Exemplo n.º 1
0
    def test_rule_checksum(self):
        """Rule - Rule Checksum"""
        # The known dumped ast of a function that just returns False is below
        ast_value = 'Return(value=Name(id=\'False\', ctx=Load()))'

        # The known checksum of the above is # c119f541816c6364ea3e2e884ba18f9c
        expected_checksum = hashlib.md5(ast_value).hexdigest()

        # Test rule without a docstring
        rule.Rule(_test_checksum, logs=['log_type'])
        assert_equal(rule.Rule._rules['_test_checksum'].checksum, expected_checksum)

        # Test rule with a docstring
        rule.Rule(_test_checksum_doc, logs=['log_type'])
        assert_equal(rule.Rule._rules['_test_checksum_doc'].checksum, expected_checksum)
Exemplo n.º 2
0
 def test_rule_to_string(self):
     """Rule - String Representation"""
     def test_rule(_):
         pass
     test_rule = rule.Rule(test_rule, outputs=['foo'], logs=['bar'])
     assert_equal(str(test_rule), '<Rule: test_rule; outputs: [\'foo\']; disabled: False>')
     assert_equal(repr(test_rule), '<Rule: test_rule; outputs: [\'foo\']; disabled: False>')
Exemplo n.º 3
0
 def test_rule_process(self):
     """Rule - Process, Valid"""
     def test_rule(_):
         return True
     test_rule = rule.Rule(test_rule, logs=['bar'])
     result = test_rule.process(None)
     assert_equal(result, True)
Exemplo n.º 4
0
    def test_rule_checksum_bad(self, log_mock):
        """Rule - Rule Checksum, Bad Indentation"""
        def test_rule(_):
            return False

        # Test rule that has bad indentation when loading from source
        rule.Rule(test_rule, logs=['log_type'])
        assert_equal(rule.Rule._rules['test_rule'].checksum, rule.Rule.CHECKSUM_UNKNOWN)
        log_mock.assert_called_with('Could not checksum rule function')
Exemplo n.º 5
0
 def test_rule_process_exception(self, log_mock):
     """Rule - Process, Exception"""
     # Create a rule function that will raise an exception
     def test_rule(_):
         raise ValueError('this is a bad rule')
     test_rule = rule.Rule(test_rule, logs=['bar'])
     result = test_rule.process(None)
     log_mock.assert_called_with('Encountered error with rule: %s', 'test_rule')
     assert_equal(result, False)
Exemplo n.º 6
0
    def test_set_description(self):
        """Rule - Set Description"""
        def test_rule(_):
            pass
        test_rule = rule.Rule(test_rule, outputs=['foo'], logs=['bar'])

        description = 'foobar description'
        test_rule.description = description

        assert_equal(test_rule.description, description)
Exemplo n.º 7
0
    def test_rule_is_staged(self):
        """Rule - Is Staged = True"""
        table = rule_table.RuleTable('table')
        table._remote_rule_info = {'test_rule': {'Staged': True}}

        def test_rule(_):
            return True

        # Test rule is not staged
        staged_rule = test_rule = rule.Rule(test_rule, logs=['bar'])
        assert_equal(staged_rule.is_staged(table), True)
Exemplo n.º 8
0
    def test_rule_is_staged_false(self):
        """Rule - Is Staged = False"""
        table = rule_table.RuleTable('table')
        table._remote_rule_info = {'test_rule': {'Staged': False}}

        def test_rule(_):
            return True

        # Test rule is not staged
        unstaged_rule = test_rule = rule.Rule(test_rule, logs=['bar'])
        assert_equal(unstaged_rule.is_staged(None), False)
        assert_equal(unstaged_rule.is_staged(table), False)
Exemplo n.º 9
0
    def test_check_matchers_exception(self, log_mock):
        """Rule - Check Matchers, Exception"""
        def test_matcher(_):
            raise ValueError('this is a bad matcher')

        def test_rule(_):
            return True

        test_rule = rule.Rule(test_rule, logs=['bar'], matchers=[test_matcher])

        assert_equal(test_rule.check_matchers(None), False)
        log_mock.assert_called_with('Encountered error with matcher: %s',
                                    'test_matcher')
Exemplo n.º 10
0
    def test_check_matchers_false(self):
        """Rule - Check Matchers, False"""
        def test_matcher(rec):
            return rec['value'] == 100

        def test_rule(_):
            return True

        test_rule = rule.Rule(test_rule, logs=['bar'], matchers=[test_matcher])

        test_record = {'value': 200}

        assert_equal(test_rule.check_matchers(test_record), False)
Exemplo n.º 11
0
    def test_rule_process_with_context(self):
        """Rule - Process, With Context"""
        def test_rule(rec, context):  # pylint: disable=missing-docstring
            context['relevant'] = 'data'
            # Update the context with the entire record so we can check for validity
            context.update(rec)
            return True
        test_rule = rule.Rule(test_rule, logs=['bar'], context={})

        # Test with data that should be placed into the context and overwritten
        # in subsequent calls
        test_rule.process({'foo': 'bar'})
        assert_equal(test_rule.context, {'foo': 'bar', 'relevant': 'data'})

        # Test with new data that should get placed into the context
        # The previous data should no longer be present
        test_rule.process({'bar': 'foo'})
        assert_equal(test_rule.context, {'bar': 'foo', 'relevant': 'data'})
Exemplo n.º 12
0
 def _create_local_rule_with_name(name):
     """Helper to create a fake local rule with specified name"""
     rule_module.Rule(Mock(__name__=name), logs=['fake_log_type'])