def test_delete_action(self, client):
action = ActionFactory.create()
url = app.url_path_for('delete_action', action_id=action.id)
response = client.delete(url)
assert response.status_code == HTTPStatus.NO_CONTENT
assert list(Action.select()) == []
def test_update_action(self, client):
action = ActionFactory.create()
user = UserFactory.create()
url = app.url_path_for('update_action', action_id=str(action.id))
response = client.patch(url, json={'like_to_user':str(user.id), 'user':str(action.user.id)})
assert response.status_code == HTTPStatus.OK
assert response.json()['data']['like_to_user']['id'] == str(user.id)
def test_disable_rule(self, api, session, test_client,
vulnerability_factory):
workspace = WorkspaceFactory.create()
vulns = vulnerability_factory.create_batch(5,
workspace=workspace,
severity='low')
vulns2 = vulnerability_factory.create_batch(5,
workspace=workspace,
severity='medium')
session.add(workspace)
session.add_all(vulns)
session.add_all(vulns2)
session.commit()
vulns_count = session.query(Vulnerability).filter_by(
workspace=workspace).count()
assert vulns_count == 10
searcher = Searcher(api(workspace, test_client, session))
rule_disabled: Rule = RuleFactory.create(disabled=True,
workspace=workspace)
rule_enabled = RuleFactory.create(disabled=False, workspace=workspace)
with session.no_autoflush:
rule_disabled.conditions = [
ConditionFactory.create(field='severity', value="low")
]
rule_enabled.conditions = [
ConditionFactory.create(field='severity', value="medium")
]
action = ActionFactory.create(command='DELETE')
session.add(action)
session.add(rule_disabled)
session.add(rule_enabled)
rules = [rule_disabled, rule_enabled]
for rule in rules:
rule_action = RuleActionFactory.create(action=action, rule=rule)
session.add(rule_action)
session.commit()
rules_data = []
for rule in rules:
rule_data = WorkerRuleSchema().dumps(rule)
rules_data.append(json.loads(rule_data))
searcher.process(rules_data)
vulns_count = session.query(Vulnerability).filter_by(
workspace=workspace).count()
assert vulns_count == 5
def test_delete_action(arf, api_user):
incident = IncidentFactory.create()
user = ExternalUserFactory.create()
action = ActionFactory.create(user=user, incident=incident)
req = arf.delete(
reverse("incident-action-list", kwargs={"incident_pk": incident.pk}),
format="json",
)
force_authenticate(req, user=api_user)
response = IncidentActionViewSet.as_view({"delete": "destroy"})(
req, incident_pk=incident.pk, pk=action.pk
)
assert response.status_code == 204, "Got non-204 response from API"
with pytest.raises(Action.DoesNotExist):
Action.objects.get(pk=action.pk)
