Commit 726f6e9afd738be2810a196e50918b0e36d874a5 - python-faraday

Refresh patches Sophie Brun 3 years ago

7 changed file(s) with 84 addition(s) and 124 deletion(s). Raw diff Collapse all Expand all

-24

~~debian/patches/Fix-for-pytest-6.patch~~ less more

0		From: Sophie Brun <[email protected]>
1		Date: Wed, 10 Feb 2021 15:00:49 +0100
2		Subject: Fix for pytest 6
3
4		pytest.PytestDeprecationWarning: Passing arguments to pytest.fixture()
5		as positional arguments is deprecated - pass them as a keyword argument
6		instead.
7		---
8		tests/test_api_preferences.py \| 2 +-
9		1 file changed, 1 insertion(+), 1 deletion(-)
10
11		diff --git a/tests/test_api_preferences.py b/tests/test_api_preferences.py
12		index 5662466..3edcfe3 100644
13		--- a/tests/test_api_preferences.py
14		+++ b/tests/test_api_preferences.py
15		@@ -7,7 +7,7 @@ from faraday.server.api.modules.preferences import PreferencesView
16		from tests.utils.url import v2_to_v3
17
18
19		-pytest.fixture('logged_user')
20		+pytest.fixture(params=['logged_user'])
21		class TestPreferences(GenericAPITest):
22		model = User
23		factory = UserFactory

+52

-53

debian/patches/Remove-failing-tests.patch less more

2	2	Subject: Remove failing tests
3	3
4	4	---
5		tests/test_searcher.py \| 880 -------------------------------------
6		tests/test_server_utils_filters.py \| 249 -----------
7		2 files changed, 1129 deletions(-)
	5	tests/test_searcher.py \| 882 -------------------------------------
	6	tests/test_server_utils_filters.py \| 246 -----------
	7	2 files changed, 1128 deletions(-)
8	8	delete mode 100644 tests/test_searcher.py
9	9	delete mode 100644 tests/test_server_utils_filters.py
10	10
11	11	diff --git a/tests/test_searcher.py b/tests/test_searcher.py
12	12	deleted file mode 100644
13		index 44ef49d..0000000
	13	index 3c1af9d..0000000
14	14	--- a/tests/test_searcher.py
15	15	+++ /dev/null
16		@@ -1,880 +0,0 @@
	16	@@ -1,882 +0,0 @@
17	17	-
18	18	-import json
19	19	-

22	22	-from faraday.searcher.api import Api
23	23	-from faraday.searcher.searcher import Searcher
24	24	-from faraday.searcher.sqlapi import SqlApi
25		-from faraday.server.models import Service, Host, VulnerabilityWeb
	25	-from faraday.server.models import Service, Host, VulnerabilityWeb, Rule
26	26	-from faraday.server.models import Vulnerability, CommandObject
27	27	-from faraday.server.schemas import WorkerRuleSchema
28	28	-from faraday.utils.smtp import MailNotification

36	36	- ActionFactory,
37	37	- RuleActionFactory,
38	38	- UserFactory,
	39	- ConditionFactory,
39	40	-)
40	41	-from tests.factories import WorkspaceFactory, VulnerabilityFactory
41	42	-

544	545	- searcher.process(rules)
545	546	- vuln = session.query(Vulnerability).get(vuln_id)
546	547	- assert vuln.severity == 'informational'
547		-
548	548	-
549	549	- @pytest.mark.parametrize("api", [
550	550	- lambda workspace, test_client, session: Api(workspace.name, test_client, session, username='test',

871	871	- assert vulns_count == 10
872	872	-
873	873	- searcher = Searcher(api(workspace, test_client, session))
874		- rule_disabled = RuleFactory.create(object="severity=low", disabled=True, workspace=workspace)
875		- rule_enabled = RuleFactory.create(object="severity=medium", disabled=False, workspace=workspace)
	874	- rule_disabled: Rule = RuleFactory.create(disabled=True, workspace=workspace)
	875	- rule_enabled = RuleFactory.create(disabled=False, workspace=workspace)
	876	- rule_disabled.conditions = [ConditionFactory.create(field='severity', value="low")]
	877	- rule_enabled.conditions = [ConditionFactory.create(field='severity', value="medium")]
876	878	-
877	879	- action = ActionFactory.create(command='DELETE')
878	880	- session.add(action)

896	898	- assert vulns_count == 5
897	899	diff --git a/tests/test_server_utils_filters.py b/tests/test_server_utils_filters.py
898	900	deleted file mode 100644
899		index efde1ed..0000000
	901	index 377c99c..0000000
900	902	--- a/tests/test_server_utils_filters.py
901	903	+++ /dev/null
902		@@ -1,249 +0,0 @@
	904	@@ -1,246 +0,0 @@
903	905	-import pytest
904	906	-
905	907	-from marshmallow.exceptions import ValidationError
906	908	-
907	909	-from faraday.server.utils.filters import FilterSchema
908	910	-from faraday.server.utils.filters import FlaskRestlessSchema
909		-from faraday.server.models import VulnerabilityWeb
910	911	-
911	912	-
912	913	-class TestFilters:

922	923	-
923	924	- def test_restless_using_order_by(self):
924	925	- test_filter = {
925		- "order_by":[
926		- {"field":"host__vulnerability_critical_generic_count"},
927		- {"field":"host__vulnerability_high_generic_count"},
928		- {"field":"host__vulnerability_medium_generic_count"},
	926	- "order_by": [
	927	- {"field": "host__vulnerability_critical_generic_count"},
	928	- {"field": "host__vulnerability_high_generic_count"},
	929	- {"field": "host__vulnerability_medium_generic_count"},
929	930	- ],
930	931	- "filters": [{
931	932	- "or": [

938	939	- res = FlaskRestlessSchema().load(test_filter)
939	940	- assert res == test_filter
940	941	-
941		-
942	942	- def test_FlaskRestlessSchema_(self):
943	943	- test_filter = [{"name": "severity", "op": "eq", "val": "low"}]
944	944	- res = FlaskRestlessSchema().load(test_filter)

947	947	- def test_simple_and_operator(self):
948	948	- test_filter = {"filters": [
949	949	- {'and': [
950		- {"name": "severity", "op": "eq", "val": "low"},
951		- {"name": "severity", "op": "eq", "val": "medium"}
952		- ]
	950	- {"name": "severity", "op": "eq", "val": "low"},
	951	- {"name": "severity", "op": "eq", "val": "medium"}
	952	- ]
953	953	- }
954	954	-
955	955	- ]}

1084	1084	- else:
1085	1085	- assert and_op == {"name": "severity", "op": "eq", "val": "high"}
1086	1086	-
1087		-
1088	1087	- def test_case_1(self):
1089	1088	- filter_schema = FilterSchema()
1090	1089	- filters = {'filters': [{"name": "confirmed", "op": "==", "val": "true"}]}

1099	1098	-
1100	1099	- def test_case_3(self):
1101	1100	- filters = {'filters': [
	1101	- {"and": [
1102	1102	- {"and": [
1103		- {"and": [
1104		- {"name": "severity", "op": "eq", "val": "critical"},
1105		- {"name": "confirmed", "op": "==", "val": "true"}
1106		- ]},
1107		- {"name": "host__os", "op": "has", "val": "Linux"}
1108		- ]}
1109		- ]}
1110		- res = FilterSchema().load(filters)
1111		- assert res == filters
1112		-
1113		- def test_test_case_recursive(self):
1114		- filters = {"filters":
1115		- [{"or":[
1116		- {"name":"severity","op":"eq","val":"medium"},
1117		- {"or":[
1118		- {"name":"severity","op":"eq","val":"high"},
1119		- {"and":[
1120		- {"and":[
1121		- {"name":"severity","op":"eq","val":"critical"},
1122		- {"name":"confirmed","op":"==","val":"true"}
1123		- ]},
1124		- {"name":"host__os","op":"has","val":"Linux"}
1125		- ]}
1126		- ]}
	1103	- {"name": "severity", "op": "eq", "val": "critical"},
	1104	- {"name": "confirmed", "op": "==", "val": "true"}
	1105	- ]},
	1106	- {"name": "host__os", "op": "has", "val": "Linux"}
1127	1107	- ]}
1128	1108	- ]}
1129	1109	- res = FilterSchema().load(filters)
1130	1110	- assert res == filters
1131	1111	-
	1112	- def test_test_case_recursive(self):
	1113	- filters = {"filters":
	1114	- [{"or": [
	1115	- {"name": "severity", "op": "eq", "val": "medium"},
	1116	- {"or": [
	1117	- {"name": "severity", "op": "eq", "val": "high"},
	1118	- {"and": [
	1119	- {"and": [
	1120	- {"name": "severity", "op": "eq", "val": "critical"},
	1121	- {"name": "confirmed", "op": "==", "val": "true"}
	1122	- ]},
	1123	- {"name": "host__os", "op": "has", "val": "Linux"}
	1124	- ]}
	1125	- ]}
	1126	- ]}
	1127	- ]}
	1128	- res = FilterSchema().load(filters)
	1129	- assert res == filters
	1130	-
1132	1131	- def test_case_recursive_2(self):
1133	1132	- filters = {'filters': [
1134		- {"and": [
1135		- {"and": [
1136		- {"name": "severity", "op": "eq", "val": "critical"},
1137		- {"name": "confirmed", "op": "==", "val": "true"}
1138		- ]},
1139		- {"name": "host__os", "op": "has", "val": "Linux"}
1140		- ]}
1141		- ]}
	1133	- {"and": [
	1134	- {"and": [
	1135	- {"name": "severity", "op": "eq", "val": "critical"},
	1136	- {"name": "confirmed", "op": "==", "val": "true"}
	1137	- ]},
	1138	- {"name": "host__os", "op": "has", "val": "Linux"}
	1139	- ]}
	1140	- ]}
1142	1141	-
1143	1142	- res = FilterSchema().load(filters)
1144	1143	- assert res == filters

+18

-32

debian/patches/Use-local-flask-security.patch less more

5	5	faraday/manage.py \| 2 +-
6	6	faraday/server/api/modules/token.py \| 2 +-
7	7	faraday/server/app.py \| 6 +++---
8		faraday/server/commands/change_password.py \| 4 ++--
	8	faraday/server/commands/change_password.py \| 2 +-
9	9	faraday/server/commands/initdb.py \| 2 +-
10	10	faraday/server/models.py \| 2 +-
11		tests/test_command_change_password.py \| 4 ++--
12		7 files changed, 11 insertions(+), 11 deletions(-)
	11	tests/test_command_change_password.py \| 2 +-
	12	7 files changed, 9 insertions(+), 9 deletions(-)
13	13
14	14	diff --git a/faraday/manage.py b/faraday/manage.py
15		index 973dc59..b84a1ab 100755
	15	index 2fd12d0..dfa1ac2 100755
16	16	--- a/faraday/manage.py
17	17	+++ b/faraday/manage.py
18		@@ -53,7 +53,7 @@ from faraday.server.commands import import_vulnerability_template
	18	@@ -55,7 +55,7 @@ from faraday.server.commands import import_vulnerability_template
19	19	from faraday.server.models import db, User
20		from faraday.server.web import app
	20	from faraday.server.web import get_app
21	21	from faraday_plugins.plugins.manager import PluginsManager
22	22	-from flask_security.utils import hash_password
23	23	+from faraday.flask_security.utils import hash_password
24	24
	25	CONTEXT_SETTINGS = dict(help_option_names=['-h', '--help'])
25	26
26		CONTEXT_SETTINGS = dict(help_option_names=['-h', '--help'])
27	27	diff --git a/faraday/server/api/modules/token.py b/faraday/server/api/modules/token.py
28		index ede88ed..30949da 100644
	28	index 68cc969..7b69e62 100644
29	29	--- a/faraday/server/api/modules/token.py
30	30	+++ b/faraday/server/api/modules/token.py
31	31	@@ -3,7 +3,7 @@ import logging
32	32
33	33	from itsdangerous import TimedJSONWebSignatureSerializer
34		from flask import Blueprint, g, request
	34	from flask import Blueprint, request
35	35	-from flask_security.utils import hash_data
36	36	+from faraday.flask_security.utils import hash_data
37	37	from flask import current_app as app
38	38	from marshmallow import Schema
39
	39	import flask_login
40	40	diff --git a/faraday/server/app.py b/faraday/server/app.py
41		index 61bef35..df5336e 100644
	41	index 3b91230..a50f87e 100644
42	42	--- a/faraday/server/app.py
43	43	+++ b/faraday/server/app.py
44		@@ -20,12 +20,12 @@ import flask
	44	@@ -22,12 +22,12 @@ import flask_login
45	45	from flask import Flask, session, g, request
46	46	from flask.json import JSONEncoder
47	47	from flask_sqlalchemy import get_debug_queries

58	58	get_message,
59	59	verify_and_update_password,
60	60	diff --git a/faraday/server/commands/change_password.py b/faraday/server/commands/change_password.py
61		index 42a7b1d..cfd6559 100644
	61	index d0729ff..30b96c1 100644
62	62	--- a/faraday/server/commands/change_password.py
63	63	+++ b/faraday/server/commands/change_password.py
64	64	@@ -1,6 +1,6 @@
65		from faraday.server.web import app
	65	from faraday.server.web import get_app
66	66	from faraday.server.models import User, db
67	67	-from flask_security.utils import hash_password
68	68	+from faraday.flask_security.utils import hash_password
69	69
70	70
71	71	def changes_password(username, password):
72		@@ -13,4 +13,4 @@ def changes_password(username, password):
73		print("Password changed succesfully")
74		else:
75		print("User not found in Faraday's Database")
76		-# I'm Py3
77		\ No newline at end of file
78		+# I'm Py3
79	72	diff --git a/faraday/server/commands/initdb.py b/faraday/server/commands/initdb.py
80		index d09b84b..175c369 100644
	73	index 836bdcc..7546e11 100644
81	74	--- a/faraday/server/commands/initdb.py
82	75	+++ b/faraday/server/commands/initdb.py
83	76	@@ -28,7 +28,7 @@ from faraday.server.utils.database import is_unique_constraint_violation

90	83	from colorama import init
91	84	from colorama import Fore
92	85	diff --git a/faraday/server/models.py b/faraday/server/models.py
93		index 8114087..fddf7c0 100644
	86	index 17a7776..20ceafa 100644
94	87	--- a/faraday/server/models.py
95	88	+++ b/faraday/server/models.py
96		@@ -46,7 +46,7 @@ from flask_sqlalchemy import (
	89	@@ -47,7 +47,7 @@ from flask_sqlalchemy import (
97	90	from depot.fields.sqlalchemy import UploadedFileField
98	91
99	92	from faraday.server.fields import JSONType

103	96	)
104	97
105	98	diff --git a/tests/test_command_change_password.py b/tests/test_command_change_password.py
106		index 99efcbd..0bec8c7 100644
	99	index 637eb2b..0bec8c7 100644
107	100	--- a/tests/test_command_change_password.py
108	101	+++ b/tests/test_command_change_password.py
109	102	@@ -1,4 +1,4 @@

112	105
113	106	from faraday.server.commands.change_password import changes_password
114	107	from faraday.server.models import User
115		@@ -15,4 +15,4 @@ def test_changes_password_command(session):
116		user = User.query.filter_by(username='test_change_pass').first()
117
118		assert not verify_password('old_pass', user.password)
119		- assert verify_password('new_pass', user.password)
120		\ No newline at end of file
121		+ assert verify_password('new_pass', user.password)

-8

debian/patches/dont-check-update.patch less more

8	8	installed: apt does that at the installation.
9	9	Author: Sophie Brun <[email protected]>
10	10	Forwarded: not-needed
11		Last-Update: 2020-04-23
	11	Last-Update: 2021-05-20
12	12	---
13	13	faraday/manage.py \| 10 +++++-----
14	14	faraday/start_server.py \| 3 ---
15	15	2 files changed, 5 insertions(+), 8 deletions(-)
16	16
17	17	diff --git a/faraday/manage.py b/faraday/manage.py
18		index 16d8f57..ecde322 100755
	18	index 171b8ed..6deb21d 100755
19	19	--- a/faraday/manage.py
20	20	+++ b/faraday/manage.py
21		@@ -126,9 +126,9 @@ def sql_shell():
	21	@@ -128,9 +128,9 @@ def sql_shell():
22	22	@click.command(help='Checks configuration and faraday status.')
23	23	@click.option('--check_postgresql', default=False, is_flag=True)
24	24	@click.option('--check_faraday', default=False, is_flag=True)

27	27	@click.option('--check_config', default=False, is_flag=True)
28	28	-def status_check(check_postgresql, check_faraday, check_dependencies, check_config):
29	29	+def status_check(check_postgresql, check_faraday, check_config):
30
31	30	selected = False
32	31	exit_code = 0
33		@@ -142,9 +142,9 @@ def status_check(check_postgresql, check_faraday, check_dependencies, check_conf
	32	if check_postgresql:
	33	@@ -143,9 +143,9 @@ def status_check(check_postgresql, check_faraday, check_dependencies, check_conf
34	34	status_check_functions.print_faraday_status()
35	35	selected = True
36	36

44	44	if check_config:
45	45	status_check_functions.print_config_status()
46	46	diff --git a/faraday/start_server.py b/faraday/start_server.py
47		index e16b9b8..682e85d 100644
	47	index 1f6cdc8..cdcd6f7 100644
48	48	--- a/faraday/start_server.py
49	49	+++ b/faraday/start_server.py
50		@@ -110,7 +110,6 @@ def main():
	50	@@ -111,7 +111,6 @@ def main():
51	51	check_postgresql()
52	52	parser = argparse.ArgumentParser()
53	53	parser.add_argument('--debug', action='store_true', help='run Faraday Server in debug mode')

55	55	parser.add_argument('--no-setup', action='store_true', help=argparse.SUPPRESS)
56	56	parser.add_argument('--port', help='Overides server.ini port configuration')
57	57	parser.add_argument('--websocket_port', help='Overides server.ini websocket port configuration')
58		@@ -133,8 +132,6 @@ def main():
	58	@@ -134,8 +133,6 @@ def main():
59	59	if result == 0:
60	60	logger.error("Faraday Server port in use. Check your processes and run the server again...")
61	61	sys.exit(1)

-1

debian/patches/series less more

2	2	use-packaged-filteralchemy.patch
3	3	Remove-failing-tests.patch
4	4	Use-local-flask-security.patch
5		Fix-for-pytest-6.patch

-2

debian/patches/use-packaged-filteralchemy.patch less more

14	14	1 file changed, 1 insertion(+), 1 deletion(-)
15	15
16	16	diff --git a/requirements.txt b/requirements.txt
17		index f1d8dcf..bd30423 100644
	17	index ff32180..efb2b8c 100644
18	18	--- a/requirements.txt
19	19	+++ b/requirements.txt
20		@@ -25,7 +25,7 @@ tqdm>=4.15.0
	20	@@ -26,7 +26,7 @@ tqdm>=4.15.0
21	21	twisted>=18.9.0
22	22	webargs>=7.0.0
23	23	marshmallow-sqlalchemy

-4

debian/patches/use-pgcli-debian-package.patch less more

13	13	2 files changed, 4 insertions(+), 1 deletion(-)
14	14
15	15	diff --git a/faraday/manage.py b/faraday/manage.py
16		index ecde322..973dc59 100755
	16	index 6deb21d..2fd12d0 100755
17	17	--- a/faraday/manage.py
18	18	+++ b/faraday/manage.py
19		@@ -26,6 +26,9 @@ if platform.system() == "Linux":
	19	@@ -28,6 +28,9 @@ if platform.system() == "Linux":
20	20	except KeyError:
21	21	pass
22	22

27	27	import requests
28	28	import alembic.command
29	29	diff --git a/requirements.txt b/requirements.txt
30		index bedeaf8..f1d8dcf 100644
	30	index 26c7d70..ff32180 100644
31	31	--- a/requirements.txt
32	32	+++ b/requirements.txt
33		@@ -14,7 +14,7 @@ Flask-Security-Too>=3.4.4,<4.0.0
	33	@@ -15,7 +15,7 @@ bleach>=3.3.0
34	34	marshmallow>=3.0.0,<3.11.0
35	35	Pillow>=4.2.1
36	36	psycopg2