def test_marking_def_invalid_type():
with pytest.raises(ValueError):
stix2.MarkingDefinition(
id="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
created="2017-01-20T00:00:00.000Z",
definition_type="my-definition-type",
definition=stix2.StatementMarking("Copyright 2016, Example Corp"))
def test_marking_def_invalid_type():
with pytest.raises(ValueError):
stix2.v21.MarkingDefinition(
id=MARKING_DEFINITION_ID,
created="2017-01-20T00:00:00.000Z",
definition_type="my-definition-type",
definition=stix2.StatementMarking("Copyright 2016, Example Corp"),
)
def test_marking_def_example_with_kwargs_statement():
kwargs = dict(statement="Copyright 2016, Example Corp")
marking_definition = stix2.MarkingDefinition(
id="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
created="2017-01-20T00:00:00.000Z",
definition_type="statement",
definition=stix2.StatementMarking(**kwargs))
assert str(marking_definition) == EXPECTED_STATEMENT_MARKING_DEFINITION
def test_identity_custom_property_edit_markings():
marking_obj = stix2.MarkingDefinition(
id=MARKING_DEFINITION_ID,
definition_type="statement",
definition=stix2.StatementMarking(
statement="Copyright 2016, Example Corp"))
marking_obj2 = stix2.MarkingDefinition(
id=MARKING_DEFINITION_ID,
definition_type="statement",
definition=stix2.StatementMarking(statement="Another one"))
# None of the following should throw exceptions
identity = IDENTITY_CUSTOM_PROP.add_markings(marking_obj)
identity2 = identity.add_markings(marking_obj2, ['x_foo'])
identity2.remove_markings(marking_obj.id)
identity2.remove_markings(marking_obj2.id, ['x_foo'])
identity2.clear_markings()
identity2.clear_markings('x_foo')
def test_marking_def_example_with_statement_positional_argument():
marking_definition = stix2.v21.MarkingDefinition(
id=MARKING_DEFINITION_ID,
created="2017-01-20T00:00:00.000Z",
definition_type="statement",
definition=stix2.StatementMarking(statement="Copyright 2016, Example Corp"),
)
assert str(marking_definition) == EXPECTED_STATEMENT_MARKING_DEFINITION
def test_object_factory_obj_markings():
stmt_marking = stix2.StatementMarking("Copyright 2016, Example Corp")
mark_def = stix2.MarkingDefinition(definition_type="statement",
definition=stmt_marking)
factory = stix2.ObjectFactory(object_marking_refs=[mark_def, stix2.TLP_AMBER])
ind = factory.create(stix2.Indicator, **INDICATOR_KWARGS)
assert mark_def.id in ind.object_marking_refs
assert stix2.TLP_AMBER.id in ind.object_marking_refs
factory = stix2.ObjectFactory(object_marking_refs=stix2.TLP_RED)
ind = factory.create(stix2.Indicator, **INDICATOR_KWARGS)
assert stix2.TLP_RED.id in ind.object_marking_refs
)
marking_def_amber = stix2.MarkingDefinition(
id="marking-definition--f88d31f6-486f-44da-b317-01333bde0b82",
created="2017-01-20T00:00:00.000Z",
definition_type="tlp",
definition={
"tlp": "amber"
}
)
marking_def_statement = stix2.MarkingDefinition(
id="marking-definition--d81f86b9-975b-bc0b-775e-810c5ad45a4f",
created="2017-04-14T13:07:49.812Z",
definition_type="statement",
definition=stix2.StatementMarking("Copyright (c) Stark Industries 2017.")
)
indicator = stix2.Indicator(
id="indicator--33fe3b22-0201-47cf-85d0-97c02164528d",
created="2017-04-14T13:07:49.812Z",
modified="2017-04-14T13:07:49.812Z",
created_by_ref="identity--611d9d41-dba5-4e13-9b29-e22488058ffc",
name="Known malicious IP Address",
labels=["malicious-activity"],
pattern="[ipv4-addr:value = '10.0.0.0']",
valid_from="2017-04-14T13:07:49.812Z",
object_marking_refs=[marking_def_amber, marking_def_statement]
)
bundle = stix2.Bundle(objects=[identity, indicator, marking_def_amber, marking_def_statement])
