fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/PMCORE-643 (pull request #7250)

Browse Source 
PMCORE-643

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Paula Quispe
2020-02-12 18:18:33 +00:00
committed by Julio Cesar Laura Avendaño
parent afe40b67a2 449213d1c6
commit 7fd12c49b1
1 changed files with 211 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

211
tests/unit/gulliver/system/CodeScannerTest.php Normal file
View File

@@ -0,0 +1,211 @@
<?php
namespace Tests\unit\gulliver\system;
use CodeScanner;
use G;
use ProcessMaker\Core\System;
use Tests\TestCase;
/**
* @coversDefaultClass \CodeScanner
*
* This test require have the following configurations enable:
* @link https://wiki.processmaker.com/Plugin_Trigger_Code_Security_Scanner_v2
*/
class CodeScannerTest extends TestCase
{
private $backupEnvIni;
private $pathBlackListIni;
private $pathEnvIni;
private $pathPlugin;
private $pluginName = 'pmTest'; // Define the name of the plugin for the test
/**
* Call the setUp parent method and create some *.ini files
*/
public function setUp()
{
parent::setUp(); // TODO: Change the autogenerated stub
// Define the path of blacklist.ini
$this->pathBlackListIni = PATH_CONFIG . "blacklist.ini";
// Creating a custom Blacklist
if (!file_exists($this->pathBlackListIni)) {
$myfile = fopen($this->pathBlackListIni, "w");
fwrite($myfile, ";Classes
;=======
DashletInterface
;Functions
;=========
eval
exec
assert
preg_replace
create_function
;Information Disclosure
;======================
phpinfo
posix_mkfifo
posix_getlogin
posix_ttyname
getenv
get_current_user
proc_get_status
get_cfg_var
disk_free_space
disk_total_space
diskfreespace
getcwd
getmygid
getmyinode
getmypid
getmyuid");
}
// Define the path of env.ini
$this->pathEnvIni = PATH_CONFIG . "env.ini";
// Create a backup of the current env.ini
if (file_exists($this->pathEnvIni)) {
$this->backupEnvIni = file_get_contents($this->pathEnvIni);
}
// Configuring the env.ini file
file_put_contents($this->pathEnvIni, "enable_blacklist = 1;");
// Define the path of the plugin
$this->pathPlugin = PATH_PLUGINS . $this->pluginName . PATH_SEP;
// Create the plugin
G::mk_dir($this->pathPlugin, 0777);
// Add a file into the plugin
if (!file_exists($this->pathPlugin . "test_1.php")) {
// Create a file in the plugin with PHP code
$myfile = fopen($this->pathPlugin . "test_1.php", "w");
fwrite($myfile, "<?php
phpinfo();"
);
}
// Add a file into the plugin
if (!file_exists($this->pathPlugin . "test_2.php")) {
// Create a file in the plugin with PHP code
$myfile = fopen($this->pathPlugin . "test_2.php", "w");
fwrite($myfile, "<?php
phpinfo();"
);
}
}
/**
* Call the tearDown parent method and remove some files created
*/
public function tearDown()
{
parent::tearDown();
// Remove the plugin created
G::rm_dir($this->pathPlugin);
// Remove the blacklist created
G::rm_dir($this->pathBlackListIni);
// Restore the backup of the env.ini
file_put_contents($this->pathEnvIni, $this->backupEnvIni);
}
/**
* It test the scope obtained with null parameter
*
* @covers ::__construct()
* @covers ::getScope()
* @test
*/
public function it_check_get_scope_configured()
{
$configurations = System::getSystemConfiguration('', '', config("system.workspace"));
// Instance with null parameter
$codeScanner = new CodeScanner(null);
$scope = $codeScanner->getScope();
$this->assertEquals($scope, explode(',', str_replace(' ', '', $configurations['code_scanner_scope'])));
// Instance with string parameter
$codeScanner = new CodeScanner(config("system.workspace"));
$scope = $codeScanner->getScope();
$this->assertEquals($scope, explode(',', str_replace(' ', '', $configurations['code_scanner_scope'])));
// Instance with bool parameter
$codeScanner = new CodeScanner(true);
$scope = $codeScanner->getScope();
$this->isEmpty($scope);
}
/**
* It tests disable code without black list
*
* @covers ::__construct()
* @covers ::checkDisabledCode()
* @test
*/
public function it_check_disabled_code_without_blacklist()
{
// If the blacklist.ini was created we need to remove
G::rm_dir($this->pathBlackListIni);
// Instance with default parameter
$codeScanner = new CodeScanner();
$phpCode = 'phpinfo();';
// parameter SOURCE
$result = $codeScanner->checkDisabledCode('SOURCE', $phpCode);
$this->assertEmpty($result);
// parameter FILE
$result = $codeScanner->checkDisabledCode('FILE', $this->pathPlugin . 'test_1.php');
$this->assertEmpty($result);
// parameter PATH
$result = $codeScanner->checkDisabledCode('PATH', $this->pathPlugin);
$this->assertEmpty($result);
}
/**
* It tests disable code with black list
* This test require two configurations enable_blacklist and blacklist.ini
*
* @covers ::__construct()
* @covers ::checkDisabledCode()
* @covers ::checkDisabledCodeInSource()
* @test
*/
public function it_check_disabled_code()
{
// Check if the blacklist.ini was created
if (file_exists($this->pathBlackListIni)) {
$codeScanner = new CodeScanner();
$phpCode = 'phpinfo();';
// parameter SOURCE
$result = $codeScanner->checkDisabledCode('SOURCE', $phpCode);
$this->assertNotEmpty($result);
// parameter FILE
$result = $codeScanner->checkDisabledCode('FILE', $this->pathPlugin . 'test_1.php');
$this->assertNotEmpty($result);
// parameter PATH
$result = $codeScanner->checkDisabledCode('PATH', $this->pathPlugin);
$this->assertNotEmpty($result);
} else {
$this->markTestIncomplete(
'Please check the configurations to the Code Security Scanner'
);
}
}
}