diff --git a/gatox/enumerate/enumerate.py b/gatox/enumerate/enumerate.py index 260d137..aeeb968 100644 --- a/gatox/enumerate/enumerate.py +++ b/gatox/enumerate/enumerate.py @@ -153,6 +153,7 @@ def self_enumeration(self): Returns: bool: False if the PAT is not valid for enumeration. + (list, list): Tuple containing list of orgs and list of repos. """ self.__setup_user_info() @@ -330,12 +331,13 @@ def enumerate_repos(self, repo_names: list): Args: repo_names (list): Repository name in {Org/Owner}/Repo format. """ + repo_wrappers = [] if not self.__setup_user_info(): - return False + return repo_wrappers if len(repo_names) == 0: Output.error("The list of repositories was empty!") - return + return repo_wrappers Output.info( f"Querying and caching workflow YAML files " @@ -344,7 +346,6 @@ def enumerate_repos(self, repo_names: list): queries = GqlQueries.get_workflow_ymls_from_list(repo_names) self.__query_graphql_workflows(queries) - repo_wrappers = [] try: for repo in repo_names: repo_obj = self.enumerate_repo_only(repo, len(repo_names) > 100) diff --git a/gatox/models/execution.py b/gatox/models/execution.py index d45cb4e..6b5a815 100644 --- a/gatox/models/execution.py +++ b/gatox/models/execution.py @@ -22,7 +22,8 @@ def add_organizations(self, organizations: list[Organization]): Args: organizations (List[Organization]): List of org wrappers. """ - self.organizations = organizations + if organizations: + self.organizations = organizations def add_repositories(self, repositories: list[Repository]): """Add list of organization wrapper objects. @@ -30,7 +31,8 @@ def add_repositories(self, repositories: list[Repository]): Args: organizations (List[Organization]): List of org wrappers. """ - self.repositories = repositories + if repositories: + self.repositories = repositories def set_user_details(self, user_details): """_summary_ diff --git a/unit_test/test_cli.py b/unit_test/test_cli.py index 9c761aa..e795767 100644 --- a/unit_test/test_cli.py +++ b/unit_test/test_cli.py @@ -308,6 +308,20 @@ def test_enum_self(mock_enumerate): cli.cli(["enum", "-s"]) mock_enumerate.assert_called_once() +@mock.patch("gatox.models.execution.Execution.add_repositories") +@mock.patch("gatox.models.execution.Execution.add_organizations") +@mock.patch("gatox.enumerate.enumerate.Enumerator.self_enumeration") +def test_enum_self_json_empty(mock_enumerate, mock_executor_org, mock_executor_repo): + """Test enum command using the self enumerattion.""" + + mock_enumerate.return_value = ([], ["repo1", "repo2"]) + + cli.cli(["enum", "-s", "-oJ", "test.json"]) + mock_enumerate.assert_called_once() + + mock_executor_org.assert_called_with([]) + mock_executor_repo.assert_called_with(["repo1", "repo2"]) + @mock.patch("gatox.cli.cli.Enumerator") def test_enum_org(mock_enumerate): diff --git a/unit_test/test_enumerate.py b/unit_test/test_enumerate.py index c815fe3..d88dd9f 100644 --- a/unit_test/test_enumerate.py +++ b/unit_test/test_enumerate.py @@ -564,3 +564,28 @@ def test_unscoped_token(mock_api, capfd): out, _ = capfd.readouterr() assert "Self-enumeration requires the repo scope!" in escape_ansi(out) assert status is False + + +@patch("gatox.enumerate.enumerate.Api") +def test_enum_self_no_repos(mock_api, capfd): + gh_enumeration_runner = Enumerator( + "ghp_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA", + socks_proxy=None, + http_proxy=None, + output_yaml=False, + skip_log=True, + output_json="test.json" + ) + + mock_api.return_value.is_app_token.return_value = False + mock_api.return_value.check_user.return_value = { + "user": "testUser", + "scopes": ["repo"], + } + + orgs, repos = gh_enumeration_runner.self_enumeration() + + assert orgs == [] + assert repos == [] + + out, _ = capfd.readouterr() \ No newline at end of file