def setUpClass(cls):
warnings.simplefilter("ignore", ResourceWarning)
# Connect as admin
cls.admin_misp_connector = PyMISP(url, key)
cls.admin_misp_connector.set_server_setting('debug', 1, force=True)
cls.admin_misp_connector.global_pythonify = True
# Check if admin is really site admin
assert cls.admin_misp_connector._current_role.perm_site_admin
# Create advanced authkey, so connector will work even after advanced keys are required
cls.admin_advanced_authkey = cls.__create_advanced_authkey(
cls, cls.admin_misp_connector._current_user.id)
cls.admin_misp_connector.key = cls.admin_misp_connector.key + "," + cls.admin_advanced_authkey[
"authkey_raw"]
# Creates an org
organisation = MISPOrganisation()
organisation.name = 'Test Org ' + random() # make name always unique
cls.test_org = cls.admin_misp_connector.add_organisation(organisation)
check_response(cls.test_org)
# Creates org admin
org_admin = MISPUser()
org_admin.email = 'testorgadmin@user' + random(
) + '.local' # make name always unique
org_admin.org_id = cls.test_org.id
org_admin.role_id = 2 # Org admin role
cls.test_org_admin = cls.admin_misp_connector.add_user(org_admin)
check_response(cls.test_org_admin)
# Creates advanced auth key for org admin
cls.org_admin_advanced_authkey = cls.__create_advanced_authkey(
cls, cls.test_org_admin.id)
cls.org_admin_misp_connector = PyMISP(
url, cls.test_org_admin.authkey + "," +
cls.org_admin_advanced_authkey["authkey_raw"])
cls.org_admin_misp_connector.global_pythonify = True
# Creates an user
cls.test_usr_password = str(uuid.uuid4())
user = MISPUser()
user.email = 'testusr@user' + random(
) + '.local' # make name always unique
user.org_id = cls.test_org.id
user.role_id = 3 # User role
user.password = cls.test_usr_password
cls.test_usr = cls.admin_misp_connector.add_user(user)
check_response(cls.test_usr)
# Try to connect as user to check if everything works
PyMISP(url, cls.test_usr.authkey)
# Check if user can login with given password
assert login(url, cls.test_usr.email, cls.test_usr_password)
def owner_orgadmin(self) -> PyMISP:
if self._owner_orgadmin:
return self._owner_orgadmin
for user in self.site_admin.users():
if user.email == self.config['email_orgadmin']:
break
else:
# The user doesn't exists
user = MISPUser()
user.email = self.config['email_orgadmin']
user.org_id = self.host_org.id
user.role_id = 2 # Site admin
user = self.create_or_update_user(user)
user.authkey = self.config.get('orgadmin_authkey')
dump_config = False
if not user.authkey: # type: ignore
dump_config = True
user.authkey = self.site_admin.get_new_authkey(user)
self.config['orgadmin_authkey'] = user.authkey # type: ignore
user.password = self.config.get('orgadmin_password')
if not user.password:
dump_config = True
if user.change_pw in ['1', True, 1]: # type: ignore
# Only change the password if the user never logged in.
user.password = ''.join(random.choices(string.ascii_uppercase + string.digits, k=16))
self.site_admin.update_user({'password': user.password, 'change_pw': 0}, user.id) # type: ignore
else:
user.password = '******'
self.config['orgadmin_password'] = user.password
# This user might have been disabled by the users
self._owner_orgadmin = PyMISP(self.baseurl, user.authkey, # type: ignore
ssl=secure_connection, debug=False, timeout=300)
self._owner_orgadmin.toggle_global_pythonify()
if dump_config:
with self.config_file.open('w') as f:
json.dump(self.config, f, indent=2)
return self._owner_orgadmin
def init_default_user(self, email, password='******', role_id=1, org_id=None):
'''Default user is a local admin in the host org'''
user = MISPUser()
user.email = email
if org_id:
user.org_id = org_id
else:
for org in self.owner_site_admin.organisations():
if org.name == self.config['admin_orgname']:
user.org_id = org.id
break
else:
raise Exception('No default org found.')
user.role_id = role_id
user.password = password
self.create_or_update_user(user)