def test_addition_of_device_tag():
api = Api('http://127.0.0.1', 'pubkey', 'privkey')
api.post = MagicMock(return_value=[{
"teid": 1000000000000,
"tehid": 1000000000001,
"entityType": "Device",
"entityValue": "1000000000005",
"valid": True
}])
result = modify_device_tags(api, 'add', 'Admin', '1000000000005')
assert result[0]['teid'] == 1000000000000
def test_post_request_with_bad_status_code(requests_mock):
api = Api(HOST, PUB_DTKEY, PRIVKEY)
entry = 'test.test.test'
requests_mock.post(HOST + '/intelfeed?addentry',
text='504 Server Error: Gateway Time-out',
status_code=504)
with pytest.raises(SystemExit) as exc_info:
_ = api.post('/intelfeed',
postdata={'addentry': entry},
addentry=entry)
assert str(exc_info.value.args[0]).startswith('504')
def test_post_request(capsys, requests_mock):
api = Api(HOST, PUB_DTKEY, PRIVKEY)
entry = 'test.test.test'
success_respone = {'response': 'SUCCESS', 'added': 1, 'updated': 0}
requests_mock.post(HOST + '/intelfeed?addentry', json=success_respone)
result = api.post('/intelfeed',
postdata={'addentry': entry},
addentry=entry)
captured = capsys.readouterr()
assert result['response'] == 'SUCCESS'
assert result['added'] == 1
assert result['updated'] == 0
assert HOST + '/intelfeed?addentry={0}'.format(entry) not in captured.out
def test_add_entries_from_file_to_intelfeed(watchlist):
api = Api('http://127.0.0.1', 'pubkey', 'privkey')
api.post = MagicMock(return_value={
"response": "SUCCESS",
"added": 1,
"updated": 0
})
infile = 'tests/data/items_for_intelfeed.txt'
results = add_entry_to_intelfeed(api, None, infile)
assert results[0]['1.1.1.1']['response'] == 'SUCCESS'
assert results[1]['2.2.2.2']['added'] == 1
assert results[2]['3.3.3.3']['updated'] == 0
assert results[5]['localhost.local']['response'] == 'SUCCESS'
assert results[7][
'https://www.notcorrect'] == 'Not a valid IPv4 address or domain name'
assert results[8]['400.1.1.1'] == 'Not a valid IPv4 address or domain name'
def test_add_single_entry_to_intelfeed():
api = Api('http://127.0.0.1', 'pubkey', 'privkey')
api.post = MagicMock(return_value={
"response": "SUCCESS",
"added": 1,
"updated": 0
})
response = add_entry_to_intelfeed(api, 'additional.test.dev', None)
assert response['response'] == 'SUCCESS'
assert response['added'] == 1
assert response['updated'] == 0
response = add_entry_to_intelfeed(api, '400.1.1.1', None)
assert response == 'Not a valid domain, hostname, ip address or file'
response = add_entry_to_intelfeed(api, 'https://www.google.com', None)
assert response == 'Not a valid domain, hostname, ip address or file'
def test_api_endpoint_not_supported(requests_mock):
api = Api(HOST, PUB_DTKEY, PRIVKEY)
entry = 'test.test.test'
# Darktrace provides positive status_codes, even on redirects
requests_mock.post(HOST + '/intelfeed?addentry',
text='<title>Darktrace | Login</title>',
status_code=200)
requests_mock.get(HOST + '/non-supported-endpoint',
text='<title>Darktrace | Login</title>',
status_code=201)
with pytest.raises(SystemExit) as exc_info:
_ = api.post('/intelfeed',
postdata={'addentry': entry},
addentry=entry)
assert 'API endpoint not supported' == exc_info.value.args[0]
with pytest.raises(SystemExit) as exc_info:
_ = api.get('/non-supported-endpoint')
assert 'API endpoint not supported' == exc_info.value.args[0]
