def test_any_reports_present_yes(config): """Does _any_reports_present return True correctly?""" state_manager = StateManager(config) state_manager.add_report_item(6, ENGINE_NAME, {'keyval': 1}) sut = AnalysisUtility(None) sut.config = config assert sut._any_reports_present(state_manager)
def test_restart_command(cbapi_mock, config): """Test data flow through the components in the _restart_command method""" sut = AnalysisUtility(None) sut.config = config sut.cbapi = cbapi_mock.api hash = METADATA_VALID["sha256"] cbapi_mock.mock_request( "POST", f"/ubs/v1/orgs/test/file/_download", { "found": [{ "sha256": hash, "url": "DUMMY_URL" }], "not_found": [], "error": [] }) cbapi_mock.mock_request("GET", f"/ubs/v1/orgs/test/sha256/{hash}/metadata", METADATA_VALID) cbapi_mock.mock_request( "PUT", f"/threathunter/feedmgr/v2/orgs/test/feeds/{FEED_ID}/reports/.*", None) components = sut._init_components() components["engine_manager"].engine.mock_engine_output(hash, IOCS_2) components["state_manager"].set_checkpoint(hash, ENGINE_NAME, "INGESTED") sut._restart_command(components) assert cbapi_mock._last_request_data is not None assert ENGINE_NAME in cbapi_mock._last_request_data["title"] assert cbapi_mock._last_request_data[ "description"] == "Automated report generated by Binary Analysis SDK" assert cbapi_mock._last_request_data["severity"] == IOCS_2[0]["severity"] assert cbapi_mock._last_request_data["iocs_v2"] == minus_severity(IOCS_2) assert METADATA_VALID["sha256"] in components[ "state_manager"].get_previous_hashes(ENGINE_NAME)
def test_analyze_command_without_feed(cbapi_mock, config3): """Test reports are not sent when a feed id is not present""" sut = AnalysisUtility(None) sut.config = config3 sut.cbapi = cbapi_mock.api hash = METADATA_VALID["sha256"] cbapi_mock.mock_request( "POST", f"/ubs/v1/orgs/test/file/_download", { "found": [{ "sha256": hash, "url": "DUMMY_URL" }], "not_found": [], "error": [] }) cbapi_mock.mock_request("GET", f"/ubs/v1/orgs/test/sha256/{hash}/metadata", METADATA_VALID) components = sut._init_components() components["engine_manager"].engine.mock_engine_output(hash, IOCS_2) args = Namespace() args.file = None args.list = json.dumps([hash]) sut._analyze_command(args, components) assert cbapi_mock._last_request_data == { 'expiration_seconds': 3600, 'sha256': ['0995f71c34f613207bc39ed4fcc1bbbee396a543fa1739656f7ddf70419309fc'] } or cbapi_mock._last_request_data is None assert METADATA_VALID["sha256"] in components[ "state_manager"].get_previous_hashes(ENGINE_NAME)
def test_restart_command_with_unsent_report_item(cbcloud_api_mock, config): """Test that an unsent report item is sent as a process of running the restart command.""" sut = AnalysisUtility(None) sut.config = config sut.cbc_api = cbcloud_api_mock.api cbcloud_api_mock.mock_request( "PUT", f"/threathunter/feedmgr/v2/orgs/test/feeds/{FEED_ID}/reports/.*", None) components = sut._init_components() components["state_manager"].add_report_item(IOCS_2[0]["severity"], ENGINE_NAME, minus_severity(IOCS_2)[0]) components["state_manager"].set_checkpoint(METADATA_VALID["sha256"], ENGINE_NAME, "DONE") sut._restart_command(components) assert cbcloud_api_mock._last_request_data is not None assert ENGINE_NAME in cbcloud_api_mock._last_request_data["title"] assert cbcloud_api_mock._last_request_data[ "description"] == "Automated report generated by Binary Analysis SDK" assert cbcloud_api_mock._last_request_data["severity"] == IOCS_2[0][ "severity"] assert cbcloud_api_mock._last_request_data["iocs_v2"] == minus_severity( IOCS_2)
def test_process_metadata(cbcloud_api_mock, config): """Test data flow through the components in the _process_metadata method""" sut = AnalysisUtility(None) sut.config = config sut.cbc_api = cbcloud_api_mock.api cbcloud_api_mock.mock_request( "PUT", f"/threathunter/feedmgr/v2/orgs/test/feeds/{FEED_ID}/reports/.*", None) components = sut._init_components() components["engine_manager"].engine.mock_engine_output( METADATA_VALID["sha256"], IOCS_2) sut._process_metadata(components, [METADATA_VALID]) assert cbcloud_api_mock._last_request_data is not None assert ENGINE_NAME in cbcloud_api_mock._last_request_data["title"] assert cbcloud_api_mock._last_request_data[ "description"] == "Automated report generated by Binary Analysis SDK" assert cbcloud_api_mock._last_request_data["severity"] == IOCS_2[0][ "severity"] assert cbcloud_api_mock._last_request_data["iocs_v2"] == minus_severity( IOCS_2) assert METADATA_VALID["sha256"] in components[ "state_manager"].get_previous_hashes(ENGINE_NAME)
def test_restart_command_with_nothing_to_do(cbapi_mock, config2): """Test data flow through the components in the _restart_command when there are no hashes that are incomplete""" sut = AnalysisUtility(None) sut.config = config2 sut.cbapi = cbapi_mock.api hash = METADATA_VALID["sha256"] components = sut._init_components() my_timestamp = datetime.now() - timedelta(0, 300) components["state_manager"].set_checkpoint(hash, ENGINE_NAME, "DONE", my_timestamp) sut._restart_command(components) assert cbapi_mock._last_request_data is None assert components["state_manager"]._persistor.db[hash][ "checkpoint_time"] == my_timestamp
def test_analyze_command_with_not_found(cbapi_mock, config): """Test data flow through the components in the _analyze_command method for when a hash is not found""" sut = AnalysisUtility(None) sut.config = config sut.cbapi = cbapi_mock.api hash = METADATA_VALID["sha256"] cbapi_mock.mock_request("POST", f"/ubs/v1/orgs/test/file/_download", { "found": [], "not_found": [hash], "error": [] }) components = sut._init_components() args = Namespace() args.file = None args.list = json.dumps([hash]) sut._analyze_command(args, components) assert cbapi_mock._last_request_data is not None ensure_not_report(cbapi_mock._last_request_data) assert METADATA_VALID["sha256"] not in components[ "state_manager"].get_previous_hashes(ENGINE_NAME)
def test_any_reports_present_no(config): """Does _any_reports_present return False correctly?""" state_manager = StateManager(config) sut = AnalysisUtility(None) sut.config = config assert not sut._any_reports_present(state_manager)