def test_endpoint_command(mocker, requests_mock): """Unit test Given - a hostname When - we mock the endpoint command Then - Validate that there is one result - Validate that the correct readable output is returned """ from GuardiCoreV2 import Client, endpoint_command mock_response = util_load_json('test_data/get_endpoint_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') args = {'hostname': 'Accounting-web-1'} mocker.patch.object(client, '_http_request', return_value=mock_response) response = endpoint_command(client, args) assert len(response) == 1 assert response[0].readable_output == open( 'test_data/endpoint_command_human.md').read()
def test_fetch_incidents_no_first(mocker, requests_mock): """Unit test Given - na When - we mock the fetch incidents flow Then - Validate that the last_fetch is correct (deafult of 3 past days) """ from dateparser import parse from pytz import utc from GuardiCoreV2 import Client, fetch_incidents incidents_data = util_load_json('test_data/fetch_incidents_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) requests_mock.get('https://api.guardicoreexample.com/api/v3.0/incidents', json=incidents_data.get('first')) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') incidents, last_fetch = fetch_incidents(client, {}) # Fetch first time, then change last fetch last_three = int(parse('3 days').replace(tzinfo=utc).timestamp()) * 1000 assert last_fetch == last_three
def test_get_assets(mocker, requests_mock): """Unit test Given - an ip When - we mock the endpoint asset get api call Then - Validate that there is one result - Validate that the correct output is returned """ from GuardiCoreV2 import Client, get_assets mock_response = util_load_json('test_data/get_assets_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') args = {'ip_address': '1.1.1.1'} mocker.patch.object(client, '_http_request', return_value=mock_response) response = get_assets(client, args) assert len(response) == 1 response = response[0] assert response.outputs == { 'asset_id': '920b9a05-889e-429e-97d0-94a92ccbe376', 'ip_addresses': ['1.1.1.1', 'fe80::250:56ff:fe84:da1e'], 'last_seen': 1627910241995, 'name': 'Accounting-web-1', 'status': 'on', 'tenant_name': 'esx10/lab_a/Apps/Accounting' }
def test_get_incidents(mocker, requests_mock): """Unit test Given - an incident from and to time, with a limit of 3 When - we mock the incidents get api call Then - Validate that the correct responses are returned """ from GuardiCoreV2 import Client, get_incidents, INCIDENT_COLUMNS, \ filter_human_readable requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') args = {'from_time': '2021-07-07T15:31:17Z', 'to_time': '2022-07-07T15:31:17Z', 'limit': 3} mock_response = util_load_json('test_data/get_incidents_response.json') mocker.patch.object(client, '_http_request', return_value=mock_response) response = get_incidents(client, args) # Transform the raw results to be more readable hr = [] for res in response.raw_response: row = filter_human_readable(res, human_columns=INCIDENT_COLUMNS) row['start_time'] = timestamp_to_datestring(row['start_time']) row['end_time'] = timestamp_to_datestring(row['end_time']) hr.append(row) assert response.outputs == hr assert response.raw_response == mock_response.get('objects')
def test_fetch_incidents(mocker, requests_mock): """Unit test Given - a first_fetch time (of 40 days) When - we mock the fetch incidents flow - we mock the fetch incidents flow is called twice Then - Validate that the last_fetch is correct (unix time of 40 days) - Validate that the first incident returned has a correct id - Validate that the length of the incidents is correct - Validate that the last_fetch is the last incident fetched - Validate that the incidents are all fetched (only 1 new one) """ from GuardiCoreV2 import Client, fetch_incidents from CommonServerPython import \ demisto # noqa # pylint: disable=unused-wildcard-importcommon incidents_data = util_load_json('test_data/fetch_incidents_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) requests_mock.get('https://api.guardicoreexample.com/api/v3.0/incidents', json=incidents_data.get('first')) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') incidents, last_fetch = fetch_incidents( client, {'first_fetch': '40 years'} ) # if xsoar is still here when this is a bug then we have a good problem on our hands :) # Fetch first time, then change last fetch assert last_fetch == 1611322222222 assert incidents[0].get('name') == 'Guardicore Incident (INC-ADB636B7)' assert len(incidents) == 2 mocker.patch.object(demisto, 'getLastRun', return_value={'last_fetch': last_fetch}) requests_mock.get('https://api.guardicoreexample.com/api/v3.0/incidents', json=incidents_data.get('second')) incidents, last_fetch = fetch_incidents(client, {}) # Now we should see the last fetch changed assert last_fetch == 1611322333333 assert len(incidents) == 1
def test_authenticate(requests_mock): """Unit test Given - a username and password When - we mock the authentication to the integration api endpoint. Then - Validate that the access_token is returned correctly. """ from GuardiCoreV2 import Client requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') assert client.access_token == TEST_API_KEY
def test_endpoint_command_fails(mocker, requests_mock): """Unit test Given - no parameters When - we mock the endpoint command Then - Validate that there is a correct error """ from GuardiCoreV2 import Client, endpoint_command mock_response = util_load_json('test_data/get_endpoint_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') args = {} mocker.patch.object(client, '_http_request', return_value=mock_response) with raises(DemistoException): endpoint_command(client, args)
def test_get_incident(mocker, requests_mock): """Unit test Given - an incident id When - we mock the incident get api call Then - Validate that the correct response is returned """ from GuardiCoreV2 import Client, get_indicent mock_response = util_load_json('test_data/get_incident_response.json') requests_mock.post( 'https://api.guardicoreexample.com/api/v3.0/authenticate', json={'access_token': TEST_API_KEY}) client = Client(base_url='https://api.guardicoreexample.com/api/v3.0', verify=False, proxy=False, username='******', password='******') args = { 'id': 'c2acca07-e9bf-4d63-9a26-ff6c749d24d2' } mocker.patch.object(client, '_http_request', return_value=mock_response) response = get_indicent(client, args) assert response.outputs == mock_response