quikcue/calvana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove infra.md.example, infra.md is the source of truth

Browse Source
This commit is contained in:
Azreen Jamal
2026-03-03 03:06:13 +08:00
parent 1ad3033cc1
commit a3c6d09350
86 changed files with 17093 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

139
ayn-antivirus/tests/test_patcher.py Normal file
View File

@@ -0,0 +1,139 @@
"""Tests for auto-patcher."""
import pytest
import os
import stat
from ayn_antivirus.remediation.patcher import AutoPatcher, RemediationAction
def test_patcher_init():
p = AutoPatcher(dry_run=True)
assert p.dry_run is True
assert p.actions == []
def test_patcher_init_live():
p = AutoPatcher(dry_run=False)
assert p.dry_run is False
def test_fix_permissions_dry_run(tmp_path):
f = tmp_path / "test.sh"
f.write_text("#!/bin/bash")
f.chmod(0o4755) # SUID
p = AutoPatcher(dry_run=True)
action = p.fix_permissions(str(f))
assert action is not None
assert action.success is True
assert action.dry_run is True
# In dry run, file should still have SUID
assert f.stat().st_mode & stat.S_ISUID
def test_fix_permissions_real(tmp_path):
f = tmp_path / "test.sh"
f.write_text("#!/bin/bash")
f.chmod(0o4755) # SUID
p = AutoPatcher(dry_run=False)
action = p.fix_permissions(str(f))
assert action.success is True
# SUID should be stripped
assert not (f.stat().st_mode & stat.S_ISUID)
def test_fix_permissions_already_safe(tmp_path):
f = tmp_path / "safe.txt"
f.write_text("hello")
f.chmod(0o644)
p = AutoPatcher(dry_run=False)
action = p.fix_permissions(str(f))
assert action.success is True
assert "already safe" in action.details
def test_fix_permissions_sgid(tmp_path):
f = tmp_path / "sgid.sh"
f.write_text("#!/bin/bash")
f.chmod(0o2755) # SGID
p = AutoPatcher(dry_run=False)
action = p.fix_permissions(str(f))
assert action.success is True
assert not (f.stat().st_mode & stat.S_ISGID)
def test_fix_permissions_world_writable(tmp_path):
f = tmp_path / "ww.txt"
f.write_text("data")
f.chmod(0o777) # World-writable
p = AutoPatcher(dry_run=False)
action = p.fix_permissions(str(f))
assert action.success is True
assert not (f.stat().st_mode & stat.S_IWOTH)
def test_block_domain_dry_run():
p = AutoPatcher(dry_run=True)
action = p.block_domain("evil.example.com")
assert action is not None
assert action.success is True
assert action.dry_run is True
assert "evil.example.com" in action.target
def test_block_ip_dry_run():
p = AutoPatcher(dry_run=True)
action = p.block_ip("1.2.3.4")
assert action.success is True
assert action.dry_run is True
assert "1.2.3.4" in action.target
def test_remediate_threat_dry_run(tmp_path):
# Create a dummy file
f = tmp_path / "malware.bin"
f.write_text("evil_payload")
f.chmod(0o4755)
p = AutoPatcher(dry_run=True)
threat = {
"path": str(f),
"threat_name": "Test.Malware",
"threat_type": "MALWARE",
"severity": "HIGH",
}
actions = p.remediate_threat(threat)
assert isinstance(actions, list)
assert len(actions) >= 1
# Should have at least a fix_permissions action
action_names = [a.action for a in actions]
assert "fix_permissions" in action_names
def test_remediate_threat_miner_with_domain():
p = AutoPatcher(dry_run=True)
threat = {
"threat_type": "MINER",
"domain": "pool.evil.com",
"ip": "1.2.3.4",
}
actions = p.remediate_threat(threat)
action_names = [a.action for a in actions]
assert "block_domain" in action_names
assert "block_ip" in action_names
def test_remediation_action_dataclass():
a = RemediationAction(
action="test_action", target="/tmp/test", details="testing",
success=True, dry_run=True,
)
assert a.action == "test_action"
assert a.target == "/tmp/test"
assert a.success is True
assert a.dry_run is True
def test_fix_ld_preload_missing():
"""ld.so.preload doesn't exist — should succeed gracefully."""
p = AutoPatcher(dry_run=True)
action = p.fix_ld_preload()
assert action.success is True