def test_fetch_incidents_with_same_created_time(mocker): """ Given - a dict of params given to the function which is gathered originally from demisto.params() The dict includes the relevant params for the fetch e.g. fetch_delta, fetch_limit, created_after, state and last_fetched_id. - response of the api When - when a fetch occurs and the last fetched incident has exactly the same time of the next incident. Then - validate that only one of the incidents appear as to the fetch limit. - validate that the next incident whose time is exactly the same is brought in the next fetch loop. ( e.g. 3057 and 3058) """ expected_ids_to_fetch_first = [3055, 3056, 3057] expected_ids_to_fetch_second = [3058, 3059, 3060] params = { 'fetch_delta': '2 hours', 'fetch_limit': '3', 'created_after': '2021-03-30T10:44:24Z', 'state': 'closed' } mocker.patch('ProofpointThreatResponse.get_incidents_request', return_value=FETCH_RESPONSE) new_fetched_first = get_incidents_batch_by_time_request(params) for incident in new_fetched_first: assert incident.get('id') in expected_ids_to_fetch_first params = { 'fetch_delta': '2 hour', 'fetch_limit': '3', 'created_after': '2021-03-30T11:21:24Z', 'last_fetched_id': '3057', 'state': 'closed' } new_fetched_second = get_incidents_batch_by_time_request(params) for incident in new_fetched_second: assert incident.get('id') in expected_ids_to_fetch_second
def test_fetch_incidents_limit_exceed(mocker): """ Given - a dict of params given to the function which is gathered originally from demisto.params() The dict includes the relevant params for the fetch e.g. fetch_delta, fetch_limit, created_after, state. - response of the api When - a single iteration of the fetch is activated with a fetch limit set to 5 Then - validate that the number or incidents that is returned is equal to the limit when the api returned more. """ params = { 'fetch_delta': '6 hours', 'fetch_limit': ' 5', 'created_after': '2021-03-30T11:44:24Z', 'state': 'closed' } mocker.patch('ProofpointThreatResponse.get_incidents_request', return_value=FETCH_RESPONSE) incidents_list = get_incidents_batch_by_time_request(params) assert len(incidents_list) == 5