mirror of https://github.com/MISP/MISP
add: local feeds tests
Luciano Righetti
parent
1c07847bc4
commit
003dea2ed1
|
|
@ -0,0 +1,2 @@
|
|||
1.1.1.1
|
||||
1.0.0.1
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
8.8.8.8 8.8.4.4
|
||||
|
|
@ -0,0 +1,44 @@
|
|||
{
|
||||
"Event": {
|
||||
"analysis": "2",
|
||||
"date": "2015-12-18",
|
||||
"extends_uuid": "",
|
||||
"info": "OSINT - Hunting for Malware with Machine Learning",
|
||||
"publish_timestamp": "1455373314",
|
||||
"published": true,
|
||||
"threat_level_id": "3",
|
||||
"timestamp": "1455373240",
|
||||
"uuid": "56bf399d-c46c-4fdb-a9cf-d9bb02de0b81",
|
||||
"Orgc": {
|
||||
"name": "CIRCL",
|
||||
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
||||
},
|
||||
"Tag": [
|
||||
{
|
||||
"colour": "#004646",
|
||||
"local": "0",
|
||||
"name": "type:OSINT",
|
||||
"relationship_type": ""
|
||||
},
|
||||
{
|
||||
"colour": "#ffffff",
|
||||
"local": "0",
|
||||
"name": "tlp:white",
|
||||
"relationship_type": ""
|
||||
}
|
||||
],
|
||||
"Attribute": [
|
||||
{
|
||||
"category": "External analysis",
|
||||
"comment": "",
|
||||
"deleted": false,
|
||||
"disable_correlation": false,
|
||||
"timestamp": "1455372745",
|
||||
"to_ids": false,
|
||||
"type": "link",
|
||||
"uuid": "56bf39c9-c078-4368-9555-6cf802de0b81",
|
||||
"value": "http://blog.cylance.com/hunting-for-malware-with-machine-learning"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,27 @@
|
|||
{
|
||||
"56bf399d-c46c-4fdb-a9cf-d9bb02de0b81": {
|
||||
"Orgc": {
|
||||
"name": "CIRCL",
|
||||
"uuid": "55f6ea5e-2c60-40e5-964f-47a8950d210f"
|
||||
},
|
||||
"Tag": [
|
||||
{
|
||||
"colour": "#004646",
|
||||
"local": "0",
|
||||
"name": "type:OSINT",
|
||||
"relationship_type": ""
|
||||
},
|
||||
{
|
||||
"colour": "#ffffff",
|
||||
"local": "0",
|
||||
"name": "tlp:white",
|
||||
"relationship_type": ""
|
||||
}
|
||||
],
|
||||
"info": "OSINT - Hunting for Malware with Machine Learning",
|
||||
"date": "2015-12-18",
|
||||
"analysis": 2,
|
||||
"threat_level_id": 3,
|
||||
"timestamp": 1455373240
|
||||
}
|
||||
}
|
||||
|
|
@ -26,6 +26,18 @@ class FeedsFixture extends TestFixture
|
|||
public const FEED_4_NAME = 'test-feed-4';
|
||||
public const FEED_4_URL = 'http://feed4.local/csv/test-feed-4';
|
||||
|
||||
public const FEED_5_ID = 5000;
|
||||
public const FEED_5_NAME = 'test-feed-5';
|
||||
public const FEED_5_URL = 'tests/Files/feeds/misp';
|
||||
|
||||
public const FEED_6_ID = 6000;
|
||||
public const FEED_6_NAME = 'test-feed-6';
|
||||
public const FEED_6_URL = 'tests/Files/feeds/csv/feed.csv';
|
||||
|
||||
public const FEED_7_ID = 7000;
|
||||
public const FEED_7_NAME = 'test-feed-6';
|
||||
public const FEED_7_URL = 'tests/Files/feeds/freetext/feed.txt';
|
||||
|
||||
public function init(): void
|
||||
{
|
||||
$this->records = [
|
||||
|
|
@ -63,12 +75,42 @@ class FeedsFixture extends TestFixture
|
|||
'id' => self::FEED_4_ID,
|
||||
'name' => self::FEED_4_NAME,
|
||||
'provider' => 'test-provider',
|
||||
'url' => self::FEED_3_URL,
|
||||
'url' => self::FEED_4_URL,
|
||||
"source_format" => 'csv',
|
||||
"input_source" => "network",
|
||||
"settings" => "{\"csv\":{\"value\":\"1\"}}",
|
||||
'enabled' => true,
|
||||
]
|
||||
],
|
||||
[
|
||||
'id' => self::FEED_5_ID,
|
||||
'name' => self::FEED_5_NAME,
|
||||
'provider' => 'test-provider',
|
||||
'url' => self::FEED_5_URL,
|
||||
"source_format" => 'misp',
|
||||
"input_source" => "local",
|
||||
"settings" => "[]",
|
||||
'enabled' => true,
|
||||
],
|
||||
[
|
||||
'id' => self::FEED_6_ID,
|
||||
'name' => self::FEED_6_NAME,
|
||||
'provider' => 'test-provider',
|
||||
'url' => self::FEED_6_URL,
|
||||
"source_format" => 'csv',
|
||||
"input_source" => "local",
|
||||
"settings" => "{\"csv\":{\"value\":\"1\"}}",
|
||||
'enabled' => true,
|
||||
],
|
||||
[
|
||||
'id' => self::FEED_7_ID,
|
||||
'name' => self::FEED_7_NAME,
|
||||
'provider' => 'test-provider',
|
||||
'url' => self::FEED_7_URL,
|
||||
"source_format" => 'freetext',
|
||||
"input_source" => "local",
|
||||
"settings" => "{\"csv\":{\"value\":\"\",\"delimiter\":\",\"},\"common\":{\"excluderegex\":\"\"}}",
|
||||
'enabled' => true,
|
||||
],
|
||||
];
|
||||
parent::init();
|
||||
}
|
||||
|
|
|
|||
|
|
@ -167,13 +167,7 @@ class FetchFromFeedApiTest extends TestCase
|
|||
'Connection: close',
|
||||
];
|
||||
|
||||
$feedContent = implode(
|
||||
" ",
|
||||
[
|
||||
'8.8.8.8',
|
||||
'8.8.4.4',
|
||||
]
|
||||
);
|
||||
$feedContent = '8.8.8.8 8.8.4.4';
|
||||
|
||||
$this->mockClientGet(
|
||||
FeedsFixture::FEED_3_URL,
|
||||
|
|
@ -218,7 +212,7 @@ class FetchFromFeedApiTest extends TestCase
|
|||
);
|
||||
|
||||
$this->mockClientGet(
|
||||
FeedsFixture::FEED_3_URL,
|
||||
FeedsFixture::FEED_4_URL,
|
||||
$this->newClientResponse(200, $headers, $feedContent)
|
||||
);
|
||||
|
||||
|
|
@ -236,4 +230,82 @@ class FetchFromFeedApiTest extends TestCase
|
|||
$this->assertDbRecordExists('Attributes', ['value1' => '1.1.1.1']);
|
||||
$this->assertDbRecordExists('Attributes', ['value1' => '1.0.0.1']);
|
||||
}
|
||||
|
||||
public function testFetchFromLocalMISPFeedById(): void
|
||||
{
|
||||
$this->skipOpenApiValidations();
|
||||
|
||||
Configure::write('BackgroundJobs.enabled', false);
|
||||
|
||||
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
|
||||
$url = sprintf('%s/%d', self::ENDPOINT, FeedsFixture::FEED_5_ID);
|
||||
|
||||
$this->post($url);
|
||||
$this->assertResponseOk();
|
||||
|
||||
$response = $this->getJsonResponseAsArray();
|
||||
$this->assertEquals(
|
||||
'Fetching the feed has successfully completed. Downloaded 1 new event(s). Updated 0 event(s).',
|
||||
$response['result']
|
||||
);
|
||||
|
||||
// check that the event was added
|
||||
$this->assertDbRecordExists('Events', ['uuid' => '56bf399d-c46c-4fdb-a9cf-d9bb02de0b81']);
|
||||
$this->assertDbRecordExists('Attributes', ['uuid' => '56bf39c9-c078-4368-9555-6cf802de0b81']);
|
||||
|
||||
// TODO: check that the objects were added
|
||||
// TODO: check that the event reports were added
|
||||
// TODO: check that the sightings were added
|
||||
// TODO: check that the tags were added
|
||||
// TODO: check that the galaxies were added
|
||||
// TODO: check that the cryptographic key were added
|
||||
}
|
||||
|
||||
public function testFetchFromLocalCsvFeedById(): void
|
||||
{
|
||||
$this->skipOpenApiValidations();
|
||||
|
||||
Configure::write('BackgroundJobs.enabled', false);
|
||||
|
||||
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
|
||||
$url = sprintf('%s/%d', self::ENDPOINT, FeedsFixture::FEED_6_ID);
|
||||
|
||||
$this->post($url);
|
||||
$this->assertResponseOk();
|
||||
|
||||
$response = $this->getJsonResponseAsArray();
|
||||
$this->assertEquals(
|
||||
'Fetching the feed has successfully completed.',
|
||||
$response['result']
|
||||
);
|
||||
|
||||
// check that the event was added
|
||||
$this->assertDbRecordExists('Events', ['info' => FeedsFixture::FEED_6_NAME . ' feed']);
|
||||
$this->assertDbRecordExists('Attributes', ['value1' => '1.1.1.1']);
|
||||
$this->assertDbRecordExists('Attributes', ['value1' => '1.0.0.1']);
|
||||
}
|
||||
|
||||
public function testFetchFromLocaFreetextFeedById(): void
|
||||
{
|
||||
$this->skipOpenApiValidations();
|
||||
|
||||
Configure::write('BackgroundJobs.enabled', false);
|
||||
|
||||
$this->setAuthToken(AuthKeysFixture::ADMIN_API_KEY);
|
||||
$url = sprintf('%s/%d', self::ENDPOINT, FeedsFixture::FEED_7_ID);
|
||||
|
||||
$this->post($url);
|
||||
$this->assertResponseOk();
|
||||
|
||||
$response = $this->getJsonResponseAsArray();
|
||||
$this->assertEquals(
|
||||
'Fetching the feed has successfully completed.',
|
||||
$response['result']
|
||||
);
|
||||
|
||||
// check that the event was added
|
||||
$this->assertDbRecordExists('Events', ['info' => FeedsFixture::FEED_7_NAME . ' feed']);
|
||||
$this->assertDbRecordExists('Attributes', ['value1' => '8.8.8.8']);
|
||||
$this->assertDbRecordExists('Attributes', ['value1' => '8.8.4.4']);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue