def test_get_all_versions(collection): ds = TAXIICollectionStore(collection) indicators = ds.all_versions( 'indicator--00000000-0000-4000-8000-000000000001') # There are 3 indicators but 2 share the same 'modified' timestamp assert len(indicators) == 2
def test_all_versions_404(collection): """ a TAXIICollectionSource.all_version() call that recieves an HTTP 404 response code from the taxii2client should be returned as an exception""" ds = TAXIICollectionStore(collection) with pytest.raises(DataSourceError) as excinfo: ds.all_versions("indicator--1") assert "are either not found or access is denied" in str(excinfo.value) assert "404" in str(excinfo.value)
def test_query_404(collection): """ a TAXIICollectionSource.query() call that recieves an HTTP 404 response code from the taxii2client should be returned as an exception""" ds = TAXIICollectionStore(collection) query = [Filter("type", "=", "malware")] with pytest.raises(DataSourceError) as excinfo: ds.query(query=query) assert "are either not found or access is denied" in str(excinfo.value) assert "404" in str(excinfo.value)
def test_add_stix2_with_custom_object(collection): tc_sink = TAXIICollectionStore(collection, allow_custom=True) # create new STIX threat-actor ta = ThreatActor(name="Teddy Bear", labels=["nation-state"], sophistication="innovator", resource_level="government", goals=[ "compromising environment NGOs", "water-hole attacks geared towards energy sector", ], foo="bar", allow_custom=True) tc_sink.add(ta)
def test_get_all_versions(collection): ds = TAXIICollectionStore(collection) indicators = ds.all_versions('indicator--d81f86b9-975b-bc0b-775e-810c5ad45a4f') # There are 3 indicators but 2 share the same 'modified' timestamp assert len(indicators) == 2