Add integration test suite for security headers scanner command.

parent a7b0a69a
"""Shared fixtures used by different tests."""
import pytest
from failmap_admin.organizations.models import Organization, Url
from failmap_admin.scanners.models import Endpoint
@pytest.fixture
def faalonië():
"""A testing organization complete with URL's and endpoints."""
faalonië = Organization(name='faalonië')
faalonië.save()
url = Url(url='www.faalonie.test')
url.save()
url.organization.add(faalonië)
endpoint = Endpoint(ip='127.0.0.1', protocol='https', url=url)
endpoint.save()
return {
'organization': faalonië,
'url': url,
'endpoint': endpoint,
}
"""Integration tests of scanner commands."""
import json
import os
import pytest
from django.core.management import call_command
SECURITY_HEADERS = {
'X-XSS-Protection': '1',
}
TEST_ORGANIZATION = 'faalonië'
NON_EXISTING_ORGANIZATION = 'faaloniet'
def test_security_headers(responses, db, faalonië):
"""Test running security headers scan."""
responses.add(responses.GET, 'https://' + faalonië['url'].url + ':443/', headers=SECURITY_HEADERS)
result = json.loads(call_command('scan-security-headers', '-v3', '-o', TEST_ORGANIZATION))
assert result[0]['status'] == 'success'
def test_security_headers_all(responses, db, faalonië):
"""Test defaulting to all organizations."""
responses.add(responses.GET, 'https://' + faalonië['url'].url + ':443/', headers=SECURITY_HEADERS)
result = json.loads(call_command('scan-security-headers', '-v3'))
assert result[0]['status'] == 'success'
def test_security_headers_notfound(responses, db, faalonië):
"""Test invalid organization."""
with pytest.raises(Exception):
call_command('scan-security-headers', '-v3', '-o', NON_EXISTING_ORGANIZATION)
def test_security_headers(responses, db, faalonië):
"""Test with failing endpoint."""
responses.add(responses.GET, 'https://' + faalonië['url'].url + ':443/', status=500)
result = json.loads(call_command('scan-security-headers', '-v3', '-o', TEST_ORGANIZATION))
assert result[0]['cause']['error'] == 'HTTPError'
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment