From 449213d1c68d93ad9201f1d673dc3c51243ed60d Mon Sep 17 00:00:00 2001
From: Paula Quispe <paula.quispe@processmaker.com>
Date: Fri, 31 Jan 2020 08:42:03 -0400
Subject: [PATCH] PMCORE-643

---
 .../unit/gulliver/system/CodeScannerTest.php  | 211 ++++++++++++++++++
 1 file changed, 211 insertions(+)
 create mode 100644 tests/unit/gulliver/system/CodeScannerTest.php

diff --git a/tests/unit/gulliver/system/CodeScannerTest.php b/tests/unit/gulliver/system/CodeScannerTest.php
new file mode 100644
index 000000000..ba560859b
--- /dev/null
+++ b/tests/unit/gulliver/system/CodeScannerTest.php
@@ -0,0 +1,211 @@
+<?php
+
+namespace Tests\unit\gulliver\system;
+
+use CodeScanner;
+use G;
+use ProcessMaker\Core\System;
+use Tests\TestCase;
+
+/**
+ * @coversDefaultClass \CodeScanner
+ *
+ * This test require have the following configurations enable:
+ * @link https://wiki.processmaker.com/Plugin_Trigger_Code_Security_Scanner_v2
+ */
+class CodeScannerTest extends TestCase
+{
+    private $backupEnvIni;
+    private $pathBlackListIni;
+    private $pathEnvIni;
+    private $pathPlugin;
+    private $pluginName = 'pmTest'; // Define the name of the plugin for the test
+
+    /**
+     * Call the setUp parent method and create some *.ini files
+     */
+    public function setUp()
+    {
+        parent::setUp(); // TODO: Change the autogenerated stub
+
+        // Define the path of blacklist.ini
+        $this->pathBlackListIni = PATH_CONFIG . "blacklist.ini";
+
+        // Creating a custom Blacklist
+        if (!file_exists($this->pathBlackListIni)) {
+            $myfile = fopen($this->pathBlackListIni, "w");
+            fwrite($myfile, ";Classes
+            ;=======
+            DashletInterface
+            
+            ;Functions
+            ;=========
+            eval
+            exec
+            assert
+            preg_replace
+            create_function
+            
+            ;Information Disclosure
+            ;======================
+            phpinfo
+            posix_mkfifo
+            posix_getlogin
+            posix_ttyname
+            getenv
+            get_current_user
+            proc_get_status
+            get_cfg_var
+            disk_free_space
+            disk_total_space
+            diskfreespace
+            getcwd
+            getmygid
+            getmyinode
+            getmypid
+            getmyuid");
+        }
+
+        // Define the path of env.ini
+        $this->pathEnvIni = PATH_CONFIG . "env.ini";
+
+        // Create a backup of the current env.ini
+        if (file_exists($this->pathEnvIni)) {
+            $this->backupEnvIni = file_get_contents($this->pathEnvIni);
+        }
+
+        // Configuring the env.ini file
+        file_put_contents($this->pathEnvIni, "enable_blacklist = 1;");
+
+        // Define the path of the plugin
+        $this->pathPlugin = PATH_PLUGINS . $this->pluginName . PATH_SEP;
+
+        // Create the plugin
+        G::mk_dir($this->pathPlugin, 0777);
+
+        // Add a file into the plugin
+        if (!file_exists($this->pathPlugin . "test_1.php")) {
+            // Create a file in the plugin with PHP code
+            $myfile = fopen($this->pathPlugin . "test_1.php", "w");
+            fwrite($myfile, "<?php
+                phpinfo();"
+            );
+        }
+
+        // Add a file into the plugin
+        if (!file_exists($this->pathPlugin . "test_2.php")) {
+            // Create a file in the plugin with PHP code
+            $myfile = fopen($this->pathPlugin . "test_2.php", "w");
+            fwrite($myfile, "<?php
+                phpinfo();"
+            );
+        }
+    }
+
+    /**
+     * Call the tearDown parent method and remove some files created
+     */
+    public function tearDown()
+    {
+        parent::tearDown();
+
+        // Remove the plugin created
+        G::rm_dir($this->pathPlugin);
+
+        // Remove the blacklist created
+        G::rm_dir($this->pathBlackListIni);
+
+        // Restore the backup of the env.ini
+        file_put_contents($this->pathEnvIni, $this->backupEnvIni);
+    }
+
+    /**
+     * It test the scope obtained with null parameter
+     *
+     * @covers ::__construct()
+     * @covers ::getScope()
+     * @test
+     */
+    public function it_check_get_scope_configured()
+    {
+        $configurations = System::getSystemConfiguration('', '', config("system.workspace"));
+
+        // Instance with null parameter
+        $codeScanner = new CodeScanner(null);
+        $scope = $codeScanner->getScope();
+        $this->assertEquals($scope, explode(',', str_replace(' ', '', $configurations['code_scanner_scope'])));
+
+        // Instance with string parameter
+        $codeScanner = new CodeScanner(config("system.workspace"));
+        $scope = $codeScanner->getScope();
+        $this->assertEquals($scope, explode(',', str_replace(' ', '', $configurations['code_scanner_scope'])));
+
+        // Instance with bool parameter
+        $codeScanner = new CodeScanner(true);
+        $scope = $codeScanner->getScope();
+        $this->isEmpty($scope);
+    }
+
+    /**
+     * It tests disable code without black list
+     *
+     * @covers ::__construct()
+     * @covers ::checkDisabledCode()
+     * @test
+     */
+    public function it_check_disabled_code_without_blacklist()
+    {
+        // If the blacklist.ini was created we need to remove
+        G::rm_dir($this->pathBlackListIni);
+
+        // Instance with default parameter
+        $codeScanner = new CodeScanner();
+        $phpCode = 'phpinfo();';
+
+        // parameter SOURCE
+        $result = $codeScanner->checkDisabledCode('SOURCE', $phpCode);
+        $this->assertEmpty($result);
+
+        // parameter FILE
+        $result = $codeScanner->checkDisabledCode('FILE', $this->pathPlugin . 'test_1.php');
+        $this->assertEmpty($result);
+
+        // parameter PATH
+        $result = $codeScanner->checkDisabledCode('PATH', $this->pathPlugin);
+        $this->assertEmpty($result);
+    }
+
+    /**
+     * It tests disable code with black list
+     * This test require two configurations enable_blacklist and blacklist.ini
+     *
+     * @covers ::__construct()
+     * @covers ::checkDisabledCode()
+     * @covers ::checkDisabledCodeInSource()
+     * @test
+     */
+    public function it_check_disabled_code()
+    {
+        // Check if the blacklist.ini was created
+        if (file_exists($this->pathBlackListIni)) {
+            $codeScanner = new CodeScanner();
+            $phpCode = 'phpinfo();';
+
+            // parameter SOURCE
+            $result = $codeScanner->checkDisabledCode('SOURCE', $phpCode);
+            $this->assertNotEmpty($result);
+
+            // parameter FILE
+            $result = $codeScanner->checkDisabledCode('FILE', $this->pathPlugin . 'test_1.php');
+            $this->assertNotEmpty($result);
+
+            // parameter PATH
+            $result = $codeScanner->checkDisabledCode('PATH', $this->pathPlugin);
+            $this->assertNotEmpty($result);
+        } else {
+            $this->markTestIncomplete(
+                'Please check the configurations to the Code Security Scanner'
+            );
+        }
+    }
+}