def test_empty_search_query_error(self):
"""
Tests that an empty error is thrown if the query is empty.
"""
query = SearchQuery('', self.user)
self.assertFalse(query.is_valid())
self.assertEqual(len(query.errors), 1)
self.assertEqual(query.errors[0], SearchQuery.EMPTY_SEARCH_QUERY)
def test_parsing_error(self):
"""
Tests that a parsing error is thrown if the query cannot be parsed.
"""
query = SearchQuery(' ')
self.assertFalse(query.is_valid())
self.assertEqual(len(query.errors), 1)
self.assertEqual(query.errors[0],
SearchQuery.PARSING_ERROR.format(' '))
def test_distillery_hyphen(self):
"""
Tests that a distillery with a hyphen is correctly identified.
"""
query = SearchQuery('@source="test-logs"', self.user)
self.assertFalse(query.is_valid())
self.assertIsNotNone(query.distillery_filter_parameter)
self.assertIsInstance(query.distillery_filter_parameter,
DistilleryFilterParameter)
def test_distillery_parameter(self):
"""
Tests that a distillery filter string is correctly identified.
"""
query = SearchQuery('@source=*.test_logs')
self.assertTrue(query.is_valid())
self.assertIsNotNone(query.distillery_filter_parameter)
self.assertIsInstance(
query.distillery_filter_parameter,
DistilleryFilterParameter,
)
def test_parameter_index(self):
"""
Tests that the parameter index is correct for each search
parameter.
"""
query = SearchQuery('ip_address=34.25.12.32 "search phrase"')
self.assertTrue(query.is_valid())
self.assertEqual(len(query.keyword_parameters), 1)
self.assertEqual(query.keyword_parameters[0].index, 1)
self.assertEqual(len(query.field_parameters), 1)
self.assertEqual(query.field_parameters[0].index, 0)
def test_parameter_errors(self):
"""
Tests that the parameter errors are passed onto the search
query object.
"""
field_parameter_string = 'field_name=blah'
field_parameter = FieldSearchParameter(0, field_parameter_string)
query = SearchQuery(field_parameter_string)
self.assertFalse(query.is_valid())
self.assertEqual(len(query.invalid_parameters), 1)
self.assertEqual(
query.invalid_parameters[0].as_dict(),
field_parameter.as_dict(),
)
def test_as_dict(self):
"""
Tests that the as_dict() function returns the correct
dictionary shape.
"""
search_query = SearchQuery('@source="test_posts" test', self.user)
distillery_results_list = self._get_instance(search_query)
factory = RequestFactory()
request = factory.get('/api/v1/search/')
self.assertEqual(
distillery_results_list.as_dict(request), {
'count':
1,
'results': [{
'count': 1,
'next': None,
'previous': None,
'results': MOCK_RESULTS_LIST,
'distillery': {
'id': 1,
'name': 'mongodb.test_database.test_posts',
'url': 'http://testserver/api/v1/distilleries/1/',
}
}]
})
def test_multiple_distillery_filters_error(self):
"""
Tests that the query invalidates when multiple distillery filters are
used.
"""
query = SearchQuery('@source=*.test_logs @source=*.test_logs')
self.assertFalse(query.is_valid())
self.assertEqual(len(query.errors), 1)
self.assertEqual(
query.errors[0],
SearchQuery.MULTIPLE_DISTILLERY_FILTERS.format(
'@source=*.test_logs',
1,
),
)
def test_multiple_field_search(self):
"""
Tests that multiple search fields are combined together by AND.
"""
search_query = SearchQuery(
'subject="Test doc" content.text=foobar', self.user)
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 1)
self.assertEqual(alert_results.results[0].id, 4)
search_query = SearchQuery(
'subject="Test doc" content.text=nothing', self.user)
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 0)
def test_keyword_fieldsets(self):
"""
Tests that a list of QueryFieldsets is created for each text field
on a distillery.
"""
distillery = Distillery.objects.get(pk=5)
search_query = SearchQuery('test "more testing"', self.user)
distillery_results = self._get_instance(search_query, distillery)
self.assertIsNotNone(distillery_results.engine_query)
fieldsets = get_fieldsets(distillery_results.engine_query.subqueries)
self.assertEqual(fieldsets[0].field_name, 'host')
self.assertEqual(fieldsets[0].field_type, 'GenericIPAddressField')
self.assertEqual(fieldsets[0].operator, 'regex')
self.assertEqual(fieldsets[0].value, 'test')
self.assertEqual(fieldsets[1].field_name, 'message')
self.assertEqual(fieldsets[1].field_type, 'TextField')
self.assertEqual(fieldsets[1].operator, 'regex')
self.assertEqual(fieldsets[1].value, 'test')
self.assertEqual(fieldsets[2].field_name, 'host')
self.assertEqual(fieldsets[2].field_type, 'GenericIPAddressField')
self.assertEqual(fieldsets[2].operator, 'regex')
self.assertEqual(fieldsets[2].value, 'more testing')
self.assertEqual(fieldsets[3].field_name, 'message')
self.assertEqual(fieldsets[3].field_type, 'TextField')
self.assertEqual(fieldsets[3].operator, 'regex')
self.assertEqual(fieldsets[3].value, 'more testing')
def test_no_results(self):
"""
Tests that no results are returned for an instance with no keywords.
"""
alert_results = self._get_search_results(SearchQuery('ip_address=2'))
self.assertEqual(alert_results.count, 0)
self.assertEqual(len(alert_results.results), 0)
def test_result_length(self):
"""
Tests that an accurate amount of DistillerySearchResults is created
for the number of distilleries returned.
"""
distillery_results_list = self._get_instance(SearchQuery('test', self.user))
self.assertEqual(len(distillery_results_list.results), 6)
def test_comment_search(self):
"""
Tests that the class searches through alert comments.
"""
search_query = SearchQuery('"This alert isn\'t this important"')
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 1)
self.assertEqual(alert_results.results[0].pk, 2)
def test_data_search(self):
"""
Tests that the class searches through alert data.
"""
search_query = SearchQuery('"*****@*****.**"')
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 1)
self.assertEqual(alert_results.results[0].pk, 2)
def test_multiple_keywords(self):
"""
Tests that multiple keywords are considered.
"""
search_query = SearchQuery('acme foobar', self.user)
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 1)
self.assertEqual(alert_results.results[0].id, 4)
def test_restricted_user(self):
"""
Tests that alerts specific to a certain user are limited.
"""
restricted_user = self.user_model.objects.get(pk=3)
search_query = SearchQuery('"Pied Piper"', restricted_user)
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 0)
def test_field_search(self):
"""
Tests that individual fields on alert data are searched.
"""
search_query = SearchQuery('subject="Test doc"', self.user)
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 1)
self.assertEqual(alert_results.results[0].id, 4)
def test_result_count(self):
"""
Tests that the result list returns a combined count of all
DistillerySearchResults
"""
search_query = SearchQuery('test', self.user)
distillery_results_list = self._get_instance(search_query)
self.assertEqual(distillery_results_list.count, 6)
def test_field_fieldsets_if_not_related(self):
"""
Tests that an engine query is not created if the
FieldSearchParameter is not related to the distillery
"""
distillery = Distillery.objects.get(pk=1)
search_query = SearchQuery('ip_address=13.43', self.user)
distillery_results = self._get_instance(search_query, distillery)
self.assertIsNone(distillery_results.engine_query)
def test_notes_search(self):
"""
Tests that the the class searches through alert notes.
"""
search_query = SearchQuery('"Some example notes"')
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 2)
self.assertEqual(len(alert_results.results), 2)
self.assertEqual(alert_results.results[0].pk, 3)
def test_distillery_attribute_set(self):
"""
Makes sure that the distillery attribute is set to the passed in
distillery parameter.
"""
distillery = Distillery.objects.get(pk=1)
search_query = SearchQuery('test', self.user)
distillery_results = self._get_instance(search_query, distillery)
self.assertEqual(distillery, distillery_results.distillery)
def test_field_fieldsets_if_not_related(self):
"""
Tests that a list of QueryFieldsets are not created if the
FieldSearchParameter is not related to the distillery
"""
distillery = Distillery.objects.get(pk=1)
search_query = SearchQuery('ip_address=13.43')
distillery_results = self._get_instance(search_query, distillery)
self.assertEqual(len(distillery_results.fieldsets), 0)
def test_no_fieldsets(self):
"""
Tests that no fieldsets are created for an instance with
no keywords or parameters.
"""
distillery = Distillery.objects.get(pk=1)
search_query = SearchQuery('', self.user)
distillery_results = self._get_instance(search_query, distillery)
self.assertIsNone(distillery_results.engine_query)
def test_results(self):
"""
Tests that the results and result count from a distillery
search get put onto the results and count attribute
"""
distillery = Distillery.objects.get(pk=5)
search_query = SearchQuery('test "more testing"', self.user)
distillery_results = self._get_instance(search_query, distillery)
self.assertEqual(distillery_results.count, 1)
self.assertEqual(distillery_results.results, MOCK_RESULTS_LIST)
def test_as_dict(self):
"""
Tests that the correct dictionary shape is returned from as_dict().
"""
search_query = SearchQuery('example')
alert_results = self._get_search_results(search_query)
alert_results_as_dict = alert_results.as_dict(self._get_request())
self.assertEqual(alert_results_as_dict['count'], 3)
self.assertIsNone(alert_results_as_dict['next'])
self.assertIsNone(alert_results_as_dict['previous'])
self.assertEqual(len(alert_results_as_dict['results']), 3)
def test_title_search(self):
"""
Tests that the class searches through alert titles.
"""
search_query = SearchQuery('"Acme Supply co"')
alert_results = self._get_search_results(search_query)
self.assertEqual(alert_results.count, 3)
alert_ids = [alert.pk for alert in alert_results.results]
self.assertEqual(alert_ids, [4, 3, 1])
def test_distillery_filter(self):
"""
Tests that the distilleries from a distillery filter are used for
getting distillery results.
"""
search_query = SearchQuery('@source="test_posts" test', self.user)
distillery_results_list = self._get_instance(search_query)
self.assertEqual(len(distillery_results_list.distilleries), 1)
self.assertEqual(distillery_results_list.distilleries[0].pk, 1)
self.assertEqual(len(distillery_results_list.results), 1)
self.assertEqual(distillery_results_list.results[0].distillery.pk, 1)
def test_filtered_alert_searching(self):
"""
Tests that only distilleries specified are searched.
"""
passing_search = SearchQuery('"This is some text"', self.user)
alert_results = self._get_search_results(passing_search)
self.assertEqual(len(alert_results.results), 1)
failing_search = SearchQuery(
'@source="test_index.test_logs" "This is some text"', self.user)
alert_results = self._get_search_results(failing_search)
self.assertEqual(len(alert_results.results), 0)
passing_search = SearchQuery(
'@source="test_index.test_logs" "Acme Supply Co"', self.user)
alert_results = self._get_search_results(passing_search)
self.assertEqual(len(alert_results.results), 1)
def test_unknown_parameters(self):
"""
Tests that unknown parameter types are correctly identified.
"""
unknown_parameter_string_1 = 'fjlk#!!.!@#$'
unknown_parameter_string_2 = 'fieoh$%@.!@98'
unknown_parameter_1 = UnknownParameter(0, unknown_parameter_string_1)
unknown_parameter_2 = UnknownParameter(1, unknown_parameter_string_2)
query = SearchQuery('{} {}'.format(
unknown_parameter_string_1,
unknown_parameter_string_2,
))
self.assertFalse(query.is_valid())
self.assertEqual(len(query.unknown_parameters), 2)
self.assertEqual(len(query.invalid_parameters), 2)
self.assertEqual(
query.invalid_parameters[0].as_dict(),
unknown_parameter_1.as_dict(),
)
self.assertEqual(
query.invalid_parameters[1].as_dict(),
unknown_parameter_2.as_dict(),
)
def test_field_fieldsets_if_related(self):
"""
Tests that a list of QueryFieldsets are created when given a list of
FieldSearchParameters if the parameter is related to the distillery.
"""
distillery = Distillery.objects.get(pk=3)
search_query = SearchQuery('ip_address=13.43')
distillery_results = self._get_instance(search_query, distillery)
self.assertEqual(len(distillery_results.fieldsets), 1)
field_fieldset = distillery_results.fieldsets[0]
self.assertEqual(field_fieldset.field_name, 'ip_address')
self.assertEqual(field_fieldset.field_type, 'GenericIPAddressField')
