Esempio n. 1
0
    def make_ioc(name=None,
                 description='Automatically generated IOC',
                 author='IOC_api',
                 links=None,
                 keywords=None,
                 iocid=None):
        """
        This generates all parts of an IOC, but without any definition.

        This is a helper function used by __init__.

        :param name: string, Name of the ioc
        :param description: string, description of the ioc
        :param author: string, author name/email address
        :param links: ist of tuples.  Each tuple should be in the form (rel, href, value).
        :param keywords: string.  This is normally a space delimited string of values that may be used as keywords
        :param iocid: GUID for the IOC.  This should not be specified under normal circumstances.
        :return: a tuple containing three elementTree Element objects
         The first element, the root, contains the entire IOC itself.
         The second element, the top level OR indicator, allows the user to add
          additional IndicatorItem or Indicator nodes to the IOC easily.
         The third element, the parameters node, allows the user to quickly
          parse the parameters.
        """
        root = ioc_et.make_ioc_root(iocid)
        root.append(ioc_et.make_metadata_node(name, description, author, links, keywords))
        metadata_node = root.find('metadata')
        top_level_indicator = make_indicator_node('OR')
        parameters_node = (ioc_et.make_parameters_node())
        root.append(ioc_et.make_criteria_node(top_level_indicator))
        root.append(parameters_node)
        ioc_et.set_root_lastmodified(root)
        return root, metadata_node, top_level_indicator, parameters_node
Esempio n. 2
0
    def make_ioc(name=None,
                 description='Automatically generated IOC',
                 author='IOC_api',
                 links=None,
                 keywords=None,
                 iocid=None):
        """
        This generates all parts of an IOC, but without any definition.

        This is a helper function used by __init__.

        :param name: string, Name of the ioc
        :param description: string, description of the ioc
        :param author: string, author name/email address
        :param links: ist of tuples.  Each tuple should be in the form (rel, href, value).
        :param keywords: string.  This is normally a space delimited string of values that may be used as keywords
        :param iocid: GUID for the IOC.  This should not be specified under normal circumstances.
        :return: a tuple containing three elementTree Element objects
         The first element, the root, contains the entire IOC itself.
         The second element, the top level OR indicator, allows the user to add
          additional IndicatorItem or Indicator nodes to the IOC easily.
         The third element, the parameters node, allows the user to quickly
          parse the parameters.
        """
        root = ioc_et.make_ioc_root(iocid)
        root.append(ioc_et.make_metadata_node(name, description, author, links, keywords))
        metadata_node = root.find('metadata')
        top_level_indicator = make_indicator_node('OR')
        parameters_node = (ioc_et.make_parameters_node())
        root.append(ioc_et.make_criteria_node(top_level_indicator))
        root.append(parameters_node)
        ioc_et.set_root_lastmodified(root)
        return root, metadata_node, top_level_indicator, parameters_node
Esempio n. 3
0
 def test_make_metadata_node(self):
     r = ioc_et.make_metadata_node()
     self.assertEqual(r.tag, 'metadata')
     child_note_tags = [
         'short_description', 'description', 'keywords', 'authored_by',
         'authored_date', 'links'
     ]
     for tag in child_note_tags:
         n = r.find(tag)
         self.assertTrue(n is not None)
         self.assertEqual(n.tag, tag)
Esempio n. 4
0
 def test_make_metadata_node(self):
     r = ioc_et.make_metadata_node()
     self.assertEqual(r.tag, 'metadata')
     child_note_tags = ['short_description',
                        'description',
                        'keywords',
                        'authored_by',
                        'authored_date',
                        'links']
     for tag in child_note_tags:
         n = r.find(tag)
         self.assertTrue(n is not None)
         self.assertEqual(n.tag, tag)
Esempio n. 5
0
 def test_make_metadata_node_provided_data(self):
     r = ioc_et.make_metadata_node(name=self.name,
                                   description=self.description,
                                   author=self.author,
                                   links=self.links)
     self.assertEqual(r.find('description').text, self.description)
     self.assertEqual(r.find('short_description').text, self.name)
     self.assertEqual(r.find('authored_by').text, self.author)
     links = r.find('links')
     for i, link in enumerate(links.getchildren()):
         rel, href, value = self.links[i]
         self.assertEqual(link.attrib['rel'], rel)
         self.assertEqual(link.attrib.get('href'), href)
         self.assertEqual(link.text, value)
Esempio n. 6
0
 def test_make_metadata_node_provided_data(self):
     r = ioc_et.make_metadata_node(name=self.name,
                                   description=self.description,
                                   author=self.author,
                                   links=self.links)
     self.assertEqual(r.find('description').text, self.description)
     self.assertEqual(r.find('short_description').text, self.name)
     self.assertEqual(r.find('authored_by').text, self.author)
     links = r.find('links')
     for i, link in enumerate(links.getchildren()):
         rel, href, value = self.links[i]
         self.assertEqual(link.attrib['rel'], rel)
         self.assertEqual(link.attrib.get('href'), href)
         self.assertEqual(link.text, value)