From 1f86d884965b8dc7585e4aa9eeb9b39c30bf941a Mon Sep 17 00:00:00 2001
From: Meet Soni <meetsoni3017@gmail.com>
Date: Tue, 23 Jul 2024 10:09:55 +0530
Subject: [PATCH 1/3] test: purl2cpe database

Signed-off-by: Meet Soni <meetsoni3017@gmail.com>
---
 test/test_source_purl2cpe.py | 43 ++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 test/test_source_purl2cpe.py

diff --git a/test/test_source_purl2cpe.py b/test/test_source_purl2cpe.py
new file mode 100644
index 0000000000..6803e11279
--- /dev/null
+++ b/test/test_source_purl2cpe.py
@@ -0,0 +1,43 @@
+# Copyright (C) 2024 Intel Corporation
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+
+import os
+import shutil
+import tempfile
+from pathlib import Path
+from test.utils import EXTERNAL_SYSTEM
+
+import pytest
+
+from cve_bin_tool.data_sources import purl2cpe_source
+
+
+class TestSourceOSV:
+    @classmethod
+    def setup_class(cls):
+        cls.purl2cpe = purl2cpe_source.PURL2CPE_Source()
+        cls.purl2cpe.cachedir = tempfile.mkdtemp(prefix="cvedb-")
+        cls.purl2cpe.purl2cpe_path = str(Path(cls.purl2cpe.cachedir) / "purl2cpe")
+
+    @classmethod
+    def teardown_class(cls):
+        shutil.rmtree(cls.purl2cpe.cachedir)
+
+    purl2cpe_url = "https://github.com/scanoss/purl2cpe/raw/main/purl2cpe.db.zip"
+
+    @pytest.mark.asyncio
+    @pytest.mark.skipif(not EXTERNAL_SYSTEM(), reason="Needs network connection.")
+    async def test_fetch_cves(self):
+
+        await self.purl2cpe.fetch_cves()
+
+        p = Path(self.purl2cpe.purl2cpe_path).glob("**/*")
+        file = [x.name for x in p if x.is_file()]
+
+        assert file == ["purl2cpe.db"]
+
+        file_path = os.path.join(self.purl2cpe.purl2cpe_path, "purl2cpe.db")
+        file_size = os.path.getsize(file_path)
+
+        assert file_size > 300 * 1024 * 1024

From 2db875efca400946120a4bc5498f2ba960e9f5d0 Mon Sep 17 00:00:00 2001
From: Meet Soni <meetsoni3017@gmail.com>
Date: Thu, 25 Jul 2024 11:05:00 +0530
Subject: [PATCH 2/3] feat: added a check

Signed-off-by: Meet Soni <meetsoni3017@gmail.com>
---
 test/test_source_purl2cpe.py | 41 ++++++++++++++++++++++++++++++++----
 1 file changed, 37 insertions(+), 4 deletions(-)

diff --git a/test/test_source_purl2cpe.py b/test/test_source_purl2cpe.py
index 6803e11279..2f2928a213 100644
--- a/test/test_source_purl2cpe.py
+++ b/test/test_source_purl2cpe.py
@@ -4,6 +4,7 @@
 
 import os
 import shutil
+import sqlite3
 import tempfile
 from pathlib import Path
 from test.utils import EXTERNAL_SYSTEM
@@ -24,8 +25,6 @@ def setup_class(cls):
     def teardown_class(cls):
         shutil.rmtree(cls.purl2cpe.cachedir)
 
-    purl2cpe_url = "https://github.com/scanoss/purl2cpe/raw/main/purl2cpe.db.zip"
-
     @pytest.mark.asyncio
     @pytest.mark.skipif(not EXTERNAL_SYSTEM(), reason="Needs network connection.")
     async def test_fetch_cves(self):
@@ -33,11 +32,45 @@ async def test_fetch_cves(self):
         await self.purl2cpe.fetch_cves()
 
         p = Path(self.purl2cpe.purl2cpe_path).glob("**/*")
-        file = [x.name for x in p if x.is_file()]
+        file_name = [x.name for x in p if x.is_file()]
 
-        assert file == ["purl2cpe.db"]
+        assert file_name == ["purl2cpe.db"]
 
         file_path = os.path.join(self.purl2cpe.purl2cpe_path, "purl2cpe.db")
         file_size = os.path.getsize(file_path)
 
+        # Check if the database size is greater than 300 mbs
         assert file_size > 300 * 1024 * 1024
+
+        conn = sqlite3.connect(file_path)
+        cursor = conn.cursor()
+        cursor.execute("SELECT purl FROM purl2cpe;")
+        result = cursor.fetchall()
+        outcome = [r[0] for r in result]
+        conn.close()
+
+        expected = [
+            "pkg:/sourceforge/openclassify",
+            "pkg:1234n/minicms",
+            "pkg:13thmonkey/udfclient",
+            "pkg:23systems/lightbox-plus-for-wordpress",
+            "pkg:2glux/sexypolling",
+            "pkg:2pisoftware/cmfive",
+            "pkg:Deb/debian/jpeg-xl",
+            "pkg:Deb/debian/optipng",
+            "pkg:Deb/debian/python-pip",
+            "pkg:Deb/ubuntu/apt",
+            "pkg:Deb/ubuntu/colord",
+            "pkg:Deb/ubuntu/condor",
+            "pkg:Deb/ubuntu/firebird",
+            "pkg:Deb/ubuntu/libpcap",
+            "pkg:Deb/ubuntu/pidgin-otr",
+            "pkg:Deb/ubuntu/python-aniso8601",
+            "pkg:Deb/ubuntu/xapian-core",
+            "pkg:Docker/bitnami/argo-cd",
+            "pkg:Docker/logstash",
+            "pkg:Gitlab/ubports/libxkbcommon",
+        ]
+
+        missing_elements = [pkg for pkg in expected if pkg not in outcome]
+        assert not missing_elements, f"Missing elements in database: {missing_elements}"

From bc741eec9e61009dc9b11997f5fd390167e721d0 Mon Sep 17 00:00:00 2001
From: Meet Soni <meetsoni3017@gmail.com>
Date: Tue, 30 Jul 2024 13:35:28 +0530
Subject: [PATCH 3/3] test: local cached database

Signed-off-by: Meet Soni <meetsoni3017@gmail.com>
---
 test/test_source_purl2cpe.py | 20 +++++++++++++++++---
 1 file changed, 17 insertions(+), 3 deletions(-)

diff --git a/test/test_source_purl2cpe.py b/test/test_source_purl2cpe.py
index 2f2928a213..c28b16deb9 100644
--- a/test/test_source_purl2cpe.py
+++ b/test/test_source_purl2cpe.py
@@ -20,6 +20,7 @@ def setup_class(cls):
         cls.purl2cpe = purl2cpe_source.PURL2CPE_Source()
         cls.purl2cpe.cachedir = tempfile.mkdtemp(prefix="cvedb-")
         cls.purl2cpe.purl2cpe_path = str(Path(cls.purl2cpe.cachedir) / "purl2cpe")
+        cls.local_path = Path("~").expanduser() / ".cache" / "cve-bin-tool" / "purl2cpe"
 
     @classmethod
     def teardown_class(cls):
@@ -28,15 +29,28 @@ def teardown_class(cls):
     @pytest.mark.asyncio
     @pytest.mark.skipif(not EXTERNAL_SYSTEM(), reason="Needs network connection.")
     async def test_fetch_cves(self):
-
         await self.purl2cpe.fetch_cves()
 
-        p = Path(self.purl2cpe.purl2cpe_path).glob("**/*")
+    @pytest.fixture(scope="class")
+    def db_paths(self):
+        return [self.purl2cpe.purl2cpe_path, self.local_path]
+
+    @pytest.mark.parametrize(
+        "index, skipif", [(0, not EXTERNAL_SYSTEM()), (1, EXTERNAL_SYSTEM())]
+    )
+    def test_db_contents(self, index, skipif, request):
+        if skipif:
+            pytest.skip("Needs network connection.")
+
+        db_paths = request.getfixturevalue("db_paths")
+        db_path = db_paths[index]
+
+        p = Path(db_path).glob("**/*")
         file_name = [x.name for x in p if x.is_file()]
 
         assert file_name == ["purl2cpe.db"]
 
-        file_path = os.path.join(self.purl2cpe.purl2cpe_path, "purl2cpe.db")
+        file_path = os.path.join(db_path, "purl2cpe.db")
         file_size = os.path.getsize(file_path)
 
         # Check if the database size is greater than 300 mbs