit::Model::Search::Query#tree' do
+        joins_visitor.should_receive(:visit).with(query.tree)
+        visit
+      end
+      it 'should pass visited to ActiveRecord::Relation#joins' do
+        visited = double('Visited')
+        joins_visitor.stub(:visit).with(query.tree).and_return(visited)
+        ActiveRecord::Relation.any_instance.should_receive(:joins).with(visited).and_return(query.klass.scoped)
+        visit
+      end
+    end
+    context 'MetasploitDataModels::Search::Visitor::Where' do
+      subject(:where_visitor) do
+        visitor.visitor_by_relation_method[:where]
+      end
+      it 'should visit Metasploit::Model::Search::Query#tree' do
+        where_visitor.should_receive(:visit).with(query.tree)
+        visit
+      end
+      it 'should pass visited to ActiveRecord::Relation#includes' do
+        visited = double('Visited')
+        where_visitor.stub(:visit).with(query.tree).and_return(visited)
+        ActiveRecord::Relation.any_instance.should_receive(:where).with(visited).and_return(query.klass.scoped)
+        visit
+      end
+    end
+    context 'matching record' do
+      context 'with Mdm::Host' do
+        #
+        # lets
+        #
+        # Don't use factories to prevent prefix aliasing when sequences go from 1 to 10 or 10 to 100
+        #
+        let(:matching_record_name) {
+          'mdm_host_name_a'
+        }
+        let(:matching_service_name) {
+          'mdm_service_name_a'
+        }
+        let(:non_matching_record_name) {
+          'mdm_host_name_b'
+        }
+        let(:non_matching_service_name) {
+          'mdm_service_name_b'
+        }
+        #
+        # let!s
+        #
+        let!(:matching_record) do
+          FactoryGirl.build(
+              :mdm_host,
+              name: matching_record_name
+          )
+        end
+        let!(:matching_service) do
+          FactoryGirl.create(
+              :mdm_service,
+              host: matching_record,
+              name: matching_service_name
+          )
+        end
+        let!(:non_matching_record) do
+          FactoryGirl.build(
+              :mdm_host,
+              name: non_matching_record_name
+          )
+        end
+        let!(:non_matching_service) do
+          FactoryGirl.create(
+              :mdm_service,
+              host: non_matching_record,
+              name: non_matching_service_name
+          )
+        end
+        it_should_behave_like 'MetasploitDataModels::Search::Visitor::Relation#visit matching record',
+                              :attribute => :name
+        it_should_behave_like 'MetasploitDataModels::Search::Visitor::Relation#visit matching record',
+                              association: :services,
+                              attribute: :name
+        context 'with all operators' do
+          let(:formatted) {
+            %Q{name:"#{matching_record_name}" services.name:"#{matching_service_name}"}
+          }
+          it 'should find only matching record' do
+            if visit.to_a != [matching_record]
+              true
+            end
+            expect(visit).to match_array([matching_record])
+          end
+        end
+      end
+    end
+  end
+  context '#visitor_by_relation_method' do
+    subject(:visitor_by_relation_method) do
+      visitor.visitor_by_relation_method
+    end
+    its([:joins]) { should be_a MetasploitDataModels::Search::Visitor::Joins }
+    its([:includes]) { should be_a MetasploitDataModels::Search::Visitor::Includes }
+    its([:where]) { should be_a MetasploitDataModels::Search::Visitor::Where }
+  end
+  context 'visitor_class_by_relation_method' do
+    subject(:visitor_class_by_relation_method) do
+      described_class.visitor_class_by_relation_method
+    end
+    its([:joins]) { should == MetasploitDataModels::Search::Visitor::Joins }
+    its([:includes]) { should == MetasploitDataModels::Search::Visitor::Includes }
+    its([:where]) { should == MetasploitDataModels::Search::Visitor::Where }
+  end
+end

data/spec/app/models/metasploit_data_models/search/visitor/where_spec.rb ADDED

@@ -0,0 +1,147 @@
+require 'spec_helper'
+describe MetasploitDataModels::Search::Visitor::Where do
+  subject(:visitor) do
+    described_class.new
+  end
+  context '#attribute_visitor' do
+    subject(:attribute_visitor) do
+      visitor.attribute_visitor
+    end
+    it { should be_a MetasploitDataModels::Search::Visitor::Attribute }
+  end
+  context '#method_visitor' do
+    subject(:method_visitor) do
+      visitor.method_visitor
+    end
+    it { should be_a MetasploitDataModels::Search::Visitor::Method }
+  end
+  context '#visit' do
+    subject(:visit) do
+      visitor.visit(node)
+    end
+    arel_class_by_group_class = {
+        Metasploit::Model::Search::Group::Intersection => Arel::Nodes::And,
+        Metasploit::Model::Search::Group::Union => Arel::Nodes::Or
+    }
+    arel_class_by_group_class.each do |group_class, arel_class|
+      context "with #{group_class}" do
+        it_should_behave_like 'MetasploitDataModels::Search::Visitor::Where#visit with Metasploit::Model::Search::Group::Base',
+                              :arel_class => arel_class do
+          let(:node_class) do
+            group_class
+          end
+        end
+      end
+    end
+    equality_operation_classes = [
+        Metasploit::Model::Search::Operation::Boolean,
+        Metasploit::Model::Search::Operation::Date,
+        Metasploit::Model::Search::Operation::Integer,
+        Metasploit::Model::Search::Operation::Set::Integer,
+        Metasploit::Model::Search::Operation::Set::String
+    ]
+    equality_operation_classes.each do |operation_class|
+      context "with #{operation_class}" do
+        it_should_behave_like 'MetasploitDataModels::Search::Visitor::Where#visit with equality operation' do
+          let(:node_class) do
+            operation_class
+          end
+        end
+      end
+    end
+    context 'with Metasploit::Model::Search::Operation::String' do
+      let(:node) do
+        Metasploit::Model::Search::Operation::String.new(
+            :operator => operator,
+            :value => value
+        )
+      end
+      let(:operator) do
+        Metasploit::Model::Search::Operator::Attribute.new(
+            :klass => Mdm::Host,
+            :attribute => :name
+        )
+      end
+      let(:value) do
+        'metasploitable'
+      end
+      it 'should visit operation.operator with attribute_visitor' do
+        visitor.attribute_visitor.should_receive(:visit).with(operator).and_call_original
+        visit
+      end
+      it 'should call matches on Arel::Attributes::Attribute from attribute_visitor' do
+        attribute = double('Visited Operator')
+        visitor.attribute_visitor.stub(:visit).with(operator).and_return(attribute)
+        attribute.should_receive(:matches).with("%#{value}%")
+        visit
+      end
+    end
+    context 'with Metasploit::Model::Search::Query#tree' do
+      let(:node) do
+        query.tree
+      end
+      let(:query) do
+        Metasploit::Model::Search::Query.new(
+            :formatted => formatted,
+            :klass => klass
+        )
+      end
+      context 'with Metasploit::model::Search::Query#klass' do
+        context 'with Mdm::Host' do
+          let(:klass) {
+            Mdm::Host
+          }
+          context 'with name' do
+            let(:name) do
+              FactoryGirl.generate :mdm_host_name
+            end
+            let(:formatted) do
+              "name:\"#{name}\""
+            end
+            it 'should match module_instances.name with ILIKE' do
+              visit.to_sql.should == "\"hosts\".\"name\" ILIKE '%#{name}%'"
+            end
+          end
+          context 'with services.name' do
+            let(:name) do
+              FactoryGirl.generate :mdm_service_name
+            end
+            let(:formatted) do
+              "services.name:\"#{name}\""
+            end
+            it 'should match module_actions.name with ILIKE' do
+              visit.to_sql.should == "\"services\".\"name\" ILIKE '%#{name}%'"
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/spec/dummy/config/initializers/active_record_migrations.rb ADDED

@@ -0,0 +1,4 @@
+# remove Dummy's db/migrate, which doesn't exists and replace it with gem's
+ActiveRecord::Migrator.migrations_paths = [
+    MetasploitDataModels.root.join('db', 'migrate').to_path
+]

data/spec/factories/mdm/services.rb CHANGED

@@ -8,6 +8,7 @@ FactoryGirl.define do
     #
     # Attributes
     #
+    name { generate :mdm_service_name }
     port 4567
     proto 'snmp'
     state 'open'
@@ -19,6 +20,10 @@ FactoryGirl.define do
     end
   end
+  sequence(:mdm_service_name) { |n|
+    "mdm_service_name#{n}"
+  }
   port_bits = 16
   port_limit = 1 << port_bits

data/spec/support/shared/examples/metasploit_data_models/search/visitor/includes/visit/with_children.rb ADDED

@@ -0,0 +1,38 @@
+shared_examples_for 'MetasploitDataModels::Search::Visitor::Includes#visit with #children' do
+  let(:children) do
+    2.times.collect { |n|
+      double("Child #{n}")
+    }
+  end
+  let(:node) do
+    node_class.new(
+        :children => children
+    )
+  end
+  it 'should visit each child' do
+    # needed for call to visit subject
+    visitor.should_receive(:visit).with(node).and_call_original
+    children.each do |child|
+      visitor.should_receive(:visit).with(child).and_return([])
+    end
+    visit
+  end
+  it 'should return Array of all child visits' do
+    child_visits = []
+    visitor.should_receive(:visit).with(node).and_call_original
+    children.each_with_index do |child, i|
+      child_visit = ["Visited Child #{i}"]
+      visitor.stub(:visit).with(child).and_return(child_visit)
+      child_visits.concat(child_visit)
+    end
+    visit.should == child_visits
+  end
+end