metasploit_data_models 0.7.0 → 0.11.2

data/spec/app/models/mdm/tag_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe Mdm::Tag do
+  context 'factories' do
+    context 'mdm_tag' do
+      subject(:mdm_tag) do
+        FactoryGirl.build(:mdm_tag)
+      end
+
+      it { should be_valid }
+    end
+  end
+end

data/spec/app/models/mdm/vuln_ref_spec.rb

@@ -0,0 +1,13 @@
+require 'spec_helper'
+
+describe Mdm::VulnRef do
+  context 'factories' do
+    context 'mdm_vuln_ref' do
+      subject(:mdm_vuln_ref) do
+        FactoryGirl.build(:mdm_vuln_ref)
+      end
+
+      it { should be_valid }
+    end
+  end
+end

data/spec/app/models/mdm/vuln_spec.rb

@@ -0,0 +1,231 @@
+require 'spec_helper'
+
+describe Mdm::Vuln do
+  subject(:vuln) do
+    FactoryGirl.build(:mdm_vuln)
+  end
+
+  context 'associations' do
+    it { should belong_to(:host).class_name('Mdm::Host') }
+    it { should belong_to(:service).class_name('Mdm::Service') }
+    it { should have_many(:module_refs).class_name('Mdm::Module::Ref').through(:refs) }
+    # @todo https://www.pivotaltracker.com/story/show/49004623
+    it { should have_many(:refs).class_name('Mdm::Ref').through(:vulns_refs) }
+    it { should have_many(:vuln_attempts).class_name('Mdm::VulnAttempt').dependent(:destroy) }
+    it { should have_many(:vuln_details).class_name('Mdm::VulnDetail').dependent(:destroy) }
+    # @todo https://www.pivotaltracker.com/story/show/49004623
+    it { should have_many(:vulns_refs).class_name('Mdm::VulnRef').dependent(:destroy) }
+
+    context 'module_details' do
+      it { should have_many(:module_details).class_name('Mdm::Module::Detail').through(:module_refs) }
+
+      context 'with Mdm::Refs' do
+        let(:names) do
+          2.times.collect {
+            FactoryGirl.generate :mdm_ref_name
+          }
+        end
+
+        let!(:refs) do
+          names.collect do |name|
+            FactoryGirl.create(:mdm_ref, :name => name)
+          end
+        end
+
+        context 'with Mdm::VulnRefs' do
+          let!(:vuln_refs) do
+            refs.collect { |ref|
+              FactoryGirl.create(:mdm_vuln_ref, :ref => ref, :vuln => vuln)
+            }
+          end
+
+          context 'with Mdm::Module::Detail' do
+            let!(:module_detail) do
+              FactoryGirl.create(
+                  :mdm_module_detail
+              )
+            end
+
+            context 'with Mdm::Module::Refs with same names as Mdm::Refs' do
+              let!(:module_refs) do
+                names.each do |name|
+                  FactoryGirl.create(
+                      :mdm_module_ref,
+                      :detail => module_detail,
+                      :name => name
+                  )
+                end
+              end
+
+              it 'should list unique Mdm::Module::Detail' do
+                vuln.module_details.should =~ [module_detail]
+              end
+
+              it 'should have duplicate Mdm::Module::Details if collected through chain' do
+                refs = []
+
+                # @todo https://www.pivotaltracker.com/story/show/49004623
+                vuln.vulns_refs.each do |vuln_ref|
+                  refs << vuln_ref.ref
+                end
+
+                module_refs = []
+
+                refs.each do |ref|
+                  module_refs += ref.module_refs
+                end
+
+                module_details = []
+
+                module_refs.each do |module_ref|
+                  module_details << module_ref.detail
+                end
+
+                vuln.module_details.count.should < module_details.length
+                module_details.uniq.count.should == vuln.module_details.count
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+
+  context 'database' do
+    context 'columns' do
+      it { should have_db_column(:exploited_at).of_type(:datetime) }
+      it { should have_db_column(:host_id).of_type(:integer) }
+      it { should have_db_column(:info).of_type(:string) }
+      it { should have_db_column(:name).of_type(:string) }
+      it { should have_db_column(:service_id).of_type(:integer) }
+
+      context 'counter caches' do
+        it { should have_db_column(:vuln_attempt_count).of_type(:integer).with_options(:default => 0) }
+        it { should have_db_column(:vuln_detail_count).of_type(:integer).with_options(:default => 0) }
+      end
+
+      context 'timestamps' do
+        it { should have_db_column(:created_at).of_type(:datetime) }
+        it { should have_db_column(:updated_at).of_type(:datetime) }
+      end
+    end
+  end
+
+  context 'factories' do
+    context 'mdm_host_vuln' do
+      subject(:mdm_host_vuln) do
+        FactoryGirl.build(:mdm_host_vuln)
+      end
+
+      it { should be_valid }
+    end
+
+    context 'mdm_service_vuln' do
+      subject(:mdm_service_vuln) do
+        FactoryGirl.build(:mdm_service_vuln)
+      end
+
+      it { should be_valid }
+    end
+
+    context 'mdm_vuln' do
+      subject(:mdm_vuln) do
+        FactoryGirl.build(:mdm_vuln)
+      end
+
+      it { should be_valid }
+    end
+  end
+
+  context 'scopes' do
+    context 'search' do
+      context 'with Mdm::Vuln' do
+        subject(:results) do
+          described_class.search(query)
+        end
+
+        let!(:vuln) do
+          FactoryGirl.create(:mdm_vuln)
+        end
+
+        context 'with Mdm::Ref' do
+          let!(:ref) do
+            FactoryGirl.create(:mdm_ref)
+          end
+
+          context 'with Mdm::VulnRef' do
+            let!(:vuln_ref) do
+              FactoryGirl.create(:mdm_vuln_ref, :ref => ref, :vuln => vuln)
+            end
+
+            context 'with query matching Mdm::Ref#name' do
+              let(:query) do
+                ref.name
+              end
+
+              it 'should match Mdm::Vuln' do
+                results.should =~ [vuln]
+              end
+            end
+
+            context 'with query matching Mdm::Ref#name' do
+              let(:query) do
+                "Not #{ref.name}"
+              end
+
+              it 'should not match Mdm::Vuln' do
+                results.should be_empty
+              end
+            end
+          end
+
+          context 'without Mdm::VulnRef' do
+            context 'with query matching Mdm::Vuln#name' do
+              let(:query) do
+                vuln.name
+              end
+
+              it 'should match Mdm::Vuln' do
+                results.should =~ [vuln]
+              end
+            end
+
+            context 'with query not matching Mdm::Vuln#name' do
+              let(:query) do
+                "Not #{vuln.name}"
+              end
+
+              it 'should not match Mdm::Vuln' do
+                results.should be_empty
+              end
+            end
+
+            context 'with query matching Mdm::Vuln#info' do
+              let(:query) do
+                vuln.info
+              end
+
+              it 'should match Mdm::Vuln' do
+                results.should =~ [vuln]
+              end
+            end
+
+            context 'without query matching Mdm::Vuln#info' do
+              let(:query) do
+                "Not #{vuln.info}"
+              end
+
+              it 'should not match Mdm::Vuln' do
+                results.should be_empty
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+
+  context 'validations' do
+    it { should validate_presence_of :name }
+  end
+end

data/spec/dummy/db/schema.rb

@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20130423211152) do
+ActiveRecord::Schema.define(:version => 20130430162145) do
 
   create_table "api_keys", :force => true do |t|
     t.text     "token"
@@ -135,7 +135,7 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
 
   create_table "hosts", :force => true do |t|
     t.datetime "created_at"
-    t.string   "address"
+    t.string   "address",               :limit => nil,                  :null => false
     t.string   "mac"
     t.string   "comm"
     t.string   "name"
@@ -145,7 +145,7 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
     t.string   "os_sp"
     t.string   "os_lang"
     t.string   "arch"
-    t.integer  "workspace_id"
+    t.integer  "workspace_id",                                          :null => false
     t.datetime "updated_at"
     t.text     "purpose"
     t.string   "info",                  :limit => 65536
@@ -160,12 +160,12 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
     t.integer  "cred_count",                             :default => 0
   end
 
-  add_index "hosts", ["address"], :name => "index_hosts_on_address"
   add_index "hosts", ["name"], :name => "index_hosts_on_name"
   add_index "hosts", ["os_flavor"], :name => "index_hosts_on_os_flavor"
   add_index "hosts", ["os_name"], :name => "index_hosts_on_os_name"
   add_index "hosts", ["purpose"], :name => "index_hosts_on_purpose"
   add_index "hosts", ["state"], :name => "index_hosts_on_state"
+  add_index "hosts", ["workspace_id", "address"], :name => "index_hosts_on_workspace_id_and_address", :unique => true
 
   create_table "hosts_tags", :id => false, :force => true do |t|
     t.integer "host_id"
@@ -224,26 +224,26 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
   end
 
   create_table "module_actions", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
   end
 
-  add_index "module_actions", ["module_detail_id"], :name => "index_module_actions_on_module_detail_id"
+  add_index "module_actions", ["detail_id"], :name => "index_module_actions_on_module_detail_id"
 
   create_table "module_archs", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
   end
 
-  add_index "module_archs", ["module_detail_id"], :name => "index_module_archs_on_module_detail_id"
+  add_index "module_archs", ["detail_id"], :name => "index_module_archs_on_module_detail_id"
 
   create_table "module_authors", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
     t.text    "email"
   end
 
-  add_index "module_authors", ["module_detail_id"], :name => "index_module_authors_on_module_detail_id"
+  add_index "module_authors", ["detail_id"], :name => "index_module_authors_on_module_detail_id"
 
   create_table "module_details", :force => true do |t|
     t.datetime "mtime"
@@ -269,34 +269,34 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
   add_index "module_details", ["refname"], :name => "index_module_details_on_refname"
 
   create_table "module_mixins", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
   end
 
-  add_index "module_mixins", ["module_detail_id"], :name => "index_module_mixins_on_module_detail_id"
+  add_index "module_mixins", ["detail_id"], :name => "index_module_mixins_on_module_detail_id"
 
   create_table "module_platforms", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
   end
 
-  add_index "module_platforms", ["module_detail_id"], :name => "index_module_platforms_on_module_detail_id"
+  add_index "module_platforms", ["detail_id"], :name => "index_module_platforms_on_module_detail_id"
 
   create_table "module_refs", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.text    "name"
   end
 
-  add_index "module_refs", ["module_detail_id"], :name => "index_module_refs_on_module_detail_id"
+  add_index "module_refs", ["detail_id"], :name => "index_module_refs_on_module_detail_id"
   add_index "module_refs", ["name"], :name => "index_module_refs_on_name"
 
   create_table "module_targets", :force => true do |t|
-    t.integer "module_detail_id"
+    t.integer "detail_id"
     t.integer "index"
     t.text    "name"
   end
 
-  add_index "module_targets", ["module_detail_id"], :name => "index_module_targets_on_module_detail_id"
+  add_index "module_targets", ["detail_id"], :name => "index_module_targets_on_module_detail_id"
 
   create_table "nexpose_consoles", :force => true do |t|
     t.datetime "created_at",                     :null => false
@@ -596,7 +596,7 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
 
   create_table "wmap_requests", :force => true do |t|
     t.string   "host"
-    t.string   "address"
+    t.string   "address",    :limit => nil
     t.integer  "port"
     t.integer  "ssl"
     t.string   "meth",       :limit => 32
@@ -613,7 +613,7 @@ ActiveRecord::Schema.define(:version => 20130423211152) do
 
   create_table "wmap_targets", :force => true do |t|
     t.string   "host"
-    t.string   "address"
+    t.string   "address",    :limit => nil
     t.integer  "port"
     t.integer  "ssl"
     t.integer  "selected"

data/spec/factories/mdm/host_tags.rb

@@ -0,0 +1,9 @@
+FactoryGirl.define do
+  factory :mdm_host_tag, :class => Mdm::HostTag do
+    #
+    # Associations
+    #
+    association :host, :factory => :mdm_host
+    association :tag, :factory => :mdm_tag
+  end
+end

data/spec/factories/mdm/hosts.rb

@@ -10,9 +10,74 @@ FactoryGirl.define do
     #
     address { generate :mdm_ipv4_address }
     name { generate :mdm_host_name }
+
+    factory :full_mdm_host do
+      arch { generate :mdm_host_arch }
+      comm { generate :mdm_host_comm }
+      comments { generate :mdm_host_comments }
+      info { generate :mdm_host_info }
+      mac { generate :mdm_host_mac }
+      os_flavor { generate :mdm_host_os_flavor }
+      os_lang { generate :mdm_host_os_lang }
+      os_name { generate :mdm_host_os_name }
+      os_sp { generate :mdm_host_os_sp }
+      purpose { generate :mdm_host_purpose }
+      scope { generate :mdm_host_scope }
+      state { generate :mdm_host_state }
+      virtual_host { generate :mdm_host_virtual_host }
+    end
   end
 
   sequence :mdm_host_name do |n|
     "mdm_host_#{n}"
   end
+
+  sequence :mdm_host_arch, Mdm::Host::ARCHITECTURES.cycle
+
+  sequence :mdm_host_comm do |n|
+    "Mdm::Host#comm #{n}"
+  end
+
+  sequence :mdm_host_comments do |n|
+    "Mdm::Host#comments #{n}"
+  end
+
+  sequence :mdm_host_info do |n|
+    "Mdm::Host#info #{n}"
+  end
+
+  sequence :mdm_host_mac do |n|
+    without_separators = "%012X" % n
+    octet_strings = without_separators.scan(/.{2}/)
+    formatted = octet_strings.join(':')
+
+    formatted
+  end
+
+  sequence :mdm_host_os_flavor do |n|
+    "Mdm::Host#os_flavor #{n}"
+  end
+
+  sequence :mdm_host_os_lang do |n|
+    "Mdm::Host#os_lang #{n}"
+  end
+
+  sequence :mdm_host_os_name, Mdm::Host::OPERATING_SYSTEM_NAMES.cycle
+
+  sequence :mdm_host_os_sp do |n|
+    "Mdm::Host#os_sp #{n}"
+  end
+
+  sequence :mdm_host_purpose do |n|
+    "Mdm::Host#purpose #{n}"
+  end
+
+  sequence :mdm_host_scope do |n|
+    n.to_s
+  end
+
+  sequence :mdm_host_state, Mdm::Host::STATES.cycle
+
+  virtual_hosts = ['VMWare', 'QEMU', 'XEN']
+  sequence :mdm_host_virtual_host, virtual_hosts.cycle
 end