def test_add_rule_lists_with_all_payloads_values(self, client, url_prefix,
token, rule):
"""
Test-case with all payloads values with existing rule data but rule_name is different,
and valid rule_id which is passing through url,
expected output:- status is success, and
resultant rule data
"""
payload = {
'alerters': ['tset', 'test12'],
'name': 'test',
'description': 'tseting descriptions',
'conditions': conditions,
'recon_queries': [''],
'severity': 'WARNING',
'type': 'MITRE',
'status': 'ACTIVE',
'tactics': 'execution',
'technique_id': 'T1047'
}
resp = client.post(url_prefix + '/rules/1',
headers={'x-access-token': token},
json=payload)
assert resp.status_code == 200
response_dict = json.loads(resp.data)
assert response_dict['status'] == 'success'
assert response_dict['data'] == marshal(rules_dao.get_rule_by_id(1),
rule_wrappers.rule_wrapper)
def test_update_rules_lists_with_compulsory_payload_value_and_with_valid_choices(
self, client, url_prefix, token, rule):
"""
Test-case with payloads values are name, conditions, status(ACTIVE/INACTIVE),
type tactics, and technique_id with existing rule data but not same payload value of name,
and valid rule_id which is passing through url,
expected output:- status is success, and
resultant rule data
"""
payload = {
'name': 'test',
'conditions': conditions,
'type': 'MITRE',
'status': 'ACTIVE',
'tactics': 'execution',
'technique_id': 'T1067'
}
resp = client.post(url_prefix + '/rules/1',
headers={'x-access-token': token},
json=payload)
assert resp.status_code == 200
response_dict = json.loads(resp.data)
assert response_dict['status'] == 'success'
assert response_dict['data'] == marshal(rules_dao.get_rule_by_id(1),
rule_wrappers.rule_wrapper)
def post(self, rule_id):
args = self.parser.parse_args(
) # need to exists for input payload validation
args = get_body_data(request)
args_ip = [
'alerters', 'name', 'description', 'conditions', 'recon_queries',
'severity', 'status', 'type', 'tactics', 'technique_id'
]
args = debug_body_args(args, args_ip)
if rule_id:
rule = dao.get_rule_by_id(rule_id)
if rule:
alerters = args['alerters']
name = args['name']
description = args['description']
conditions = args['conditions']
recon_queries = args['recon_queries']
severity = args['severity']
type_ip = args['type']
tactics = args['tactics']
if tactics: tactics = tactics.split(',')
technique_id = args['technique_id']
existing_rule_by_name = dao.get_rule_by_name(name)
if existing_rule_by_name and existing_rule_by_name.id != rule.id:
message = "Rule with the name {0} already exists!".format(
name)
elif technique_id and not validate_technique_id(technique_id):
message = "technique id provided is invalid, please provide exact technique id"
else:
if alerters is None:
alerters = []
if not 'debug' in alerters:
alerters.append('debug')
rule_status = rule.status
if args['status']:
rule_status = args['status']
rule = dao.edit_rule_by_id(rule_id, name, alerters,
description,
conditions, rule_status,
dt.datetime.utcnow(),
json.dumps(recon_queries),
severity, type_ip, tactics,
technique_id)
return respcls("Successfully modified the rules info",
"success",
marshal(rule, wrapper.rule_wrapper))
else:
message = "rule with this id does not exist"
else:
message = "Missing rule id"
return marshal(respcls(message), parentwrapper.failure_response_parent)
def get(self, rule_id):
if rule_id:
rule = dao.get_rule_by_id(rule_id)
if rule:
#data = rule.as_dict()
data = marshal(rule, wrapper.rule_wrapper)
return respcls("successfully fetched the rules info",
"success", data)
else:
message = "Rule with this id does not exist"
else:
message = "Missing rule id"
return marshal(respcls(message), parentwrapper.failure_response_parent)
def test_get_rule_by_valid_id_with_existing_rule(self, client, url_prefix,
token, rule):
"""
Test-case with valid rule-id which is passing through url,
and without existing rule data,
expected output:- status is success, and
resultant rule data
"""
resp = client.get(url_prefix + '/rules/1',
headers={'x-access-token': token})
assert resp.status_code == 200
response_dict = json.loads(resp.data)
assert response_dict['status'] == 'success'
assert response_dict['data'] == marshal(rules_dao.get_rule_by_id(1),
rule_wrappers.rule_wrapper)
def test_update_rules_lists_with_compulsory_payload_value(
self, client, url_prefix, token, rule):
"""
Test-case with only payload value of name and
conditions and with existing rule data without payload rule_name,
and valid rule_id which is passing through url,
expected output:- status is success, and
resultant rule data
"""
payload = {'name': 'test', 'conditions': conditions}
resp = client.post(url_prefix + '/rules/1',
headers={'x-access-token': token},
json=payload)
assert resp.status_code == 200
response_dict = json.loads(resp.data)
assert response_dict['status'] == 'success'
assert response_dict['data'] == marshal(rules_dao.get_rule_by_id(1),
rule_wrappers.rule_wrapper)