def test_enrich_error_with_data(route, client, valid_json_multiple,
cyberprotect_api_request, expected_payload,
valid_jwt):
cyberprotect_api_request.side_effect = (
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
cyberprotect_api_response(payload=CYBERPROTECT_RESPONSE),
cyberprotect_api_response(
payload=CYBERPROTECT_500_ERROR_RESPONSE_MOCK,
status_code=HTTPStatus.INTERNAL_SERVER_ERROR)
)
response = client.post(route, headers=headers(valid_jwt()),
json=valid_json_multiple)
assert response.status_code == HTTPStatus.OK
data = response.get_json()
if route == '/observe/observables':
judgements = data['data']['judgements']
assert judgements['count'] == 4
assert judgements['docs'][0].pop('id')
assert judgements['docs'][1].pop('id')
assert judgements['docs'][2].pop('id')
assert judgements['docs'][3].pop('id')
expected_response = {}
expected_response.update(expected_payload)
expected_response.update(EXPECTED_RESPONSE_500_ERROR)
assert data == expected_response
def test_enrich_call_success_limit_1(route, client, valid_json,
cyberprotect_api_request,
valid_jwt):
if route == '/observe/observables':
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(
payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT
),
cyberprotect_api_response(payload=CYBERPROTECT_RESPONSE)
]
response = client.post(route, headers=headers(valid_jwt(
ctr_entities_limit=1)), json=valid_json)
assert response.status_code == HTTPStatus.OK
data = response.get_json()
if route == '/observe/observables':
judgements = data['data']['judgements']
assert judgements['count'] == 1
assert judgements['docs'][0].pop('id')
assert data == EXPECTED_RESPONSE_OBSERVE_WITH_LIMIT_1
def test_health_call_404(route, client, cyberprotect_api_request, valid_jwt):
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
cyberprotect_api_response(status_code=HTTPStatus.NOT_FOUND)
]
response = client.post(route, headers=headers(valid_jwt()))
assert response.status_code == HTTPStatus.OK
assert response.get_json() == EXPECTED_RESPONSE_404_ERROR
def test_respond_call_with_valid_jwt_but_invalid_json_failure(
route, client, valid_jwt, invalid_json, invalid_json_expected_payload):
response = client.post(route,
headers=headers(valid_jwt()),
json=invalid_json)
assert response.status_code == HTTPStatus.OK
assert response.json == invalid_json_expected_payload
def test_health_call_500(route, client, valid_jwt, cyberprotect_api_request):
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
cyberprotect_api_response(status_code=HTTPStatus.INTERNAL_SERVER_ERROR,
payload=CYBERPROTECT_500_ERROR_RESPONSE_MOCK)
]
response = client.post(route, headers=headers(valid_jwt()))
assert response.status_code == HTTPStatus.OK
assert response.get_json() == EXPECTED_RESPONSE_500_ERROR
def test_respond_trigger(fetch_data_mock, input_data, client, valid_jwt,
post_reference_set_response, jwks_host_response):
with patch(f'requests.{input_data.method}') as request_mock:
fetch_data_mock.return_value = jwks_host_response
request_mock.return_value = post_reference_set_response
response = client.post('/respond/trigger',
headers=headers(valid_jwt()),
json=input_data.json)
assert response.status_code == HTTPStatus.OK
assert response.json == input_data.expected_response
def test_enrich_call_with_key_error(route, client, valid_json,
cyberprotect_api_request,
valid_jwt):
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
cyberprotect_api_response(
payload=BROKEN_CYBERPROTECT_RESPONSE)
]
response = client.post(route, headers=headers(valid_jwt()),
json=valid_json)
assert response.status_code == HTTPStatus.OK
assert response.get_json() == EXPECTED_RESPONSE_KEY_ERROR
def test_health_call_ssl_error(route, client, cyberprotect_api_request,
valid_jwt):
mock_exception = mock.MagicMock()
mock_exception.reason.args.__getitem__().verify_message \
= 'self signed certificate'
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
SSLError(mock_exception)
]
response = client.post(route, headers=headers(valid_jwt()))
assert response.status_code == HTTPStatus.OK
data = response.get_json()
assert data == EXPECTED_RESPONSE_SSL_ERROR
def test_respond_observables_call_success(request_mock, fetch_data_mock,
client, valid_jwt,
qradar_response_reference_sets,
respond_observables_expected_payload,
jwks_host_response,
qradar_response_set_data):
fetch_data_mock.return_value = jwks_host_response
request_mock.side_effect = (qradar_response_reference_sets,
qradar_response_set_data)
response = client.post('/respond/observables',
headers=headers(valid_jwt()),
json=[{
'type': 'ip',
'value': '1.1.1.1'
}])
assert response.status_code == HTTPStatus.OK
assert response.json == respond_observables_expected_payload
def test_enrich_call_success(route, client, valid_json,
cyberprotect_api_request, expected_payload,
valid_jwt):
cyberprotect_api_request.side_effect = [
cyberprotect_api_response(payload=EXPECTED_RESPONSE_OF_JWKS_ENDPOINT),
cyberprotect_api_response(payload=CYBERPROTECT_RESPONSE)
]
response = client.post(route, headers=headers(valid_jwt()),
json=valid_json)
assert response.status_code == HTTPStatus.OK
data = response.get_json()
if route == '/observe/observables':
judgements = data['data']['judgements']
assert judgements['count'] == 4
assert judgements['docs'][0].pop('id')
assert judgements['docs'][1].pop('id')
assert judgements['docs'][2].pop('id')
assert judgements['docs'][3].pop('id')
assert data == expected_payload
def test_health_call_success(route, client, valid_jwt):
response = client.post(route, headers=headers(valid_jwt()))
assert response.status_code == HTTPStatus.OK