Beispiel #1
0
    def test_event_search_by_id(self, mocker):
        from Flashpoint import get_event_by_id_command

        with open("./TestData/event_search_by_id_response.json", encoding='utf-8') as f:
            expected = json.load(f)

        mocker.return_value = expected
        hr, ec, resp = get_event_by_id_command(self.client, TEST_SCAN_EVENT_ID)

        with open("./TestData/event_search_by_id_ec.json", encoding='utf-8') as f:
            expected_ec = json.load(f)

        assert resp[0]['fpid'] == TEST_SCAN_EVENT_ID
        assert expected == resp
        assert expected_ec == ec
Beispiel #2
0
    def test_event_search_by_id_when_no_malware_description_found(self, mocker):
        from Flashpoint import get_event_by_id_command

        with open("./TestData/event_search_by_id_response_no_malware_description.json", encoding='utf-8') as f:
            expected = json.load(f)

        mocker.return_value = expected
        hr, ec, resp = get_event_by_id_command(self.client, TEST_SCAN_EVENT_ID)

        with open("./TestData/event_search_by_id_ec.json", encoding='utf-8') as f:
            expected_ec = json.load(f)
            # Without malware_description in response should not be considered in EC
            expected_ec.get('Flashpoint.Event(val.EventId == obj.EventId)').pop('MalwareDescription')

        assert resp[0]['fpid'] == TEST_SCAN_EVENT_ID
        assert expected == resp
        assert expected_ec == ec