示例#1
0
def test_taxii21_objects_filtered_params(mocker, taxii2_server_v21, res_file,
                                         fields, has_extension):
    """
        Given
            TAXII Server v2.1, collection_id, type parameter, filtered_fields params
        When
            Calling get objects api request for given collection
        Then
            Validate that right objects are returned.
    """
    iocs = util_load_json('test_files/file_iocs.json')
    objects = util_load_json(f'test_files/{res_file}.json')
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    mocker.patch('TAXII2Server.SERVER.fields_to_present', fields)
    mocker.patch('TAXII2Server.SERVER.has_extension', has_extension)
    mocker.patch.object(uuid,
                        'uuid4',
                        return_value='1ffe4bee-95e7-4e36-9a17-f56dbab3c777')
    mocker.patch.object(demisto, 'searchIndicators', return_value=iocs)
    mocker.patch.object(demisto, 'params', return_value={'res_size': '100'})
    with APP.test_client() as test_client:
        response = test_client.get(
            '/threatintel/collections/e46189b5-c5c8-5c7f-b947-183e0302b4d3/'
            'objects/?match[type]=file',
            headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert response.json == objects
def test_taxii20_indicators_objects(mocker, taxii2_server_v20):
    """
        Given
            TAXII Server v2.0, collection_id, content-range, types_for_indicator_sdo
        When
            Calling get objects api request for given collection
        Then
            Validate that right objects are returned.
    """
    iocs = util_load_json('test_files/ip_iocs.json')
    objects = util_load_json('test_files/objects20-indicators.json')
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    mocker.patch('TAXII2Server.SERVER.types_for_indicator_sdo', [
                 'ipv4-addr', 'domain-name', 'ipv6-addr', 'user-account',
                 'email-addr', 'windows-registry-key', 'file', 'url'])
    mocker.patch.object(uuid, 'uuid4', return_value='1ffe4bee-95e7-4e36-9a17-f56dbab3c777')
    headers = copy.deepcopy(HEADERS)
    headers['Content-Range'] = 'items 0-2/5'
    mocker.patch.object(demisto, 'searchIndicators', return_value=iocs)
    mocker.patch.object(demisto, 'params', return_value={'res_size': '100'})
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/4c649e16-2bb7-50f5-8826-2a2d0a0b9631/objects/',
                                   headers=headers)
        assert response.status_code == 200
        assert response.content_type == 'application/vnd.oasis.stix+json; version=2.0'
        assert response.json == objects
        assert response.headers.get('Content-Range') == 'items 0-2/5'
def test_taxii20_status(mocker, taxii2_server_v20):
    """
        Given
            Status api call
        When
            Calling a status request
        Then
            Validate the error returned.
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/status/1223456/', headers=HEADERS)
        assert response.status_code == 404
def test_taxii_wrong_accept(mocker, headers, taxii2_server_v20):
    """
        Given
            Taxii server v2.0
        When
            Getting server discovery, with wrong accept header
        Then
            Validate that the error and status code right
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    mocker.patch.object(demisto, 'error')
    mocker.patch.object(demisto, 'updateModuleHealth')
    with APP.test_client() as test_client:
        response = test_client.get('/taxii/', headers=headers)
        assert response.status_code == 406
def test_taxii20_api_root(mocker, taxii2_server_v20):
    """
        Given
            TAXII v2.0 server, api_root
        When
            Call api_root api request
        Then
            Validate that the api_root information returned as expected
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/', headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/vnd.oasis.taxii+json; version=2.0'
        assert response.json.get('title') == 'Cortex XSOAR TAXII2 Server ThreatIntel'
def test_taxii21_server_discovery(mocker, taxii2_server_v21):
    """
        Given
            Taxii server v2.1
        When
            Call server discovery api request
        Then
            Validate that the discovery output as expected
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    with APP.test_client() as test_client:
        response = test_client.get('/taxii/', headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert response.json.get('default') == 'http://demisto:7000/threatintel/'
def test_taxii_wrong_collection_id(mocker, taxii2_server_v21):
    """
        Given
            Taxii server v2.1, Not exiting collection_id
        When
            Getting collection information, for wrong collection_id
        Then
            Validate that the error and status code right
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    mocker.patch.object(demisto, 'error')
    mocker.patch.object(demisto, 'updateModuleHealth')
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/not_exsisting_collection_id/', headers=HEADERS)
        assert response.status_code == 404
        assert response.json.get('title') == 'Unknown Collection'
def test_taxii21_collection(mocker, taxii2_server_v21):
    """
        Given
            TAXII Server v2.1, collection_id
        When
            Calling collection by id api request
        Then
            Validate that right collection returned
    """
    collections = util_load_json('test_files/collections21.json')
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/4c649e16-2bb7-50f5-8826-2a2d0a0b9631/', headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert response.json == collections.get('collections')[0]
def test_taxii21_collections(mocker, taxii2_server_v21):
    """
        Given
            TAXII Server v2.1
        When
            Calling collections api request
        Then
            Validate that collections returned as expected
    """
    collections = util_load_json('test_files/collections21.json')
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/', headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert response.json == collections
示例#10
0
def test_taxii_wrong_api_root(mocker, taxii2_server_v20):
    """
        Given
            Taxii server v2.0, Not exiting api_root
        When
            Getting api root information, for wrong api_root
        Then
            Validate that the error and status code right
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    mocker.patch.object(demisto, 'error')
    mocker.patch.object(demisto, 'updateModuleHealth')
    with APP.test_client() as test_client:
        response = test_client.get('/not_exsisting_api_root/', headers=HEADERS)
        assert response.status_code == 404
        assert response.json.get('title') == 'Unknown API Root'
示例#11
0
def test_taxii20_bad_content_range(mocker, taxii2_server_v20, api_request):
    """
        Given
            TAXII Server v2.0, non-supported range.
        When
            Calling get objects or manifest api request for given collection
        Then
            Validate that right error returned.
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    mocker.patch.object(demisto, 'params', return_value={'res_size': '2500'})
    headers = copy.deepcopy(HEADERS)
    headers['Content-Range'] = 'items 8-2/10'
    with APP.test_client() as test_client:
        response = test_client.get(f'/threatintel/collections/e46189b5-c5c8-5c7f-b947-183e0302b4d3/'
                                   f'{api_request}/', headers=headers)
        assert response.status_code == 416
示例#12
0
def test_taxii21_bad_request(mocker, taxii2_server_v21, api_request):
    """
        Given
            TAXII Server v2.1, non-supported filter.
        When
            Calling get objects or manifest api request for given collection
        Then
            Validate that right error returned.
    """
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    mocker.patch.object(demisto, 'error')
    mocker.patch.object(demisto, 'params', return_value={'res_size': '2500'})
    mocker.patch.object(demisto, 'updateModuleHealth')
    with APP.test_client() as test_client:
        response = test_client.get(f'/threatintel/collections/e46189b5-c5c8-5c7f-b947-183e0302b4d3/'
                                   f'{api_request}/?match[version]=3', headers=HEADERS)
        assert response.status_code == 404
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert 'Filtering by ID or version is not supported.' in response.json.get('description')
示例#13
0
def test_taxii21_manifest(mocker, taxii2_server_v21):
    """
        Given
            TAXII Server v2.1, collection_id
        When
            Calling manifest api request for given collection
        Then
            Validate that right manifest returned.
    """
    iocs = util_load_json('test_files/ip_iocs.json')
    manifest = util_load_json('test_files/manifest21.json')
    mocker.patch.object(demisto, 'params', return_value={'res_size': '100'})
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v21)
    mocker.patch.object(demisto, 'searchIndicators', return_value=iocs)
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/4c649e16-2bb7-50f5-8826-2a2d0a0b9631/manifest/?limit=4',
                                   headers=HEADERS)
        assert response.status_code == 200
        assert response.content_type == 'application/taxii+json;version=2.1'
        assert response.json == manifest
示例#14
0
def test_taxii20_manifest(mocker, taxii2_server_v20):
    """
        Given
            TAXII Server v2.0, collection_id, range
        When
            Calling manifest api request for given collection
        Then
            Validate that right manifest returned.
    """
    iocs = util_load_json('test_files/ip_iocs.json')
    manifest = util_load_json('test_files/manifest20.json')
    headers = copy.deepcopy(HEADERS)
    headers['Range'] = 'items 0-4'
    mocker.patch('TAXII2Server.SERVER', taxii2_server_v20)
    mocker.patch.object(demisto, 'searchIndicators', return_value=iocs)
    mocker.patch.object(demisto, 'params', return_value={'res_size': '100'})
    with APP.test_client() as test_client:
        response = test_client.get('/threatintel/collections/4c649e16-2bb7-50f5-8826-2a2d0a0b9631/manifest/',
                                   headers=headers)
        assert response.status_code == 200
        assert response.content_type == 'application/vnd.oasis.taxii+json; version=2.0'
        assert response.json == manifest