def test_load(self, mock_load, mock_get_audit_info):
"""
Unittest to load a rule.
:param mock_write:
:param mock_get_audit_info:
:return:
"""
rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \
'delete_module,finit_module -F key=abc99'
audit_info = {'loaded': 'no', 'persisted': 'yes',
'type': 'System Rule',
'rule_info': {'action': u'always',
'filter': u'exit',
'systemcall': u'init_module,'
u'delete_module,'
u'finit_module',
'key': u'abc99', 'field': [u'arch=b32',
u'arch=b64',
u'key=abc99']
},
'rule': u'-a always,exit -F arch=b32 '
u'-F arch=b64 -S init_module,'
u'delete_module,finit_module'
u' -F key=abc99'
}
mock_get_audit_info.return_value = audit_info
mock_load.return_value = {}
ruleModel = RuleModel()
ruleModel.load(rule)
mock_get_audit_info.assert_called_with(rule)
def test_load(self, mock_load):
"""
Unittest to load a rule.
:param mock_write:
:param mock_get_audit_info:
:return:
"""
rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \
'delete_module,finit_module -F key=abc99'
mock_load.return_value = {}
ruleModel = RuleModel()
ruleModel.load(rule)
mock_load.assert_called_with(rule)
def test_load(self, mock_load):
"""
Unittest to load a rule.
:param mock_write:
:param mock_get_audit_info:
:return:
"""
rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \
'delete_module,finit_module -F key=abc99'
mock_load.return_value = {}
ruleModel = RuleModel()
ruleModel.load(rule)
mock_load.assert_called_with(rule)
def test_load(self, mock_load, mock_get_audit_info):
"""
Unittest to load a rule.
:param mock_write:
:param mock_get_audit_info:
:return:
"""
rule = '-a always,exit -F arch=b32 -F arch=b64 -S init_module,' \
'delete_module,finit_module -F key=abc99'
audit_info = {
'loaded':
'no',
'persisted':
'yes',
'type':
'System Rule',
'rule_info': {
'action': u'always',
'filter': u'exit',
'systemcall': u'init_module,'
u'delete_module,'
u'finit_module',
'key': u'abc99',
'field': [u'arch=b32', u'arch=b64', u'key=abc99']
},
'rule':
u'-a always,exit -F arch=b32 '
u'-F arch=b64 -S init_module,'
u'delete_module,finit_module'
u' -F key=abc99'
}
mock_get_audit_info.return_value = audit_info
mock_load.return_value = {}
ruleModel = RuleModel()
ruleModel.load(rule)
mock_get_audit_info.assert_called_with(rule)
