-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
9fcdd8c
commit 4a6228e
Showing
5 changed files
with
368 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,193 @@ | ||
<?php | ||
|
||
/** | ||
* Copyright © 2016-present Spryker Systems GmbH. All rights reserved. | ||
* Use of this software requires acceptance of the Evaluation License Agreement. See LICENSE file. | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace SprykerSdkTest\Evaluator\Unit\Checker\NpmChecker; | ||
|
||
use PHPUnit\Framework\TestCase; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmAuditExecutor; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmExecutorException; | ||
use SprykerSdk\Evaluator\Process\ProcessRunnerInterface; | ||
use Symfony\Component\Process\Process; | ||
|
||
class NpmAuditExecutorTest extends TestCase | ||
{ | ||
/** | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldReturnEmptyArrayWhenAuditIsSuccessful(): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock('', '', true); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
//Act | ||
$result = $npmAuditExecutor->executeNpmAudit(); | ||
|
||
//Assert | ||
$this->assertEmpty($result); | ||
} | ||
|
||
/** | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldThrowExceptionWhenProcessReturnedError(): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock('', 'Some Error', false); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
$this->expectException(NpmExecutorException::class); | ||
$this->expectExceptionMessage('Some Error'); | ||
|
||
//Act | ||
$npmAuditExecutor->executeNpmAudit(); | ||
} | ||
|
||
/** | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldThrowExceptionWhenInvalidJsonReturned(): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock('{Invalid:json'); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
$this->expectException(NpmExecutorException::class); | ||
|
||
//Act | ||
$npmAuditExecutor->executeNpmAudit(); | ||
} | ||
|
||
/** | ||
* @dataProvider invalidJsonFormatReceivedDataProvider | ||
* | ||
* @param string $toolOutput | ||
* | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldThrowExceptionWhenUnexpectedJsonReturned(string $toolOutput): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock($toolOutput); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
$this->expectException(NpmExecutorException::class); | ||
|
||
//Act | ||
$npmAuditExecutor->executeNpmAudit(); | ||
} | ||
|
||
/** | ||
* @dataProvider vulnerabilitiesThatShouldBeSkippedDataProvider | ||
* | ||
* @param string $toolOutput | ||
* | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldSkipVulnerabilities(string $toolOutput): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock($toolOutput); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
//Act | ||
$result = $npmAuditExecutor->executeNpmAudit(); | ||
|
||
//Assert | ||
$this->assertEmpty($result); | ||
} | ||
|
||
/** | ||
* @return void | ||
*/ | ||
public function testExecuteNpmAuditShouldFetchUniqueDataFromNpmAudit(): void | ||
{ | ||
//Arrange | ||
$processMock = $this->createProcessMock( | ||
'{"vulnerabilities": { | ||
"datatables.net": {"name": "datatables.net", "severity": "critical", "via": [{"title": "Test violation", "url": "https://violation-url"}]}, | ||
"datatables.net": {"name": "datatables.net", "severity": "critical", "via": [{"title": "Test violation", "url": "https://violation-url"}]}} | ||
}', | ||
); | ||
$processRunnerMock = $this->createProcessRunnerMock($processMock); | ||
$npmAuditExecutor = new NpmAuditExecutor($processRunnerMock); | ||
|
||
//Act | ||
$result = $npmAuditExecutor->executeNpmAudit(); | ||
|
||
//Assert | ||
$this->assertCount(1, $result); | ||
$violationDto = $result[0]; | ||
|
||
$this->assertSame("[critical] Test violation\nhttps://violation-url", $violationDto->getMessage()); | ||
$this->assertSame('datatables.net', $violationDto->getTarget()); | ||
} | ||
|
||
/** | ||
* @return array<string, array<string>> | ||
*/ | ||
public function invalidJsonFormatReceivedDataProvider(): array | ||
{ | ||
return [ | ||
'missedVulnerabilitiesKey' => ['{}'], | ||
'nonArrayVulnerabilitiesKey' => ['{"vulnerabilities": "non-array"}'], | ||
'missedNameKey' => ['{"vulnerabilities": {"datatables.net": {"severity": "critical", "via": {"title": "someTitle"}}}}'], | ||
'missedSeverityKey' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "via": {"title": "someTitle"}}}}'], | ||
'missedViaKey' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "severity": "critical"}'], | ||
'nonArrayViaKey' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "severity": "critical", "via": "non-array"}}}'], | ||
]; | ||
} | ||
|
||
/** | ||
* @return array<string, array<string>> | ||
*/ | ||
public function vulnerabilitiesThatShouldBeSkippedDataProvider(): array | ||
{ | ||
return [ | ||
'skipInfoVulnerability' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "severity": "info", "via": [{"title": "Cross site scripting"}]}}}'], | ||
'skipNoTitleVulnerability' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "severity": "critical", "via": [{"url": "http://some-url"}]}}}'], | ||
'skipNonRootVulnerability' => ['{"vulnerabilities": {"datatables.net": {"name": "datatables.net", "severity": "critical", "via": ["@spryker/oryx","autoprefixer"]}}}'], | ||
]; | ||
} | ||
|
||
/** | ||
* @param string $stdOut | ||
* @param string $stdErr | ||
* @param bool $isSuccessful | ||
* | ||
* @return \Symfony\Component\Process\Process | ||
*/ | ||
public function createProcessMock(string $stdOut, string $stdErr = '', bool $isSuccessful = false): Process | ||
{ | ||
$process = $this->createMock(Process::class); | ||
$process->method('isSuccessful')->willReturn($isSuccessful); | ||
$process->method('getOutput')->willReturn($stdOut); | ||
$process->method('getErrorOutput')->willReturn($stdErr); | ||
|
||
return $process; | ||
} | ||
|
||
/** | ||
* @param \Symfony\Component\Process\Process $process | ||
* | ||
* @return \SprykerSdk\Evaluator\Process\ProcessRunnerInterface | ||
*/ | ||
public function createProcessRunnerMock(Process $process): ProcessRunnerInterface | ||
{ | ||
$processRunner = $this->createMock(ProcessRunnerInterface::class); | ||
$processRunner->method('run')->willReturn($process); | ||
|
||
return $processRunner; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,111 @@ | ||
<?php | ||
|
||
/** | ||
* Copyright © 2016-present Spryker Systems GmbH. All rights reserved. | ||
* Use of this software requires acceptance of the Evaluation License Agreement. See LICENSE file. | ||
*/ | ||
|
||
declare(strict_types=1); | ||
|
||
namespace SprykerSdkTest\Evaluator\Unit\Checker\NpmChecker; | ||
|
||
use PHPUnit\Framework\TestCase; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmAuditExecutor; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmChecker; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmExecutorException; | ||
use SprykerSdk\Evaluator\Checker\NpmChecker\NpmInstallationValidator; | ||
use SprykerSdk\Evaluator\Dto\CheckerInputDataDto; | ||
use SprykerSdk\Evaluator\Dto\ViolationDto; | ||
|
||
class NpmCheckerTest extends TestCase | ||
{ | ||
/** | ||
* @return void | ||
*/ | ||
public function testIsApplicableShouldReturnIfNpmInstalled(): void | ||
{ | ||
//Arrange | ||
$npmInstallationValidatorMock = $this->createNpmInstallationValidatorMock(); | ||
$npmAuditExecutorMock = $this->createNpmAuditExecutorMock([]); | ||
$npmChecker = new NpmChecker($npmInstallationValidatorMock, $npmAuditExecutorMock); | ||
|
||
//Act | ||
$result = $npmChecker->isApplicable(); | ||
|
||
//Assert | ||
$this->assertTrue($result); | ||
} | ||
|
||
/** | ||
* @return void | ||
*/ | ||
public function testIsApplicableShouldReturnNpmIssueWhenThrownException(): void | ||
{ | ||
//Arrange | ||
$npmInstallationValidatorMock = $this->createNpmInstallationValidatorMock(); | ||
$npmAuditExecutorMock = $this->createNpmAuditExecutorMock([], true); | ||
$inputData = new CheckerInputDataDto(''); | ||
$npmChecker = new NpmChecker($npmInstallationValidatorMock, $npmAuditExecutorMock); | ||
|
||
//Act | ||
$response = $npmChecker->check($inputData); | ||
|
||
//Assert | ||
$this->assertCount(1, $response->getViolations()); | ||
$violationDto = $response->getViolations()[0]; | ||
|
||
$this->assertStringStartsWith(NpmChecker::NPM_ISSUE_MESSAGE_PREFIX, $violationDto->getMessage()); | ||
} | ||
|
||
/** | ||
* @return void | ||
*/ | ||
public function testIsApplicableShouldReturnValidResponse(): void | ||
{ | ||
//Arrange | ||
$npmInstallationValidatorMock = $this->createNpmInstallationValidatorMock(); | ||
$violationDto = new ViolationDto('some message', 'target'); | ||
$npmAuditExecutorMock = $this->createNpmAuditExecutorMock([$violationDto]); | ||
$inputData = new CheckerInputDataDto(''); | ||
$npmChecker = new NpmChecker($npmInstallationValidatorMock, $npmAuditExecutorMock); | ||
|
||
//Act | ||
$response = $npmChecker->check($inputData); | ||
|
||
//Assert | ||
$this->assertCount(1, $response->getViolations()); | ||
$violationDto = $response->getViolations()[0]; | ||
|
||
$this->assertSame($violationDto, $violationDto); | ||
} | ||
|
||
/** | ||
* @return \SprykerSdk\Evaluator\Checker\NpmChecker\NpmInstallationValidator | ||
*/ | ||
public function createNpmInstallationValidatorMock(): NpmInstallationValidator | ||
{ | ||
$npmInstallationValidator = $this->createMock(NpmInstallationValidator::class); | ||
$npmInstallationValidator->method('isNpmInstalled')->willReturn(true); | ||
|
||
return $npmInstallationValidator; | ||
} | ||
|
||
/** | ||
* @param array<\SprykerSdk\Evaluator\Dto\ViolationDto> $violations | ||
* @param bool $throwException | ||
* | ||
* @return \SprykerSdk\Evaluator\Checker\NpmChecker\NpmAuditExecutor | ||
*/ | ||
public function createNpmAuditExecutorMock(array $violations, bool $throwException = false): NpmAuditExecutor | ||
{ | ||
$npmAuditExecutor = $this->createMock(NpmAuditExecutor::class); | ||
|
||
if ($throwException) { | ||
$npmAuditExecutor->method('executeNpmAudit')->willThrowException(new NpmExecutorException('Some issue')); | ||
} | ||
|
||
$npmAuditExecutor->method('executeNpmAudit')->willReturn($violations); | ||
|
||
return $npmAuditExecutor; | ||
} | ||
} |
Oops, something went wrong.