示例#1
0
def test_remove_unnecessary_keys_from_playbook(source_path):
    """
    Given:
        - Playbook file to format, with excessive keys in it
    When:
        - Running the remove_unnecessary_keys function
    Then:
        - Validate that the excessive keys were removed successfully
    """
    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas",
                     '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(source_path, path=schema_path, verbose=True)

    # Assert the unnecessary keys are indeed in the playbook file
    assert 'excessiveKey' in base_yml.data.keys()
    assert 'itemVersion' in base_yml.data.get(
        'contentitemexportablefields').get('contentitemfields').keys()

    base_yml.remove_unnecessary_keys()

    # Assert the unnecessary keys were successfully removed
    assert 'excessiveKey' not in base_yml.data.keys()
    assert 'itemVersion' not in base_yml.data.get(
        'contentitemexportablefields').get('contentitemfields').keys()

    # One of the inputs has unsupported key 'some_key_to_remove', the inputs schema is a sub-schema and this
    # assertion validates sub-schemas are enforced in format command too.
    for input_ in base_yml.data.get('inputs'):
        assert 'some_key_to_remove' not in input_
示例#2
0
def test_playbook_sourceplaybookid(source_path):
    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas", '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(source_path, path=schema_path)
    base_yml.delete_sourceplaybookid()

    assert 'sourceplaybookid' not in base_yml.data
示例#3
0
    def test_add_tasks_description_and_empty_playbook_description(self):
        """
        Given:
            - A playbook file with missing playbook description and missing tasks descriptions.

        When:
            - Running the add_description function of update_playbook.py.
            - User's choice not to update the description of the playbook.

        Then:
            - Validate that an empty description was added to the file.
            - Validate that empty descriptions were added only to the desired tasks.
        """
        schema_path = os.path.normpath(
            os.path.join(__file__, "..", "..", "..", "common", "schemas", '{}.yml'.format('playbook')))
        base_yml = PlaybookYMLFormat(SOURCE_FORMAT_PLAYBOOK_COPY, path=schema_path, verbose=True)
        base_yml.data = {
            "tasks": {
                "1": {
                    "type": "playbook",
                    "task": {
                    }
                },
                "2": {
                    "type": "something",
                    "task": {
                        "description": "else"
                    }
                },
                "3": {
                    "type": "something",
                    "task": {
                    }
                },
                "4": {
                    "type": "playbook",
                    "task": {
                    }
                },
                "5": {
                    "type": "start",
                    "task": {
                    }
                },
                "6": {
                    "type": "title",
                    "task": {
                    }
                },
            }
        }
        base_yml.add_description()
        assert base_yml.data.get('description') == ''
        assert base_yml.data['tasks']['1']['task']['description'] == ''
        assert base_yml.data['tasks']['2']['task']['description'] == 'else'
        assert 'description' not in base_yml.data['tasks']['3']['task']
        assert base_yml.data['tasks']['4']['task']['description'] == ''
        assert base_yml.data['tasks']['5']['task']['description'] == ''
        assert base_yml.data['tasks']['6']['task']['description'] == ''
示例#4
0
def test_playbook_task_name(source_path):
    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas", '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(source_path, path=schema_path)

    assert base_yml.data['tasks']['29']['task']['playbookName'] == 'File Enrichment - Virus Total Private API_dev_copy'
    base_yml.remove_copy_and_dev_suffixes_from_subplaybook()

    assert base_yml.data['tasks']['29']['task']['name'] == 'Fake name'
    assert base_yml.data['tasks']['29']['task']['playbookName'] == 'File Enrichment - Virus Total Private API'
    def test_check_for_subplaybook_usages(self, repo):
        """
        Given
            - A test playbook file
        When
            - Run check_for_subplaybook_usages command
        Then
            - Ensure that the subplaybook id is replaced from the uuid to the playbook name.
        """
        pack = repo.create_pack('pack')
        playbook = pack.create_playbook('LargePlaybook')
        test_task = {
            "id": "1",
            "ignoreworker": False,
            "isautoswitchedtoquietmode": False,
            "isoversize": False,
            "nexttasks": {
                '#none#': ["3"]
            },
            "note": False,
            "quietmode": 0,
            "separatecontext": True,
            "skipunavailable": False,
            "task": {
                "brand": "",
                "id": "dcf48154-7e80-42b3-8464-7156e1cd3d10",
                "iscommand": False,
                "name": "my-sub-playbook",
                "playbookId": "03d4f06c-ad13-47dd-8955-c8f7ccd5cba1",
                "type": "playbook",
                "version": -1
            },
            "taskid": "dcf48154-7e80-42b3-8464-7156e1cd3d10",
            "timertriggers": [],
            "type": "playbook"
        }
        playbook.create_default_playbook()
        playbook_data = playbook.yml.read_dict()
        playbook_data['tasks']['1'] = test_task
        playbook.yml.write_dict(playbook_data)
        playbook_yml = PlaybookYMLFormat(SOURCE_FORMAT_PLAYBOOK_COPY,
                                         path='',
                                         verbose=True)

        with ChangeCWD(repo.path):
            playbook_yml.check_for_subplaybook_usages(
                file_path=playbook.yml.rel_path,
                current_playbook_id="03d4f06c-ad13-47dd-8955-c8f7ccd5cba1",
                new_playbook_id="my-sub-playbook")

        playbook_data = playbook.yml.read_dict()
        assert playbook_data['tasks']['1']['task'][
            'playbookId'] == "my-sub-playbook"
    def test_remove_empty_scripts_keys_from_playbook(self, source_path):
        """
            Given:
                - Playbook file to format, with empty keys in tasks that uses the
                 [setIncident, SetIndicator, CreateNewIncident, CreateNewIndicator] script
            When:
                - Running the remove_empty_fields_from_scripts function
            Then:
                - Validate that the empty keys were removed successfully
        """
        schema_path = os.path.normpath(
            os.path.join(__file__, "..", "..", "..", "common", "schemas",
                         "{}.yml".format("playbook")))
        base_yml = PlaybookYMLFormat(source_path,
                                     path=schema_path,
                                     verbose=True)
        create_new_incident_script_task_args = base_yml.data.get(
            'tasks', {}).get('0').get('scriptarguments')
        different_script_task_args = base_yml.data.get(
            'tasks', {}).get('1').get('scriptarguments')
        create_new_indicator_script_task_args = base_yml.data.get(
            'tasks', {}).get('2').get('scriptarguments')
        set_incident_script_task_args = base_yml.data.get(
            'tasks', {}).get('3').get('scriptarguments')
        set_indicator_script_task_args = base_yml.data.get(
            'tasks', {}).get('4').get('scriptarguments')

        # Assert that empty keys exists in the scripts arguments
        assert 'commandline' in create_new_incident_script_task_args
        assert not create_new_incident_script_task_args['commandline']
        assert 'malicious_description' in different_script_task_args
        assert not different_script_task_args['malicious_description']
        assert 'assigneduser' in create_new_indicator_script_task_args
        assert not create_new_indicator_script_task_args['assigneduser']
        assert 'occurred' in set_incident_script_task_args
        assert not set_incident_script_task_args['occurred']
        assert 'sla' in set_indicator_script_task_args
        assert not set_indicator_script_task_args['sla']

        base_yml.remove_empty_fields_from_scripts()

        # Assert the empty keys were removed from SetIncident, SetIndicator, CreateNewIncident, CreateNewIndicator
        # scripts
        assert 'commandline' not in create_new_incident_script_task_args
        assert 'assigneduser' not in create_new_indicator_script_task_args
        assert 'occurred' not in set_incident_script_task_args
        assert 'sla' not in set_indicator_script_task_args

        # Assert the empty keys are still in the other script arguments
        assert 'malicious_description' in different_script_task_args
        assert not different_script_task_args['malicious_description']
示例#7
0
def test_add_playbook_description(user_input):
    """
    Given:
        - A playbook file with missing playbook description and missing tasks descriptions.

    When:
        - Running the add_description function of update_playbook.py.
        - User's choice to update the description of the playbook with the description: 'User-entered description'.

    Then:
        - Validate that a description field with the given description message was added to the file.
        - Validate that empty descriptions were added only to the desired tasks.
    """
    user_responses = [Mock(), Mock(), Mock()]
    user_responses[0] = 'err'  # test invalid input by user
    user_responses[1] = 'y'
    user_responses[2] = 'User-entered description'
    user_input.side_effect = user_responses

    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas",
                     '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(SOURCE_FORMAT_PLAYBOOK_COPY,
                                 path=schema_path,
                                 verbose=True)
    base_yml.data = {
        "tasks": {
            "1": {
                "type": "playbook",
                "task": {}
            },
            "2": {
                "type": "something",
                "task": {
                    "description": "else"
                }
            },
            "3": {
                "type": "something",
                "task": {}
            },
        }
    }
    base_yml.add_description()
    assert base_yml.data.get('description') == 'User-entered description'
    assert base_yml.data['tasks']['1']['task']['description'] == ''
    assert base_yml.data['tasks']['2']['task']['description'] == 'else'
    assert 'description' not in base_yml.data['tasks']['3']['task']
示例#8
0
def test_add_playbooks_description():
    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas", '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(SOURCE_FORMAT_PLAYBOOK_COPY, path=schema_path)
    base_yml.data = {
        "tasks": {
            "1": {
                "type": "playbook",
                "task": {
                }
            },
            "2": {
                "type": "something",
                "task": {
                    "description": "else"
                }
            },
            "3": {
                "type": "something",
                "task": {
                }
            },
            "4": {
                "type": "playbook",
                "task": {
                }
            },
            "5": {
                "type": "start",
                "task": {
                }
            },
            "6": {
                "type": "title",
                "task": {
                }
            },
        }
    }
    base_yml.add_description()
    assert 'description' not in base_yml.data
    assert base_yml.data['tasks']['1']['task']['description'] == ''
    assert base_yml.data['tasks']['2']['task']['description'] == 'else'
    assert 'description' not in base_yml.data['tasks']['3']['task']
    assert base_yml.data['tasks']['4']['task']['description'] == ''
    assert base_yml.data['tasks']['5']['task']['description'] == ''
    assert base_yml.data['tasks']['6']['task']['description'] == ''
示例#9
0
def test_playbook_task_description_name(source_path):
    schema_path = os.path.normpath(
        os.path.join(__file__, "..", "..", "..", "common", "schemas", '{}.yml'.format('playbook')))
    base_yml = PlaybookYMLFormat(source_path, path=schema_path)
    base_yml.add_description()
    base_yml.update_playbook_task_name()
    base_yml.remove_copy_and_dev_suffixes_from_subplaybook()

    assert 'description' in base_yml.data['tasks']['7']['task']
    assert base_yml.data['tasks']['29']['task']['name'] == 'File Enrichment - Virus Total Private API'
    assert base_yml.data['tasks']['25']['task']['description'] == 'Check if there is a SHA256 hash in context.'
示例#10
0
def test_playbook_task_description_name(source_path):
    base_yml = PlaybookYMLFormat(source_path)
    base_yml.add_description()
    base_yml.update_playbook_task_name()

    assert 'description' in base_yml.yml_data['tasks']['7']['task']
    assert base_yml.yml_data['tasks']['29']['task']['name'] == 'File Enrichment - Virus Total Private API'
    assert base_yml.yml_data['tasks']['25']['task']['description'] == 'Check if there is a SHA256 hash in context.'
示例#11
0
def test_playbook_sourceplaybookid(source_path):
    base_yml = PlaybookYMLFormat(source_path)
    base_yml.delete_sourceplaybookid()

    assert 'sourceplaybookid' not in base_yml.yml_data