Add unit tests related to the vulnerabilities_risk_threshold #97

Signed-off-by: tdruez <[email protected]>

Author: tdruez

dje/models.py

@@ -391,6 +391,19 @@ def get_configuration(self, field_name=None):
             return getattr(configuration, field_name, None)
         return configuration
 
+    def set_configuration(self, field_name, value):
+        """
+        Set the `value` for `field_name` on the DataspaceConfiguration linked
+        with this Dataspace instance.
+        """
+        try:
+            configuration = self.configuration
+        except ObjectDoesNotExist:
+            configuration = DataspaceConfiguration(dataspace=self)
+
+        setattr(configuration, field_name, value)
+        configuration.save()
+
     @property
     def has_configuration(self):
         """Return True if an associated DataspaceConfiguration instance exists."""

dje/tests/test_models.py

@@ -212,6 +212,11 @@ def test_dataspace_get_configuration(self):
 
         self.assertIsNone(self.dataspace.get_configuration("non_available_field"))
 
+    def test_dataspace_set_configuration(self):
+        self.dataspace.set_configuration("vulnerabilities_risk_threshold", 5.0)
+        self.dataspace.refresh_from_db()
+        self.assertEqual(5.0, self.dataspace.get_configuration("vulnerabilities_risk_threshold"))
+
     def test_dataspace_has_configuration(self):
         self.assertFalse(self.dataspace.has_configuration)
         DataspaceConfiguration.objects.create(dataspace=self.dataspace)

product_portfolio/tests/test_models.py

@@ -508,8 +508,12 @@ def test_product_model_improve_packages_from_purldb(self, mock_update_from_purld
     def test_product_model_get_vulnerability_qs(self):
         package1 = make_package(self.dataspace)
         package2 = make_package(self.dataspace)
-        vulnerability1 = make_vulnerability(self.dataspace, affecting=[package1, package2])
-        vulnerability2 = make_vulnerability(self.dataspace, affecting=[package1, package2])
+        vulnerability1 = make_vulnerability(
+            self.dataspace, affecting=[package1, package2], risk_score=10.0
+        )
+        vulnerability2 = make_vulnerability(
+            self.dataspace, affecting=[package1, package2], risk_score=1.0
+        )
         make_product_package(self.product1, package=package1)
         make_product_package(self.product1, package=package2)
 
@@ -519,6 +523,12 @@ def test_product_model_get_vulnerability_qs(self):
         self.assertIn(vulnerability1, queryset)
         self.assertIn(vulnerability2, queryset)
 
+        queryset = self.product1.get_vulnerability_qs(risk_threshold=5.0)
+        # Makeing sure the distinct() is properly applied
+        self.assertEqual(1, len(queryset))
+        self.assertIn(vulnerability1, queryset)
+        self.assertNotIn(vulnerability2, queryset)
+
     def test_product_model_vulnerability_count_property(self):
         self.assertEqual(0, self.product1.vulnerability_count)
 
@@ -534,6 +544,15 @@ def test_product_model_vulnerability_count_property(self):
         self.product1 = Product.unsecured_objects.get(pk=self.product1.pk)
         self.assertEqual(2, self.product1.vulnerability_count)
 
+    def test_product_model_get_vulnerabilities_risk_threshold(self):
+        self.assertIsNone(self.product1.get_vulnerabilities_risk_threshold())
+
+        self.product1.dataspace.set_configuration("vulnerabilities_risk_threshold", 5.0)
+        self.assertEqual(5.0, self.product1.get_vulnerabilities_risk_threshold())
+
+        self.product1.update(vulnerabilities_risk_threshold=10.0)
+        self.assertEqual(10.0, self.product1.get_vulnerabilities_risk_threshold())
+
     def test_productcomponent_model_license_expression_handle_assigned_licenses(self):
         p1 = ProductComponent.objects.create(
             product=self.product1, name="p1", dataspace=self.dataspace

product_portfolio/tests/test_views.py

@@ -356,6 +356,29 @@ def test_product_portfolio_tab_vulnerability_view_queries(self):
         with self.assertNumQueries(10):
             self.client.get(url)
 
+    def test_product_portfolio_tab_vulnerability_risk_threshold(self):
+        self.client.login(username="nexb_user", password="secret")
+
+        p1 = make_package(self.dataspace)
+        vulnerability1 = make_vulnerability(self.dataspace, affecting=[p1], risk_score=1.0)
+        vulnerability2 = make_vulnerability(self.dataspace, affecting=[p1], risk_score=5.0)
+        product1 = make_product(self.dataspace)
+        make_product_package(product1, package=p1)
+        url = product1.get_url("tab_vulnerabilities")
+
+        response = self.client.get(url)
+        self.assertContains(response, vulnerability1.vcid)
+        self.assertContains(response, vulnerability2.vcid)
+        self.assertContains(response, "2 results")
+        self.assertNotContains(response, "A risk threshold filter at")
+
+        product1.update(vulnerabilities_risk_threshold=3.0)
+        response = self.client.get(url)
+        self.assertNotContains(response, vulnerability1.vcid)
+        self.assertContains(response, vulnerability2.vcid)
+        self.assertContains(response, "1 results")
+        self.assertContains(response, 'A risk threshold filter at "3.0" is currently applied.')
+
     def test_product_portfolio_tab_vulnerability_view_analysis_rendering(self):
         self.client.login(username="nexb_user", password="secret")
         # Each have a unique vulnerability, and p1 p2 are sharing a common one.