def test_fetch_indicators_command(category_list, expected_indicators): """ Given: - Global feed url and category list. (A) - Full category list. (B) - Category list containing only Optimize. (C) - Category list containing only Allow. When: - Fetching incidents. Then: - Ensure that the incidents returned are as expected. (A) - all incidents from response are handled and returned. (B) - only incidents with 'Optimize' category are returned. (C) - Empty list as there aren't any indicators with 'Allow' category. """ with requests_mock.Mocker() as mock: url_dict = { "FeedURL": 'https://endpoints.office.com/endpoints/worldwide', "Region": 'Worldwide', "Service": 'Any' } mock.get(url_dict.get('FeedURL'), json=RESPONSE_DATA) client = Client([url_dict], category_list) indicators = fetch_indicators_command(client) assert len(indicators) == expected_indicators
def test_fetch_indicators_command(): with requests_mock.Mocker() as mock: url_dict = { "FeedURL": 'https://endpoints.office.com/endpoints/worldwide', "Region": 'Worldwide', "Service": 'Any' } mock.get(url_dict.get('FeedURL'), json=RESPONSE_DATA) client = Client([url_dict]) indicators = fetch_indicators_command(client) assert len(indicators) == 10
def test_feed_tags(self, mocker, tags): """ Given: - tags parameters When: - Executing any command on feed Then: - Validate the tags supplied exists in the indicators """ client = Client(self.urls, ALL_CATEGORY_LIST, False, tags) mocker.patch.object(client, 'build_iterator', return_value=RESPONSE_DATA) _, _, raw_json = get_indicators_command(client, {'limit': 2, 'indicator_type': 'IPs'}) assert tags == raw_json.get('raw_response')[0]['fields']['tags']
def test_commands(command, args, response, length, mocker): url_dict = { "FeedURL": 'https://endpoints.office.com/endpoints/worldwide', "Region": 'Worldwide', "Service": 'Any' } client = Client([url_dict], False, False) mocker.patch.object(client, 'build_iterator', return_value=response) human_readable, indicators_ec, raw_json = command(client, args) indicators = raw_json.get('raw_response') assert len(indicators) == length for indicator_json in indicators: indicator_val = indicator_json.get('value') indicator_type = indicator_json.get('type') assert indicator_val if indicator_type == 'Domain': pass else: # ip assert args.get('indicator_type') != 'URLs'
def test_commands(command, args, response, length, mocker): url_dict = { "FeedURL": 'https://endpoints.office.com/endpoints/worldwide', "Region": 'Worldwide', "Service": 'Any' } client = Client([url_dict], args, False, False) mocker.patch.object(client, 'build_iterator', return_value=response) human_readable, indicators_ec, raw_json = command(client, args) indicators_ec = indicators_ec.get('Office365.Indicator') assert len(indicators_ec) == length for indicator_json in indicators_ec: indicator_val = indicator_json.get('Value') indicator_type = indicator_json.get('Type') indicator_rawjson = indicator_json.get('rawJSON') assert indicator_val if indicator_type == 'URL': assert indicator_type == args.get('indicator_type')[:-1] assert indicator_rawjson['Type'] == indicator_type else: assert indicator_type.startswith(args.get('indicator_type')[:-1]) assert indicator_type.startswith(indicator_rawjson['Type']) assert indicator_rawjson['Value'] == indicator_val