PyMISP/tests/test_offline.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import unittest
import requests_mock
import json
import os

import pymisp as pm
from pymisp import PyMISP
from pymisp import NewEventError
from pymisp import MISPEvent
from pymisp import EncodeUpdate
from pymisp import EncodeFull


@requests_mock.Mocker()
class TestOffline(unittest.TestCase):

    def setUp(self):
        self.maxDiff = None
        self.domain = 'http://misp.local/'
        self.key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
        with open('tests/misp_event.json', 'r') as f:
            self.event = {'Event': json.load(f)}
        with open('tests/new_misp_event.json', 'r') as f:
            self.new_misp_event = {'Event': json.load(f)}
        self.ressources_path = os.path.join(os.path.abspath(os.path.dirname(__file__)), '../pymisp/data')
        with open(os.path.join(self.ressources_path, 'describeTypes.json'), 'r') as f:
            self.types = json.load(f)
        with open('tests/sharing_groups.json', 'r') as f:
            self.sharing_groups = json.load(f)
        self.auth_error_msg = {"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
                               "message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",
                               "url": "\/events\/1"}
        with open('tests/search_index_result.json', 'r') as f:
            self.search_index_result = json.load(f)

    def initURI(self, m):
        m.register_uri('GET', self.domain + 'events/1', json=self.auth_error_msg, status_code=403)
        m.register_uri('GET', self.domain + 'servers/getVersion.json', json={"version": "2.4.50"})
        m.register_uri('GET', self.domain + 'sharing_groups/index.json', json=self.sharing_groups)
        m.register_uri('GET', self.domain + 'attributes/describeTypes.json', json=self.types)
        m.register_uri('GET', self.domain + 'events/2', json=self.event)
        m.register_uri('POST', self.domain + 'events/2', json=self.event)
        m.register_uri('DELETE', self.domain + 'events/2', json={'message': 'Event deleted.'})
        m.register_uri('DELETE', self.domain + 'events/3', json={'errors': ['Invalid event'], 'message': 'Invalid event', 'name': 'Invalid event', 'url': '/events/3'})
        m.register_uri('DELETE', self.domain + 'attributes/2', json={'message': 'Attribute deleted.'})
        m.register_uri('GET', self.domain + 'events/index/searchtag:1', json=self.search_index_result)
        m.register_uri('GET', self.domain + 'events/index/searchtag:ecsirt:malicious-code=%22ransomware%22', json=self.search_index_result)

    def test_getEvent(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        e1 = pymisp.get_event(2)
        e2 = pymisp.get(2)
        self.assertEqual(e1, e2)
        self.assertEqual(self.event, e2)

    def test_updateEvent(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        e0 = pymisp.update_event(2, json.dumps(self.event))
        e1 = pymisp.update_event(2, self.event)
        self.assertEqual(e0, e1)
        e2 = pymisp.update(e0)
        self.assertEqual(e1, e2)
        self.assertEqual(self.event, e2)

    def test_deleteEvent(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        d = pymisp.delete_event(2)
        self.assertEqual(d, {'message': 'Event deleted.'})
        d = pymisp.delete_event(3)
        self.assertEqual(d, {'errors': ['Invalid event'], 'message': 'Invalid event', 'name': 'Invalid event', 'url': '/events/3'})

    def test_deleteAttribute(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        d = pymisp.delete_attribute(2)
        self.assertEqual(d, {'message': 'Attribute deleted.'})

    def test_publish(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        e = pymisp.publish(self.event) # requests-mock always return the non-published event
        pub = self.event
        pub['Event']['published'] = True
        # self.assertEqual(e, pub) FIXME: broken test, not-published event returned
        e = pymisp.publish(self.event)
        self.assertEqual(e, {'error': 'Already published'})

    def test_getVersions(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        api_version = pymisp.get_api_version()
        self.assertEqual(api_version, {'version': pm.__version__})
        server_version = pymisp.get_version()
        self.assertEqual(server_version, {"version": "2.4.50"})

    def test_getSharingGroups(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        sharing_groups = pymisp.get_sharing_groups()
        self.assertEqual(sharing_groups, self.sharing_groups['response'][0])

    def test_auth_error(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        error = pymisp.get(1)
        response = self.auth_error_msg
        response['errors'] = [response['message']]
        self.assertEqual(error, response)

    def test_newEvent(self, m):
        error_empty_info = {'message': 'The event could not be saved.', 'name': 'Add event failed.', 'errors': {'Event': {'info': ['Info cannot be empty.']}}, 'url': '/events/add'}
        error_empty_info_flatten = {u'message': u'The event could not be saved.', u'name': u'Add event failed.', u'errors': [u"Error in info: Info cannot be empty."], u'url': u'/events/add'}
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        m.register_uri('POST', self.domain + 'events', json=error_empty_info)
        # TODO Add test exception if info field isn't set
        response = pymisp.new_event(0, 1, 0, 'Foo')
        self.assertEqual(response, error_empty_info_flatten)
        m.register_uri('POST', self.domain + 'events', json=self.new_misp_event)
        response = pymisp.new_event(0, 1, 0, "This is a test.", '2016-08-26', False)
        self.assertEqual(response, self.new_misp_event)

    def test_eventObject(self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        misp_event = MISPEvent(pymisp.describe_types)
        with open('tests/57c4445b-c548-4654-af0b-4be3950d210f.json', 'r') as f:
            misp_event.load(f.read())
        json.dumps(misp_event, cls=EncodeUpdate)
        json.dumps(misp_event, cls=EncodeFull)

    def test_searchIndexByTagId (self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        response = pymisp.search_index(tag="1")
        self.assertEqual(response['response'],self.search_index_result)
    
    def test_searchIndexByTagName (self, m):
        self.initURI(m)
        pymisp = PyMISP(self.domain, self.key)
        response = pymisp.search_index(tag='ecsirt:malicious-code="ransomware"')
        self.assertEqual(response['response'],self.search_index_result)

if __name__ == '__main__':
    unittest.main()
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`

Update testing 2016-08-18 00:23:49 +02:00			`import unittest`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00			`import requests_mock`
			`import json`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`import os`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00
Add some more tests 2016-08-18 13:18:58 +02:00			`import pymisp as pm`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00			`from pymisp import PyMISP`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`from pymisp import NewEventError`
			`from pymisp import MISPEvent`
			`from pymisp import EncodeUpdate`
			`from pymisp import EncodeFull`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00

			`@requests_mock.Mocker()`
Update testing 2016-08-18 00:23:49 +02:00			`class TestOffline(unittest.TestCase):`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00
			`def setUp(self):`
Add tests 2016-08-18 00:40:30 +02:00			`self.maxDiff = None`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00			`self.domain = 'http://misp.local/'`
			`self.key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'`
Solved warnings in tests when run under Python3 2016-12-02 16:53:45 +01:00			`with open('tests/misp_event.json', 'r') as f:`
			`self.event = {'Event': json.load(f)}`
			`with open('tests/new_misp_event.json', 'r') as f:`
			`self.new_misp_event = {'Event': json.load(f)}`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`self.ressources_path = os.path.join(os.path.abspath(os.path.dirname(__file__)), '../pymisp/data')`
Solved warnings in tests when run under Python3 2016-12-02 16:53:45 +01:00			`with open(os.path.join(self.ressources_path, 'describeTypes.json'), 'r') as f:`
			`self.types = json.load(f)`
			`with open('tests/sharing_groups.json', 'r') as f:`
			`self.sharing_groups = json.load(f)`
add auth error test 2016-08-19 10:13:00 +02:00			`self.auth_error_msg = {"name": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",`
			`"message": "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.",`
			`"url": "\/events\/1"}`
Solved warnings in tests when run under Python3 2016-12-02 16:53:45 +01:00			`with open('tests/search_index_result.json', 'r') as f:`
			`self.search_index_result = json.load(f)`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00
			`def initURI(self, m):`
add auth error test 2016-08-19 10:13:00 +02:00			`m.register_uri('GET', self.domain + 'events/1', json=self.auth_error_msg, status_code=403)`
Add some more tests 2016-08-18 13:18:58 +02:00			`m.register_uri('GET', self.domain + 'servers/getVersion.json', json={"version": "2.4.50"})`
			`m.register_uri('GET', self.domain + 'sharing_groups/index.json', json=self.sharing_groups)`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00			`m.register_uri('GET', self.domain + 'attributes/describeTypes.json', json=self.types)`
			`m.register_uri('GET', self.domain + 'events/2', json=self.event)`
Update testing 2016-08-18 00:23:49 +02:00			`m.register_uri('POST', self.domain + 'events/2', json=self.event)`
			`m.register_uri('DELETE', self.domain + 'events/2', json={'message': 'Event deleted.'})`
			`m.register_uri('DELETE', self.domain + 'events/3', json={'errors': ['Invalid event'], 'message': 'Invalid event', 'name': 'Invalid event', 'url': '/events/3'})`
Add tests 2016-08-18 00:40:30 +02:00			`m.register_uri('DELETE', self.domain + 'attributes/2', json={'message': 'Attribute deleted.'})`
Added test case for search_index by tag 2016-12-02 16:52:00 +01:00			`m.register_uri('GET', self.domain + 'events/index/searchtag:1', json=self.search_index_result)`
Added test for search_index by tag string 2016-12-02 18:52:56 +01:00			`m.register_uri('GET', self.domain + 'events/index/searchtag:ecsirt:malicious-code=%22ransomware%22', json=self.search_index_result)`
Initial version of the offline TestCases Related #56 2016-08-17 18:21:50 +02:00
			`def test_getEvent(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Update testing 2016-08-18 00:23:49 +02:00			`e1 = pymisp.get_event(2)`
			`e2 = pymisp.get(2)`
			`self.assertEqual(e1, e2)`
			`self.assertEqual(self.event, e2)`

			`def test_updateEvent(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Update testing 2016-08-18 00:23:49 +02:00			`e0 = pymisp.update_event(2, json.dumps(self.event))`
			`e1 = pymisp.update_event(2, self.event)`
			`self.assertEqual(e0, e1)`
Add tests 2016-08-18 00:40:30 +02:00			`e2 = pymisp.update(e0)`
Update testing 2016-08-18 00:23:49 +02:00			`self.assertEqual(e1, e2)`
			`self.assertEqual(self.event, e2)`

			`def test_deleteEvent(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Update testing 2016-08-18 00:23:49 +02:00			`d = pymisp.delete_event(2)`
			`self.assertEqual(d, {'message': 'Event deleted.'})`
			`d = pymisp.delete_event(3)`
			`self.assertEqual(d, {'errors': ['Invalid event'], 'message': 'Invalid event', 'name': 'Invalid event', 'url': '/events/3'})`

			`def test_deleteAttribute(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Update testing 2016-08-18 00:23:49 +02:00			`d = pymisp.delete_attribute(2)`
Add tests 2016-08-18 00:40:30 +02:00			`self.assertEqual(d, {'message': 'Attribute deleted.'})`

			`def test_publish(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`e = pymisp.publish(self.event) # requests-mock always return the non-published event`
Add tests 2016-08-18 00:40:30 +02:00			`pub = self.event`
			`pub['Event']['published'] = True`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`# self.assertEqual(e, pub) FIXME: broken test, not-published event returned`
Add tests 2016-08-18 00:40:30 +02:00			`e = pymisp.publish(self.event)`
			`self.assertEqual(e, {'error': 'Already published'})`
Add some more tests 2016-08-18 13:18:58 +02:00
			`def test_getVersions(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Add some more tests 2016-08-18 13:18:58 +02:00			`api_version = pymisp.get_api_version()`
			`self.assertEqual(api_version, {'version': pm.__version__})`
			`server_version = pymisp.get_version()`
			`self.assertEqual(server_version, {"version": "2.4.50"})`

			`def test_getSharingGroups(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
Add some more tests 2016-08-18 13:18:58 +02:00			`sharing_groups = pymisp.get_sharing_groups()`
			`self.assertEqual(sharing_groups, self.sharing_groups['response'][0])`
add auth error test 2016-08-19 10:13:00 +02:00
			`def test_auth_error(self, m):`
			`self.initURI(m)`
Improve testing 2016-08-26 18:23:02 +02:00			`pymisp = PyMISP(self.domain, self.key)`
add auth error test 2016-08-19 10:13:00 +02:00			`error = pymisp.get(1)`
			`response = self.auth_error_msg`
			`response['errors'] = [response['message']]`
Improve testing 2016-08-26 18:23:02 +02:00			`self.assertEqual(error, response)`

			`def test_newEvent(self, m):`
			`error_empty_info = {'message': 'The event could not be saved.', 'name': 'Add event failed.', 'errors': {'Event': {'info': ['Info cannot be empty.']}}, 'url': '/events/add'}`
Fix flattening, fix python2.7 2016-08-27 18:13:15 +02:00			`error_empty_info_flatten = {u'message': u'The event could not be saved.', u'name': u'Add event failed.', u'errors': [u"Error in info: Info cannot be empty."], u'url': u'/events/add'}`
Improve testing 2016-08-26 18:23:02 +02:00			`self.initURI(m)`
			`pymisp = PyMISP(self.domain, self.key)`
			`m.register_uri('POST', self.domain + 'events', json=error_empty_info)`
More cleanup 2016-09-28 18:20:37 +02:00			`# TODO Add test exception if info field isn't set`
			`response = pymisp.new_event(0, 1, 0, 'Foo')`
Improve testing 2016-08-26 18:23:02 +02:00			`self.assertEqual(response, error_empty_info_flatten)`
			`m.register_uri('POST', self.domain + 'events', json=self.new_misp_event)`
			`response = pymisp.new_event(0, 1, 0, "This is a test.", '2016-08-26', False)`
			`self.assertEqual(response, self.new_misp_event)`

Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`def test_eventObject(self, m):`
			`self.initURI(m)`
			`pymisp = PyMISP(self.domain, self.key)`
Fix test 2016-10-10 13:42:06 +02:00			`misp_event = MISPEvent(pymisp.describe_types)`
Solved warnings in tests when run under Python3 2016-12-02 16:53:45 +01:00			`with open('tests/57c4445b-c548-4654-af0b-4be3950d210f.json', 'r') as f:`
			`misp_event.load(f.read())`
Getting closed to a full support of a misp event as a Python Object 2016-09-27 19:47:22 +02:00			`json.dumps(misp_event, cls=EncodeUpdate)`
			`json.dumps(misp_event, cls=EncodeFull)`
add auth error test 2016-08-19 10:13:00 +02:00
Added test for search_index by tag string 2016-12-02 18:52:56 +01:00			`def test_searchIndexByTagId (self, m):`
Added test case for search_index by tag 2016-12-02 16:52:00 +01:00			`self.initURI(m)`
			`pymisp = PyMISP(self.domain, self.key)`
			`response = pymisp.search_index(tag="1")`
			`self.assertEqual(response['response'],self.search_index_result)`
Added test for search_index by tag string 2016-12-02 18:52:56 +01:00
			`def test_searchIndexByTagName (self, m):`
			`self.initURI(m)`
			`pymisp = PyMISP(self.domain, self.key)`
			`response = pymisp.search_index(tag='ecsirt:malicious-code="ransomware"')`
			`self.assertEqual(response['response'],self.search_index_result)`
Added test case for search_index by tag 2016-12-02 16:52:00 +01:00
add auth error test 2016-08-19 10:13:00 +02:00			`if __name__ == '__main__':`
			`unittest.main()`