Fixing call to date_parser in AWS Inspector2 parser (#11767)

* Fixing call to date_parser in AWS Inspector parser * Tweaked unit test * Linter fix
DefectDojo · Feb 7, 2025 · 605ccf0 · 605ccf0
1 parent 17f0c38
commit 605ccf0
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 9 deletions.
diff --git a/dojo/tools/aws_inspector2/parser.py b/dojo/tools/aws_inspector2/parser.py
@@ -86,7 +86,7 @@ def get_base_finding(self, raw_finding: dict) -> Finding:
             is_mitigated = True
             active = False
             if (last_observed := raw_finding.get("lastObservedAt")) is not None:
-                mitigated = date_parser(last_observed)
+                mitigated = date_parser.parse(last_observed)
             else:
                 mitigated = datetime.now(UTC)
         finding.active = active
@@ -102,11 +102,11 @@ def get_package_vulnerability(self, finding: Finding, raw_finding: dict) -> Find
         vulnerability_packages_descriptions = "\n".join(
             [
                 (
-                    f'*Vulnerable package*: {vulnerability_package.get("name", "N/A")}\n'
-                    f'\tpackage manager: {vulnerability_package.get("packageManager", "N/A")}\n'
-                    f'\tversion: {vulnerability_package.get("version", "N/A")}\n'
-                    f'\tfixed version: {vulnerability_package.get("fixedInVersion", "N/A")}\n'
-                    f'\tremediation: {vulnerability_package.get("remediation", "N/A")}\n'
+                    f"*Vulnerable package*: {vulnerability_package.get('name', 'N/A')}\n"
+                    f"\tpackage manager: {vulnerability_package.get('packageManager', 'N/A')}\n"
+                    f"\tversion: {vulnerability_package.get('version', 'N/A')}\n"
+                    f"\tfixed version: {vulnerability_package.get('fixedInVersion', 'N/A')}\n"
+                    f"\tremediation: {vulnerability_package.get('remediation', 'N/A')}\n"
                 )
                 for vulnerability_package in vulnerability_details.get("vulnerablePackages", [])
             ],
@@ -165,7 +165,7 @@ def get_network_reachability(self, finding: Finding, raw_finding: dict) -> Findi
         network_path_steps = network_path_info.get("steps", [])
         steps_descriptions = "\n".join(
             [
-                f'steps:\n{step_number}: {step.get("componentId", "N/A")} {step.get("componentType", "N/A")}'
+                f"steps:\n{step_number}: {step.get('componentId', 'N/A')} {step.get('componentType', 'N/A')}"
                 for step_number, step in enumerate(network_path_steps)
             ],
         )

diff --git a/unittests/scans/aws_inspector2/aws_inspector2_many_vul.json b/unittests/scans/aws_inspector2/aws_inspector2_many_vul.json
@@ -80,7 +80,7 @@
                 }
             ],
             "severity": "MEDIUM",
-            "status": "ACTIVE",
+            "status": "CLOSED",
             "title": "CVE-2021-3744 - linux",
             "type": "PACKAGE_VULNERABILITY",
             "updatedAt": "2024-06-14T04:03:53.051000+02:00"
@@ -677,4 +677,4 @@
             "updatedAt": "2024-03-19T15:31:08.006000+01:00"
         }
     ]
-}
+}
diff --git a/unittests/tools/test_aws_inspector2_parser.py b/unittests/tools/test_aws_inspector2_parser.py
@@ -1,3 +1,6 @@
+from datetime import datetime
+
+from dateutil.tz import tzoffset
 from django.test import TestCase
 
 from dojo.models import Test
@@ -35,6 +38,9 @@ def test_aws_inspector2_parser_with_many_vuln_has_many_findings(self):
                 for endpoint in finding.unsaved_endpoints:
                     endpoint.clean()
             self.assertEqual(8, len(findings))
+            self.assertEqual(True, findings[0].is_mitigated)
+            # 2024-06-14T04:03:53.051000+02:00
+            self.assertEqual(datetime(2024, 6, 14, 4, 3, 53, 51000, tzinfo=tzoffset(None, 7200)), findings[0].mitigated)
 
     def test_aws_inspector2_parser_empty_with_error(self):
         with self.assertRaises(TypeError) as context: