예제 #1
0
    def test_create_if_not_exists_posts_expected_data_when_user_does_not_exist(
        self, mock_get_by_id_fails, user_context, mock_user_client
    ):
        # In this test case we can't verify create successful, hence we verified failure in create
        # because same mock_connection instance
        # 'mock_get_by_id_fails' will be called for get & create and its going to return failure.
        # We verified create is being called and two times post method is called, also we
        # verified user_client.get_by_uid is successfully called.
        detection_list_user_client = DetectionListUserService(
            mock_get_by_id_fails, user_context, mock_user_client
        )
        with pytest.raises(Py42BadRequestError):
            detection_list_user_client.create_if_not_exists("942897397520289999")

        posted_data = mock_get_by_id_fails.post.call_args[1]["json"]
        assert mock_get_by_id_fails.post.call_args[0][0] == "/svc/api/v2/user/create"
        assert (
            posted_data["tenantId"] == user_context.get_current_tenant_id()
            and posted_data["userName"] == "username"
        )
        assert mock_get_by_id_fails.post.call_count == 2
        assert mock_user_client._connection.get.call_count == 1
        assert (
            mock_user_client._connection.get.call_args[0][0]
            == "/api/User/942897397520289999"
        )
예제 #2
0
    def test_get_by_id_posts_expected_data(self, mock_connection, user_context,
                                           mock_user_client):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client)
        detection_list_user_client.get_by_id("942897397520289999")

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_count == 1
        assert mock_connection.post.call_args[0][0] == "v2/user/getbyid"
        assert (posted_data["tenantId"]
                == user_context.get_current_tenant_id()
                and posted_data["userId"] == "942897397520289999")
예제 #3
0
    def test_add_risk_tag_posts_expected_data(self, mock_connection,
                                              user_context, mock_user_client,
                                              tags):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client)
        detection_list_user_client.add_risk_tags("942897397520289999", tags)

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_count == 1
        assert mock_connection.post.call_args[0][0] == "v2/user/addriskfactors"
        assert (posted_data["tenantId"]
                == user_context.get_current_tenant_id()
                and posted_data["userId"] == "942897397520289999"
                and posted_data["riskFactors"] == ["test_tag"])
예제 #4
0
 def test_add_cloud_alias_limit_raises_custom_error_on_limit(
     self,
     mock_connection,
     user_context,
     mock_user_client_error_on_adding_cloud_aliases,
 ):
     detection_list_user_client = DetectionListUserService(
         mock_connection,
         user_context,
         mock_user_client_error_on_adding_cloud_aliases,
     )
     with pytest.raises(Py42CloudAliasLimitExceededError) as err:
         detection_list_user_client.add_cloud_alias("942897397520289999", "Test")
     assert "Cloud alias limit exceeded." in str(err.value)
예제 #5
0
    def test_remove_cloud_alias_posts_expected_data(self, mock_connection,
                                                    user_context,
                                                    mock_user_client):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client)
        detection_list_user_client.remove_cloud_alias("942897397520289999",
                                                      u"Test")

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_count == 1
        assert mock_connection.post.call_args[0][
            0] == "v2/user/removecloudusernames"
        assert (posted_data["tenantId"]
                == user_context.get_current_tenant_id()
                and posted_data["userId"] == "942897397520289999"
                and posted_data["cloudUsernames"] == ["Test"])
예제 #6
0
    def test_update_notes_posts_expected_data(
        self, mock_connection, user_context, mock_user_client
    ):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client
        )
        detection_list_user_client.update_notes("942897397520289999", "Test")

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_count == 1
        assert mock_connection.post.call_args[0][0] == "/svc/api/v2/user/updatenotes"
        assert (
            posted_data["tenantId"] == user_context.get_current_tenant_id()
            and posted_data["userId"] == "942897397520289999"
            and posted_data["notes"] == "Test"
        )
예제 #7
0
def _init_services(main_connection, main_auth):
    alert_rules_key = u"FedObserver-API_URL"
    alerts_key = u"AlertService-API_URL"
    file_events_key = u"FORENSIC_SEARCH-API_URL"
    preservation_data_key = u"PRESERVATION-DATA-SERVICE_API-URL"
    employee_case_mgmt_key = u"employeecasemanagement-API_URL"
    kv_prefix = u"simple-key-value-store"
    audit_logs_key = u"AUDIT-LOG_API-URL"

    kv_connection = Connection.from_microservice_prefix(
        main_connection, kv_prefix)
    kv_service = KeyValueStoreService(kv_connection)

    alert_rules_conn = Connection.from_microservice_key(kv_service,
                                                        alert_rules_key,
                                                        auth=main_auth)
    alerts_conn = Connection.from_microservice_key(kv_service,
                                                   alerts_key,
                                                   auth=main_auth)
    file_events_conn = Connection.from_microservice_key(kv_service,
                                                        file_events_key,
                                                        auth=main_auth)
    pds_conn = Connection.from_microservice_key(kv_service,
                                                preservation_data_key,
                                                auth=main_auth)
    ecm_conn = Connection.from_microservice_key(kv_service,
                                                employee_case_mgmt_key,
                                                auth=main_auth)
    audit_logs_conn = Connection.from_microservice_key(kv_service,
                                                       audit_logs_key,
                                                       auth=main_auth)
    user_svc = UserService(main_connection)
    administration_svc = AdministrationService(main_connection)
    file_event_svc = FileEventService(file_events_conn)
    user_ctx = UserContext(administration_svc)
    user_profile_svc = DetectionListUserService(ecm_conn, user_ctx, user_svc)

    services = Services(
        administration=administration_svc,
        archive=ArchiveService(main_connection),
        devices=DeviceService(main_connection),
        legalhold=LegalHoldService(main_connection),
        orgs=OrgService(main_connection),
        securitydata=SecurityDataService(main_connection),
        users=UserService(main_connection),
        alertrules=AlertRulesService(alert_rules_conn, user_ctx,
                                     user_profile_svc),
        alerts=AlertService(alerts_conn, user_ctx),
        fileevents=file_event_svc,
        savedsearch=SavedSearchService(file_events_conn, file_event_svc),
        preservationdata=PreservationDataService(pds_conn),
        departingemployee=DepartingEmployeeService(ecm_conn, user_ctx,
                                                   user_profile_svc),
        highriskemployee=HighRiskEmployeeService(ecm_conn, user_ctx,
                                                 user_profile_svc),
        userprofile=user_profile_svc,
        auditlogs=AuditLogsService(audit_logs_conn),
    )

    return services, user_ctx
예제 #8
0
 def mock_detection_list_user_client(
     self, mock_connection, user_context, py42_response, mock_user_client
 ):
     user_client = DetectionListUserService(
         mock_connection, user_context, mock_user_client
     )
     mock_connection.post.return_value = py42_response
     return user_client
예제 #9
0
 def mock_detection_list_user_client(
     self, mock_connection, user_context, mocker, mock_user_client
 ):
     user_client = DetectionListUserService(
         mock_connection, user_context, mock_user_client
     )
     mock_connection.post.return_value = create_mock_response(mocker, "{}")
     return user_client
예제 #10
0
    def test_create_posts_expected_data(
        self, mock_connection, user_context, mock_user_client
    ):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client
        )
        detection_list_user_client.create("942897397520289999")

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_count == 1
        assert mock_connection.post.call_args[0][0] == "v2/user/create"
        assert (
            posted_data["tenantId"] == user_context.get_current_tenant_id()
            and posted_data["userName"] == "942897397520289999"
            and posted_data["riskFactors"] == []
            and posted_data["cloudUsernames"] == []
            and posted_data["notes"] == ""
        )
예제 #11
0
    def test_create_if_not_exists_posts_expected_data_when_user_exists(
        self, mock_connection, user_context, mock_user_client
    ):
        detection_list_user_client = DetectionListUserService(
            mock_connection, user_context, mock_user_client
        )
        assert (
            detection_list_user_client.create_if_not_exists("942897397520289999")
            is True
        )

        posted_data = mock_connection.post.call_args[1]["json"]
        assert mock_connection.post.call_args[0][0] == "/svc/api/v2/user/getbyid"
        assert (
            posted_data["tenantId"] == user_context.get_current_tenant_id()
            and posted_data["userId"] == "942897397520289999"
        )
        assert mock_connection.post.call_count == 1
예제 #12
0
def _init_services(main_connection, main_auth):
    # services are imported within function to prevent circular imports when a service
    # imports anything from py42.sdk.queries
    from py42.services import Services
    from py42.services._keyvaluestore import KeyValueStoreService
    from py42.services.administration import AdministrationService
    from py42.services.alertrules import AlertRulesService
    from py42.services.alerts import AlertService
    from py42.services.archive import ArchiveService
    from py42.services.auditlogs import AuditLogsService
    from py42.services.cases import CasesService
    from py42.services.casesfileevents import CasesFileEventsService
    from py42.services.detectionlists.departing_employee import DepartingEmployeeService
    from py42.services.detectionlists.high_risk_employee import HighRiskEmployeeService
    from py42.services.detectionlists.user_profile import DetectionListUserService
    from py42.services.devices import DeviceService
    from py42.services.fileevent import FileEventService
    from py42.services.legalhold import LegalHoldService
    from py42.services.orgs import OrgService
    from py42.services.preservationdata import PreservationDataService
    from py42.services.savedsearch import SavedSearchService
    from py42.services.trustedactivities import TrustedActivitiesService
    from py42.services.users import UserService

    alert_rules_key = "FedObserver-API_URL"
    alerts_key = "AlertService-API_URL"
    file_events_key = "FORENSIC_SEARCH-API_URL"
    preservation_data_key = "PRESERVATION-DATA-SERVICE_API-URL"
    employee_case_mgmt_key = "employeecasemanagementV2-API_URL"
    kv_prefix = "simple-key-value-store"
    audit_logs_key = "AUDIT-LOG_API-URL"
    cases_key = "CASES_API-URL"
    trusted_activities_key = "TRUSTED-DOMAINS_API-URL"

    kv_connection = Connection.from_microservice_prefix(
        main_connection, kv_prefix)
    kv_service = KeyValueStoreService(kv_connection)

    alert_rules_conn = Connection.from_microservice_key(kv_service,
                                                        alert_rules_key,
                                                        auth=main_auth)
    alerts_conn = Connection.from_microservice_key(kv_service,
                                                   alerts_key,
                                                   auth=main_auth)
    file_events_conn = Connection.from_microservice_key(kv_service,
                                                        file_events_key,
                                                        auth=main_auth)
    pds_conn = Connection.from_microservice_key(kv_service,
                                                preservation_data_key,
                                                auth=main_auth)
    ecm_conn = Connection.from_microservice_key(kv_service,
                                                employee_case_mgmt_key,
                                                auth=main_auth)
    audit_logs_conn = Connection.from_microservice_key(kv_service,
                                                       audit_logs_key,
                                                       auth=main_auth)
    user_svc = UserService(main_connection)
    administration_svc = AdministrationService(main_connection)
    file_event_svc = FileEventService(file_events_conn)
    user_ctx = UserContext(administration_svc)
    user_profile_svc = DetectionListUserService(ecm_conn, user_ctx, user_svc)
    cases_conn = Connection.from_microservice_key(kv_service,
                                                  cases_key,
                                                  auth=main_auth)
    trusted_activities_conn = Connection.from_microservice_key(
        kv_service, trusted_activities_key, auth=main_auth)

    services = Services(
        administration=administration_svc,
        archive=ArchiveService(main_connection),
        devices=DeviceService(main_connection),
        legalhold=LegalHoldService(main_connection),
        orgs=OrgService(main_connection),
        users=UserService(main_connection),
        alertrules=AlertRulesService(alert_rules_conn, user_ctx,
                                     user_profile_svc),
        alerts=AlertService(alerts_conn, user_ctx),
        fileevents=file_event_svc,
        savedsearch=SavedSearchService(file_events_conn, file_event_svc),
        preservationdata=PreservationDataService(pds_conn),
        departingemployee=DepartingEmployeeService(ecm_conn, user_ctx,
                                                   user_profile_svc),
        highriskemployee=HighRiskEmployeeService(ecm_conn, user_ctx,
                                                 user_profile_svc),
        userprofile=user_profile_svc,
        auditlogs=AuditLogsService(audit_logs_conn),
        cases=CasesService(cases_conn),
        casesfileevents=CasesFileEventsService(cases_conn),
        trustedactivities=TrustedActivitiesService(trusted_activities_conn),
    )

    return services, user_ctx