示例#1
0
        class TestTab(Tab):
            NAME = "test_tab"
            UUID = uuid.uuid4()
            SECTION = "fn_test"

            CONTAINS = [Field("test")]
            SHOW_IF = [Field("test").conditions.contains("value")]
示例#2
0
class MockTab(Tab):
    NAME = "test"
    UUID = "test"
    SECTION = "test"
    CONTAINS = [
        Datatable('test'),
        Field('test')
    ]

    SHOW_IF = [Field('test').conditions.has_value()]
示例#3
0
    class FakeTab(Tab):
        NAME = "Fake"
        UUID = "42"
        SECTION = "fake"

        CONTAINS = [
            Datatable("test_table1"),
            Datatable("test_table2"),
            Field("test_field1"),
            Field("test_field2")
        ]
示例#4
0
    def test_update_tab_disabled(self, _get_opts, get_client):
        # these are a mock of app.config
        _get_opts.return_value = {
            MockTab.SECTION: {
            }
        }
        # this mocks the requests made to /types and /layout?type_id=xxx
        get_client.return_value.get.side_effect = [
            {
                "organization": {
                    "type_id": 42
                }
            },
            [{
                "id": 42,
                "name": "incident",
                "content": [{
                    "predefined_uuid": MockTab.UUID,
                    "fields": [
                        Field("test").as_dto()
                    ]
                }]
            }]
        ]

        create_tab(MockTab)

        # assert that PUT was called and correct payload present
        get_client.return_value.put.call_count == 0
示例#5
0
    def test_conditions_sent(self, _get_opts, get_client):
        # these are a mock of app.config
        _get_opts.return_value = {
            MockTab.SECTION: {
            }
        }
        # this mocks the requests made to /types and /layout?type_id=xxx
        get_client.return_value.get.side_effect = [
            {
                "organization": {
                    "type_id": 42
                }
            },
            [{
                "id": 42,
                "name": "incident",
                "content": [{
                    "predefined_uuid": MockTab.UUID,
                    "fields": [
                        Field("test").as_dto()
                    ]
                }]
            }]
        ]

        create_tab(MockTab, update_existing=True)

        get_client.return_value.put.assert_called_once()
        call_args = get_client.return_value.put.call_args
        payload = call_args.kwargs.get("payload")
        assert MockTab.exists_in(payload.get('content'))
        for field in MockTab.CONTAINS:
            assert field.exists_in(MockTab.get_from_tabs(
                payload.get('content')).get("fields"))
        assert MockTab.get_from_tabs(payload.get('content')).get('show_if') == MockTab.SHOW_IF
示例#6
0
 def test_can_initialize(self):
     assert Field('test').conditions is not None
     assert Field('test').conditions.has_value() is not None
     assert Field('test').conditions.equals("test") is not None
示例#7
0
class QRadarTab(Tab):
    SECTION = "fn_qradar_integration"
    NAME = "QRadar Offense Details"

    UUID = "d1ca8936-897b-4a83-8225-01c58db0470b"
    CONTAINS = [
        Field("qradar_id"),
        Field("qr_offense_index_type"),
        Field("qr_offense_index_value"),
        Field("qr_offense_source"),
        Field("qr_source_ip_count"),
        Field("qr_destination_ip_count"),
        Field("qr_event_count"),
        Field("qr_flow_count"),
        Field("qr_assigned"),
        Field("qr_magnitude"),
        Field("qr_credibility"),
        Field("qr_relevance"),
        Field("qr_severity"),
        Datatable("qr_offense_top_events"),
        Datatable("qr_flows"),
        Datatable("qr_triggered_rules"),
        Datatable("qr_top_destination_ips"),
        Datatable("qr_top_source_ips"),
        Datatable("qr_categories"),
        Datatable("qr_assets")
    ]

    SHOW_IF = [Field("qradar_id").conditions.has_value()]