def testCallWithoutNameShouldNotSaveAnnotation(self):
self.session.http_post.json.return_value = {'records': [{'id': '123'}]}
File.upload(self.content, session=self.session)
self.session.http_post.assert_called_once_with(
'/v1/file',
data=self.content,
headers={'Content-Type': 'application/octet-stream'})
self.session._import.assert_not_called()
def testUploadWithGivenNameShouldSaveAnnotation(self):
self.session._import.return_value = {
"annotation": [{
"type": "known-as",
"label": self.filename,
"fact": File(id='foo').serialize
}]
}
File.upload(self.content, filename=self.filename, session=self.session)
self.session.http_post.assert_called_once_with(
'/v1/file',
data=self.content,
headers={'Content-Type': 'application/octet-stream'})
self.assertEqual(self.session.http_post.call_count, 1)
label = self.session._import.call_args[0][0]['annotation'][0]['label']
# print('jjjjjjjj', annot)
self.assertEqual(label, self.filename)
def testSaveWithFileLikeOjectShouldBePossibleToOverrideFilename(self):
self.session._import.return_value = {
"annotation": [{
"type": "known-as",
"label": self.filename,
"fact": File(id='foo').serialize
}]
}
FILENAME = 'anotherfilename'
File.upload(self.FakeFile(self.content, self.filename),
filename=FILENAME,
session=self.session)
self.session.http_post.assert_called_once_with(
'/v1/file',
data=self.content,
headers={'Content-Type': 'application/octet-stream'})
label = self.session._import.call_args[0][0]['annotation'][0]['label']
self.assertEqual(label, FILENAME)
def testGettingAndSaving(self):
session = MagicMock()
session._import.return_value = {
'fact': [{
'type': 'file',
'id': 'asdfasdf'
}]
}
fileObj = File(id='asdfasdf', session=session)
fileObj.get()
# XXX add mock checks
fileObj.md5 = 'md5'
fileObj.sha1 = 'sha1'
fileObj.sha256 = 'sha256'
fileObj.save(session)
def testRawQuery(self):
response = {"class": "fact", "type": "file", "id": "123"}
session = MagicMock()
session._query.return_value = [dict(response)]
query = {'class': 'fact', 'limit': 1}
res = Query.execute(query, session)
self.assertDictEqual(res[0], response)
res = list(Query.generate(query, session))
self.assertEqual(res[0], File(id="123"))
def testWithoutprovidingSessionRaisesException(self):
session = MagicMock()
session._import.return_value = {
"annotation": [{
"type": "known-as",
"label": "foo",
"fact": File(id='foo').serialize
}]
}
with self.assertRaises(SessionError):
File.upload(self.FakeFile(self.content, self.filename))
session._import.return_value = {
"fact": [{
'type': 'file',
'id': '123'
}],
"annotation": [{
"type": "known-as",
"label": self.filename,
"fact": File(id='foo').serialize
}]
}
File.upload(self.FakeFile(self.content, self.filename),
session=session)
def testSaveWithFileLikeOjectShouldTryToExtractFilename(self):
self.session._import.return_value = {
"fact": [{
"type": "file",
"id": "foo"
}],
"annotation": [{
"type": "known-as",
"label": self.filename,
"fact": File(id='foo').serialize
}]
}
File.upload(self.FakeFile(self.content, self.filename),
session=self.session)
self.session.http_post.assert_called_once_with(
'/v1/file',
data=self.content,
headers={'Content-Type': 'application/octet-stream'})
self.assertEqual(self.session._import.call_count, 1)
label = self.session._import.call_args[0][0]['annotation'][0]['label']
self.assertEqual(label, self.filename)
def __get_and_parse_PDF(self, url):
indicators = []
p = MagicParser()
try:
r = requests.get(url, verify=False)
except requests.exceptions.SSLError:
return indicators
except requests.exceptions.ConnectionError:
return indicators
if r.status_code != 200:
return indicators
if r.headers['content-type'] != 'application/pdf':
return indicators
# Get text from each PDF page and parse it with MagicParser
with io.BytesIO(r.content) as pdf_file:
try:
reader = PyPDF2.PdfFileReader(pdf_file, strict=False)
title = reader.getDocumentInfo().title
for page in reader.pages:
text = page.extractText()
indicators += p.parse(text)
except PyPDF2.utils.PdfReadError:
return indicators
# Store PDF as a file, concretize it and then add it to indicator list
if not title:
title = os.path.basename(url)
f = File.upload(r.content, filename=title)
f.save()
indicators.append(f)
# Concretize indicators unless phantoms (Hashes or IP ranges)
# pyquo not supporting facets yet we need to filter on type and id
for indicator in indicators:
if type(indicator) == File or type(indicator) == Certificate:
continue
if type(indicator) == IpAddress and '/' in indicator.id:
continue
indicator.save()
return indicators
class TestPyQuo(unittest.TestCase):
fileObj = File(id='file_identifier')
urlObj = URL(id='http://testbla.com')
def testValidators(self):
StringValidator()("no exception")
with self.assertRaises(ValidationError):
StringValidator()(123)
FloatValidator()(1)
with self.assertRaises(ValidationError):
FloatValidator()("exception")
DictValidator()({'foo': 'bar'})
with self.assertRaises(ValidationError):
DictValidator()("exception")
IntegerValidator()(123)
with self.assertRaises(ValidationError):
IntegerValidator()("exception")
ListValidator(type=int)([1, 2, 3])
with self.assertRaises(ValidationError):
ListValidator(type=int)(["string", 1, 2, 3])
ChoiceValidator(['foo', 'bar'])('foo')
with self.assertRaises(ValidationError):
ChoiceValidator(['foo', 'bar'])('foo2')
def testModelVarTypes(self):
session = MagicMock()
# wrong type in field id
with self.assertRaises(ValidationError):
TestFactModel(id=123)
# superflous field passed
data = dict(name="foobar", superflous=12)
test = TestFactModel(id="123", document=data)
self.assertEqual(test.superflous, 12)
self.assertEqual(test.document['superflous'], 12)
# check document is stored properly
document = dict(name="bar")
test = TestFactModel(id="id", document=document)
self.assertEqual(test.document, document)
# missing required field "name"
with self.assertRaises(RequiredError):
TestFactModel(id="identifier",
session=session).save(session=session)
def testFactAnnotations(self):
session = MagicMock()
TestFactModel(id="123", session=session).annotations()
def testFactReferences(self):
session = MagicMock()
# set_global_session(session)
session._query.return_value = [{
'class': 'reference',
'type': 'contains',
'target': self.fileObj.serialize,
'source': self.urlObj.serialize
}, {
'class': 'reference',
'type': 'contains',
'target': self.urlObj.serialize,
'source': self.fileObj.serialize
}]
self.fileObj._session = session
for incoming in (True, False):
# test incoming / outgoing references
references = self.fileObj.references(refs=Reference,
session=session,
limit=4)
str(references)
tuple(references)
containsFile = Contains(target=self.fileObj, source=self.urlObj)
containsURL = Contains(target=self.urlObj, source=self.fileObj)
self.assertEqual(references[0], containsFile)
self.assertEqual(references[1], containsURL)
# test descendants
descendants = self.fileObj.descendants(refs=Reference)
self.assertEqual(descendants[0], self.fileObj)
self.assertEqual(descendants[1], self.urlObj)
ancestors = self.fileObj.ancestors(refs=Reference)
self.assertEqual(ancestors[0], self.urlObj)
self.assertEqual(ancestors[1], self.fileObj)
def testFactEquals(self):
self.assertEqual(URL(id='123'), URL(id='123'))
self.assertNotEqual(File(id='foo'), URL(id='bar'))
def testGettingAndSaving(self):
session = MagicMock()
session._import.return_value = {
'fact': [{
'type': 'file',
'id': 'asdfasdf'
}]
}
fileObj = File(id='asdfasdf', session=session)
fileObj.get()
# XXX add mock checks
fileObj.md5 = 'md5'
fileObj.sha1 = 'sha1'
fileObj.sha256 = 'sha256'
fileObj.save(session)
def testFactEquals(self):
self.assertEqual(URL(id='123'), URL(id='123'))
self.assertNotEqual(File(id='foo'), URL(id='bar'))