def test_get_file_does_not_exist(requests_mock, mocker):
from CrowdStrikeFalcon import get_file_command
file_id = 'le10098bf0e311e989190662caec3daa_94cc8c55556741faa1d82bd1faabfb4a'
response = {
"meta": {
"powered_by": "empower-api",
"query_time": 0.082774607,
"trace_id": "07kk11c3-496g-42df-9157-834e499e279d"
},
"resources": []
}
mocker.patch.object(demisto, 'args', return_value={'file_id': file_id})
requests_mock.get(
f'{SERVER_URL}/real-time-response/entities/put-files/v1?ids={file_id}',
json=response,
status_code=200)
assert get_file_command() == 'No file found.'
def test_get_file_with_content(requests_mock, mocker, request):
from CrowdStrikeFalcon import get_file_command
file_id = 'le10098bf0e311e989190662caec3daa_94cc8c55556741faa1d82bd1faabfb4a'
file_content = "function Demisto {}"
response = {
"meta": {
"powered_by": "empower-api",
"query_time": 0.082774607,
"trace_id": "07kk11c3-496g-42df-9157-834e499e279d"
},
"resources": [{
"content": file_content,
"created_by": "*****@*****.**",
"created_by_uuid": "94cc8c66-5447-41ft-a1d8-2bd1faabfb9q",
"created_timestamp": "2019-10-17T13:41:48.487520845Z",
"description": "Demisto",
"file_type": "script",
"id": file_id,
"modified_by": "*****@*****.**",
"modified_timestamp": "2019-10-17T13:41:48.487521161Z",
"name": "Demisto",
"permission_type": "private",
"sha256":
"5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc",
"size": 4444,
}]
}
file_name = '1_test_file_result'
def cleanup():
try:
os.remove(file_name)
except OSError:
pass
request.addfinalizer(cleanup)
mocker.patch.object(demisto, 'uniqueFile', return_value="test_file_result")
mocker.patch.object(demisto, 'investigation', return_value={'id': '1'})
mocker.patch.object(demisto, 'results')
mocker.patch.object(demisto, 'args', return_value={'file_id': file_id})
requests_mock.get(
f'{SERVER_URL}/real-time-response/entities/put-files/v1?ids={file_id}',
json=response,
status_code=200)
results = get_file_command()
expected_results = {
'CrowdStrike': {
'File(val.ID === obj.ID)': {
'CreatedBy': '*****@*****.**',
'CreatedTime': '2019-10-17T13:41:48.487520845Z',
'Description': 'Demisto',
'ID':
'le10098bf0e311e989190662caec3daa_94cc8c55556741faa1d82bd1faabfb4a',
'ModifiedBy': '*****@*****.**',
'ModifiedTime': '2019-10-17T13:41:48.487521161Z',
'Name': 'Demisto',
'Permission': 'private',
'SHA256':
'5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc',
'Type': 'script'
}
},
outputPaths['file']: {
'Name':
'Demisto',
'Size':
4444,
'Type':
'script',
'SHA256':
'5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc'
}
}
assert results['EntryContext'] == expected_results
# verify there was file returned
assert demisto.results.call_count == 1
results = demisto.results.call_args[0]
assert len(results) == 1
assert results[0]['Type'] == entryTypes['file']
assert results[0]['File'] == 'Demisto'
with open(file_name, 'rb') as f:
assert f.read().decode() == file_content
def test_get_file_without_content(requests_mock, mocker):
from CrowdStrikeFalcon import get_file_command
file_id = 'le10098bf0e311e989190662caec3daa_94cc8c55556741faa1d82bd1faabfb4a'
response = {
"meta": {
"powered_by": "empower-api",
"query_time": 0.082774607,
"trace_id": "07kk11c3-496g-42df-9157-834e499e279d"
},
"resources": [{
"created_by": "*****@*****.**",
"created_by_uuid": "94cc8c66-5447-41ft-a1d8-2bd1faabfb9q",
"created_timestamp": "2019-10-17T13:41:48.487520845Z",
"description": "Demisto",
"file_type": "script",
"id": file_id,
"modified_by": "*****@*****.**",
"modified_timestamp": "2019-10-17T13:41:48.487521161Z",
"name": "Demisto",
"permission_type": "private",
"run_attempt_count": 0,
"run_success_count": 0,
"sha256":
"5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc",
"size": 4444,
'write_access': True
}]
}
mocker.patch.object(demisto, 'results')
mocker.patch.object(demisto, 'args', return_value={'file_id': file_id})
requests_mock.get(
f'{SERVER_URL}/real-time-response/entities/put-files/v1?ids={file_id}',
json=response,
status_code=200)
results = get_file_command()
expected_results = {
'CrowdStrike': {
'File(val.ID === obj.ID)': {
'CreatedBy': '*****@*****.**',
'CreatedTime': '2019-10-17T13:41:48.487520845Z',
'Description': 'Demisto',
'ID':
'le10098bf0e311e989190662caec3daa_94cc8c55556741faa1d82bd1faabfb4a',
'ModifiedBy': '*****@*****.**',
'ModifiedTime': '2019-10-17T13:41:48.487521161Z',
'Name': 'Demisto',
'Permission': 'private',
'SHA256':
'5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc',
'Type': 'script'
}
},
outputPaths['file']: {
'Name':
'Demisto',
'Size':
4444,
'Type':
'script',
'SHA256':
'5a4440f2b9ce60b070e98c304370050446a2efa4b3850550a99e4d7b8f447fcc'
}
}
assert results['EntryContext'] == expected_results
# verify there was no file returned as there no file content was returned
assert demisto.results.call_count == 0