示例#1
0
def create_or_update_site_admin(connector: PyMISP, user: MISPUser) -> MISPUser:
    to_return_user = connector.add_user(user)
    if isinstance(to_return_user, MISPUser):
        return to_return_user
    # The user already exists
    for u in connector.users():
        if u.email == user.email:
            to_return_user = connector.update_user(user, u.id)  # type: ignore
            if isinstance(to_return_user, MISPUser):
                return to_return_user
            raise Exception(f'Unable to update {user.email}: {to_return_user}')
    else:
        raise Exception(f'Unable to create {user.email}: {to_return_user}')
示例#2
0
class TestBasic(unittest.TestCase):
    def setUp(self):
        self.maxDiff = None
        self.misp = PyMISP(url, key, True, 'json', True)

    def _clean_event(self, event):
        event['Event'].pop('orgc_id', None)
        event['Event'].pop('uuid', None)
        event['Event'].pop('sharing_group_id', None)
        event['Event'].pop('timestamp', None)
        event['Event'].pop('org_id', None)
        event['Event'].pop('date', None)
        event['Event'].pop('RelatedEvent', None)
        event['Event'].pop('publish_timestamp', None)
        if event['Event'].get('Attribute'):
            for a in event['Event'].get('Attribute'):
                a.pop('uuid', None)
                a.pop('event_id', None)
                a.pop('id', None)
                a.pop('timestamp', None)
        if event['Event'].get('Orgc'):
            event['Event']['Orgc'].pop('uuid', None)
            event['Event']['Orgc'].pop('id', None)
        if event['Event'].get('Org'):
            event['Event']['Org'].pop('uuid', None)
            event['Event']['Org'].pop('id', None)
        return event['Event'].pop('id', None)

    def new_event(self):
        event = self.misp.new_event(0, 1, 0, "This is a test")
        event_id = self._clean_event(event)
        to_check = {
            u'Event': {
                u'info': u'This is a test',
                u'locked': False,
                u'attribute_count': u'0',
                'disable_correlation': False,
                u'analysis': u'0',
                u'ShadowAttribute': [],
                u'published': False,
                u'distribution': u'0',
                u'event_creator_email': u'*****@*****.**',
                u'Attribute': [],
                u'proposal_email_lock': False,
                u'Org': {
                    u'name': u'ORGNAME'
                },
                u'Orgc': {
                    u'name': u'ORGNAME'
                },
                u'Galaxy': [],
                u'threat_level_id': u'1'
            }
        }
        self.assertEqual(event, to_check, 'Failed at creating a new Event')
        return int(event_id)

    def add_hashes(self, eventid):
        r = self.misp.get_event(eventid)
        event = r.json()
        event = self.misp.add_hashes(
            event, 'Payload installation', 'dll_installer.dll',
            '0a209ac0de4ac033f31d6ba9191a8f7a',
            '1f0ae54ac3f10d533013f74f48849de4e65817a7',
            '003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
            'Fanny modules', False, 2)
        self._clean_event(event)
        to_check = {
            u'Event': {
                u'info':
                u'This is a test',
                u'locked':
                False,
                u'attribute_count':
                u'3',
                u'analysis':
                u'0',
                u'ShadowAttribute': [],
                u'published':
                False,
                u'distribution':
                u'0',
                u'event_creator_email':
                u'*****@*****.**',
                u'Org': {
                    u'name': u'ORGNAME'
                },
                u'Orgc': {
                    u'name': u'ORGNAME'
                },
                u'Galaxy': [],
                u'Attribute': [{
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|md5'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha1'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha256'
                }],
                u'proposal_email_lock':
                False,
                u'threat_level_id':
                u'1'
            }
        }
        self.assertEqual(event, to_check, 'Failed at adding hashes')

    def publish(self, eventid):
        r = self.misp.get_event(eventid)
        event = r.json()
        event = self.misp.publish(event)
        self._clean_event(event)
        to_check = {
            u'Event': {
                u'info':
                u'This is a test',
                u'locked':
                False,
                u'attribute_count':
                u'3',
                u'analysis':
                u'0',
                u'ShadowAttribute': [],
                u'published':
                True,
                u'distribution':
                u'0',
                u'event_creator_email':
                u'*****@*****.**',
                u'Org': {
                    u'name': u'ORGNAME'
                },
                u'Orgc': {
                    u'name': u'ORGNAME'
                },
                u'Galaxy': [],
                u'Attribute': [{
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|md5'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha1'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha256'
                }],
                u'proposal_email_lock':
                False,
                u'threat_level_id':
                u'1'
            }
        }
        self.assertEqual(event, to_check, 'Failed at publishing event')

    def delete(self, eventid):
        event = self.misp.delete_event(eventid)
        print(event)

    def delete_attr(self, attrid):
        event = self.misp.delete_attribute(attrid)
        print(event)

    def get(self, eventid):
        event = self.misp.get_event(eventid)
        print(event)

    def get_stix(self, **kwargs):
        event = self.misp.get_stix(kwargs)
        print(event)

    def add(self):
        event = {
            u'Event': {
                u'info':
                u'This is a test',
                u'locked':
                False,
                u'attribute_count':
                u'3',
                u'analysis':
                u'0',
                u'ShadowAttribute': [],
                u'published':
                False,
                u'distribution':
                u'0',
                u'event_creator_email':
                u'*****@*****.**',
                u'Attribute': [{
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|md5'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha1'
                }, {
                    u'category': u'Payload installation',
                    u'comment': u'Fanny modules',
                    u'to_ids': False,
                    u'value':
                    u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                    u'ShadowAttribute': [],
                    u'distribution': u'2',
                    u'type': u'filename|sha256'
                }],
                u'proposal_email_lock':
                False,
                u'threat_level_id':
                u'1'
            }
        }
        event = self.misp.add_event(event)
        print(event)

    def add_user(self):
        email = '*****@*****.**'
        role_id = '5'
        org_id = '1'
        password = '******'
        external_auth_required = False
        external_auth_key = ''
        enable_password = False
        nids_sid = '1238717'
        server_id = '1'
        gpgkey = ''
        certif_public = ''
        autoalert = False
        contactalert = False
        disabled = False
        change_pw = '0'
        termsaccepted = False
        newsread = '0'
        authkey = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
        to_check = {
            'User': {
                'email': email,
                'org_id': org_id,
                'role_id': role_id,
                'password': password,
                'external_auth_required': external_auth_required,
                'external_auth_key': external_auth_key,
                'enable_password': enable_password,
                'nids_sid': nids_sid,
                'server_id': server_id,
                'gpgkey': gpgkey,
                'certif_public': certif_public,
                'autoalert': autoalert,
                'contactalert': contactalert,
                'disabled': disabled,
                'change_pw': change_pw,
                'termsaccepted': termsaccepted,
                'newsread': newsread,
                'authkey': authkey
            }
        }
        user = self.misp.add_user(
            email=email,
            role_id=role_id,
            org_id=org_id,
            password=password,
            external_auth_required=external_auth_required,
            external_auth_key=external_auth_key,
            enable_password=enable_password,
            nids_sid=nids_sid,
            server_id=server_id,
            gpgkey=gpgkey,
            certif_public=certif_public,
            autoalert=autoalert,
            contactalert=contactalert,
            disabled=disabled,
            change_pw=change_pw,
            termsaccepted=termsaccepted,
            newsread=newsread,
            authkey=authkey)
        # delete user to allow reuse of test
        uid = user.get('User').get('id')
        self.misp.delete_user(uid)
        # ----------------------------------
        # test interesting keys only (some keys are modified(password) and some keys are added (lastlogin)
        tested_keys = [
            'email', 'org_id', 'role_id', 'server_id', 'autoalert', 'authkey',
            'gpgkey', 'certif_public', 'nids_sid', 'termsaccepted', 'newsread',
            'contactalert', 'disabled'
        ]
        for k in tested_keys:
            self.assertEqual(
                user.get('User').get(k),
                to_check.get('User').get(k),
                "Failed to match input with output on key: {}".format(k))

    def add_organisation(self):
        name = 'Organisation tests'
        description = 'This is a test organisation'
        orgtype = 'Type is a string'
        nationality = 'French'
        sector = 'Bank sector'
        uuid = '16fd2706-8baf-433b-82eb-8c7fada847da'
        contacts = 'Text field with no limitations'
        local = False
        to_check = {
            'Organisation': {
                'name': name,
                'description': description,
                'type': orgtype,
                'nationality': nationality,
                'sector': sector,
                'uuid': uuid,
                'contacts': contacts,
                'local': local
            }
        }
        org = self.misp.add_organisation(
            name=name,
            description=description,
            type=orgtype,
            nationality=nationality,
            sector=sector,
            uuid=uuid,
            contacts=contacts,
            local=local,
        )
        # delete organisation to allow reuse of test
        oid = org.get('Organisation').get('id')
        self.misp.delete_organisation(oid)
        # ----------------------------------
        tested_keys = [
            'anonymise', 'contacts', 'description', 'local', 'name',
            'nationality', 'sector', 'type', 'uuid'
        ]
        for k in tested_keys:
            self.assertEqual(
                org.get('Organisation').get(k),
                to_check.get('Organisation').get(k),
                "Failed to match input with output on key: {}".format(k))

    def test_create_event(self):
        eventid = self.new_event()
        time.sleep(1)
        self.delete(eventid)

    def test_get_event(self):
        eventid = self.new_event()
        time.sleep(1)
        self.get(eventid)
        time.sleep(1)
        self.delete(eventid)

    def test_add_event(self):
        self.add()
        time.sleep(1)
        self.delete(1)

    def test_del_attr(self):
        eventid = self.new_event()
        time.sleep(1)
        self.delete_attr(1)
        time.sleep(1)
        self.delete(eventid)

    def test_one_or_more(self):
        self.assertEqual(self.misp._one_or_more(1), (1, ))
        self.assertEqual(self.misp._one_or_more([1]), [1])

    def test_create_user(self):
        self.add_user()

    def test_create_organisation(self):
        self.add_organisation()
    def __init__(self, misp_instance_dir: Path, secure_connection: bool):
        with (misp_instance_dir / 'config.json').open() as f:
            self.instance_config = json.load(f)

        print('Initialize', self.instance_config['admin_orgname'])
        self.secure_connection = secure_connection

        self.synchronisations = {}
        self.name = self.instance_config['admin_orgname']

        # NOTE: never use that user again after initial config.
        initial_user_connector = PyMISP(self.instance_config['baseurl'],
                                        self.instance_config['admin_key'],
                                        ssl=self.secure_connection,
                                        debug=False)
        # Set the default role (id 3 is normal user)
        initial_user_connector.set_default_role(3)
        initial_user_connector.toggle_global_pythonify()

        self.baseurl = self.instance_config['baseurl']
        self.external_baseurl = self.instance_config['external_baseurl']

        # Create organisation
        organisation = MISPOrganisation()
        organisation.name = self.instance_config['admin_orgname']
        self.host_org = initial_user_connector.add_organisation(organisation)
        if not isinstance(self.host_org, MISPOrganisation):
            # The organisation is probably already there
            organisations = initial_user_connector.organisations()
            for organisation in organisations:
                if organisation.name == self.instance_config['admin_orgname']:
                    self.host_org = organisation
                    break
            else:
                raise Exception('Unable to find admin organisation')

        # Create Site admin in new org
        user = MISPUser()
        user.email = self.instance_config['email_site_admin']
        user.org_id = self.host_org.id
        user.role_id = 1  # Site admin
        self.host_site_admin = initial_user_connector.add_user(user)
        if not isinstance(self.host_site_admin, MISPUser):
            users = initial_user_connector.users()
            for user in users:
                if user.email == self.instance_config['email_site_admin']:
                    self.host_site_admin = user
                    break
            else:
                raise Exception('Unable to find admin user')

        self.site_admin_connector = PyMISP(self.baseurl,
                                           self.host_site_admin.authkey,
                                           ssl=self.secure_connection,
                                           debug=False)
        self.site_admin_connector.toggle_global_pythonify()

        # Setup external_baseurl
        self.site_admin_connector.set_server_setting('MISP.external_baseurl',
                                                     self.external_baseurl,
                                                     force=True)
        # Setup baseurl
        self.site_admin_connector.set_server_setting('MISP.baseurl',
                                                     self.baseurl,
                                                     force=True)
        # Setup host org
        self.site_admin_connector.set_server_setting('MISP.host_org_id',
                                                     self.host_org.id)

        # create other useful users
        self.orgadmin = self.create_user(
            self.instance_config['email_orgadmin'], 2)
        self.user = self.create_user(self.instance_config['email_user'], 3)
        # And connectors
        self.org_admin_connector = PyMISP(self.baseurl,
                                          self.orgadmin.authkey,
                                          ssl=self.secure_connection,
                                          debug=False)
        self.org_admin_connector.toggle_global_pythonify()
        self.user_connector = PyMISP(self.baseurl,
                                     self.user.authkey,
                                     ssl=self.secure_connection,
                                     debug=False)
        self.user_connector.toggle_global_pythonify()
示例#4
0
文件: test.py 项目: sebdraven/PyMISP
class TestBasic(unittest.TestCase):

    def setUp(self):
        self.maxDiff = None
        self.misp = PyMISP(url, key, True, 'json')

    def _clean_event(self, event):
        event['Event'].pop('orgc_id', None)
        event['Event'].pop('uuid', None)
        event['Event'].pop('sharing_group_id', None)
        event['Event'].pop('timestamp', None)
        event['Event'].pop('org_id', None)
        event['Event'].pop('date', None)
        event['Event'].pop('RelatedEvent', None)
        event['Event'].pop('publish_timestamp', None)
        if event['Event'].get('Attribute'):
            for a in event['Event'].get('Attribute'):
                a.pop('uuid', None)
                a.pop('event_id', None)
                a.pop('id', None)
                a.pop('timestamp', None)
        if event['Event'].get('Orgc'):
            event['Event']['Orgc'].pop('uuid', None)
            event['Event']['Orgc'].pop('id', None)
        if event['Event'].get('Org'):
            event['Event']['Org'].pop('uuid', None)
            event['Event']['Org'].pop('id', None)
        return event['Event'].pop('id', None)

    def new_event(self):
        event = self.misp.new_event(0, 1, 0, "This is a test")
        event_id = self._clean_event(event)
        to_check = {u'Event': {u'info': u'This is a test', u'locked': False,
                               u'attribute_count': u'0', 'disable_correlation': False, u'analysis': u'0',
                               u'ShadowAttribute': [], u'published': False,
                               u'distribution': u'0', u'event_creator_email': u'*****@*****.**', u'Attribute': [], u'proposal_email_lock': False,
                               u'Object': [], u'Org': {u'name': u'ORGNAME'},
                               u'Orgc': {u'name': u'ORGNAME'},
                               u'Galaxy': [],
                               u'threat_level_id': u'1'}}
        self.assertEqual(event, to_check, 'Failed at creating a new Event')
        return int(event_id)

    def add_hashes(self, eventid):
        r = self.misp.get_event(eventid)
        event = r.json()
        event = self.misp.add_hashes(event, 'Payload installation', 'dll_installer.dll', '0a209ac0de4ac033f31d6ba9191a8f7a', '1f0ae54ac3f10d533013f74f48849de4e65817a7', '003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9', 'Fanny modules', False, 2)
        self._clean_event(event)
        to_check = {u'Event': {u'info': u'This is a test', u'locked': False,
                               u'attribute_count': u'3', u'analysis': u'0',
                               u'ShadowAttribute': [], u'published': False, u'distribution': u'0', u'event_creator_email': u'*****@*****.**',
                               u'Org': {u'name': u'ORGNAME'},
                               u'Orgc': {u'name': u'ORGNAME'},
                               u'Galaxy': [],
                               u'Attribute': [
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|md5'},
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha1'},
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha256'}],
                               u'proposal_email_lock': False, u'threat_level_id': u'1'}}
        self.assertEqual(event, to_check, 'Failed at adding hashes')

    def publish(self, eventid):
        r = self.misp.get_event(eventid)
        event = r.json()
        event = self.misp.publish(event)
        self._clean_event(event)
        to_check = {u'Event': {u'info': u'This is a test', u'locked': False,
                               u'attribute_count': u'3', u'analysis': u'0',
                               u'ShadowAttribute': [], u'published': True, u'distribution': u'0', u'event_creator_email': u'*****@*****.**',
                               u'Org': {u'name': u'ORGNAME'},
                               u'Orgc': {u'name': u'ORGNAME'},
                               u'Galaxy': [],
                               u'Attribute': [
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|md5'},
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha1'},
                                   {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                    u'to_ids': False, u'value': u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                                    u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha256'}],
                               u'proposal_email_lock': False, u'threat_level_id': u'1'}}
        self.assertEqual(event, to_check, 'Failed at publishing event')

    def delete(self, eventid):
        event = self.misp.delete_event(eventid)
        print(event)

    def delete_attr(self, attrid):
        event = self.misp.delete_attribute(attrid)
        print(event)

    def get(self, eventid):
        event = self.misp.get_event(eventid)
        print(event)

    def get_stix(self, **kwargs):
        event = self.misp.get_stix(kwargs)
        print(event)

    def add(self):
        event = {u'Event': {u'info': u'This is a test', u'locked': False,
                            u'attribute_count': u'3', u'analysis': u'0',
                            u'ShadowAttribute': [], u'published': False, u'distribution': u'0', u'event_creator_email': u'*****@*****.**',
                            u'Attribute': [
                                {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                 u'to_ids': False, u'value': u'dll_installer.dll|0a209ac0de4ac033f31d6ba9191a8f7a',
                                 u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|md5'},
                                {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                 u'to_ids': False, u'value': u'dll_installer.dll|1f0ae54ac3f10d533013f74f48849de4e65817a7',
                                 u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha1'},
                                {u'category': u'Payload installation', u'comment': u'Fanny modules',
                                 u'to_ids': False, u'value': u'dll_installer.dll|003315b0aea2fcb9f77d29223dd8947d0e6792b3a0227e054be8eb2a11f443d9',
                                 u'ShadowAttribute': [], u'distribution': u'2', u'type': u'filename|sha256'}],
                            u'proposal_email_lock': False, u'threat_level_id': u'1'}}
        event = self.misp.add_event(event)
        print(event)

    def add_user(self):
        email = '*****@*****.**'
        role_id = '5'
        org_id = '1'
        password = '******'
        external_auth_required = False
        external_auth_key = ''
        enable_password = False
        nids_sid = '1238717'
        server_id = '1'
        gpgkey = ''
        certif_public = ''
        autoalert = False
        contactalert = False
        disabled = False
        change_pw = '0'
        termsaccepted = False
        newsread = '0'
        authkey = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
        to_check = {'User': {'email': email, 'org_id': org_id, 'role_id': role_id,
                             'password': password, 'external_auth_required': external_auth_required,
                             'external_auth_key': external_auth_key, 'enable_password': enable_password,
                             'nids_sid': nids_sid, 'server_id': server_id, 'gpgkey': gpgkey,
                             'certif_public': certif_public, 'autoalert': autoalert,
                             'contactalert': contactalert, 'disabled': disabled,
                             'change_pw': change_pw, 'termsaccepted': termsaccepted,
                             'newsread': newsread, 'authkey': authkey}}
        user = self.misp.add_user(email=email,
                                  role_id=role_id,
                                  org_id=org_id,
                                  password=password,
                                  external_auth_required=external_auth_required,
                                  external_auth_key=external_auth_key,
                                  enable_password=enable_password,
                                  nids_sid=nids_sid,
                                  server_id=server_id,
                                  gpgkey=gpgkey,
                                  certif_public=certif_public,
                                  autoalert=autoalert,
                                  contactalert=contactalert,
                                  disabled=disabled,
                                  change_pw=change_pw,
                                  termsaccepted=termsaccepted,
                                  newsread=newsread,
                                  authkey=authkey)
        # delete user to allow reuse of test
        uid = user.get('User').get('id')
        self.misp.delete_user(uid)
        # ----------------------------------
        # test interesting keys only (some keys are modified(password) and some keys are added (lastlogin)
        tested_keys = ['email', 'org_id', 'role_id', 'server_id', 'autoalert',
                       'authkey', 'gpgkey', 'certif_public', 'nids_sid', 'termsaccepted',
                       'newsread', 'contactalert', 'disabled']
        for k in tested_keys:
            self.assertEqual(user.get('User').get(k), to_check.get('User').get(k), "Failed to match input with output on key: {}".format(k))

    def add_organisation(self):
        name = 'Organisation tests'
        description = 'This is a test organisation'
        orgtype = 'Type is a string'
        nationality = 'French'
        sector = 'Bank sector'
        uuid = '16fd2706-8baf-433b-82eb-8c7fada847da'
        contacts = 'Text field with no limitations'
        local = False
        to_check = {'Organisation': {'name': name, 'description': description,
                                     'type': orgtype, 'nationality': nationality,
                                     'sector': sector, 'uuid': uuid, 'contacts': contacts,
                                     'local': local}}
        org = self.misp.add_organisation(name=name,
                                         description=description,
                                         type=orgtype,
                                         nationality=nationality,
                                         sector=sector,
                                         uuid=uuid,
                                         contacts=contacts,
                                         local=local,
                                         )
        # delete organisation to allow reuse of test
        oid = org.get('Organisation').get('id')
        self.misp.delete_organisation(oid)
        # ----------------------------------
        tested_keys = ['anonymise', 'contacts', 'description', 'local', 'name',
                       'nationality', 'sector', 'type', 'uuid']
        for k in tested_keys:
            self.assertEqual(org.get('Organisation').get(k), to_check.get('Organisation').get(k), "Failed to match input with output on key: {}".format(k))

    def test_create_event(self):
        eventid = self.new_event()
        time.sleep(1)
        self.delete(eventid)

    def test_get_event(self):
        eventid = self.new_event()
        time.sleep(1)
        self.get(eventid)
        time.sleep(1)
        self.delete(eventid)

    def test_add_event(self):
        self.add()
        time.sleep(1)
        self.delete(1)

    def test_del_attr(self):
        eventid = self.new_event()
        time.sleep(1)
        self.delete_attr(1)
        time.sleep(1)
        self.delete(eventid)

    def test_one_or_more(self):
        self.assertEqual(self.misp._one_or_more(1), (1,))
        self.assertEqual(self.misp._one_or_more([1]), [1])

    def test_create_user(self):
        self.add_user()

    def test_create_organisation(self):
        self.add_organisation()
class MISPInstance():
    def __init__(self, misp_instance_dir: Path, secure_connection: bool):
        with (misp_instance_dir / 'config.json').open() as f:
            self.instance_config = json.load(f)

        print('Initialize', self.instance_config['admin_orgname'])
        self.secure_connection = secure_connection

        self.synchronisations = {}
        self.name = self.instance_config['admin_orgname']

        # NOTE: never use that user again after initial config.
        initial_user_connector = PyMISP(self.instance_config['baseurl'],
                                        self.instance_config['admin_key'],
                                        ssl=self.secure_connection,
                                        debug=False)
        # Set the default role (id 3 is normal user)
        initial_user_connector.set_default_role(3)
        initial_user_connector.toggle_global_pythonify()

        self.baseurl = self.instance_config['baseurl']
        self.external_baseurl = self.instance_config['external_baseurl']

        # Create organisation
        organisation = MISPOrganisation()
        organisation.name = self.instance_config['admin_orgname']
        self.host_org = initial_user_connector.add_organisation(organisation)
        if not isinstance(self.host_org, MISPOrganisation):
            # The organisation is probably already there
            organisations = initial_user_connector.organisations()
            for organisation in organisations:
                if organisation.name == self.instance_config['admin_orgname']:
                    self.host_org = organisation
                    break
            else:
                raise Exception('Unable to find admin organisation')

        # Create Site admin in new org
        user = MISPUser()
        user.email = self.instance_config['email_site_admin']
        user.org_id = self.host_org.id
        user.role_id = 1  # Site admin
        self.host_site_admin = initial_user_connector.add_user(user)
        if not isinstance(self.host_site_admin, MISPUser):
            users = initial_user_connector.users()
            for user in users:
                if user.email == self.instance_config['email_site_admin']:
                    self.host_site_admin = user
                    break
            else:
                raise Exception('Unable to find admin user')

        self.site_admin_connector = PyMISP(self.baseurl,
                                           self.host_site_admin.authkey,
                                           ssl=self.secure_connection,
                                           debug=False)
        self.site_admin_connector.toggle_global_pythonify()

        # Setup external_baseurl
        self.site_admin_connector.set_server_setting('MISP.external_baseurl',
                                                     self.external_baseurl,
                                                     force=True)
        # Setup baseurl
        self.site_admin_connector.set_server_setting('MISP.baseurl',
                                                     self.baseurl,
                                                     force=True)
        # Setup host org
        self.site_admin_connector.set_server_setting('MISP.host_org_id',
                                                     self.host_org.id)

        # create other useful users
        self.orgadmin = self.create_user(
            self.instance_config['email_orgadmin'], 2)
        self.user = self.create_user(self.instance_config['email_user'], 3)
        # And connectors
        self.org_admin_connector = PyMISP(self.baseurl,
                                          self.orgadmin.authkey,
                                          ssl=self.secure_connection,
                                          debug=False)
        self.org_admin_connector.toggle_global_pythonify()
        self.user_connector = PyMISP(self.baseurl,
                                     self.user.authkey,
                                     ssl=self.secure_connection,
                                     debug=False)
        self.user_connector.toggle_global_pythonify()

    def __repr__(self):
        return f'<{self.__class__.__name__}(external={self.baseurl})>'

    def create_user(self, email, role_id):
        user = MISPUser()
        user.email = email
        user.org_id = self.host_org.id
        user.role_id = role_id
        new_user = self.site_admin_connector.add_user(user)
        if not isinstance(new_user, MISPUser):
            users = self.site_admin_connector.users()
            for user in users:
                if user.email == email:
                    new_user = user
                    break
            else:
                raise Exception('Unable to find admin user')
        return new_user

    def create_sync_user(self, organisation: MISPOrganisation) -> MISPServer:
        sync_org = self.site_admin_connector.add_organisation(organisation)
        if not isinstance(sync_org, MISPOrganisation):
            # The organisation is probably already there
            organisations = self.site_admin_connector.organisations(
                scope='all')
            for org in organisations:
                if org.name == organisation.name:
                    if not org.local:
                        org.local = True
                        org = self.site_admin_connector.update_organisation(
                            org)
                    sync_org = org
                    break
            else:
                raise Exception('Unable to find sync organisation')

        short_org_name = sync_org.name.lower().replace(' ', '-')
        email = f"sync_user@{short_org_name}.local"
        user = MISPUser()
        user.email = email
        user.org_id = sync_org.id
        user.role_id = 5  # Sync user
        sync_user = self.site_admin_connector.add_user(user)
        if not isinstance(sync_user, MISPUser):
            users = self.site_admin_connector.users()
            for user in users:
                if user.email == email:
                    sync_user = user
                    break
            else:
                raise Exception('Unable to find sync user')

        sync_user_connector = PyMISP(self.site_admin_connector.root_url,
                                     sync_user.authkey,
                                     ssl=self.secure_connection,
                                     debug=False)
        return sync_user_connector.get_sync_config(pythonify=True)

    def configure_sync(self, server_sync_config: MISPServer):
        # Add sharing server
        for s in self.site_admin_connector.servers():
            if s.name == server_sync_config.name:
                server = s
                break
        else:
            server = self.site_admin_connector.import_server(
                server_sync_config)
        server.pull = True
        server.push = False
        server = self.site_admin_connector.update_server(server)
        r = self.site_admin_connector.test_server(server)
        if r['status'] != 1:
            raise Exception(f'Sync test failed: {r}')
        print(server)
        print(server.to_json(indent=2))
        # NOTE: this is dirty.
        self.synchronisations[server_sync_config.name.replace(
            'Sync with ', '')] = server

    def add_tag_filter_sync(self, server_sync: MISPServer, name: str):
        # Add tag to limit push
        tag = MISPTag()
        tag.name = name
        tag.exportable = False
        tag.org_id = self.host_org.id
        tag = self.site_admin_connector.add_tag(tag)
        if not isinstance(tag, MISPTag):
            for t in self.site_admin_connector.tags():
                if t.name == name:
                    tag = t
                    break
            else:
                raise Exception('Unable to find tag')

        # Set limit on sync config
        filter_tag_push = {
            "tags": {
                'OR': [tag.id],
                'NOT': []
            },
            'orgs': {
                'OR': [],
                'NOT': []
            }
        }
        # filter_tag_pull = {"tags": {'OR': [], 'NOT': []}, 'orgs': {'OR': [], 'NOT': []}}
        server_sync.push_rules = json.dumps(filter_tag_push)
        # server.pull_rules = json.dumps(filter_tag_pull)
        server_sync = self.site_admin_connector.update_server(server_sync)

    def add_sharing_group(self,
                          name: str,
                          releasibility: str = 'Whatever it is a test',
                          servers: List[MISPServer] = [],
                          organisations: List[MISPOrganisation] = []):

        # Add sharing group
        for sg in self.site_admin_connector.sharing_groups():
            if sg.name == name:
                self.sharing_group = sg
                break
        else:
            sharing_group = MISPSharingGroup()
            sharing_group.name = name
            sharing_group.releasability = releasibility
            self.sharing_group = self.site_admin_connector.add_sharing_group(
                sharing_group)
            for server in servers:
                self.site_admin_connector.add_server_to_sharing_group(
                    self.sharing_group, server)
            for organisation in organisations:
                self.site_admin_connector.add_org_to_sharing_group(
                    self.sharing_group, organisation)