def test_remove_all_users_posts_expected_data(
self, mock_connection, user_context,
mock_detection_list_user_service):
alert_rule_service = AlertRulesService(
mock_connection, user_context, mock_detection_list_user_service)
alert_rule_service.remove_all_users(u"rule-id")
assert mock_connection.post.call_count == 1
posted_data = mock_connection.post.call_args[1]["json"]
assert (mock_connection.post.call_args[0][0] ==
"/svc/api/v1/Rules/remove-all-users")
assert (posted_data["tenantId"]
== user_context.get_current_tenant_id()
and posted_data["ruleId"] == u"rule-id")
def test_add_user_raises_valid_exception_when_rule_id_is_invalid(
self,
mock_connection,
user_context,
mock_detection_list_post_failure_when_invalid_rule_id,
):
alert_rule_service = AlertRulesService(
mock_connection,
user_context,
mock_detection_list_post_failure_when_invalid_rule_id,
)
with pytest.raises(Py42InvalidRuleError) as e:
alert_rule_service.add_user("invalid-rule-id", "user-id")
assert "Invalid Observer Rule ID 'invalid-rule-id'." in e.value.args[0]
def test_add_user_raises_valid_exception_when_user_id_is_invalid(
self,
mock_connection,
user_context,
mock_detection_list_get_by_id_failure_when_invalid_id,
):
alert_rule_service = AlertRulesService(
mock_connection,
user_context,
mock_detection_list_get_by_id_failure_when_invalid_id,
)
with pytest.raises(Py42UserNotOnListError) as e:
alert_rule_service.add_user("rule-id", "invalid-user-id")
assert ("'invalid-user-id' is not currently on the user profile list."
in e.value.args[0])
def test_add_user_posts_expected_data(self, mock_connection, user_context,
mock_detection_list_user_service):
alert_rule_service = AlertRulesService(
mock_connection, user_context, mock_detection_list_user_service)
alert_rule_service.add_user(u"rule-id", u"user-id")
assert mock_connection.post.call_count == 1
posted_data = mock_connection.post.call_args[1]["json"]
assert mock_connection.post.call_args[0][
0] == "/svc/api/v1/Rules/add-users"
assert (
posted_data["tenantId"] == user_context.get_current_tenant_id()
and posted_data["ruleId"] == u"rule-id"
and posted_data["userList"][0]["userIdFromAuthority"] == u"user-id"
and posted_data["userList"][0]["userAliasList"]
== [u"*****@*****.**"])
def _init_services(main_connection, main_auth):
alert_rules_key = u"FedObserver-API_URL"
alerts_key = u"AlertService-API_URL"
file_events_key = u"FORENSIC_SEARCH-API_URL"
preservation_data_key = u"PRESERVATION-DATA-SERVICE_API-URL"
employee_case_mgmt_key = u"employeecasemanagement-API_URL"
kv_prefix = u"simple-key-value-store"
audit_logs_key = u"AUDIT-LOG_API-URL"
kv_connection = Connection.from_microservice_prefix(
main_connection, kv_prefix)
kv_service = KeyValueStoreService(kv_connection)
alert_rules_conn = Connection.from_microservice_key(kv_service,
alert_rules_key,
auth=main_auth)
alerts_conn = Connection.from_microservice_key(kv_service,
alerts_key,
auth=main_auth)
file_events_conn = Connection.from_microservice_key(kv_service,
file_events_key,
auth=main_auth)
pds_conn = Connection.from_microservice_key(kv_service,
preservation_data_key,
auth=main_auth)
ecm_conn = Connection.from_microservice_key(kv_service,
employee_case_mgmt_key,
auth=main_auth)
audit_logs_conn = Connection.from_microservice_key(kv_service,
audit_logs_key,
auth=main_auth)
user_svc = UserService(main_connection)
administration_svc = AdministrationService(main_connection)
file_event_svc = FileEventService(file_events_conn)
user_ctx = UserContext(administration_svc)
user_profile_svc = DetectionListUserService(ecm_conn, user_ctx, user_svc)
services = Services(
administration=administration_svc,
archive=ArchiveService(main_connection),
devices=DeviceService(main_connection),
legalhold=LegalHoldService(main_connection),
orgs=OrgService(main_connection),
securitydata=SecurityDataService(main_connection),
users=UserService(main_connection),
alertrules=AlertRulesService(alert_rules_conn, user_ctx,
user_profile_svc),
alerts=AlertService(alerts_conn, user_ctx),
fileevents=file_event_svc,
savedsearch=SavedSearchService(file_events_conn, file_event_svc),
preservationdata=PreservationDataService(pds_conn),
departingemployee=DepartingEmployeeService(ecm_conn, user_ctx,
user_profile_svc),
highriskemployee=HighRiskEmployeeService(ecm_conn, user_ctx,
user_profile_svc),
userprofile=user_profile_svc,
auditlogs=AuditLogsService(audit_logs_conn),
)
return services, user_ctx
def _init_services(main_connection, main_auth):
# services are imported within function to prevent circular imports when a service
# imports anything from py42.sdk.queries
from py42.services import Services
from py42.services._keyvaluestore import KeyValueStoreService
from py42.services.administration import AdministrationService
from py42.services.alertrules import AlertRulesService
from py42.services.alerts import AlertService
from py42.services.archive import ArchiveService
from py42.services.auditlogs import AuditLogsService
from py42.services.cases import CasesService
from py42.services.casesfileevents import CasesFileEventsService
from py42.services.detectionlists.departing_employee import DepartingEmployeeService
from py42.services.detectionlists.high_risk_employee import HighRiskEmployeeService
from py42.services.detectionlists.user_profile import DetectionListUserService
from py42.services.devices import DeviceService
from py42.services.fileevent import FileEventService
from py42.services.legalhold import LegalHoldService
from py42.services.orgs import OrgService
from py42.services.preservationdata import PreservationDataService
from py42.services.savedsearch import SavedSearchService
from py42.services.trustedactivities import TrustedActivitiesService
from py42.services.users import UserService
alert_rules_key = "FedObserver-API_URL"
alerts_key = "AlertService-API_URL"
file_events_key = "FORENSIC_SEARCH-API_URL"
preservation_data_key = "PRESERVATION-DATA-SERVICE_API-URL"
employee_case_mgmt_key = "employeecasemanagementV2-API_URL"
kv_prefix = "simple-key-value-store"
audit_logs_key = "AUDIT-LOG_API-URL"
cases_key = "CASES_API-URL"
trusted_activities_key = "TRUSTED-DOMAINS_API-URL"
kv_connection = Connection.from_microservice_prefix(
main_connection, kv_prefix)
kv_service = KeyValueStoreService(kv_connection)
alert_rules_conn = Connection.from_microservice_key(kv_service,
alert_rules_key,
auth=main_auth)
alerts_conn = Connection.from_microservice_key(kv_service,
alerts_key,
auth=main_auth)
file_events_conn = Connection.from_microservice_key(kv_service,
file_events_key,
auth=main_auth)
pds_conn = Connection.from_microservice_key(kv_service,
preservation_data_key,
auth=main_auth)
ecm_conn = Connection.from_microservice_key(kv_service,
employee_case_mgmt_key,
auth=main_auth)
audit_logs_conn = Connection.from_microservice_key(kv_service,
audit_logs_key,
auth=main_auth)
user_svc = UserService(main_connection)
administration_svc = AdministrationService(main_connection)
file_event_svc = FileEventService(file_events_conn)
user_ctx = UserContext(administration_svc)
user_profile_svc = DetectionListUserService(ecm_conn, user_ctx, user_svc)
cases_conn = Connection.from_microservice_key(kv_service,
cases_key,
auth=main_auth)
trusted_activities_conn = Connection.from_microservice_key(
kv_service, trusted_activities_key, auth=main_auth)
services = Services(
administration=administration_svc,
archive=ArchiveService(main_connection),
devices=DeviceService(main_connection),
legalhold=LegalHoldService(main_connection),
orgs=OrgService(main_connection),
users=UserService(main_connection),
alertrules=AlertRulesService(alert_rules_conn, user_ctx,
user_profile_svc),
alerts=AlertService(alerts_conn, user_ctx),
fileevents=file_event_svc,
savedsearch=SavedSearchService(file_events_conn, file_event_svc),
preservationdata=PreservationDataService(pds_conn),
departingemployee=DepartingEmployeeService(ecm_conn, user_ctx,
user_profile_svc),
highriskemployee=HighRiskEmployeeService(ecm_conn, user_ctx,
user_profile_svc),
userprofile=user_profile_svc,
auditlogs=AuditLogsService(audit_logs_conn),
cases=CasesService(cases_conn),
casesfileevents=CasesFileEventsService(cases_conn),
trustedactivities=TrustedActivitiesService(trusted_activities_conn),
)
return services, user_ctx