def test_event_search_by_id(self, mocker):
from Flashpoint import get_event_by_id_command
with open("./TestData/event_search_by_id_response.json", encoding='utf-8') as f:
expected = json.load(f)
mocker.return_value = expected
hr, ec, resp = get_event_by_id_command(self.client, TEST_SCAN_EVENT_ID)
with open("./TestData/event_search_by_id_ec.json", encoding='utf-8') as f:
expected_ec = json.load(f)
assert resp[0]['fpid'] == TEST_SCAN_EVENT_ID
assert expected == resp
assert expected_ec == ec
def test_event_search_by_id_when_no_malware_description_found(self, mocker):
from Flashpoint import get_event_by_id_command
with open("./TestData/event_search_by_id_response_no_malware_description.json", encoding='utf-8') as f:
expected = json.load(f)
mocker.return_value = expected
hr, ec, resp = get_event_by_id_command(self.client, TEST_SCAN_EVENT_ID)
with open("./TestData/event_search_by_id_ec.json", encoding='utf-8') as f:
expected_ec = json.load(f)
# Without malware_description in response should not be considered in EC
expected_ec.get('Flashpoint.Event(val.EventId == obj.EventId)').pop('MalwareDescription')
assert resp[0]['fpid'] == TEST_SCAN_EVENT_ID
assert expected == resp
assert expected_ec == ec