tests.testScanAndResult

Complexity

Total Complexity

56

Size/Duplication

Total Lines	653
Duplicated Lines	5.67 %

Importance

Changes

0

46 Methods

Rating	Name	Duplication	Size	Complexity
A	Result.__init__()	0	11	2
A	DummyWrapper.check()	0	2	1
A	DummyWrapper.__init__()	0	4	1
A	FullTest.testScanGetLegacyTarget()	0	13	1
A	FullTest.testGetVTs_VTs_with_detection_qodt()	0	12	1
B	FullTest.testGetScanPop()	0	47	3
A	FullTest.testProgress()	0	17	1
A	FullTest.testStopScan()	0	17	1
A	FullTest.testScanMultiTarget()	0	14	1
A	FullTest.testGetDefaultScannerVersion()	0	5	1
A	FullTest.testGetVTs_VTs_with_impact()	0	11	1
A	FullTest.testGetVTs_VTs_with_params()	16	16	1
A	FullTest.testGetVTs_VTs_with_dependencies()	0	11	1
A	FullTest.testGetVTs_VTs_with_affected()	0	11	1
A	FullTest.testScanWithVTs_and_param()	0	42	1
A	FullTest.testGetVTs_VTs_with_insight()	0	11	1
A	FullTest.testGetVTs_VTs_with_solution()	0	12	1
A	FullTest.testScanMultiTargetParallelWithError()	0	11	1
A	FullTest.testScanMultiTargetParallel100()	0	12	1
A	FullTest.testGetVTs_multiple_VTs()	0	9	1
B	DummyWrapper.exec_scan()	0	13	6
A	FullTest.testGetVTs_VTs_with_severities()	0	11	1
A	FullTest.testScanGetTarget()	0	18	1
A	FullTest.testGetVTs_no_VT()	0	5	1
A	FullTest.testGetDefaultHelp()	0	7	1
A	FullTest.testGetVTs_VTs_with_detection_qodv()	0	12	1
A	FullTest.testBillonLaughs()	0	17	1
A	FullTest.testGetVTs_VTs_with_refs()	21	21	1
A	FullTest.testGetVTs_VTs_with_summary()	0	11	1
A	FullTest.testScanWithVTs()	0	26	1
A	FullTest.testMultiTargetWithCredentials()	0	27	1
A	FullTest.testGetDefaultScannerParams()	0	9	1
A	FullTest.testiScanWithError()	0	25	3
A	FullTest.testGetVTs_single_VT()	0	9	1
A	FullTest.testGetVTs_multiple_VTs_with_custom()	0	6	1
A	DummyWrapper.get_custom_vt_as_xml_str()	0	3	1
A	DummyWrapper.get_dependencies_vt_as_xml_str()	0	6	1
A	DummyWrapper.get_insight_vt_as_xml_str()	0	5	1
A	DummyWrapper.get_severities_vt_as_xml_str()	0	6	1
A	DummyWrapper.get_solution_vt_as_xml_str()	0	5	1
A	DummyWrapper.get_detection_vt_as_xml_str()	0	6	1
A	DummyWrapper.get_params_vt_as_xml_str()	0	3	1
A	DummyWrapper.get_impact_vt_as_xml_str()	0	5	1
A	DummyWrapper.get_summary_vt_as_xml_str()	0	5	1
A	DummyWrapper.get_affected_vt_as_xml_str()	0	5	1
A	DummyWrapper.get_refs_vt_as_xml_str()	0	5	1

# Copyright (C) 2015-2018 Greenbone Networks GmbH

The name testScanAndResult does not conform to the module naming conventions ((([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$).

#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

""" Test module for scan runs
"""

from __future__ import print_function

import time
import unittest
import xml.etree.ElementTree as ET

Unused xml.etree.ElementTree imported as ET

import defusedxml.lxml as secET
from defusedxml.common import EntitiesForbidden

from ospd.ospd import OSPDaemon, OSPDError

class Result(object):

This class should have a docstring.

Too many instance attributes (8/7)

The variable __class__ seems to be unused.

    def __init__(self, type_, **kwargs):
        self.result_type = type_
        self.host = ''
        self.name = ''
        self.value = ''
        self.port = ''
        self.test_id = ''
        self.severity = ''
        self.qod = ''
        for name, value in kwargs.items():
            setattr(self, name, value)


class DummyWrapper(OSPDaemon):

This class should have a docstring.

The variable __class__ seems to be unused.

    def __init__(self, results, checkresult=True):
        OSPDaemon.__init__(self, 'cert', 'key', 'ca')
        self.checkresult = checkresult
        self.results = results

    def check(self):
        return self.checkresults

Instance of 'DummyWrapper' has no 'checkresults' member; maybe 'checkresult'?

    @staticmethod
    def get_custom_vt_as_xml_str(vt_id, custom):
        return '<mytest>static test</mytest>'

    @staticmethod
    def get_params_vt_as_xml_str(vt_id, vt_params):
        return ('<vt_param id="abc" type="string">'
                '<name>ABC</name><description>Test ABC</description><default>yes</default>'
                '</vt_param>'
                '<vt_param id="def" type="string">'
                '<name>DEF</name><description>Test DEF</description><default>no</default>'
                '</vt_param>')

    @staticmethod
    def get_refs_vt_as_xml_str(vt_id, vt_refs):
        response = ('<ref type="cve" id="CVE-2010-4480"/>' +
                    '<ref type="url" id="http://example.com"/>')
        return response

    @staticmethod
    def get_dependencies_vt_as_xml_str(vt_id, vt_dependencies):
        response = ('<dependency vt_id="1.3.6.1.4.1.25623.1.0.50282" />' +
                    '<dependency vt_id="1.3.6.1.4.1.25623.1.0.50283" />')

        return response

    @staticmethod
    def get_severities_vt_as_xml_str(vt_id, severities):
        response = ('<severity cvss_base="5.0" cvss_type="cvss_base_v2">' +
                    'AV:N/AC:L/Au:N/C:N/I:N/A:P</severity>')

        return response

    @staticmethod
    def get_detection_vt_as_xml_str(vt_id, detection=None,
                                    qod_type=None, qod=None):
        response = ('<detection qod_type="package">some detection</detection>')

        return response

    @staticmethod
    def get_summary_vt_as_xml_str(vt_id, summary):
        response = ('<summary>Some summary</summary>')

        return response

    @staticmethod
    def get_affected_vt_as_xml_str(vt_id, affected):
        response = ('<affected>Some affected</affected>')

        return response

    @staticmethod
    def get_impact_vt_as_xml_str(vt_id, impact):
        response = ('<impact>Some impact</impact>')

        return response

    @staticmethod
    def get_insight_vt_as_xml_str(vt_id, insight):
        response = ('<insight>Some insight</insight>')

        return response

    @staticmethod
    def get_solution_vt_as_xml_str(vt_id, solution, solution_type=None):
        response = ('<solution>Some solution</solution>')

        return response

    def exec_scan(self, scan_id, target):
        time.sleep(0.01)
        for res in self.results:
            if res.result_type == 'log':
                self.add_scan_log(scan_id, res.host or target, res.name, res.value, res.port)
            if res.result_type == 'error':
                self.add_scan_error(scan_id, res.host or target, res.name, res.value, res.port)
            elif res.result_type == 'host-detail':
                self.add_scan_host_detail(scan_id, res.host or target, res.name, res.value)
            elif res.result_type == 'alarm':
                self.add_scan_alarm(scan_id, res.host or target, res.name, res.value, res.port, res.test_id, res.severity, res.qod)

This line is too long as per the coding-style (131/100).

            else:
                raise ValueError(res.result_type)


class FullTest(unittest.TestCase):

This class should have a docstring.

The variable __class__ seems to be unused.

Too many public methods (31/20)

    # TODO: There should be a lot more assert in there !

TODO and FIXME comments should generally be avoided.

    def testGetDefaultScannerParams(self):

The name testGetDefaultScannerParams does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(daemon.handle_command('<get_scanner_details />'))
        # The status of the response must be success (i.e. 200)
        self.assertEqual(response.get('status'), '200')
        # The response root element must have the correct name
        self.assertEqual(response.tag, 'get_scanner_details_response')
        # The response must contain a 'scanner_params' element
        self.assertIsNotNone(response.find('scanner_params'))

    def testGetDefaultHelp(self):

The name testGetDefaultHelp does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(daemon.handle_command('<help />'))
        self.assertEqual(response.get('status'), '200')
        response = secET.fromstring(daemon.handle_command('<help format="xml" />'))
        self.assertEqual(response.get('status'), '200')
        self.assertEqual(response.tag, 'help_response')

    def testGetDefaultScannerVersion(self):

The name testGetDefaultScannerVersion does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(daemon.handle_command('<get_version />'))
        self.assertEqual(response.get('status'), '200')
        self.assertIsNotNone(response.find('protocol'))

    def testGetVTs_no_VT(self):

The name testGetVTs_no_VT does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(daemon.handle_command('<get_vts />'))
        self.assertEqual(response.get('status'), '200')
        self.assertIsNotNone(response.find('vts'))

    def testGetVTs_single_VT(self):

The name testGetVTs_single_VT does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4', 'A vulnerability test')
        response = secET.fromstring(daemon.handle_command('<get_vts />'))
        self.assertEqual(response.get('status'), '200')
        vts = response.find('vts')
        self.assertIsNotNone(vts.find('vt'))
        vt = vts.find('vt')

The name vt does not conform to the variable naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

        self.assertEqual(vt.get('id'), '1.2.3.4')

    def testGetVTs_multiple_VTs(self):

The name testGetVTs_multiple_VTs does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4', 'A vulnerability test')
        daemon.add_vt('some id', 'Another vulnerability test')
        daemon.add_vt('123456789', 'Yet another vulnerability test')
        response = secET.fromstring(daemon.handle_command('<get_vts />'))
        self.assertEqual(response.get('status'), '200')
        vts = response.find('vts')
        self.assertIsNotNone(vts.find('vt'))

    def testGetVTs_multiple_VTs_with_custom(self):

The name testGetVTs_multiple_VTs_with_custom does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

This method could be written as a function/class method.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4', 'A vulnerability test')
        daemon.add_vt('some id', 'Another vulnerability test with custom info', {'depencency': '1.2.3.4'})

This line is too long as per the coding-style (106/100).

        daemon.add_vt('123456789', 'Yet another vulnerability test')
        response = secET.fromstring(daemon.handle_command('<get_vts />'))

The variable response seems to be unused.

    def testGetVTs_VTs_with_params(self):

This code seems to be duplicated in your project.

The name testGetVTs_VTs_with_params does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4', 'A vulnerability test', vt_params="a", custom="b")
        response = secET.fromstring(daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        # The status of the response must be success (i.e. 200)
        self.assertEqual(response.get('status'), '200')
        # The response root element must have the correct name
        self.assertEqual(response.tag, 'get_vts_response')
        # The response must contain a 'scanner_params' element
        self.assertIsNotNone(response.find('vts'))
        vt_params = response[0][0].findall('vt_params')
        self.assertEqual(1, len(vt_params))
        custom = response[0][0].findall('custom')
        self.assertEqual(1, len(custom))
        params = response.findall('vts/vt/vt_params/vt_param')
        self.assertEqual(2, len(params))

    def testGetVTs_VTs_with_refs(self):

This code seems to be duplicated in your project.

The name testGetVTs_VTs_with_refs does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      vt_refs="c")
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        # The status of the response must be success (i.e. 200)
        self.assertEqual(response.get('status'), '200')
        # The response root element must have the correct name
        self.assertEqual(response.tag, 'get_vts_response')
        # The response must contain a 'vts' element
        self.assertIsNotNone(response.find('vts'))
        vt_params = response[0][0].findall('vt_params')
        self.assertEqual(1, len(vt_params))
        custom = response[0][0].findall('custom')
        self.assertEqual(1, len(custom))
        refs = response.findall('vts/vt/vt_refs/ref')
        self.assertEqual(2, len(refs))

    def testGetVTs_VTs_with_dependencies(self):

The name testGetVTs_VTs_with_dependencies does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      vt_dependencies="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        deps = response.findall('vts/vt/dependencies/dependency')
        self.assertEqual(2, len(deps))

    def testGetVTs_VTs_with_severities(self):

The name testGetVTs_VTs_with_severities does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      severities="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        severity = response.findall('vts/vt/severities/severity')
        self.assertEqual(1, len(severity))

    def testGetVTs_VTs_with_detection_qodt(self):

The name testGetVTs_VTs_with_detection_qodt does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      detection="c",
                      qod_t="d")
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        detection = response.findall('vts/vt/detection')
        self.assertEqual(1, len(detection))

    def testGetVTs_VTs_with_detection_qodv(self):

The name testGetVTs_VTs_with_detection_qodv does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      detection="c",
                      qod_v="d")
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        detection = response.findall('vts/vt/detection')
        self.assertEqual(1, len(detection))

    def testGetVTs_VTs_with_summary(self):

The name testGetVTs_VTs_with_summary does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      summary="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        summary = response.findall('vts/vt/summary')
        self.assertEqual(1, len(summary))

    def testGetVTs_VTs_with_impact(self):

The name testGetVTs_VTs_with_impact does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      impact="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        impact = response.findall('vts/vt/impact')
        self.assertEqual(1, len(impact))

    def testGetVTs_VTs_with_affected(self):

The name testGetVTs_VTs_with_affected does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      affected="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        affect = response.findall('vts/vt/affected')
        self.assertEqual(1, len(affect))

    def testGetVTs_VTs_with_insight(self):

The name testGetVTs_VTs_with_insight does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      insight="c",)
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        insight = response.findall('vts/vt/insight')
        self.assertEqual(1, len(insight))

    def testGetVTs_VTs_with_solution(self):

The name testGetVTs_VTs_with_solution does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        daemon.add_vt('1.2.3.4',
                      'A vulnerability test',
                      vt_params="a",
                      custom="b",
                      solution="c",
                      solution_t="d")
        response = secET.fromstring(
            daemon.handle_command('<get_vts vt_id="1.2.3.4"></get_vts>'))
        solution = response.findall('vts/vt/solution')
        self.assertEqual(1, len(solution))

    def testiScanWithError(self):

The name testiScanWithError does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([
            Result('error', value='something went wrong'),
        ])

        response = secET.fromstring(daemon.handle_command('<start_scan target="localhost" ports="80, 443"><scanner_params /></start_scan>'))

This line is too long as per the coding-style (140/100).

        scan_id = response.findtext('id')
        finished = False
        while not finished:
            response = secET.fromstring(daemon.handle_command('<get_scans scan_id="%s" details="0"/>' % scan_id))

This line is too long as per the coding-style (113/100).

            scans = response.findall('scan')
            self.assertEqual(1, len(scans))
            scan = scans[0]
            if int(scan.get('progress')) != 100:
                self.assertEqual('0', scan.get('end_time'))
                time.sleep(.010)
            else:
                finished = True
        response = secET.fromstring(daemon.handle_command('<get_scans scan_id="%s"/>' % scan_id))
        response = secET.fromstring(daemon.handle_command('<get_scans />'))
        response = secET.fromstring(daemon.handle_command('<get_scans scan_id="%s" details="1"/>' % scan_id))

This line is too long as per the coding-style (109/100).

        self.assertEqual(response.findtext('scan/results/result'), 'something went wrong')

        response = secET.fromstring(daemon.handle_command('<delete_scan scan_id="%s" />' % scan_id))
        self.assertEqual(response.get('status'), '200')


    def testGetScanPop(self):

The name testGetScanPop does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([
            Result('host-detail', value='Some Host Detail'),
        ])

        response = secET.fromstring(daemon.handle_command('<start_scan target="localhost" ports="80, 443"><scanner_params /></start_scan>'))

This line is too long as per the coding-style (140/100).

        scan_id = response.findtext('id')
        time.sleep(1)

        response = secET.fromstring(
            daemon.handle_command('<get_scans scan_id="%s"/>' % scan_id))
        self.assertEqual(response.findtext('scan/results/result'),
                         'Some Host Detail')

        response = secET.fromstring(
            daemon.handle_command(
                '<get_scans details="0" pop_results="1"/>'))
        self.assertEqual(response.findtext('scan/results/result'),
                         None)

        response = secET.fromstring(
            daemon.handle_command(
                '<get_scans scan_id="%s" pop_results="1"/>' % scan_id))
        self.assertEqual(response.findtext('scan/results/result'),
                         'Some Host Detail')

        response = secET.fromstring(
            daemon.handle_command(
                '<get_scans scan_id="%s" pop_results="1"/>' % scan_id))
        self.assertNotEqual(response.findtext('scan/results/result'),
                         'Some Host Detail')

Wrong continued indentation (add 3 spaces).

        self.assertEqual(response.findtext('scan/results/result'),
                         None)

        while True:
            response = secET.fromstring(
                daemon.handle_command(
                    '<get_scans scan_id="%s" details="0"/>' % scan_id))
            scans = response.findall('scan')
            self.assertEqual(1, len(scans))
            scan = scans[0]
            if int(scan.get('progress')) == 100:
                break

        response = secET.fromstring(
            daemon.handle_command('<delete_scan scan_id="%s" />' % scan_id))
        self.assertEqual(response.get('status'), '200')


    def testStopScan(self):

The name testStopScan does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan ' +
                                  'target="localhost" ports="80, 443">' +
                                  '<scanner_params /></start_scan>'))
        scan_id = response.findtext('id')

        # Depending on the sistem this test can end with a race condition
        # because the scanner is already stopped when the <stop_scan> command
        # is run.
        time.sleep(3)
        cmd = secET.fromstring('<stop_scan scan_id="%s" />' % scan_id)
        self.assertRaises(OSPDError, daemon.handle_stop_scan_command, cmd)

        cmd = secET.fromstring('<stop_scan />')
        self.assertRaises(OSPDError, daemon.handle_stop_scan_command, cmd)


    def testScanWithVTs(self):

The name testScanWithVTs does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        cmd = secET.fromstring('<start_scan ' +
                               'target="localhost" ports="80, 443">' +
                               '<scanner_params /><vt_selection /></start_scan>')
        self.assertRaises(OSPDError, daemon.handle_start_scan_command, cmd)

        # With one VT, without params
        response = secET.fromstring(
            daemon.handle_command('<start_scan ' +
                                  'target="localhost" ports="80, 443">' +
                                  '<scanner_params /><vt_selection><vt_single id="1.2.3.4" />' +
                                  '</vt_selection></start_scan>'))
        scan_id = response.findtext('id')
        time.sleep(0.01)
        self.assertEqual(daemon.get_scan_vts(scan_id), {'1.2.3.4': {}, 'vt_groups': []})
        self.assertNotEqual(daemon.get_scan_vts(scan_id), {'1.2.3.6': {}})

        # With out VTS
        response = secET.fromstring(
            daemon.handle_command('<start_scan ' +
                                  'target="localhost" ports="80, 443">' +
                                  '<scanner_params /></start_scan>'))
        scan_id = response.findtext('id')
        time.sleep(0.01)
        self.assertEqual(daemon.get_scan_vts(scan_id), {})

    def testScanWithVTs_and_param(self):

The name testScanWithVTs_and_param does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])

        # Raise because no vt_param id attribute
        cmd = secET.fromstring('<start_scan ' +
                               'target="localhost" ports="80, 443">' +
                               '<scanner_params /><vt_selection><vt_single id="1234">' +
                               '<vt_value>200</vt_value>' +
                               '</vt_single></vt_selection></start_scan>')
        self.assertRaises(OSPDError, daemon.handle_start_scan_command, cmd)

        # No error
        response = secET.fromstring(
            daemon.handle_command('<start_scan ' +
                                  'target="localhost" ports="80, 443">' +
                                  '<scanner_params /><vt_selection><vt_single id="1234">' +
                                  '<vt_value id="ABC">200' +
                                  '</vt_value></vt_single></vt_selection></start_scan>'))
        scan_id = response.findtext('id')
        time.sleep(0.01)
        self.assertEqual(daemon.get_scan_vts(scan_id),
                         {'1234': {'ABC': '200'}, 'vt_groups': []})


        # Raise because no vtgroup filter attribute
        cmd = secET.fromstring('<start_scan ' +
                               'target="localhost" ports="80, 443">' +
                               '<scanner_params /><vt_selection><vt_group/>' +
                               '</vt_selection></start_scan>')
        self.assertRaises(OSPDError, daemon.handle_start_scan_command, cmd)

        # No error
        response = secET.fromstring(
            daemon.handle_command('<start_scan ' +
                                  'target="localhost" ports="80, 443">' +
                                  '<scanner_params /><vt_selection>' +
                                  '<vt_group filter="a"/>' +
                                  '</vt_selection></start_scan>'))
        scan_id = response.findtext('id')
        time.sleep(0.01)
        self.assertEqual(daemon.get_scan_vts(scan_id),
                         {'vt_groups': ['a']})


    def testBillonLaughs(self):

The name testBillonLaughs does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        lol = ('<?xml version="1.0"?>' +
               '<!DOCTYPE lolz [' +
               ' <!ENTITY lol "lol">' +
               ' <!ELEMENT lolz (#PCDATA)>' +
               ' <!ENTITY lol1 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">' +
               ' <!ENTITY lol2 "&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;">' +
               ' <!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">' +
               ' <!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">' +
               ' <!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">' +
               ' <!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">' +
               ' <!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">' +
               ' <!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">' +
               ' <!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">' +
               ']>')
        self.assertRaises(EntitiesForbidden, daemon.handle_command, lol)

    def testScanMultiTarget(self):

The name testScanMultiTarget does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan>' +
                                  '<scanner_params /><vts><vt id="1.2.3.4" />' +
                                  '</vts>' +
                                  '<targets><target>' +
                                  '<hosts>localhosts</hosts>' +
                                  '<ports>80,443</ports>' +
                                  '</target>' +
                                  '<target><hosts>192.168.0.0/24</hosts>' +
                                  '<ports>22</ports></target></targets>' +
                                  '</start_scan>'))
        self.assertEqual(response.get('status'), '200')


    def testMultiTargetWithCredentials(self):

The name testMultiTargetWithCredentials does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan>' +
                                  '<scanner_params /><vts><vt id="1.2.3.4" />' +
                                  '</vts>' +
                                  '<targets><target><hosts>localhosts</hosts>' +
                                  '<ports>80,443</ports></target><target>' +
                                  '<hosts>192.168.0.0/24</hosts><ports>22' +
                                  '</ports><credentials>' +
                                  '<credential type="up" service="ssh" port="22">' +
                                  '<username>scanuser</username>' +
                                  '<password>mypass</password>' +
                                  '</credential><credential type="up" service="smb">' +
                                  '<username>smbuser</username>' +
                                  '<password>mypass</password></credential>' +
                                  '</credentials>' +
                                  '</target></targets>' +
                                  '</start_scan>'))
        self.assertEqual(response.get('status'), '200')
        cred_dict = {'ssh': {'type': 'up', 'password':
                    'mypass', 'port': '22', 'username':

Wrong hanging indentation in dict value.

                    'scanuser'}, 'smb': {'type': 'up',

Wrong hanging indentation in dict value.

                    'password': 'mypass', 'username': 'smbuser'}}

Wrong continued indentation (add 21 spaces).

        scan_id = response.findtext('id')
        response = daemon.get_scan_credentials(scan_id, "192.168.0.0/24")
        self.assertEqual(response, cred_dict)

    def testScanGetTarget(self):

The name testScanGetTarget does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan>' +
                                  '<scanner_params /><vts><vt id="1.2.3.4" />' +
                                  '</vts>' +
                                  '<targets><target>' +
                                  '<hosts>localhosts</hosts>' +
                                  '<ports>80,443</ports>' +
                                  '</target>' +
                                  '<target><hosts>192.168.0.0/24</hosts>' +
                                  '<ports>22</ports></target></targets>' +
                                  '</start_scan>'))
        scan_id = response.findtext('id')
        response = secET.fromstring(
            daemon.handle_command('<get_scans scan_id="%s"/>' % scan_id))
        scan_res = response.find('scan')
        self.assertEqual(scan_res.get('target'), 'localhosts,192.168.0.0/24')

    def testScanGetLegacyTarget(self):

The name testScanGetLegacyTarget does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])

        response = secET.fromstring(
            daemon.handle_command('<start_scan target="localhosts,192.168.0.0/24" ports="22">' +
                                  '<scanner_params /><vts><vt id="1.2.3.4" />' +
                                  '</vts>' +
                                  '</start_scan>'))
        scan_id = response.findtext('id')
        response = secET.fromstring(
            daemon.handle_command('<get_scans scan_id="%s"/>' % scan_id))
        scan_res = response.find('scan')
        self.assertEqual(scan_res.get('target'), 'localhosts,192.168.0.0/24')

    def testScanMultiTargetParallelWithError(self):

The name testScanMultiTargetParallelWithError does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        cmd = secET.fromstring('<start_scan parallel="100a">' +
                               '<scanner_params />' +
                               '<targets><target>' +
                               '<hosts>localhosts</hosts>' +
                               '<ports>22</ports>' +
                               '</target></targets>' +
                               '</start_scan>')
        time.sleep(1)
        self.assertRaises(OSPDError, daemon.handle_start_scan_command, cmd)

    def testScanMultiTargetParallel100(self):

The name testScanMultiTargetParallel100 does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan parallel="100">' +
                                  '<scanner_params />' +
                                  '<targets><target>' +
                                  '<hosts>localhosts</hosts>' +
                                  '<ports>22</ports>' +
                                  '</target></targets>' +
                                  '</start_scan>'))
        time.sleep(1)
        self.assertEqual(response.get('status'), '200')

    def testProgress(self):

The name testProgress does not conform to the method naming conventions ((([a-z][a-z0-9_]{2,30})|(_[a-z0-9_]*))$).

This method should have a docstring.

        daemon = DummyWrapper([])
        response = secET.fromstring(
            daemon.handle_command('<start_scan parallel="2">' +
                                  '<scanner_params />' +
                                  '<targets><target>' +
                                  '<hosts>localhost1</hosts>' +
                                  '<ports>22</ports>' +
                                  '</target><target>' +
                                  '<hosts>localhost2</hosts>' +
                                  '<ports>22</ports>' +
                                  '</target></targets>' +
                                  '</start_scan>'))
        scan_id = response.findtext('id')
        daemon.set_scan_target_progress(scan_id, 'localhost1', 75)
        daemon.set_scan_target_progress(scan_id, 'localhost2', 25)
        self.assertEqual(daemon.calculate_progress(scan_id), 50)