def test_empty_search_query_error(self): """ Tests that an empty error is thrown if the query is empty. """ query = SearchQuery('', self.user) self.assertFalse(query.is_valid()) self.assertEqual(len(query.errors), 1) self.assertEqual(query.errors[0], SearchQuery.EMPTY_SEARCH_QUERY)
def test_parsing_error(self): """ Tests that a parsing error is thrown if the query cannot be parsed. """ query = SearchQuery(' ') self.assertFalse(query.is_valid()) self.assertEqual(len(query.errors), 1) self.assertEqual(query.errors[0], SearchQuery.PARSING_ERROR.format(' '))
def test_distillery_hyphen(self): """ Tests that a distillery with a hyphen is correctly identified. """ query = SearchQuery('@source="test-logs"', self.user) self.assertFalse(query.is_valid()) self.assertIsNotNone(query.distillery_filter_parameter) self.assertIsInstance(query.distillery_filter_parameter, DistilleryFilterParameter)
def test_distillery_parameter(self): """ Tests that a distillery filter string is correctly identified. """ query = SearchQuery('@source=*.test_logs') self.assertTrue(query.is_valid()) self.assertIsNotNone(query.distillery_filter_parameter) self.assertIsInstance( query.distillery_filter_parameter, DistilleryFilterParameter, )
def test_parameter_index(self): """ Tests that the parameter index is correct for each search parameter. """ query = SearchQuery('ip_address=34.25.12.32 "search phrase"') self.assertTrue(query.is_valid()) self.assertEqual(len(query.keyword_parameters), 1) self.assertEqual(query.keyword_parameters[0].index, 1) self.assertEqual(len(query.field_parameters), 1) self.assertEqual(query.field_parameters[0].index, 0)
def test_parameter_errors(self): """ Tests that the parameter errors are passed onto the search query object. """ field_parameter_string = 'field_name=blah' field_parameter = FieldSearchParameter(0, field_parameter_string) query = SearchQuery(field_parameter_string) self.assertFalse(query.is_valid()) self.assertEqual(len(query.invalid_parameters), 1) self.assertEqual( query.invalid_parameters[0].as_dict(), field_parameter.as_dict(), )
def test_as_dict(self): """ Tests that the as_dict() function returns the correct dictionary shape. """ search_query = SearchQuery('@source="test_posts" test', self.user) distillery_results_list = self._get_instance(search_query) factory = RequestFactory() request = factory.get('/api/v1/search/') self.assertEqual( distillery_results_list.as_dict(request), { 'count': 1, 'results': [{ 'count': 1, 'next': None, 'previous': None, 'results': MOCK_RESULTS_LIST, 'distillery': { 'id': 1, 'name': 'mongodb.test_database.test_posts', 'url': 'http://testserver/api/v1/distilleries/1/', } }] })
def test_multiple_distillery_filters_error(self): """ Tests that the query invalidates when multiple distillery filters are used. """ query = SearchQuery('@source=*.test_logs @source=*.test_logs') self.assertFalse(query.is_valid()) self.assertEqual(len(query.errors), 1) self.assertEqual( query.errors[0], SearchQuery.MULTIPLE_DISTILLERY_FILTERS.format( '@source=*.test_logs', 1, ), )
def test_multiple_field_search(self): """ Tests that multiple search fields are combined together by AND. """ search_query = SearchQuery( 'subject="Test doc" content.text=foobar', self.user) alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 1) self.assertEqual(alert_results.results[0].id, 4) search_query = SearchQuery( 'subject="Test doc" content.text=nothing', self.user) alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 0)
def test_keyword_fieldsets(self): """ Tests that a list of QueryFieldsets is created for each text field on a distillery. """ distillery = Distillery.objects.get(pk=5) search_query = SearchQuery('test "more testing"', self.user) distillery_results = self._get_instance(search_query, distillery) self.assertIsNotNone(distillery_results.engine_query) fieldsets = get_fieldsets(distillery_results.engine_query.subqueries) self.assertEqual(fieldsets[0].field_name, 'host') self.assertEqual(fieldsets[0].field_type, 'GenericIPAddressField') self.assertEqual(fieldsets[0].operator, 'regex') self.assertEqual(fieldsets[0].value, 'test') self.assertEqual(fieldsets[1].field_name, 'message') self.assertEqual(fieldsets[1].field_type, 'TextField') self.assertEqual(fieldsets[1].operator, 'regex') self.assertEqual(fieldsets[1].value, 'test') self.assertEqual(fieldsets[2].field_name, 'host') self.assertEqual(fieldsets[2].field_type, 'GenericIPAddressField') self.assertEqual(fieldsets[2].operator, 'regex') self.assertEqual(fieldsets[2].value, 'more testing') self.assertEqual(fieldsets[3].field_name, 'message') self.assertEqual(fieldsets[3].field_type, 'TextField') self.assertEqual(fieldsets[3].operator, 'regex') self.assertEqual(fieldsets[3].value, 'more testing')
def test_no_results(self): """ Tests that no results are returned for an instance with no keywords. """ alert_results = self._get_search_results(SearchQuery('ip_address=2')) self.assertEqual(alert_results.count, 0) self.assertEqual(len(alert_results.results), 0)
def test_result_length(self): """ Tests that an accurate amount of DistillerySearchResults is created for the number of distilleries returned. """ distillery_results_list = self._get_instance(SearchQuery('test', self.user)) self.assertEqual(len(distillery_results_list.results), 6)
def test_comment_search(self): """ Tests that the class searches through alert comments. """ search_query = SearchQuery('"This alert isn\'t this important"') alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 1) self.assertEqual(alert_results.results[0].pk, 2)
def test_data_search(self): """ Tests that the class searches through alert data. """ search_query = SearchQuery('"*****@*****.**"') alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 1) self.assertEqual(alert_results.results[0].pk, 2)
def test_multiple_keywords(self): """ Tests that multiple keywords are considered. """ search_query = SearchQuery('acme foobar', self.user) alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 1) self.assertEqual(alert_results.results[0].id, 4)
def test_restricted_user(self): """ Tests that alerts specific to a certain user are limited. """ restricted_user = self.user_model.objects.get(pk=3) search_query = SearchQuery('"Pied Piper"', restricted_user) alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 0)
def test_field_search(self): """ Tests that individual fields on alert data are searched. """ search_query = SearchQuery('subject="Test doc"', self.user) alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 1) self.assertEqual(alert_results.results[0].id, 4)
def test_result_count(self): """ Tests that the result list returns a combined count of all DistillerySearchResults """ search_query = SearchQuery('test', self.user) distillery_results_list = self._get_instance(search_query) self.assertEqual(distillery_results_list.count, 6)
def test_field_fieldsets_if_not_related(self): """ Tests that an engine query is not created if the FieldSearchParameter is not related to the distillery """ distillery = Distillery.objects.get(pk=1) search_query = SearchQuery('ip_address=13.43', self.user) distillery_results = self._get_instance(search_query, distillery) self.assertIsNone(distillery_results.engine_query)
def test_notes_search(self): """ Tests that the the class searches through alert notes. """ search_query = SearchQuery('"Some example notes"') alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 2) self.assertEqual(len(alert_results.results), 2) self.assertEqual(alert_results.results[0].pk, 3)
def test_distillery_attribute_set(self): """ Makes sure that the distillery attribute is set to the passed in distillery parameter. """ distillery = Distillery.objects.get(pk=1) search_query = SearchQuery('test', self.user) distillery_results = self._get_instance(search_query, distillery) self.assertEqual(distillery, distillery_results.distillery)
def test_field_fieldsets_if_not_related(self): """ Tests that a list of QueryFieldsets are not created if the FieldSearchParameter is not related to the distillery """ distillery = Distillery.objects.get(pk=1) search_query = SearchQuery('ip_address=13.43') distillery_results = self._get_instance(search_query, distillery) self.assertEqual(len(distillery_results.fieldsets), 0)
def test_no_fieldsets(self): """ Tests that no fieldsets are created for an instance with no keywords or parameters. """ distillery = Distillery.objects.get(pk=1) search_query = SearchQuery('', self.user) distillery_results = self._get_instance(search_query, distillery) self.assertIsNone(distillery_results.engine_query)
def test_results(self): """ Tests that the results and result count from a distillery search get put onto the results and count attribute """ distillery = Distillery.objects.get(pk=5) search_query = SearchQuery('test "more testing"', self.user) distillery_results = self._get_instance(search_query, distillery) self.assertEqual(distillery_results.count, 1) self.assertEqual(distillery_results.results, MOCK_RESULTS_LIST)
def test_as_dict(self): """ Tests that the correct dictionary shape is returned from as_dict(). """ search_query = SearchQuery('example') alert_results = self._get_search_results(search_query) alert_results_as_dict = alert_results.as_dict(self._get_request()) self.assertEqual(alert_results_as_dict['count'], 3) self.assertIsNone(alert_results_as_dict['next']) self.assertIsNone(alert_results_as_dict['previous']) self.assertEqual(len(alert_results_as_dict['results']), 3)
def test_title_search(self): """ Tests that the class searches through alert titles. """ search_query = SearchQuery('"Acme Supply co"') alert_results = self._get_search_results(search_query) self.assertEqual(alert_results.count, 3) alert_ids = [alert.pk for alert in alert_results.results] self.assertEqual(alert_ids, [4, 3, 1])
def test_distillery_filter(self): """ Tests that the distilleries from a distillery filter are used for getting distillery results. """ search_query = SearchQuery('@source="test_posts" test', self.user) distillery_results_list = self._get_instance(search_query) self.assertEqual(len(distillery_results_list.distilleries), 1) self.assertEqual(distillery_results_list.distilleries[0].pk, 1) self.assertEqual(len(distillery_results_list.results), 1) self.assertEqual(distillery_results_list.results[0].distillery.pk, 1)
def test_filtered_alert_searching(self): """ Tests that only distilleries specified are searched. """ passing_search = SearchQuery('"This is some text"', self.user) alert_results = self._get_search_results(passing_search) self.assertEqual(len(alert_results.results), 1) failing_search = SearchQuery( '@source="test_index.test_logs" "This is some text"', self.user) alert_results = self._get_search_results(failing_search) self.assertEqual(len(alert_results.results), 0) passing_search = SearchQuery( '@source="test_index.test_logs" "Acme Supply Co"', self.user) alert_results = self._get_search_results(passing_search) self.assertEqual(len(alert_results.results), 1)
def test_unknown_parameters(self): """ Tests that unknown parameter types are correctly identified. """ unknown_parameter_string_1 = 'fjlk#!!.!@#$' unknown_parameter_string_2 = 'fieoh$%@.!@98' unknown_parameter_1 = UnknownParameter(0, unknown_parameter_string_1) unknown_parameter_2 = UnknownParameter(1, unknown_parameter_string_2) query = SearchQuery('{} {}'.format( unknown_parameter_string_1, unknown_parameter_string_2, )) self.assertFalse(query.is_valid()) self.assertEqual(len(query.unknown_parameters), 2) self.assertEqual(len(query.invalid_parameters), 2) self.assertEqual( query.invalid_parameters[0].as_dict(), unknown_parameter_1.as_dict(), ) self.assertEqual( query.invalid_parameters[1].as_dict(), unknown_parameter_2.as_dict(), )
def test_field_fieldsets_if_related(self): """ Tests that a list of QueryFieldsets are created when given a list of FieldSearchParameters if the parameter is related to the distillery. """ distillery = Distillery.objects.get(pk=3) search_query = SearchQuery('ip_address=13.43') distillery_results = self._get_instance(search_query, distillery) self.assertEqual(len(distillery_results.fieldsets), 1) field_fieldset = distillery_results.fieldsets[0] self.assertEqual(field_fieldset.field_name, 'ip_address') self.assertEqual(field_fieldset.field_type, 'GenericIPAddressField')