123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 |
- /*
- * SonarQube
- * Copyright (C) 2009-2021 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
- import { Standards } from '../../types/security';
- import {
- renderCWECategory,
- renderOwaspTop10Category,
- renderSansTop25Category,
- renderSonarSourceSecurityCategory
- } from '../security-standard';
-
- describe('renderCWECategory', () => {
- const standards: Standards = {
- cwe: {
- '1004': {
- title: "Sensitive Cookie Without 'HttpOnly' Flag"
- },
- unknown: {
- title: 'No CWE associated'
- }
- },
- owaspTop10: {},
- sansTop25: {},
- sonarsourceSecurity: {}
- };
- it('should render cwe categories correctly', () => {
- expect(renderCWECategory(standards, '1004')).toEqual(
- "CWE-1004 - Sensitive Cookie Without 'HttpOnly' Flag"
- );
- expect(renderCWECategory(standards, '124')).toEqual('CWE-124');
- expect(renderCWECategory(standards, 'unknown')).toEqual('No CWE associated');
- });
- });
-
- describe('renderOwaspTop10Category', () => {
- const standards: Standards = {
- cwe: {},
- owaspTop10: {
- a1: {
- title: 'Injection'
- }
- },
- sansTop25: {},
- sonarsourceSecurity: {}
- };
- it('should render owasp categories correctly', () => {
- expect(renderOwaspTop10Category(standards, 'a1')).toEqual('A1 - Injection');
- expect(renderOwaspTop10Category(standards, 'a1', true)).toEqual('OWASP A1 - Injection');
- expect(renderOwaspTop10Category(standards, 'a2')).toEqual('A2');
- expect(renderOwaspTop10Category(standards, 'a2', true)).toEqual('OWASP A2');
- });
- });
-
- describe('renderSansTop25Category', () => {
- const standards: Standards = {
- cwe: {},
- owaspTop10: {},
- sansTop25: {
- 'insecure-interaction': {
- title: 'Insecure Interaction Between Components'
- }
- },
- sonarsourceSecurity: {}
- };
- it('should render sans categories correctly', () => {
- expect(renderSansTop25Category(standards, 'insecure-interaction')).toEqual(
- 'Insecure Interaction Between Components'
- );
- expect(renderSansTop25Category(standards, 'insecure-interaction', true)).toEqual(
- 'SANS Insecure Interaction Between Components'
- );
- expect(renderSansTop25Category(standards, 'unknown')).toEqual('unknown');
- expect(renderSansTop25Category(standards, 'unknown', true)).toEqual('SANS unknown');
- });
- });
-
- describe('renderSonarSourceSecurityCategory', () => {
- const standards: Standards = {
- cwe: {},
- owaspTop10: {},
- sansTop25: {},
- sonarsourceSecurity: {
- xss: {
- title: 'Cross-Site Scripting (XSS)'
- },
- others: {
- title: 'Others'
- }
- }
- };
- it('should render sonarsource categories correctly', () => {
- expect(renderSonarSourceSecurityCategory(standards, 'xss')).toEqual(
- 'Cross-Site Scripting (XSS)'
- );
- expect(renderSonarSourceSecurityCategory(standards, 'xss', true)).toEqual(
- 'SONAR Cross-Site Scripting (XSS)'
- );
- expect(renderSonarSourceSecurityCategory(standards, 'others')).toEqual('Others');
- expect(renderSonarSourceSecurityCategory(standards, 'others', true)).toEqual('Others');
- });
- });
|