package xyz.docbleach.module.ole2;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertNull;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.mockito.Matchers.any;
import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.atLeastOnce;
import static org.mockito.Mockito.doNothing;
import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.verify;
import static xyz.docbleach.api.BleachTestBase.assertThreatsFound;
import org.apache.poi.hpsf.SummaryInformation;
import org.apache.poi.poifs.filesystem.DocumentEntry;
import org.apache.poi.poifs.filesystem.Entry;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import xyz.docbleach.api.BleachSession;
class SummaryInformationSanitiserTest {
private SummaryInformationSanitiser instance;
private BleachSession session;
@BeforeEach
void setUp() {
session = mock(BleachSession.class);
instance = spy(new SummaryInformationSanitiser(session));
}
@Test
void test1() {
// Test an invalid stream, should be ignored
Entry entry = mock(Entry.class);
doReturn("\005RandomString").when(entry).getName();
assertTrue(instance.test(entry));
verify(instance, never()).sanitizeSummaryInformation(eq(session), (DocumentEntry) any());
// Test a valid stream name, but wrong type (should be ignored)
reset(entry);
doReturn(SummaryInformation.DEFAULT_STREAM_NAME).when(entry).getName();
assertTrue(instance.test(entry));
verify(instance, never()).sanitizeSummaryInformation(eq(session), (DocumentEntry) any());
reset(instance, entry);
// Test a valid SummaryInformation name
DocumentEntry docEntry = mock(DocumentEntry.class);
doReturn(SummaryInformation.DEFAULT_STREAM_NAME).when(docEntry).getName();
doNothing().when(instance).sanitizeSummaryInformation(session, docEntry);
assertTrue(instance.test(docEntry));
verify(instance, atLeastOnce()).sanitizeSummaryInformation(session, docEntry);
}
@Test
void sanitizeSummaryInformation() {
}
@Test
void sanitizeSummaryInformation1() {
}
@Test
void sanitizeComments() {
SummaryInformation si = new SummaryInformation();
// When no comment is set, no error/threat is thrown
instance.sanitizeComments(session, si);
assertThreatsFound(session, 0);
// When a comment is set, it should be removed
si.setComments("Hello!");
instance.sanitizeComments(session, si);
assertNull(si.getComments());
assertThreatsFound(session, 1);
}
@Test
void sanitizeTemplate() {
}
@Test
void isExternalTemplate() {
assertFalse(instance.isExternalTemplate("Normal.dotm"), "The base template is not external");
assertFalse(instance.isExternalTemplate("my-template.dotm"), "Unknown template");
assertFalse(instance.isExternalTemplate("hxxp://my-template.dotm"), "Unknown template");
assertTrue(instance.isExternalTemplate("https://google.com"), "Detects links");
assertTrue(instance.isExternalTemplate("http://google.com"), "Detects links");
assertTrue(instance.isExternalTemplate("ftp://google.com"), "Detects links");
}
}
