def test_get_limited_list_incidents(self, args, expected_next_link, client, mocker):
"""
Given:
- Args with and various limit parameter for the tested command
- Expected value for next link if exist
- An app client object
When:
- Calling function list_incidents_command
Then:
- Ensure the results holds the expected incidents list data
- Ensure next link returned as expected
"""
# prepare
mocked_incidents = MOCKED_INCIDENTS_OUTPUT.copy()
mocker.patch.object(client, 'http_request', return_value=mocked_incidents)
if expected_next_link:
mocked_incidents['nextLink'] = expected_next_link
# execute
command_res = list_incidents_command(client, args=args)
readable_output, outputs, raw_response = command_res.readable_output, command_res.outputs, command_res.raw_response
context = outputs['AzureSentinel.Incident(val.ID === obj.ID)'][0]
# validate
assert 'Incidents List (1 results)' in readable_output
assert context['ID'] == 'inc_name', 'Incident name in Azure Sentinel API is Incident ID in Cortex XSOAR'
assert context['FirstActivityTimeUTC'] == '2020-02-02T14:05:01Z', 'Dates are formatted to %Y-%m-%dT%H:%M:%SZ'
assert context['AlertsCount'] == 1
assert len(raw_response['value']) == 1
next_link = outputs.get(NEXT_LINK_CONTEXT_KEY, {}).get('URL')
assert next_link == expected_next_link
def test_get_next_page_list_incidents(self, mocker):
"""
Given:
- Next link parameter to get the next page of incidents
- An app client object
When:
- Calling function list_incidents_command
Then:
- Ensure the the request sent to the next link url
"""
# prepare
next_link_uri = 'https://test.com'
args = {'limit': '1', 'next_link': next_link_uri}
client = mock_client()
mocker.patch.object(client, 'http_request')
# execute
list_incidents_command(client, args=args)
# validate
assert client.http_request.call_args[1]['full_url'] == next_link_uri
def test_list_incidents(args, client, mocker):
mocker.patch.object(client, 'http_request', return_value=MOCKED_INCIDENTS_OUTPUT)
readable_output, outputs, result = list_incidents_command(client, args=args)
next_link = outputs['AzureSentinel.NextLink(val.Description == "NextLink for listing commands")']['URL']
context = outputs['AzureSentinel.Incident(val.ID === obj.ID)'][0]
assert 'Incidents List (1 results)' in readable_output
assert context['ID'] == 'inc_name', 'Incident name in Azure Sentinel API is Incident ID in Demisto'
assert context['FirstActivityTimeUTC'] == '2020-02-02T14:05:01Z', 'Dates are formatted to %Y-%m-%dT%H:%M:%SZ'
assert context['AlertsCount'] == 1
assert next_link == 'https://test.com'
assert len(result['value']) == 1