add -wp-ignore-inactive flag which ignores inactive plugin or themes (#974)

* command * config * ignore inactive * fix * add test * fmt * add unset test * rename * add test * refactor * fix * refactor * refactor * fix golangci-lint error
2020-05-29 15:27:47 +09:00
parent 835dc08049
commit 8d5ea98e50
6 changed files with 126 additions and 7 deletions
--- a/wordpress/wordpress.go
+++ b/wordpress/wordpress.go
@@ -8,6 +8,7 @@ import (
 	"strings"
 	"time"

+	c "github.com/future-architect/vuls/config"
 	"github.com/future-architect/vuls/models"
 	"github.com/future-architect/vuls/util"
 	version "github.com/hashicorp/go-version"
@@ -66,10 +67,16 @@ func FillWordPress(r *models.ScanResult, token string) (int, error) {
 		return 0, err
 	}

-	//TODO add a flag ignore inactive plugin or themes such as -wp-ignore-inactive flag to cmd line option or config.toml
+	themes := r.WordPressPackages.Themes()
+	plugins := r.WordPressPackages.Plugins()
+
+	if c.Conf.WpIgnoreInactive {
+		themes = removeInactives(themes)
+		plugins = removeInactives(plugins)
+	}

 	// Themes
-	for _, p := range r.WordPressPackages.Themes() {
+	for _, p := range themes {
 		url := fmt.Sprintf("https://wpvulndb.com/api/v3/themes/%s", p.Name)
 		body, err := httpRequest(url, token)
 		if err != nil {
@@ -105,7 +112,7 @@ func FillWordPress(r *models.ScanResult, token string) (int, error) {
 	}

 	// Plugins
-	for _, p := range r.WordPressPackages.Plugins() {
+	for _, p := range plugins {
 		url := fmt.Sprintf("https://wpvulndb.com/api/v3/plugins/%s", p.Name)
 		body, err := httpRequest(url, token)
 		if err != nil {
@@ -260,3 +267,13 @@ loop:
 	}
 	return "", err
 }
+
+func removeInactives(pkgs models.WordPressPackages) (removed models.WordPressPackages) {
+	for _, p := range pkgs {
+		if p.Status == "inactive" {
+			continue
+		}
+		removed = append(removed, p)
+	}
+	return removed
+}
--- a/wordpress/wordpress_test.go
+++ b/wordpress/wordpress_test.go
@@ -0,0 +1,81 @@
+package wordpress
+
+import (
+	"reflect"
+	"testing"
+
+	"github.com/future-architect/vuls/models"
+)
+
+func TestRemoveInactive(t *testing.T) {
+	var tests = []struct {
+		in       models.WordPressPackages
+		expected models.WordPressPackages
+	}{
+		{
+			in: models.WordPressPackages{
+				{
+					Name:    "akismet",
+					Status:  "inactive",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+			},
+			expected: nil,
+		},
+		{
+			in: models.WordPressPackages{
+				{
+					Name:    "akismet",
+					Status:  "inactive",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+				{
+					Name:    "BackWPup",
+					Status:  "inactive",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+			},
+			expected: nil,
+		},
+		{
+			in: models.WordPressPackages{
+				{
+					Name:    "akismet",
+					Status:  "active",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+				{
+					Name:    "BackWPup",
+					Status:  "inactive",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+			},
+			expected: models.WordPressPackages{
+				{
+					Name:    "akismet",
+					Status:  "active",
+					Update:  "",
+					Version: "",
+					Type:    "",
+				},
+			},
+		},
+	}
+
+	for i, tt := range tests {
+		actual := removeInactives(tt.in)
+		if !reflect.DeepEqual(actual, tt.expected) {
+			t.Errorf("[%d] WordPressPackages error ", i)
+		}
+	}
+}