def test_fetch_indicators_main_command_call_use_cyjax_tlp(mocker): mocker.patch.object(demisto, 'params', return_value={ 'apikey': 'test-api-key', 'url': 'https://cyjax-api-for-testing.com', 'use_cyjax_tlp': True, 'tlp_color': 'AMBER' }) last_fetch = datetime(2020, 12, 27, 15, 45) last_fetch_timestamp = int(last_fetch.timestamp()) mocker.patch.object( demisto, 'getIntegrationContext', return_value={INDICATORS_LAST_FETCH_KEY: last_fetch_timestamp}) cyjax_indicator = mocked_indicators expected_indicators = [convert_cyjax_indicator(cyjax_indicator[1])] mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise.list', return_value=[cyjax_indicator[1]]) mocker.patch.object(demisto, 'command', return_value='fetch-indicators') mocker.patch.object(demisto, 'createIndicators') mocker.patch.object(demisto, 'setIntegrationContext') main() assert demisto.createIndicators.call_count == 1 assert demisto.setIntegrationContext.call_count == 1 demisto.createIndicators.assert_called_with(expected_indicators) assert 'GREEN' == expected_indicators[0]['fields']['trafficlightprotocol']
def test_fetch_indicators_main_command_call_no_new_indicators(mocker): mocker.patch.object(demisto, 'params', return_value={ 'apikey': 'test-api-key', 'url': 'https://cyjax-api-for-testing.com' }) last_fetch = datetime(2020, 12, 27, 15, 45) last_fetch_timestamp = int(last_fetch.timestamp()) mocker.patch.object( demisto, 'getIntegrationContext', return_value={INDICATORS_LAST_FETCH_KEY: last_fetch_timestamp}) mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise.list', return_value=[]) mocker.patch.object(demisto, 'command', return_value='fetch-indicators') mocker.patch.object(demisto, 'createIndicators') mocker.patch.object(demisto, 'setIntegrationContext') main() assert demisto.createIndicators.call_count == 0 assert demisto.setIntegrationContext.call_count == 0 demisto.createIndicators.assert_not_called() demisto.setIntegrationContext.assert_not_called()
def test_test_module_main_command_call_invalid_api_key(mocker): mocker.patch.object(demisto, 'command', return_value='test-module') mocker.patch.object(demisto, 'results') mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise', side_effect=UnauthorizedException()) main() assert demisto.results.call_count == 1 assert demisto.results.call_args[0][ 0] == 'Could not connect to Cyjax API (Unauthorized)'
def test_get_indicators_main_command_call_no_new_indicators(mocker): mocker.patch.object(demisto, 'params', return_value={ 'apikey': 'test-api-key', 'url': 'https://cyjax-api-for-testing.com' }) mocker.patch.object(demisto, 'getIntegrationContext', return_value={ INDICATORS_LAST_FETCH_KEY: int(datetime(2020, 12, 27, 15, 45).timestamp()) }) cyjax_indicator = mocked_indicators expected_indicators = [ convert_cyjax_indicator(cyjax_indicator[0]), convert_cyjax_indicator(cyjax_indicator[1]), convert_cyjax_indicator(cyjax_indicator[2]), convert_cyjax_indicator(cyjax_indicator[3]) ] mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise.list', return_value=cyjax_indicator) mocker.patch.object(demisto, 'command', return_value='cyjax-get-indicators') mocker.patch.object(demisto, 'results') main() assert demisto.results.call_count == 1 result = demisto.results.call_args[0][0] assert isinstance(result, dict) assert 'Type' in result assert 'ContentsFormat' in result assert 'Contents' in result assert 'ReadableContentsFormat' in result assert 'HumanReadable' in result assert 'EntryContext' in result assert EntryType.NOTE == result.get('Type') assert EntryFormat.JSON == result.get('ContentsFormat') assert EntryFormat.MARKDOWN == result.get('ReadableContentsFormat') assert expected_indicators == result.get('Contents')
def test_test_module_main_command_call(mocker): ioc_mock = mocker.MagicMock() ioc_mock.list.return_value = [] mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise', return_value=ioc_mock) mocker.patch.object(demisto, 'command', return_value='test-module') mocker.patch.object(demisto, 'results') main() assert demisto.results.call_count == 1 assert demisto.results.call_args[0][0] == 'ok' mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise', side_effect=Exception('Server not responding')) main() assert demisto.results.call_count == 2 assert demisto.results.call_args[0][ 0] == 'Could not connect to Cyjax API (Server not responding)'
def test_unset_indicators_last_fetch_date_main_command_call(mocker): mocker.patch.object(demisto, 'getIntegrationContext', return_value={ INDICATORS_LAST_FETCH_KEY: 1640988032, 'Something': 'Else' }) assert demisto.getIntegrationContext() == { INDICATORS_LAST_FETCH_KEY: 1640988032, 'Something': 'Else' } mocker.patch.object(demisto, 'command', return_value='cyjax-unset-indicators-last-fetch-date') mocker.patch.object(demisto, 'results') main() assert demisto.results.call_count == 1 assert demisto.getIntegrationContext() == {'Something': 'Else'}
def test_indicators_sigthing_main_command_call(mocker): mocker.patch.object(demisto, 'params', return_value={ 'apikey': 'test-api-key', 'url': 'https://cyjax-api-for-testing.com' }) mocker.patch.object(demisto, 'args', return_value={ 'value': '236.516.247.352', }) mocked_response = mocked_enrichment mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise.enrichment', return_value=mocked_response) mocker.patch.object(demisto, 'command', return_value='cyjax-indicator-sighting') mocker.patch.object(demisto, 'results') main() assert demisto.results.call_count == 1 result = demisto.results.call_args[0][0] assert isinstance(result, dict) assert 'Type' in result assert 'ContentsFormat' in result assert 'Contents' in result assert 'ReadableContentsFormat' in result assert 'HumanReadable' in result assert 'EntryContext' in result assert EntryType.NOTE == result.get('Type') assert EntryFormat.JSON == result.get('ContentsFormat') assert EntryFormat.MARKDOWN == result.get('ReadableContentsFormat') expected_sightings = mocked_response.get('sightings') assert expected_sightings == result.get('Contents')
def test_fetch_indicators_main_command_call(mocker): mocker.patch.object(demisto, 'params', return_value={ 'apikey': 'test-api-key', 'url': 'https://cyjax-api-for-testing.com', 'use_cyjax_tlp': True }) last_fetch = datetime(2020, 12, 27, 15, 45) last_fetch_timestamp = int(last_fetch.timestamp()) mocker.patch.object( demisto, 'getIntegrationContext', return_value={INDICATORS_LAST_FETCH_KEY: last_fetch_timestamp}) cyjax_indicator = mocked_indicators expected_indicators = [ convert_cyjax_indicator(cyjax_indicator[0]), convert_cyjax_indicator(cyjax_indicator[1]), convert_cyjax_indicator(cyjax_indicator[2]), convert_cyjax_indicator(cyjax_indicator[3]) ] mocker.patch('FeedCyjax.cyjax_sdk.IndicatorOfCompromise.list', return_value=cyjax_indicator) mocker.patch.object(demisto, 'command', return_value='fetch-indicators') mocker.patch.object(demisto, 'createIndicators') mocker.patch.object(demisto, 'setIntegrationContext') main() assert demisto.createIndicators.call_count == 1 assert demisto.setIntegrationContext.call_count == 1 demisto.createIndicators.assert_called_with(expected_indicators) demisto.setIntegrationContext.assert_called_with( {'last_fetch': 1640988032})