chore: more work on unittests

backend/application/commons/signals.py

@@ -20,20 +20,18 @@ def settings_post_save(  # pylint: disable=unused-argument
     sender: Any, instance: Settings, created: bool, **kwargs: Any
 ) -> None:
     # parameters are needed according to Django documentation
-    env = environ.Env()
-    if not env.bool("SO_UNITTESTS", False):
-        settings_post_save_task(instance)
+    settings_post_save_task(instance, created)
 
 
 @db_task()
 @lock_task("settings_post_save_task_lock")
-def settings_post_save_task(settings: Settings) -> None:
+def settings_post_save_task(settings: Settings, created: bool) -> None:
     for product in Product.objects.filter(is_product_group=False):
         check_security_gate(product)
 
-    if settings.feature_exploit_information and not Exploit_Information.objects.exists():
-        import_cvss_bt()
-
-    if not settings.feature_exploit_information and Exploit_Information.objects.exists():
-        Exploit_Information.objects.all().delete()
-        apply_exploit_information_observations(settings)
+    if not created:
+        if settings.feature_exploit_information and not Exploit_Information.objects.exists():
+            import_cvss_bt()
+        if not settings.feature_exploit_information and Exploit_Information.objects.exists():
+            Exploit_Information.objects.all().delete()
+            apply_exploit_information_observations(settings)

backend/application/epss/services/cvss_bt.py

@@ -146,10 +146,6 @@ def apply_exploit_information(observation: Observation, settings: Settings) -> b
             or observation.cvss4_vector != cvss4_vector_before
             or observation.cve_found_in != cve_found_in_before
         ):
-
-            if observation.title == "no change":
-                print(vars(observation))
-
             observation.current_severity = get_current_severity(observation)
             return True
 

backend/unittests/access_control/api/test_authorization_settings.py

@@ -1,11 +1,17 @@
+from unittest.mock import patch
+
 from unittests.access_control.api.test_authorization import (
     APITest,
     TestAuthorizationBase,
 )
 
 
 class TestAuthorizationSettings(TestAuthorizationBase):
-    def test_authorization_settings(self):
+
+    @patch("application.commons.signals.check_security_gate")
+    @patch("application.commons.signals.import_cvss_bt")
+    @patch("application.commons.signals.apply_exploit_information_observations")
+    def test_authorization_settings(self, mock_apply, mock_import_cvss_bt, mock_check_security_gate):
         expected_data = "{'id': 1, 'security_gate_active': True, 'security_gate_threshold_critical': 0, 'security_gate_threshold_high': 0, 'security_gate_threshold_medium': 99999, 'security_gate_threshold_low': 99999, 'security_gate_threshold_none': 99999, 'security_gate_threshold_unknown': 99999, 'jwt_validity_duration_user': 168, 'jwt_validity_duration_superuser': 24, 'internal_users': '', 'base_url_frontend': '', 'exception_ms_teams_webhook': '', 'exception_slack_webhook': '', 'exception_rate_limit': 3600, 'email_from': '', 'exception_email_to': '', 'background_product_metrics_interval_minutes': 5, 'background_epss_import_crontab_minute': 0, 'background_epss_import_crontab_hour': 3, 'branch_housekeeping_crontab_minute': 0, 'branch_housekeeping_crontab_hour': 2, 'branch_housekeeping_active': True, 'branch_housekeeping_keep_inactive_days': 30, 'branch_housekeeping_exempt_branches': '', 'feature_vex': False, 'feature_disable_user_login': False, 'feature_general_rules_need_approval': False, 'risk_acceptance_expiry_days': 30, 'risk_acceptance_expiry_crontab_minute': 0, 'risk_acceptance_expiry_crontab_hour': 1, 'feature_automatic_api_import': True, 'api_import_crontab_minute': 0, 'api_import_crontab_hour': 4, 'password_validator_minimum_length': 8, 'password_validator_attribute_similarity': True, 'password_validator_common_passwords': True, 'password_validator_not_numeric': True, 'feature_license_management': True, 'license_import_crontab_minute': 30, 'license_import_crontab_hour': 1, 'feature_automatic_osv_scanning': True, 'feature_exploit_information': True, 'exploit_information_max_age_years': 10}"
         self._test_api(APITest("db_admin", "get", "/api/settings/1/", None, 200, expected_data))
 

backend/unittests/epss/services/test_cvss_bt.py

@@ -1,6 +1,6 @@
 from datetime import timezone as datetime_timezone
 from os import path
-from unittest.mock import call, patch
+from unittest.mock import patch
 
 from django.utils import timezone
 
@@ -21,9 +21,9 @@ class TestCVSS_BT(BaseTestCase):
 
     @patch("requests.get")
     @patch("epss.services.cvss_bt.timezone.now")
-    def test_import_cvss_bt(self, mock_now, mock_request) -> None:
+    def test_import_cvss_bt(self, mock_now, mock_requests_get) -> None:
         mock_now.return_value = timezone.datetime(2025, 1, 1, 0, 0, 0, 452618, datetime_timezone.utc)
-        mock_request.return_value = MockResponse()
+        mock_requests_get.return_value = MockResponse()
 
         parser = Parser(name="Parser", type=Parser_Type.TYPE_OTHER, source=Parser_Source.SOURCE_OTHER)
         parser.save()
@@ -124,6 +124,10 @@ def test_import_cvss_bt(self, mock_now, mock_request) -> None:
 
         import_cvss_bt()
 
+        mock_requests_get.assert_called_with(
+            "https://raw.githubusercontent.com/t0sche/cvss-bt/refs/heads/main/cvss-bt.csv", timeout=300, stream=True
+        )
+
         self.assertEqual(9, Exploit_Information.objects.count())
 
         observation = Observation.objects.get(title="too old")

docker/backend/unittests/django/Dockerfile

@@ -29,8 +29,6 @@ RUN poetry install --extras "unittests" --no-root && rm -rf $POETRY_CACHE_DIR
 # Python 'run' stage
 FROM python-base AS python-run-stage
 
-ENV SO_UNITTESTS=true
-
 ARG BUILD_ENVIRONMENT=prod
 ARG APP_HOME=/app
 ARG VERSION=unittest_version