def test_fail_patterns(test_input, test_output):
"""
Validate that patterns fail as expected.
"""
pass_test, errors = validate(test_input, ret_errs=True, print_errs=True)
assert errors[0].startswith(test_output)
assert pass_test is False
def get_objects():
"""
Returns just the objects that are part of the STIX object
"""
if request.data:
pattern = request.data.decode('utf-8') # decode the input string
pattern_object = json.loads(pattern)
return_object = {
'pattern': pattern_object['pattern']
}
try:
return_object['validated'] = validate(
pattern_object['pattern'], ret_errs=False, print_errs=True)
compiled_pattern = Pattern(pattern_object['pattern'])
theinspector = inspector.InspectionListener()
compiled_pattern.walk(theinspector)
res_array = []
for i in list(theinspector.pattern_data().comparisons.items()):
name = i[0]
for j in i[1]:
obj = {
'name': name,
'property': j[0][0]
}
res_array.append(obj)
return_object['object'] = res_array
return json.dumps(return_object)
except Exception as e:
return_object['validated'] = False
return json.dumps(return_object)
else:
raise InvalidUsage('No Request Data', status_code=400)
def test_patterns_valid(num_trials, default_object_generator):
generator = PatternGenerator(default_object_generator, "2.1")
for _ in range(num_trials):
pattern = generator.generate()
# Turn on error printing so that we can see what the errors are
# just by changing how we invoke pytest.
assert validate(pattern, stix_version="2.1", print_errs=True)
def call_validate():
"""
Calls the validate function
"""
if request.data:
pattern = request.data.decode('utf-8') # decode the input string
pattern_object = json.loads(pattern)
return_object = {}
return_object['pattern'] = pattern_object['pattern']
try:
return_object['validated'] = validate(
return_object['pattern'], ret_errs=False, print_errs=True)
return json.dumps(return_object)
except Exception as e:
return_object['validated'] = False
return json.dumps(return_object)
else:
raise InvalidUsage('No Request Data', status_code=400)
def build_translation(request_translation, request_data):
"""
Function that will convert the REST input and call the appriate translation
"""
if request_data:
pattern = request_data.decode('utf-8') # decode the input string
pattern_object = json.loads(pattern)
return_object = {
'pattern': pattern_object['pattern']
}
try:
return_object['validated'] = pass_test = validate(
pattern_object['pattern'], ret_errs=False, print_errs=True)
except Exception as e:
return_object['validated'] = False
return json.dumps(return_object)
for translation in request_translation:
if translation == 'car-elastic':
output_language = SearchPlatforms.ELASTIC
output_data_model = DataModels.CAR
elif translation == 'car-splunk':
output_language = SearchPlatforms.SPLUNK
output_data_model = DataModels.CAR
elif translation == 'cim-splunk':
output_language = SearchPlatforms.SPLUNK
output_data_model = DataModels.CIM
else:
raise InvalidUsage('Invalid Request Data', status_code=400)
try:
return_object[translation] = None
return_object[translation] = translate(
pattern_object['pattern'], output_language, output_data_model)
except Exception as e:
pass
return json.dumps(return_object)
else:
raise InvalidUsage('No Request Data', status_code=400)
def test_spec_patterns(test_input):
"""
Validate patterns from STIX 2.0 Patterning spec.
"""
pass_test = validate(test_input, stix_version='2.0', print_errs=True)
assert pass_test is True
def test_pass_patterns(test_input):
"""
Validate that patterns pass as expected.
"""
pass_test = validate(test_input, stix_version='2.0', print_errs=True)
assert pass_test is True
