def test_get_multiple_error(datastore, client): m_results = [] m_errors = [] for _ in range(5): m_results.append(random_id_from_collection(datastore, 'result')) for _ in range(2): m_errors.append(random_id_from_collection(datastore, 'error')) m_results = list(set(m_results)) m_errors = list(set(m_errors)) res = client.result.multiple(error=m_errors, result=m_results) assert sorted(list(res['error'].keys())) == sorted(m_errors) assert sorted(list(res['result'].keys())) == sorted(m_results) ds_result = datastore.get_multiple_results(m_results) for res_key in m_results: assert res['result'][res_key]['response'] == ds_result[res_key][ 'response'] assert res['result'][res_key]['sha256'] == ds_result[res_key]['sha256'] assert res['result'][res_key]['sha256'] == res_key[:64] assert res['error'] == datastore.error.multiget(m_errors, as_dictionary=True, as_obj=False)
def test_sha256_search_with_specific_db(datastore, client): file_id = random_id_from_collection(datastore, 'file') res = client.hash_search(file_id, db=['al']) assert res['al']['items'][0]['data']['sha256'] == file_id alert_id = random_id_from_collection(datastore, 'alert') alert_data = datastore.alert.get(alert_id) res = client.hash_search(alert_data.file.sha256, db=['alert'], max_timeout=1) assert len(res['alert']['items']) != 0
def test_file_of_submission_details(datastore, client): submission_id = random_id_from_collection(datastore, 'submission') submissison_data = datastore.submission.get(submission_id) res = client.submission.file(submission_id, submissison_data.files[0].sha256) assert res['file_info']['sha256'] assert submissison_data.params.submitter in res['metadata']['submitter']
def test_sha1_search(datastore, client): file_id = random_id_from_collection(datastore, 'file') file_data = datastore.file.get(file_id) res = client.hash_search(file_data.sha1) assert res['al']['items'][0]['data']['sha1'] == file_data.sha1
def test_children(datastore, client): submission_id = random_id_from_collection(datastore, 'submission', q="file_count:[2 TO *]") submission_data = datastore.submission.get(submission_id) file_id = submission_data.files[0].sha256 res = client.file.children(file_id) assert len(res) >= 1
def test_score(datastore, client): file_id = random_id_from_collection(datastore, 'file') res = client.file.score(file_id) assert res['file_info']['sha256'] == file_id for k in res['result_keys']: assert k[:64] == file_id
def test_result_for_service(datastore, client): result_id = random_id_from_collection(datastore, 'result') file_id, service_name, _ = result_id.split('.', 2) res = client.file.result(file_id, service=service_name) assert res['file_info']['sha256'] == file_id assert res['results'][0]['response']['service_name'] == service_name
def test_get_result(datastore, client): result_id = random_id_from_collection(datastore, 'result') res = client.result(result_id) ds_res = datastore.result.get(result_id, as_obj=False) assert res['response'] == ds_res['response'] assert res['sha256'] == ds_res['sha256'] assert res['sha256'] == result_id[:64]
def test_get_workflow(datastore, client): workflow_id = random_id_from_collection(datastore, 'workflow') workflow_data = datastore.workflow.get(workflow_id, as_obj=False) res = client.workflow(workflow_id) assert res == workflow_data
def test_get_signature(datastore, client): signature_id = random_id_from_collection(datastore, 'signature') signature_data = datastore.signature.get(signature_id, as_obj=False) res = client.signature(signature_id) assert res == signature_data
def test_get_message_list(datastore, client): submission_id = random_id_from_collection(datastore, "submission") with pytest.raises(ClientError): client.live.setup_watch_queue(submission_id)["wq_id"] res = client.live.get_message_list('DOES_NOT_EXIST') assert len(res) == 0
def test_add(datastore, client): # Select a random service service = random_id_from_collection(datastore, 'service_delta') # Make sure the service can generate signatures service_data = datastore.get_service_with_delta(service, as_obj=False) service_data['update_config'] = { 'generates_signatures': True, 'sources': [] } res = client.service.set(service, service_data) assert res['success'] # Add a new source added_source_name = "NEW_TEST_SOURCE" new_source = random_model_obj(UpdateSource, as_json=True) new_source['name'] = added_source_name res = client.signature.sources.add(service, new_source) assert res['success'] # Test if new source is there service_data = datastore.get_service_with_delta(service, as_obj=False) assert service_data['update_config']['sources'][0][ 'name'] == added_source_name
def test_workflow(datastore, client): workflow_id = random_id_from_collection(datastore, 'workflow') res = client.search.grouped.workflow("id", query="id:{}".format(workflow_id), fl="id") assert res['total'] == 1 assert res['items'][0]['value'] == workflow_id res = client.search.grouped.workflow("creator", query="id:*", offset=5) assert res['total'] > 1
def test_submission(datastore, client): submission_id = random_id_from_collection(datastore, 'submission') res = client.search.grouped.submission("id", query="id:{}".format(submission_id), fl="id") assert res['total'] == 1 assert res['items'][0]['value'] == submission_id res = client.search.grouped.submission("params.submitter", query="id:*") assert res['total'] > 1
def test_result(datastore, client): result_id = random_id_from_collection(datastore, 'result') res = client.search.grouped.result("id", query="id:{}".format(result_id), fl="id") assert res['total'] == 1 assert res['items'][0]['value'] == result_id res = client.search.grouped.result("response.service_name", query="id:*", fl="response.score") assert res['total'] > 1
def test_heuristic(datastore, client): heuristic_id = random_id_from_collection(datastore, 'heuristic') res = client.search.grouped.heuristic("id", query="id:{}".format(heuristic_id), fl="id") assert res['total'] == 1 assert res['items'][0]['value'] == heuristic_id res = client.search.grouped.heuristic("name", query="id:*", sort="id desc", fl="heur_id") assert res['total'] > 1
def test_file(datastore, client): file_id = random_id_from_collection(datastore, 'file') res = client.search.grouped.file("id", query="id:{}".format(file_id), fl="id") assert res['total'] == 1 assert res['items'][0]["value"] == file_id res = client.search.grouped.file("classification", query="id:*", limit=2, rows=5) assert res['total'] > 1
def test_alert(datastore, client): alert_id = random_id_from_collection(datastore, 'alert') res = client.search.grouped.alert("id", query="id:{}".format(alert_id), fl="id") assert res['total'] == 1 assert res['items'][0]['value'] == alert_id res = client.search.grouped.alert("status", query="id:*", offset=1) assert res['total'] > 1
def test_submission(datastore, client): submission_id = random_id_from_collection(datastore, 'submission') res = client.search.facet.submission('params.submitter', "id:{}".format(submission_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_result(datastore, client): result_id = random_id_from_collection(datastore, 'result') res = client.search.facet.result('response.service_name', "id:{}".format(result_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_alert(datastore, client): alert_id = random_id_from_collection(datastore, 'alert') res = client.search.facet.alert('al.ip', "id:{}".format(alert_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_priority(datastore, client): alert_id = random_id_from_collection(datastore, 'alert') res = client.alert.batch.priority('alert_id:{}'.format(alert_id), "HIGH", fq_list=["id:*", "label:*"]) assert res['success'] == 1 alert_data = datastore.alert.get(alert_id) assert "HIGH" in alert_data.priority
def test_status(datastore, client): alert_id = random_id_from_collection(datastore, 'alert') res = client.alert.batch.status('alert_id:{}'.format(alert_id), "ASSESS", fq_list=["id:*", "label:*"]) assert res['success'] == 1 alert_data = datastore.alert.get(alert_id) assert "ASSESS" in alert_data.status
def test_file(datastore, client): file_id = random_id_from_collection(datastore, 'file') res = client.search.file("id:{}".format(file_id), fl="id") assert res['total'] == 1 assert res['items'][0]["id"] == file_id res = client.search.file("id:*", rows=5) assert res['total'] > 1
def test_heuristic(datastore, client): heuristic_id = random_id_from_collection(datastore, 'heuristic') res = client.search.facet.heuristic('filetype', "id:{}".format(heuristic_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_signature(datastore, client): signature_id = random_id_from_collection(datastore, 'signature') res = client.search.signature("id:{}".format(signature_id), fl="id") assert res['total'] == 1 assert res['items'][0]['id'] == signature_id res = client.search.signature("id:*", filters=["id:yara_YAR_SAMPLE_CSE*", "name:*Shade*"]) assert res['total'] == 1
def test_signature(datastore, client): signature_id = random_id_from_collection(datastore, 'signature') res = client.search.facet.signature('status', "id:{}".format(signature_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_submission(datastore, client): submission_id = random_id_from_collection(datastore, 'submission') res = client.search.submission("id:{}".format(submission_id), fl="id") assert res['total'] == 1 assert res['items'][0]['id'] == submission_id res = client.search.submission("id:*") assert res['total'] > 1
def test_workflow(datastore, client): workflow_id = random_id_from_collection(datastore, 'workflow') res = client.search.facet.workflow('name', "id:{}".format(workflow_id), mincount=1) assert isinstance(res, dict) for v in res.values(): assert v >= 1
def test_submit_sha(datastore, client): file_id = random_id_from_collection(datastore, 'file') metadata = {"file_id": get_random_id(), "comment": "test"} res = client.submit(sha256=file_id, metadata=metadata) assert res['sid'] is not None assert res['files'][0]['sha256'] == file_id assert res['metadata'] == metadata assert res == datastore.submission.get(res['sid'], as_obj=False)