def test_granular_example():
granular_marking = stix2.GranularMarking(
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
selectors=["abc", "abc.[23]", "abc.def", "abc.[2].efg"]
)
assert str(granular_marking) == EXPECTED_GRANULAR_MARKING
def test_granular_example_with_bad_selector():
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
stix2.GranularMarking(
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
selectors=["abc[0]"] # missing "."
)
assert excinfo.value.cls == stix2.GranularMarking
assert excinfo.value.prop_name == "selectors"
assert excinfo.value.reason == "must adhere to selector syntax."
assert str(excinfo.value) == "Invalid value for GranularMarking 'selectors': must adhere to selector syntax."
def test_campaign_with_granular_markings_example():
campaign = stix2.Campaign(
id="campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
created="2016-04-06T20:03:00Z",
modified="2016-04-06T20:03:00Z",
name="Green Group Attacks Against Finance",
description="Campaign by Green Group against a series of targets in the financial services sector.",
granular_markings=[
stix2.GranularMarking(
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
selectors=["description"])
])
assert str(campaign) == EXPECTED_CAMPAIGN_WITH_GRANULAR_MARKINGS
import stix2
granular_red = stix2.GranularMarking(marking_ref=stix2.TLP_RED.id,
selectors=["description"])
granular_amber = stix2.GranularMarking(marking_ref=stix2.TLP_AMBER.id,
selectors=["labels.[1]"])
granular_green = stix2.GranularMarking(
marking_ref=stix2.TLP_GREEN.id,
selectors=["labels.[0]", "name", "pattern"])
identity = stix2.Identity(id="identity--b38dfe21-7477-40d1-aa90-5c8671ce51ca",
created="2017-04-27T16:18:24.318Z",
modified="2017-04-27T16:18:24.318Z",
name="Gotham National Bank",
contact_information="*****@*****.**",
identity_class="organization",
sectors=["financial-services"])
threat_actor = stix2.ThreatActor(
id="threat-actor--8b6297fe-cae7-47c6-9256-5584b417849c",
created="2017-04-27T16:18:24.318Z",
modified="2017-04-27T16:18:24.318Z",
created_by_ref="identity--b38dfe21-7477-40d1-aa90-5c8671ce51ca",
name="The Joker",
labels=["terrorist", "criminal"],
aliases=["Joe Kerr", "The Clown Prince of Crime"],
roles=["director"],
resource_level="team",
primary_motivation="personal-satisfaction",