def test_get_multiple_error(datastore, client):
m_results = []
m_errors = []
for _ in range(5):
m_results.append(random_id_from_collection(datastore, 'result'))
for _ in range(2):
m_errors.append(random_id_from_collection(datastore, 'error'))
m_results = list(set(m_results))
m_errors = list(set(m_errors))
res = client.result.multiple(error=m_errors, result=m_results)
assert sorted(list(res['error'].keys())) == sorted(m_errors)
assert sorted(list(res['result'].keys())) == sorted(m_results)
ds_result = datastore.get_multiple_results(m_results)
for res_key in m_results:
assert res['result'][res_key]['response'] == ds_result[res_key][
'response']
assert res['result'][res_key]['sha256'] == ds_result[res_key]['sha256']
assert res['result'][res_key]['sha256'] == res_key[:64]
assert res['error'] == datastore.error.multiget(m_errors,
as_dictionary=True,
as_obj=False)
def test_sha256_search_with_specific_db(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
res = client.hash_search(file_id, db=['al'])
assert res['al']['items'][0]['data']['sha256'] == file_id
alert_id = random_id_from_collection(datastore, 'alert')
alert_data = datastore.alert.get(alert_id)
res = client.hash_search(alert_data.file.sha256, db=['alert'], max_timeout=1)
assert len(res['alert']['items']) != 0
def test_file_of_submission_details(datastore, client):
submission_id = random_id_from_collection(datastore, 'submission')
submissison_data = datastore.submission.get(submission_id)
res = client.submission.file(submission_id, submissison_data.files[0].sha256)
assert res['file_info']['sha256']
assert submissison_data.params.submitter in res['metadata']['submitter']
def test_sha1_search(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
file_data = datastore.file.get(file_id)
res = client.hash_search(file_data.sha1)
assert res['al']['items'][0]['data']['sha1'] == file_data.sha1
def test_children(datastore, client):
submission_id = random_id_from_collection(datastore, 'submission', q="file_count:[2 TO *]")
submission_data = datastore.submission.get(submission_id)
file_id = submission_data.files[0].sha256
res = client.file.children(file_id)
assert len(res) >= 1
def test_score(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
res = client.file.score(file_id)
assert res['file_info']['sha256'] == file_id
for k in res['result_keys']:
assert k[:64] == file_id
def test_result_for_service(datastore, client):
result_id = random_id_from_collection(datastore, 'result')
file_id, service_name, _ = result_id.split('.', 2)
res = client.file.result(file_id, service=service_name)
assert res['file_info']['sha256'] == file_id
assert res['results'][0]['response']['service_name'] == service_name
def test_get_result(datastore, client):
result_id = random_id_from_collection(datastore, 'result')
res = client.result(result_id)
ds_res = datastore.result.get(result_id, as_obj=False)
assert res['response'] == ds_res['response']
assert res['sha256'] == ds_res['sha256']
assert res['sha256'] == result_id[:64]
def test_get_workflow(datastore, client):
workflow_id = random_id_from_collection(datastore, 'workflow')
workflow_data = datastore.workflow.get(workflow_id, as_obj=False)
res = client.workflow(workflow_id)
assert res == workflow_data
def test_get_signature(datastore, client):
signature_id = random_id_from_collection(datastore, 'signature')
signature_data = datastore.signature.get(signature_id, as_obj=False)
res = client.signature(signature_id)
assert res == signature_data
def test_get_message_list(datastore, client):
submission_id = random_id_from_collection(datastore, "submission")
with pytest.raises(ClientError):
client.live.setup_watch_queue(submission_id)["wq_id"]
res = client.live.get_message_list('DOES_NOT_EXIST')
assert len(res) == 0
def test_add(datastore, client):
# Select a random service
service = random_id_from_collection(datastore, 'service_delta')
# Make sure the service can generate signatures
service_data = datastore.get_service_with_delta(service, as_obj=False)
service_data['update_config'] = {
'generates_signatures': True,
'sources': []
}
res = client.service.set(service, service_data)
assert res['success']
# Add a new source
added_source_name = "NEW_TEST_SOURCE"
new_source = random_model_obj(UpdateSource, as_json=True)
new_source['name'] = added_source_name
res = client.signature.sources.add(service, new_source)
assert res['success']
# Test if new source is there
service_data = datastore.get_service_with_delta(service, as_obj=False)
assert service_data['update_config']['sources'][0][
'name'] == added_source_name
def test_workflow(datastore, client):
workflow_id = random_id_from_collection(datastore, 'workflow')
res = client.search.grouped.workflow("id", query="id:{}".format(workflow_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['value'] == workflow_id
res = client.search.grouped.workflow("creator", query="id:*", offset=5)
assert res['total'] > 1
def test_submission(datastore, client):
submission_id = random_id_from_collection(datastore, 'submission')
res = client.search.grouped.submission("id", query="id:{}".format(submission_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['value'] == submission_id
res = client.search.grouped.submission("params.submitter", query="id:*")
assert res['total'] > 1
def test_result(datastore, client):
result_id = random_id_from_collection(datastore, 'result')
res = client.search.grouped.result("id", query="id:{}".format(result_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['value'] == result_id
res = client.search.grouped.result("response.service_name", query="id:*", fl="response.score")
assert res['total'] > 1
def test_heuristic(datastore, client):
heuristic_id = random_id_from_collection(datastore, 'heuristic')
res = client.search.grouped.heuristic("id", query="id:{}".format(heuristic_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['value'] == heuristic_id
res = client.search.grouped.heuristic("name", query="id:*", sort="id desc", fl="heur_id")
assert res['total'] > 1
def test_file(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
res = client.search.grouped.file("id", query="id:{}".format(file_id), fl="id")
assert res['total'] == 1
assert res['items'][0]["value"] == file_id
res = client.search.grouped.file("classification", query="id:*", limit=2, rows=5)
assert res['total'] > 1
def test_alert(datastore, client):
alert_id = random_id_from_collection(datastore, 'alert')
res = client.search.grouped.alert("id", query="id:{}".format(alert_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['value'] == alert_id
res = client.search.grouped.alert("status", query="id:*", offset=1)
assert res['total'] > 1
def test_submission(datastore, client):
submission_id = random_id_from_collection(datastore, 'submission')
res = client.search.facet.submission('params.submitter',
"id:{}".format(submission_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_result(datastore, client):
result_id = random_id_from_collection(datastore, 'result')
res = client.search.facet.result('response.service_name',
"id:{}".format(result_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_alert(datastore, client):
alert_id = random_id_from_collection(datastore, 'alert')
res = client.search.facet.alert('al.ip',
"id:{}".format(alert_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_priority(datastore, client):
alert_id = random_id_from_collection(datastore, 'alert')
res = client.alert.batch.priority('alert_id:{}'.format(alert_id), "HIGH", fq_list=["id:*", "label:*"])
assert res['success'] == 1
alert_data = datastore.alert.get(alert_id)
assert "HIGH" in alert_data.priority
def test_status(datastore, client):
alert_id = random_id_from_collection(datastore, 'alert')
res = client.alert.batch.status('alert_id:{}'.format(alert_id), "ASSESS", fq_list=["id:*", "label:*"])
assert res['success'] == 1
alert_data = datastore.alert.get(alert_id)
assert "ASSESS" in alert_data.status
def test_file(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
res = client.search.file("id:{}".format(file_id), fl="id")
assert res['total'] == 1
assert res['items'][0]["id"] == file_id
res = client.search.file("id:*", rows=5)
assert res['total'] > 1
def test_heuristic(datastore, client):
heuristic_id = random_id_from_collection(datastore, 'heuristic')
res = client.search.facet.heuristic('filetype',
"id:{}".format(heuristic_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_signature(datastore, client):
signature_id = random_id_from_collection(datastore, 'signature')
res = client.search.signature("id:{}".format(signature_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['id'] == signature_id
res = client.search.signature("id:*", filters=["id:yara_YAR_SAMPLE_CSE*", "name:*Shade*"])
assert res['total'] == 1
def test_signature(datastore, client):
signature_id = random_id_from_collection(datastore, 'signature')
res = client.search.facet.signature('status',
"id:{}".format(signature_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_submission(datastore, client):
submission_id = random_id_from_collection(datastore, 'submission')
res = client.search.submission("id:{}".format(submission_id), fl="id")
assert res['total'] == 1
assert res['items'][0]['id'] == submission_id
res = client.search.submission("id:*")
assert res['total'] > 1
def test_workflow(datastore, client):
workflow_id = random_id_from_collection(datastore, 'workflow')
res = client.search.facet.workflow('name',
"id:{}".format(workflow_id),
mincount=1)
assert isinstance(res, dict)
for v in res.values():
assert v >= 1
def test_submit_sha(datastore, client):
file_id = random_id_from_collection(datastore, 'file')
metadata = {"file_id": get_random_id(), "comment": "test"}
res = client.submit(sha256=file_id, metadata=metadata)
assert res['sid'] is not None
assert res['files'][0]['sha256'] == file_id
assert res['metadata'] == metadata
assert res == datastore.submission.get(res['sid'], as_obj=False)