def auth_client(request):
url = request.config.getoption("--base-url")
username = request.config.getoption("--username")
password = request.config.getoption("--password")
client = Client(url=url)
client.set_cookies(UserData(username=username, password=password))
return client
def client(request):
setup()
logger.setLevel('INFO')
url = request.config.getoption("--base-url")
user = request.config.getoption("--username")
password = request.config.getoption("--password")
client = Client(url)
data = UserData(user, password)
client.authorize(data)
return client
def health():
key = get_key()
if key is None:
raise AuthenticationRequiredError
url = current_app.config['AVOTX_URL']
headers = {'User-Agent': current_app.config['CTR_USER_AGENT']}
client = Client(key, url, headers=headers)
_ = client.query('/api/v1/user/me')
return jsonify_data({'status': 'ok'})
def test_delete_self_user(self, api_client, mysql_worker, logger_api):
'''
Тест на удаление несуществующего пользователя
Возвращает 404, как и ожидалось
'''
username = next(gen)
r = api_client.add_user(username=username, email=f'{username}@mail.ru',
password='******')
new_user_for_deleting_himself = Client(username, '12345678', f'{username}@mail.ru', logger_api)
assert mysql_worker.find_count_by_name(username) == 1
r = new_user_for_deleting_himself.delete_user(username)
assert r.status_code == 204
assert mysql_worker.find_count_by_name(username) == 0
def test_use_user_with_little_name(self, api_client, logger_api):
'''
Тест на каки-нибудь действия пользователя с логином <6 символов
апи клиент создает такого пользователя, после чего этот пользователь пытается заблокировать апи клиента
Ожидается что это получится (код 200), однако на самом деле будет код 401
По итогам, как и в ui с таким коротким логином ничего нельзя сделать
'''
username = '******'
r = api_client.add_user(username=username, email=f'{username}@mail.ru',
password='******')
new_user_with_little_name = Client(username, '12345678', f'{username}@mail.ru', logger_api)
r = new_user_with_little_name.block_user(api_client.username)
api_client.delete_user(username)
assert r.status_code == 200, f"Expected code 200, got {r.status_code}"
def health():
credentials = get_jwt()
url = 'https://api.securitycenter.windows.com/api/exposureScore'
client = Client(credentials)
client.open_session()
client.call_api(url)
client.close_session()
return jsonify_data({'status': 'ok'})
def observe_observables():
observables = get_observables()
g.bundle = Bundle()
key = get_key()
if key is None:
raise AuthenticationRequiredError
url = current_app.config['AVOTX_URL']
headers = {'User-Agent': current_app.config['CTR_USER_AGENT']}
client = Client(key, url, headers=headers)
limit = current_app.config['CTR_ENTITIES_LIMIT']
for observable in observables:
observable = Observable.instance_for(**observable)
if observable is None:
continue
bundle = observable.observe(client, limit=limit)
g.bundle |= bundle
data = g.bundle.json()
return jsonify_data(data)
def make_payment(account_from, request_map):
"""
Creates a new Payment object with a given request_map and an account from
which the Payment should be made
Parameters
----------
account_from : MonetaryAccountBank, the account from which to make the
Payment
request_map : dict
Returns
-------
dict : Response from bunq API
"""
user = get_user()
ctx = Client.ctx()
payment_id = generated.Payment.create(ctx, request_map, user.id_,
account_from.id_)
res = generated.Payment.get(ctx, user.id_, account_from.id_, payment_id)
res_json = res.to_json()
return res_json
def observe_observables():
input_observables = get_observables()
g.bundle = Bundle()
key = get_key()
if key is None:
raise AuthenticationRequiredError
url = current_app.config['AVOTX_URL']
headers = {'User-Agent': current_app.config['CTR_USER_AGENT']}
client = Client(key, url, headers=headers)
limit = current_app.config['CTR_ENTITIES_LIMIT']
prepared_observables = []
for input_observable in input_observables:
prepared_observable = Observable.instance_for(**input_observable)
if prepared_observable is not None:
prepared_observables.append(prepared_observable)
def make_bundle(observable):
return observable.observe(client, limit=limit)
with ThreadPoolExecutor(
max_workers=get_workers(prepared_observables)) as executor:
bundles = executor.map(make_bundle, prepared_observables)
for bundle in bundles:
g.bundle |= bundle
data = g.bundle.json()
return jsonify_data(data)
def get_transactions_for_date_range(account, start_date, end_date=None):
"""
Gets the transactions of an account from a specific start date until a
given end date.
Parameters
----------
account : MonetaryAccountBank, the account for which to get the
transactions
start_date : datetime object
end_date : datetime object, when None will use current datetime
Returns
-------
list[Payment]
"""
if end_date is None:
end_date = datetime.now(timezone.utc)
if end_date < start_date:
raise ValueError('End date cannot be before start date.')
user = get_user()
transactions = Payment.list(Client.ctx(), user.id_, account.id_)
transactions_in_range = [
t for t in transactions
if start_date <= get_datetime(t.created) <= end_date
]
return transactions_in_range
def test_not_authorized(connection, added_user_del):
"""Test that without called /login we have no access to api."""
user = gen_user()
with added_user_del(user):
res = Client().add_user(user.username, user.password, user.email)
assert not connection.get_user(user.username)
assert res.status_code == Codes.NOT_AUTHORIZED
def api_client(mysql_orm_client, mysql_worker, logger_api):
username = next(gen)
password = f'{username}_pass'
email = f'{username}@mail.ru'
client = User(username=username, password=password, email=email, access=1, active=0) # это запись в базу
mysql_orm_client.session.add(client)
mysql_orm_client.session.query(User.id).count() # любой запрос в базу
yield Client(username, password, email, logger_api) # это клиент API
mysql_orm_client.session.delete(client)
mysql_orm_client.session.query(User.id).count()
def get_user():
"""
Gets an UserPerson
Returns
-------
generated.UserPerson
"""
users = generated.User.list(Client.ctx())
user_first: generated.UserPerson = users[0].UserPerson
return user_first
def test_delete_segment(self, test_segment_data):
client = Client()
client.login()
response = client.create_segment(test_segment_data)
segment_id = response.json()['id']
response = client.delete_segment(segment_id)
assert response.status_code == 204
def get_all_accounts(user):
"""
Gets all the accounts belonging to the user.
Parameters
----------
user : generated.UserPerson
Returns
-------
list[generated.MonetaryAccountBank]
"""
return MonetaryAccountBank.list(Client.ctx(), user.id_)
def get_account_for_iban(iban):
"""
Parameters
----------
iban : str
Returns
-------
MonetaryAccountBank
"""
user = get_user()
accounts = generated.MonetaryAccountBank.list(Client.ctx(), user.id_)
for acc in accounts:
for a in acc.alias:
if a.type_ == 'IBAN' and a.value == iban:
return acc
async def main():
c = Client.create('http://testapi.ru')
await c.authorize(username='******', password='******')
data = await c.get_user(username='******')
del data['status']
del data['created_at']
data.update(name='Petr Petrovich',
blocked=False,
permissions=[
{
"id": 1,
"permission": "comment"
},
])
await c.update_user(data['id'], data)
await c.session.close()
async def client():
resp_auth = {
"status": "OK",
"token": "dsfd79843r32d1d3dx23d32d"
}
resp_get_user = {
"status": "OK",
"active": "1",
"blocked": False,
"created_at": 1587457590,
"id": 23,
"name": "Ivanov Ivan",
"permissions": [
{
"id": 1,
"permission": "comment"
},
{
"id": 2,
"permission": "upload photo"
},
{
"id": 3,
"permission": "add event"
}
]
}
resp_upd_user = {
"status": "OK",
}
with aioresponses() as m:
m.get('http://testapi.ru/auth?password=12345&username=test', status=200, body=json.dumps(resp_auth))
m.get('http://testapi.ru/get-user/test?token=dsfd79843r32d1d3dx23d32d', status=200,
body=json.dumps(resp_get_user))
m.post('http://testapi.ru/user/23/update?token=dsfd79843r32d1d3dx23d32d', status=200,
body=json.dumps(resp_upd_user))
client = Client.create()
yield client
await client.session.close()
def _add_callbacks(user, account, callbacks):
"""
Parameters
----------
user : UserPerson
account : MonetaryAccountBank
callbacks : list[Callback]
Returns
-------
MonetaryAccountBank
"""
callbacks_new = [
NotificationFilter('URL', c.url, c.category) for c in callbacks
]
request_map = {
MonetaryAccountBank.FIELD_NOTIFICATION_FILTERS: callbacks_new
}
return MonetaryAccountBank.update(Client.ctx(), request_map, user.id_,
account.id_)
def create_test():
url = '114.212.87.52:2376'
version = '1.21'
volume = None
network = None
client = Client(url, version)
dic = {}
dic['image'] = 'training/webapp'
# dic['container_name'] = 'test'
# dic['command'] = '/bin/sleep 30'
dic['hostname'] = 'testhostname'
dic['mem_limit'] = '24m'
dic['ports'] = [80, 8000]
dic['cpu_shares'] = 3
volume = Volume(['/home/monkey/fuli:/fuli:rw', '/home/monkey/fire:/fire'])
network = Network('test', 'bridge')
dic['privileged'] = True
con = Container(client, dic, volume, network)
con.create()
return con
def client(added_user):
client = Client()
user = gen_user()
with added_user(user) as user:
client.login(user.username, user.password)
yield client
def test_create_segment(self, test_segment_data):
client = Client()
client.login()
response = client.create_segment(test_segment_data)
assert response.status_code == 200
def api_client(config):
return Client(config['username'], config['password'])
def observe(self, client: Client, limit: Optional[int] = None) -> Bundle:
"""Build a CTIM bundle for the current observable."""
bundle = Bundle()
# Implement a workaround instead of using the "/api/v1/search/pulses"
# endpoint as it works too slow and is not really optimizable...
category = {
'ip': 'IPv4',
'ipv6': 'IPv6',
}.get(
self.type(),
self.category(),
)
endpoint = (f'/api/v1/indicators/{category}/'
f"{quote(self.value, safe='@:')}/general")
data = client.query(endpoint)
if data is None:
return bundle
# Make sure to filter out redundant pulses that do not match anyway.
pulses = [
pulse for pulse in data['pulse_info']['pulses']
if data['base_indicator']['type'] in pulse['indicator_type_counts']
]
if not pulses:
return bundle
def indicator_for(pulse, page=1):
# This limit provides a decent tradeoff between the number of
# requests to be made and the size of each response coming back.
limit = 10000
endpoint = f"/api/v1/pulses/{pulse['id']}/indicators"
params = {'sort': '-created', 'limit': limit, 'page': page}
data = client.query(endpoint, params=params)
for indicator in data['results']:
if indicator['indicator'] == self.value:
return indicator
if data['next'] is None:
return None
return indicator_for(pulse, page=(page + 1))
with ThreadPoolExecutor(max_workers=get_workers(pulses)) as executor:
iterator = executor.map(indicator_for, pulses)
indicators = []
while True:
try:
indicator = next(iterator)
except RelayError:
continue
except StopIteration:
break
else:
if indicator is None:
continue
indicators.append(indicator)
indicators.sort(key=itemgetter('created'), reverse=True)
if limit is None:
limit = len(indicators)
indicators = indicators[:limit]
observable = self.json()
for indicator in indicators:
pulse = next(pulse for pulse in pulses
if pulse['id'] == indicator['pulse_key'])
# Enrich each AVOTX pulse with some additional context in order to
# simplify further mapping of that pulse into CTIM entities.
pulse['indicator'] = indicator
pulse['observable'] = observable
pulse['url'] = client.url
sighting = Sighting.map(pulse)
indicator = Indicator.map(pulse)
relationship = Relationship.map(sighting, indicator)
bundle.add(sighting)
bundle.add(indicator)
bundle.add(relationship)
return bundle
import click
from api.client import Client
c = Client()
@click.group()
def main():
"""Simple CLI for querying data"""
@main.command()
@click.argument('pk')
def get(pk):
"""Get score from pk"""
score = c.get_score(pk)
click.echo(score)
@main.command()
@click.argument('directory')
def update(directory):
"""Update database with jsonl in directory"""
status = c.update_data(directory)
click.echo(status)
if __name__ == "__main__":
main()
def api_client(config, add_user):
name, email = add_user
return Client(name, config['default_password'])
def test_auth(self):
client = Client()
assert client.login() == 200
def test_fail_auth(self):
wrong_data = ('*****@*****.**', 'password42')
client = Client(wrong_data)
with pytest.raises(WrongAuthData):
client.login()
def __init__(self):
self._key = self._get_stack_key()
self._url = "https://api.stackexchange.com"
self._site = "stackoverflow"
self._client = Client()
class StackOverflowClient:
"""
A client to query data on the StackOverflow API.
"""
def __init__(self):
self._key = self._get_stack_key()
self._url = "https://api.stackexchange.com"
self._site = "stackoverflow"
self._client = Client()
def _get_stack_key(self):
"""
Try to get the stack overflow API key from the environment variables.
:rtype str|None:
:returns:
User API key or None otherwise.
"""
try:
import os
return os.environ["STACK_KEY"]
except KeyError:
return None
def get_questions(self, sort, order, tagged, size, from_date=None):
"""
Get the questions from the StackOverflow API.
:rtype dict("result": list):
:returns:
A dictionary with the query result.
"""
params = self._get_default_params()
params["pagesize"] = size
params["order"] = order
params["sort"] = sort
params["tagged"] = tagged
params["fromdate"] = from_date
result = self._client.get(f"{self._url}/questions", params)
return self._get_items(result)
def get_answers(self, question_id, size=100, order="desc", sort="votes"):
"""
Get the answers from the StackOverflow API.
:rtype dict("result": list):
:returns:
A dictionary with the query result.
"""
params = self._get_default_params()
params["pagesize"] = size
params["order"] = order
params["sort"] = sort
result = self._client.get(
f"{self._url}/questions/{question_id}/answers", params)
return self._get_items(result)
def get_comments(self, post_id, size=100, order="desc", sort="creation"):
"""
Get the comments from the StackOverflow API.
:rtype dict("result": list):
:returns:
A dictionary with the query result.
"""
params = self._get_default_params()
params["pagesize"] = size
params["order"] = order
params["sort"] = sort
result = self._client.get(f"{self._url}/posts/{post_id}/comments",
params)
return self._get_items(result)
def _get_default_params(self):
"""
:rtype dict:
:returns:
Get parameters used by default in all queries.
"""
return {
"filter": "withbody",
"site": self._site,
"key": self._key,
}
def _get_items(self, result):
"""
:rtype dict("result": list):
:returns:
Get query result data from the StackOverflow API.
"""
if result is not None and "items" in result:
return {"result": result["items"]}
else:
return {"result": list()}
