def _exchange_online_query_emails_function(self, event, *args, **kwargs):
"""Function: This function will query Exchange Online to find emails matching the specified input parameters."""
try:
# Initialize the results payload
rp = ResultPayload(CONFIG_DATA_SECTION, **kwargs)
# Validate fields
validate_fields(['exo_email_address'], kwargs)
# Get the function parameters
email_address = kwargs.get('exo_email_address') # text
mail_folders = kwargs.get('exo_mail_folders') # text
sender = kwargs.get('exo_email_address_sender') # text
start_date = kwargs.get('exo_start_date') # datetime
end_date = kwargs.get('exo_end_date') # datetime
has_attachments = kwargs.get('exo_has_attachments') # bool
message_subject = kwargs.get('exo_message_subject') # text
message_body = kwargs.get('exo_message_body') # text
LOG.info(u"exo_email_address: %s", email_address)
LOG.info(u"exo_mailfolders: %s", mail_folders)
LOG.info(u"exo_email_address_sender: %s", sender)
LOG.info(u"exo_start_date: %s", start_date)
LOG.info(u"exo_end_date: %s", end_date)
LOG.info(u"exo_email_has_attachments: %s", has_attachments)
LOG.info(u"exo_message_subject: %s", message_subject)
LOG.info(u"exo_message_body: %s", message_body)
yield StatusMessage(u"Starting message query.")
# Get the MS Graph helper class
MS_graph_helper = MSGraphHelper(
self.options.get("microsoft_graph_token_url"),
self.options.get("microsoft_graph_url"),
self.options.get("tenant_id"), self.options.get("client_id"),
self.options.get("client_secret"),
self.options.get("max_messages"),
self.options.get("max_users"),
RequestsCommon(self.opts, self.options).get_proxies())
email_results = MS_graph_helper.query_messages(
email_address, mail_folders, sender, start_date, end_date,
has_attachments, message_subject, message_body)
# Put query results in the results payload.
results = rp.done(True, email_results)
yield StatusMessage(u"Returning results from query.")
LOG.debug(json.dumps(results['content']))
# Produce a FunctionResult with the results
yield FunctionResult(results)
except Exception as err:
LOG.error(err)
yield FunctionError(err)
def test_query_messages(self, authenticate_mock, mocked_get):
""" Test Query Message Single User"""
print("Test Query Messages Single User\n")
try:
authenticate_mock.return_value = True
MS_graph_helper = MSGraphHelper(
MOCKED_OPTS.get("microsoft_graph_token_url"),
MOCKED_OPTS.get("microsoft_graph_url"),
MOCKED_OPTS.get("tenant_id"), MOCKED_OPTS.get("client_id"),
MOCKED_OPTS.get("client_secret"),
MOCKED_OPTS.get("max_messages"), MOCKED_OPTS.get("max_users"),
MOCKED_OPTS.get("max_retries_total"),
MOCKED_OPTS.get("max_retries_backoff_factor"),
MOCKED_OPTS.get("max_batched_requests"), None)
# Mock the email lists for user 1
content1 = {'value': [{'id': 'AAA'}, {'id': 'BBB'}]}
mocked_get.side_effect = [generate_response(content1, 200)]
result_list = MS_graph_helper.query_messages(
"*****@*****.**", None, "*****@*****.**", None, None,
None, "lunch", None)
assert len(result_list) == 1
assert result_list[0]['email_address'] == '*****@*****.**'
assert result_list[0]['status_code'] == 200
assert result_list[0]['email_list'][0]['id'] == 'AAA'
assert result_list[0]['email_list'][1]['id'] == 'BBB'
mocked_get.side_effect = [generate_response(content1, 404)]
result_list = MS_graph_helper.query_messages(
"*****@*****.**", None, None, None, None, None, "lunch",
None)
assert len(result_list) == 0
mocked_get.side_effect = [generate_response(content1, 300)]
result_list = MS_graph_helper.query_messages(
"*****@*****.**", None, None, None, None, None, "lunch",
None)
except IntegrationError as err:
assert True
def _exchange_online_query_emails_function(self, event, *args, **kwargs):
"""Function: This function will query Exchange Online to find emails matching the specified input parameters."""
try:
# Initialize the results payload
rp = ResultPayload(CONFIG_DATA_SECTION, **kwargs)
# Validate fields
validate_fields(['exo_email_address', 'exo_query_output_format'],
kwargs)
# Get the function parameters
incident_id = kwargs.get('incident_id') # number
email_address = kwargs.get('exo_email_address') # text
mail_folders = kwargs.get('exo_mail_folders') # text
sender = kwargs.get('exo_email_address_sender') # text
start_date = kwargs.get('exo_start_date') # datetime
end_date = kwargs.get('exo_end_date') # datetime
has_attachments = kwargs.get('exo_has_attachments') # bool
message_subject = kwargs.get('exo_message_subject') # text
message_body = kwargs.get('exo_message_body') # text
query_output_format = self.get_select_param(
kwargs.get('exo_query_output_format')
) # select values: "Exchange Online data table", "Incident attachment", "Incident note"
LOG.info(u"incident_id: %s", str(incident_id))
LOG.info(u"exo_email_address: %s", email_address)
LOG.info(u"exo_mailfolders: %s", mail_folders)
LOG.info(u"exo_email_address_sender: %s", sender)
LOG.info(u"exo_start_date: %s", start_date)
LOG.info(u"exo_end_date: %s", end_date)
LOG.info(u"exo_email_has_attachments: %s", has_attachments)
LOG.info(u"exo_message_subject: %s", message_subject)
LOG.info(u"exo_message_body: %s", message_body)
LOG.info(u"exo_query_output_format: %s", query_output_format)
yield StatusMessage(u"Starting message query.")
# Get the MS Graph helper class
MS_graph_helper = MSGraphHelper(
self.options.get("microsoft_graph_token_url"),
self.options.get("microsoft_graph_url"),
self.options.get("tenant_id"), self.options.get("client_id"),
self.options.get("client_secret"),
self.options.get("max_messages"),
self.options.get("max_users"),
self.options.get("max_retries_total", MAX_RETRIES_TOTAL),
self.options.get("max_retries_backoff_factor",
MAX_RETRIES_BACKOFF_FACTOR),
self.options.get("max_batched_requests", MAX_BATCHED_REQUESTS),
RequestsCommon(self.opts, self.options).get_proxies())
email_results = MS_graph_helper.query_messages(
email_address, mail_folders, sender, start_date, end_date,
has_attachments, message_subject, message_body)
query_results = {
"incident_id": incident_id,
"exo_query_output_format": query_output_format,
"email_results": email_results
}
# Put query results in the results payload.
results = rp.done(True, query_results)
metrics = results.get("metrics")
query_time_ms = metrics.get("execution_time_ms")
# Write query results to an attachment or note as specified by the user in activity field.
# Writing results to the data table takes place in the post processor script.
self.write_results_to_note_or_attachment(
email_address, mail_folders, sender, start_date, end_date,
has_attachments, message_subject, message_body, query_results,
query_time_ms)
# Produce a FunctionResult with the results
yield FunctionResult(results)
except Exception as err:
LOG.error(err)
yield FunctionError(err)
def test_query_messages_all_users(self, authenticate_mock, mocked_get,
mocked_post):
""" Test Query Messages All Users"""
print("Test Query Messages All Users\n")
try:
authenticate_mock.return_value = True
MS_graph_helper = MSGraphHelper(
MOCKED_OPTS.get("microsoft_graph_token_url"),
MOCKED_OPTS.get("microsoft_graph_url"),
MOCKED_OPTS.get("tenant_id"), MOCKED_OPTS.get("client_id"),
MOCKED_OPTS.get("client_secret"),
MOCKED_OPTS.get("max_messages"), MOCKED_OPTS.get("max_users"),
MOCKED_OPTS.get("max_retries_total"),
MOCKED_OPTS.get("max_retries_backoff_factor"),
MOCKED_OPTS.get("max_batched_requests"), None)
# Mock the users
content1 = {
'value': [{
'userPrincipalName': '*****@*****.**'
}, {
'userPrincipalName': '*****@*****.**'
}]
}
# Mock the responses from the POST to $batch endpoint.
content2 = {
'responses': [{
'id': '1',
'status': 200,
'body': {
'value': [{
'id': 'AAA'
}, {
'id': 'BBB'
}]
}
}, {
'id': '2',
'status': 200,
'body': {
'value': [{
'id': 'CCC'
}]
}
}]
}
mocked_get.side_effect = [generate_response(content1, 200)]
mocked_post.side_effect = [generate_response(content2, 200)]
email_list = MS_graph_helper.query_messages(
"all", None, None, None, None, None, "lunch", None)
assert len(email_list) == 2
assert email_list[0]['email_address'] == '*****@*****.**'
assert email_list[0]['status_code'] == 200
assert email_list[0]['email_list'][0]['id'] == 'AAA'
assert email_list[0]['email_list'][1]['id'] == 'BBB'
assert email_list[1]['email_address'] == '*****@*****.**'
assert email_list[1]['status_code'] == 200
assert email_list[1]['email_list'][0]['id'] == 'CCC'
except IntegrationError as err:
assert True
