Esempio n. 1
0
def test_fetch_indicators_command(category_list, expected_indicators):
    """
    Given:
    - Global feed url and category list.
    (A) - Full category list.
    (B) - Category list containing only Optimize.
    (C) - Category list containing only Allow.

    When:
     - Fetching incidents.

    Then:
     - Ensure that the incidents returned are as expected.
     (A) - all incidents from response are handled and returned.
     (B) - only incidents with 'Optimize' category are returned.
    (C) - Empty list as there aren't any indicators with 'Allow' category.
    """
    with requests_mock.Mocker() as mock:
        url_dict = {
            "FeedURL": 'https://endpoints.office.com/endpoints/worldwide',
            "Region": 'Worldwide',
            "Service": 'Any'
        }
        mock.get(url_dict.get('FeedURL'), json=RESPONSE_DATA)
        client = Client([url_dict], category_list)
        indicators = fetch_indicators_command(client)
        assert len(indicators) == expected_indicators
Esempio n. 2
0
def test_fetch_indicators_command():
    with requests_mock.Mocker() as mock:
        url_dict = {
            "FeedURL": 'https://endpoints.office.com/endpoints/worldwide',
            "Region": 'Worldwide',
            "Service": 'Any'
        }
        mock.get(url_dict.get('FeedURL'), json=RESPONSE_DATA)
        client = Client([url_dict])
        indicators = fetch_indicators_command(client)
        assert len(indicators) == 10
Esempio n. 3
0
 def test_feed_tags(self, mocker, tags):
     """
     Given:
     - tags parameters
     When:
     - Executing any command on feed
     Then:
     - Validate the tags supplied exists in the indicators
     """
     client = Client(self.urls, ALL_CATEGORY_LIST, False, tags)
     mocker.patch.object(client, 'build_iterator', return_value=RESPONSE_DATA)
     _, _, raw_json = get_indicators_command(client, {'limit': 2, 'indicator_type': 'IPs'})
     assert tags == raw_json.get('raw_response')[0]['fields']['tags']
Esempio n. 4
0
def test_commands(command, args, response, length, mocker):
    url_dict = {
        "FeedURL": 'https://endpoints.office.com/endpoints/worldwide',
        "Region": 'Worldwide',
        "Service": 'Any'
    }
    client = Client([url_dict], False, False)
    mocker.patch.object(client, 'build_iterator', return_value=response)
    human_readable, indicators_ec, raw_json = command(client, args)
    indicators = raw_json.get('raw_response')
    assert len(indicators) == length
    for indicator_json in indicators:
        indicator_val = indicator_json.get('value')
        indicator_type = indicator_json.get('type')
        assert indicator_val
        if indicator_type == 'Domain':
            pass
        else:  # ip
            assert args.get('indicator_type') != 'URLs'
Esempio n. 5
0
def test_commands(command, args, response, length, mocker):
    url_dict = {
        "FeedURL": 'https://endpoints.office.com/endpoints/worldwide',
        "Region": 'Worldwide',
        "Service": 'Any'
    }
    client = Client([url_dict], args, False, False)
    mocker.patch.object(client, 'build_iterator', return_value=response)
    human_readable, indicators_ec, raw_json = command(client, args)
    indicators_ec = indicators_ec.get('Office365.Indicator')
    assert len(indicators_ec) == length
    for indicator_json in indicators_ec:
        indicator_val = indicator_json.get('Value')
        indicator_type = indicator_json.get('Type')
        indicator_rawjson = indicator_json.get('rawJSON')
        assert indicator_val
        if indicator_type == 'URL':
            assert indicator_type == args.get('indicator_type')[:-1]
            assert indicator_rawjson['Type'] == indicator_type
        else:
            assert indicator_type.startswith(args.get('indicator_type')[:-1])
            assert indicator_type.startswith(indicator_rawjson['Type'])
        assert indicator_rawjson['Value'] == indicator_val