Test reference score in package endpoint

keshav-space · keshav-space · commit f1c72748711e · 2024-11-15T11:14:12.000+05:30
Signed-off-by: Keshav Priyadarshi &lt;git@keshav.space&gt;
diff --git a/vulnerabilities/tests/test_api.py b/vulnerabilities/tests/test_api.py
@@ -556,6 +556,22 @@ def setUp(self):
             "pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.0-rc1"
         )
 
+        self.ref = VulnerabilityReference.objects.create(
+            reference_type="advisory", reference_id="CVE-xxx-xxx", url="https://example.com"
+        )
+
+        self.severity = VulnerabilitySeverity.objects.create(
+            url="https://example.com",
+            scoring_system=EPSS.identifier,
+            scoring_elements=".0016",
+            value="0.526",
+        )
+        self.vul1.references.add(self.ref)
+        self.vul1.severities.add(self.severity)
+
+        self.vul3.references.add(self.ref)
+        self.vul3.severities.add(self.severity)
+
         set_as_fixing(package=self.pkg_2_12_6, vulnerability=self.vul3)
 
         set_as_affected_by(package=self.pkg_2_12_6_1, vulnerability=self.vul2)
@@ -587,7 +603,21 @@ def test_api_with_lesser_and_greater_fixed_by_packages(self):
                     "url": "http://testserver/api/vulnerabilities/{0}".format(self.vul1.id),
                     "vulnerability_id": "VCID-vul1-vul1-vul1",
                     "summary": "This is VCID-vul1-vul1-vul1",
-                    "references": [],
+                    "references": [
+                        {
+                            "reference_url": "https://example.com",
+                            "reference_id": "CVE-xxx-xxx",
+                            "reference_type": "advisory",
+                            "scores": [
+                                {
+                                    "value": "0.526",
+                                    "scoring_system": "epss",
+                                    "scoring_elements": ".0016",
+                                }
+                            ],
+                            "url": "https://example.com",
+                        }
+                    ],
                     "fixed_packages": [
                         {
                             "url": "http://testserver/api/packages/{0}".format(self.pkg_2_13_2.id),
@@ -608,7 +638,21 @@ def test_api_with_lesser_and_greater_fixed_by_packages(self):
                     "url": "http://testserver/api/vulnerabilities/{0}".format(self.vul3.id),
                     "vulnerability_id": "VCID-vul3-vul3-vul3",
                     "summary": "This is VCID-vul3-vul3-vul3",
-                    "references": [],
+                    "references": [
+                        {
+                            "reference_url": "https://example.com",
+                            "reference_id": "CVE-xxx-xxx",
+                            "reference_type": "advisory",
+                            "scores": [
+                                {
+                                    "value": "0.526",
+                                    "scoring_system": "epss",
+                                    "scoring_elements": ".0016",
+                                }
+                            ],
+                            "url": "https://example.com",
+                        }
+                    ],
                     "fixed_packages": [
                         {
                             "url": "http://testserver/api/packages/{0}".format(self.pkg_2_12_6.id),
