def test_get_limited_list_incidents(self, args, expected_next_link, client, mocker): """ Given: - Args with and various limit parameter for the tested command - Expected value for next link if exist - An app client object When: - Calling function list_incidents_command Then: - Ensure the results holds the expected incidents list data - Ensure next link returned as expected """ # prepare mocked_incidents = MOCKED_INCIDENTS_OUTPUT.copy() mocker.patch.object(client, 'http_request', return_value=mocked_incidents) if expected_next_link: mocked_incidents['nextLink'] = expected_next_link # execute command_res = list_incidents_command(client, args=args) readable_output, outputs, raw_response = command_res.readable_output, command_res.outputs, command_res.raw_response context = outputs['AzureSentinel.Incident(val.ID === obj.ID)'][0] # validate assert 'Incidents List (1 results)' in readable_output assert context['ID'] == 'inc_name', 'Incident name in Azure Sentinel API is Incident ID in Cortex XSOAR' assert context['FirstActivityTimeUTC'] == '2020-02-02T14:05:01Z', 'Dates are formatted to %Y-%m-%dT%H:%M:%SZ' assert context['AlertsCount'] == 1 assert len(raw_response['value']) == 1 next_link = outputs.get(NEXT_LINK_CONTEXT_KEY, {}).get('URL') assert next_link == expected_next_link
def test_get_next_page_list_incidents(self, mocker): """ Given: - Next link parameter to get the next page of incidents - An app client object When: - Calling function list_incidents_command Then: - Ensure the the request sent to the next link url """ # prepare next_link_uri = 'https://test.com' args = {'limit': '1', 'next_link': next_link_uri} client = mock_client() mocker.patch.object(client, 'http_request') # execute list_incidents_command(client, args=args) # validate assert client.http_request.call_args[1]['full_url'] == next_link_uri
def test_list_incidents(args, client, mocker): mocker.patch.object(client, 'http_request', return_value=MOCKED_INCIDENTS_OUTPUT) readable_output, outputs, result = list_incidents_command(client, args=args) next_link = outputs['AzureSentinel.NextLink(val.Description == "NextLink for listing commands")']['URL'] context = outputs['AzureSentinel.Incident(val.ID === obj.ID)'][0] assert 'Incidents List (1 results)' in readable_output assert context['ID'] == 'inc_name', 'Incident name in Azure Sentinel API is Incident ID in Demisto' assert context['FirstActivityTimeUTC'] == '2020-02-02T14:05:01Z', 'Dates are formatted to %Y-%m-%dT%H:%M:%SZ' assert context['AlertsCount'] == 1 assert next_link == 'https://test.com' assert len(result['value']) == 1