def send_api_request(test_case_name,
api,
interface=2,
request_data='request.json',
credential=None):
config = ConfigHelper()
body = {}
params = {}
if api['method'] == 'GET' or api['method'] == 'DELETE':
params = parse_test_data_json(test_case_name, request_data)
else:
body = parse_test_data_json(test_case_name, request_data)
query_url = api['path']
if params:
query_url += '?' + urllib.parse.urlencode(params)
token = None
if int(interface) == 2:
token = http_helper.get_jwt(api['method'], query_url, '',
json.dumps(body) if body else '')
return http_helper.send_request(
config.get_data_from_config('CM', 'protocol') +
config.get_data_from_config('CM', 'ip') + ':' +
str(config.get_data_from_config('CM', 'port')),
api,
interface,
credential,
params=params if params else None,
body=json.dumps(body) if body else None,
jwt_token=token)
def get_jwt(http_method,
raw_url,
header,
request_body,
private_key=None,
app_id=None,
algorithm='HS256',
version='V1'):
string_for_hash = http_method.upper() + '|' + raw_url.lower(
) + '|' + header + '|' + request_body
hash_obj = hashlib.sha256(string_for_hash.encode('utf-8'))
hash_byte = hash_obj.digest()
base64_byte = codecs.encode(hash_byte, 'base64')
hash_string = base64_byte.decode('utf-8')
hash_string = hash_string[:-1]
config = ConfigHelper()
issue_time = time.time()
if private_key is None:
private_key = config.get_data_from_config('CM', 'api_key')
if app_id is None:
app_id = config.get_data_from_config('CM', 'application_id')
payload = {
'appid': app_id,
'iat': issue_time,
'version': version,
'checksum': hash_string
}
token = jwt.encode(payload, private_key,
algorithm=algorithm).decode('utf-8')
return token
def make_connection():
config = ConfigHelper()
sqlserver = config.get_data_from_config('DB', 'address')
dbname = config.get_data_from_config('DB', 'dbname')
username = config.get_data_from_config('DB', 'account')
password = config.get_data_from_config('DB', 'password')
sep = ';'
conn_string = sep.join(
('DRIVER={SQL Server}', 'SERVER=' + sqlserver, 'DATABASE=' + dbname,
'UID=' + username, 'PWD=' + password))
cxn = pyodbc.connect(conn_string)
return cxn
def initialize_api_key(app_name=None, is_enabled=1, latency_second=120):
config = ConfigHelper()
app_id = config.get_data_from_config('CM', 'application_id')
if not TbExternalWebServiceConsumers.check_if_key_is_duplicated(app_id):
api_key = config.get_data_from_config('CM', 'api_key_crypted')
if not app_name:
app_name = config.get_data_from_config('CM', 'app_name')
res = TbExternalWebServiceConsumersFactory(
ApplicationID=app_id,
APIKey=api_key,
IsEnabled=is_enabled,
AllowedLatencyInSeconds=latency_second,
ApplicationName=app_name)
def ioc_membership_validation(res, expected):
config = ConfigHelper()
from db.models.tb_IOCFileList import TbIOCFileList
hashid = res.json()['Data']['UploadedResultInfoList'][0]['FileHashID']
if expected['UploadedFrom'] == 1:
uploadedby = config.get_data_from_config('CM', 'app_name')
if expected['UploadedFrom'] == 2:
uploadedby = config.get_data_from_config('CM', 'admin', 'account')
record = TbIOCFileList.find_by_file_hash_id(hashid)
if record.UploadedFrom != expected['UploadedFrom']:
raise AssertionError('UploadedFrom value is not correct')
if record.UploadedBy != uploadedby:
raise AssertionError('UploadedBy value is not correct')
def get_cm_login_session(credential):
config = ConfigHelper()
cm_login = config.get_data_from_config('CM', 'address')
cm_cookies = ExtendSeleniumLibrary().get_cm_cookies(cm_login, credential)
s = requests.Session()
for cookie in cm_cookies:
s.cookies.set(cookie['name'], cookie['value'])
return s
def get_cm_cookies(self, url, credential=None):
config = ConfigHelper()
if credential is None:
user = config.get_data_from_config('CM', 'admin', 'account')
pwd = config.get_data_from_config('CM', 'admin', 'password')
else:
user = credential['user']
pwd = credential['pwd']
# else:
# user = config.get_data_from_config('CM', 'admin', 'account')
# pwd = config.get_data_from_config('CM', 'admin', 'password')
driver = webdriver.Chrome()
driver.get(url)
WebDriverWait(driver, 10).until(
EC.presence_of_element_located((By.ID, "txtUserName")))
driver.find_element_by_id("txtUserName").send_keys(user)
driver.find_element_by_id("txtPassword").send_keys(pwd)
driver.find_element_by_id("loginLink").click()
cookies = driver.get_cookies()
return cookies
def uploaded_ioc_tables_should_be(request, table):
config = ConfigHelper()
data = request.json()['Data']
for i in data['UploadedResultInfoList']:
if i['UploadedStatus'] != 1:
continue
record = table.find_by_file_hash_id(i['FileHashID'])
assert_equal(record.FileName, i['FileName'])
assert_equal(record.UploadedFrom, 1)
assert_equal(record.UploadedBy,
config.get_data_from_config('CM', 'app_name'))
def audit_should_be(event_type_id,
expected_count,
expected_description,
expected_result=1):
config = ConfigHelper()
records = TbUserAccessLog.find_records_by_event_type(event_type_id)
assert_equal(len(records), int(expected_count))
for r in records:
assert_equal(r.UserID, config.get_data_from_config('CM', 'app_name'))
assert_equal(r.Result, int(expected_result))
assert_not_equal(re.match(expected_description, r.Description), None)
def uploaded_so_tables_should_be(test_case_name, expected_data='request.json'):
config = ConfigHelper()
scan_action = {'LOG': 1, 'BLOCK': 2, 'QUARANTINE': 3}
expected = parse_test_data_json(test_case_name, expected_data)
record = TbBlacklistInfo.find_by_note(expected.get('note'))
assert_equal(record.SLF_Type, 2)
assert_equal(record.SourceType, 1)
assert_equal(record.ScanAction,
scan_action.get(expected.get('file_scan_action')))
source_record = TbBlacklistSourceInfo.find_by_key(record.SLF_Key)
assert_equal(source_record.Source, 1)
assert_equal(source_record.UploadedBy,
config.get_data_from_config('CM', 'app_name'))
def __init__(self):
config = ConfigHelper()
account = config.get_data_from_config('DB', 'account')
password = config.get_data_from_config('DB', 'password')
db_server = config.get_data_from_config('DB', 'address')
db_name = config.get_data_from_config('DB', 'dbname')
db_instance = config.get_data_from_config('DB', 'instance')
db_port = config.get_data_from_config('DB', 'port')
if db_instance:
connection_str = "mssql+pyodbc://{0}:{1}@{2}\{3}/{4}?driver=SQL+Server".format(
account, password, db_server, db_instance, db_name)
else:
connection_str = "mssql+pyodbc://{0}:{1}@{2}:{3}/{4}?driver=SQL+Server".format(
account, password, db_server, db_port, db_name)
self.connect(connection_str)