def test_login__no_active_session(mocker): """ Scenario: test login when there is no active session Given: - User has authorization to login - There is an active session When: - User wishes to login using login command Then: - Result is as expected """ import Zscaler mock_header = 'JSESSIONID=MOCK_ID; Path=/; Secure; HttpOnly' Zscaler.API_KEY = 'Lcb38EvjtZVc' mocker.patch.object(demisto, 'debug') mocker.patch.object(Zscaler, 'get_integration_context', return_value={}) mocker.patch.object(Zscaler, 'test_module') mocker.patch.object(Zscaler, 'http_request', return_value=ObjectMocker( {'headers': { 'Set-Cookie': mock_header }})) Zscaler.login() assert Zscaler.DEFAULT_HEADERS['cookie'] == 'JSESSIONID=MOCK_ID'
def test_url_multiple_arg(url, multiple, expected_data): '''Scenario: Submit a URL with commas in it Given - A URL with commas in it When - case A: 'multiple' argument is set to "true" (the default) - case B: 'multiple' argument is set to "false" Then - case A: Ensure the URL is interpreted as multiple values to be sent in the subsequent API call - case B: Ensure the URL is interpreted as a single value to be sent in the subsequent API call Args: url (str): The URL to submit. multiple (str): "true" or "false" - whether to interpret the 'url' argument as multiple comma separated values. expected_data (list): The data expected to be sent in the API call. ''' import Zscaler with requests_mock.mock() as m: # 'fake_resp_content' doesn't really matter here since we are checking the data being sent in the call, # not what it is that we expect to get in response fake_resp_content = '[{"url": "blah", "urlClassifications": [], "urlClassificationsWithSecurityAlert": []}]' m.post(Zscaler.BASE_URL + '/urlLookup', content=fake_resp_content) args = {'url': url, 'multiple': multiple} Zscaler.url_lookup(args) assert m.called assert m.call_count == 1 request_data = m.last_request.json() assert len(request_data) == len(expected_data) assert request_data == expected_data
def test_validate_urls_invalid(mocker): return_error_mock = mocker.patch.object(CommonServerPython, 'return_error') import Zscaler invalid_urls = [ 'http://not_very_valid', 'https://maybe_valid.', 'www.valid_url.com' ] Zscaler.validate_urls(invalid_urls) assert return_error_mock.call_count == 2
def test_url_fails_unknown_error_code(mocker, requests_mock): """url""" import Zscaler Zscaler.BASE_URL = 'http://cloud/api/v1' requests_mock.post(urljoin(Zscaler.BASE_URL, 'urlLookup'), status_code=501) args = { 'url': 'https://www.demisto-news.com,https://www.demisto-search.com' } try: Zscaler.url_lookup(args) except Exception as ex: assert 'following error: 501' in str(ex)
def test_login_command__load_from_context(mocker): """ Scenario: test successful login command attempt with load from the context Given: - User has provided valid credentials - Integration context has a previous session When: - zscaler-login command is called Then: - Ensure logout is called - Ensure login is called - Ensure readable output is as expected """ import Zscaler mocker.patch.object(demisto, 'debug') mocker.patch.object(Zscaler, 'get_integration_context', return_value={Zscaler.SESSION_ID_KEY: 'test_key'}) logout_mock = mocker.patch.object(Zscaler, 'logout') login_mock = mocker.patch.object(Zscaler, 'login') raw_res = Zscaler.login_command() assert logout_mock.called assert login_mock.called assert raw_res.readable_output == 'Zscaler session created successfully.'
def test_get_blacklist_query_and_filter(requests_mock): """ Given: - The `filter` arg set to `ip` - The `query` arg set to `8.8.*.8` - API response with a URL and IP When: - Running the get-blacklist command Then: - Ensure only the IP is returned """ import Zscaler api_res = { 'blacklistUrls': [ 'demisto.com', '8.8.8.8', ], } requests_mock.get( 'http://cloud/api/v1/security/advanced', json=api_res, ) args = { 'filter': 'ip', 'query': '8.8.*.8', } cmd_res = Zscaler.get_blacklist_command(args) assert cmd_res['Contents'] == [api_res['blacklistUrls'][1]]
def test_get_blacklist_query(requests_mock): """ Given: - The `query` arg set to `demisto` - API response with a URL and IP When: - Running the get-blacklist command Then: - Ensure only the URL (which contains `demisto`) is returned """ import Zscaler api_res = { 'blacklistUrls': [ 'demisto.com', '8.8.8.8', ], } requests_mock.get( 'http://cloud/api/v1/security/advanced', json=api_res, ) args = { 'query': 'demisto', } cmd_res = Zscaler.get_blacklist_command(args) assert cmd_res['Contents'] == [api_res['blacklistUrls'][0]]
def test_logout_command__context_expired(mocker): """ Scenario: fail to logout with AuthorizationError when there's an active session Given: - There is an active session When: - logout command is performed - logout action fails with AuthorizationError Then: - Return readable output detailing no logout was done """ import Zscaler mocker.patch.object(Zscaler, 'get_integration_context', return_value={Zscaler.SESSION_ID_KEY: 'test_key'}) mocker.patch.object(Zscaler, 'logout', side_effect=Zscaler.AuthorizationError('')) raw_res = Zscaler.logout_command() assert raw_res.readable_output == "API session is not authenticated. No action was performed."
def test_login__active_session(mocker): """ Scenario: test login with an active session Given: - User has authorization to login - There is an active session When: - login is called Then: - No login request is done - Result is as expected """ import Zscaler mock_id = 'mock_id' mocker.patch.object(demisto, 'debug') mocker.patch.object(Zscaler, 'get_integration_context', return_value={Zscaler.SESSION_ID_KEY: mock_id}) mocker.patch.object(Zscaler, 'test_module') Zscaler.login() assert Zscaler.DEFAULT_HEADERS['cookie'] == mock_id
def test_logout_command__no_context(mocker): """ Scenario: logout when there's no active session Given: - There is no active session When: - logout command is performed Then: - Return readable output detailing no action was performed """ import Zscaler mocker.patch.object(Zscaler, 'get_integration_context', return_value={}) raw_res = Zscaler.logout_command() assert raw_res.readable_output == 'No API session was found. No action was performed.'
def test_logout_command__happy_context(mocker): """ Scenario: logout when there's an active session Given: - There is an active session When: - logout command is performed Then: - Return readable output detailing logout was performed """ import Zscaler mocker.patch.object(Zscaler, 'get_integration_context', return_value={Zscaler.SESSION_ID_KEY: 'test_key'}) mocker.patch.object(Zscaler, 'logout', return_value=ResponseMock({})) raw_res = Zscaler.logout_command() assert raw_res.readable_output == "API session logged out of Zscaler successfully."
def test_login_command(mocker): """ Scenario: test successful login command Given: - User provided valid credentials - Integration context is empty When: - zscaler-login command is called Then: - Ensure logout is not called - Ensure login is called - Ensure readable output is as expected """ import Zscaler mocker.patch.object(demisto, 'debug') mocker.patch.object(Zscaler, 'get_integration_context', return_value={}) logout_mock = mocker.patch.object(Zscaler, 'logout') login_mock = mocker.patch.object(Zscaler, 'login') raw_res = Zscaler.login_command() assert not logout_mock.called assert login_mock.called assert raw_res.readable_output == 'Zscaler session created successfully.'