mirror of https://github.com/MISP/PyMISP
chg: Update and improve live testing
parent
2d37c68bd7
commit
2e84dd69fc
|
@ -160,6 +160,10 @@ class ExpandedPyMISP(PyMISP):
|
||||||
response = self._prepare_request('POST', f'/servers/serverSettingsEdit/{setting}', data=data)
|
response = self._prepare_request('POST', f'/servers/serverSettingsEdit/{setting}', data=data)
|
||||||
return self._check_response(response, expect_json=True)
|
return self._check_response(response, expect_json=True)
|
||||||
|
|
||||||
|
def get_server_setting(self, setting: str):
|
||||||
|
response = self._prepare_request('GET', f'/servers/getSetting/{setting}')
|
||||||
|
return self._check_response(response, expect_json=True)
|
||||||
|
|
||||||
def server_settings(self):
|
def server_settings(self):
|
||||||
response = self._prepare_request('GET', f'/servers/serverSettings')
|
response = self._prepare_request('GET', f'/servers/serverSettings')
|
||||||
return self._check_response(response, expect_json=True)
|
return self._check_response(response, expect_json=True)
|
||||||
|
@ -210,6 +214,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update an event on a MISP instance'''
|
'''Update an event on a MISP instance'''
|
||||||
if event_id is None:
|
if event_id is None:
|
||||||
event_id = self.__get_uuid_or_id_from_abstract_misp(event)
|
event_id = self.__get_uuid_or_id_from_abstract_misp(event)
|
||||||
|
else:
|
||||||
|
event_id = self.__get_uuid_or_id_from_abstract_misp(event_id)
|
||||||
updated_event = self._prepare_request('POST', f'events/{event_id}', data=event)
|
updated_event = self._prepare_request('POST', f'events/{event_id}', data=event)
|
||||||
updated_event = self._check_response(updated_event, expect_json=True)
|
updated_event = self._check_response(updated_event, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in updated_event:
|
if not (self.global_pythonify or pythonify) or 'errors' in updated_event:
|
||||||
|
@ -265,6 +271,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update an object on a MISP instance'''
|
'''Update an object on a MISP instance'''
|
||||||
if object_id is None:
|
if object_id is None:
|
||||||
object_id = self.__get_uuid_or_id_from_abstract_misp(misp_object)
|
object_id = self.__get_uuid_or_id_from_abstract_misp(misp_object)
|
||||||
|
else:
|
||||||
|
object_id = self.__get_uuid_or_id_from_abstract_misp(object_id)
|
||||||
updated_object = self._prepare_request('POST', f'objects/edit/{object_id}', data=misp_object)
|
updated_object = self._prepare_request('POST', f'objects/edit/{object_id}', data=misp_object)
|
||||||
updated_object = self._check_response(updated_object, expect_json=True)
|
updated_object = self._check_response(updated_object, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in updated_object:
|
if not (self.global_pythonify or pythonify) or 'errors' in updated_object:
|
||||||
|
@ -391,6 +399,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update an attribute on a MISP instance'''
|
'''Update an attribute on a MISP instance'''
|
||||||
if attribute_id is None:
|
if attribute_id is None:
|
||||||
attribute_id = self.__get_uuid_or_id_from_abstract_misp(attribute)
|
attribute_id = self.__get_uuid_or_id_from_abstract_misp(attribute)
|
||||||
|
else:
|
||||||
|
attribute_id = self.__get_uuid_or_id_from_abstract_misp(attribute_id)
|
||||||
updated_attribute = self._prepare_request('POST', f'attributes/edit/{attribute_id}', data=attribute)
|
updated_attribute = self._prepare_request('POST', f'attributes/edit/{attribute_id}', data=attribute)
|
||||||
updated_attribute = self._check_response(updated_attribute, expect_json=True)
|
updated_attribute = self._check_response(updated_attribute, expect_json=True)
|
||||||
if ('errors' in updated_attribute and updated_attribute['errors'][0] == 403
|
if ('errors' in updated_attribute and updated_attribute['errors'][0] == 403
|
||||||
|
@ -614,6 +624,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
"""Edit only the provided parameters of a tag."""
|
"""Edit only the provided parameters of a tag."""
|
||||||
if tag_id is None:
|
if tag_id is None:
|
||||||
tag_id = self.__get_uuid_or_id_from_abstract_misp(tag)
|
tag_id = self.__get_uuid_or_id_from_abstract_misp(tag)
|
||||||
|
else:
|
||||||
|
tag_id = self.__get_uuid_or_id_from_abstract_misp(tag_id)
|
||||||
# FIXME: inconsistency in MISP: https://github.com/MISP/MISP/issues/4852
|
# FIXME: inconsistency in MISP: https://github.com/MISP/MISP/issues/4852
|
||||||
tag = {'Tag': tag}
|
tag = {'Tag': tag}
|
||||||
updated_tag = self._prepare_request('POST', f'tags/edit/{tag_id}', data=tag)
|
updated_tag = self._prepare_request('POST', f'tags/edit/{tag_id}', data=tag)
|
||||||
|
@ -925,6 +937,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update a feed on a MISP instance'''
|
'''Update a feed on a MISP instance'''
|
||||||
if feed_id is None:
|
if feed_id is None:
|
||||||
feed_id = self.__get_uuid_or_id_from_abstract_misp(feed)
|
feed_id = self.__get_uuid_or_id_from_abstract_misp(feed)
|
||||||
|
else:
|
||||||
|
feed_id = self.__get_uuid_or_id_from_abstract_misp(feed_id)
|
||||||
# FIXME: https://github.com/MISP/MISP/issues/4834
|
# FIXME: https://github.com/MISP/MISP/issues/4834
|
||||||
feed = {'Feed': feed}
|
feed = {'Feed': feed}
|
||||||
updated_feed = self._prepare_request('POST', f'feeds/edit/{feed_id}', data=feed)
|
updated_feed = self._prepare_request('POST', f'feeds/edit/{feed_id}', data=feed)
|
||||||
|
@ -991,7 +1005,7 @@ class ExpandedPyMISP(PyMISP):
|
||||||
return to_return
|
return to_return
|
||||||
|
|
||||||
def get_sync_config(self, pythonify: bool=False):
|
def get_sync_config(self, pythonify: bool=False):
|
||||||
'''WARNING: This method only works if the current user is a sync user'''
|
'''WARNING: This method only works if the user calling it is a sync user'''
|
||||||
server = self._prepare_request('GET', 'servers/createSync')
|
server = self._prepare_request('GET', 'servers/createSync')
|
||||||
server = self._check_response(server, expect_json=True)
|
server = self._check_response(server, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
||||||
|
@ -1001,7 +1015,7 @@ class ExpandedPyMISP(PyMISP):
|
||||||
return s
|
return s
|
||||||
|
|
||||||
def import_server(self, server: MISPServer, pythonify: bool=False):
|
def import_server(self, server: MISPServer, pythonify: bool=False):
|
||||||
"""Import a sync server config"""
|
"""Import a sync server config received from get_sync_config"""
|
||||||
server = self._prepare_request('POST', f'servers/import', data=server)
|
server = self._prepare_request('POST', f'servers/import', data=server)
|
||||||
server = self._check_response(server, expect_json=True)
|
server = self._check_response(server, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
||||||
|
@ -1011,7 +1025,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
return s
|
return s
|
||||||
|
|
||||||
def add_server(self, server: MISPServer, pythonify: bool=False):
|
def add_server(self, server: MISPServer, pythonify: bool=False):
|
||||||
"""Add a server to synchronise with"""
|
"""Add a server to synchronise with.
|
||||||
|
Note: You probably fant to use ExpandedPyMISP.get_sync_config and ExpandedPyMISP.import_server instead"""
|
||||||
server = self._prepare_request('POST', f'servers/add', data=server)
|
server = self._prepare_request('POST', f'servers/add', data=server)
|
||||||
server = self._check_response(server, expect_json=True)
|
server = self._check_response(server, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
if not (self.global_pythonify or pythonify) or 'errors' in server:
|
||||||
|
@ -1024,6 +1039,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update a server to synchronise with'''
|
'''Update a server to synchronise with'''
|
||||||
if server_id is None:
|
if server_id is None:
|
||||||
server_id = self.__get_uuid_or_id_from_abstract_misp(server)
|
server_id = self.__get_uuid_or_id_from_abstract_misp(server)
|
||||||
|
else:
|
||||||
|
server_id = self.__get_uuid_or_id_from_abstract_misp(server_id)
|
||||||
updated_server = self._prepare_request('POST', f'servers/edit/{server_id}', data=server)
|
updated_server = self._prepare_request('POST', f'servers/edit/{server_id}', data=server)
|
||||||
updated_server = self._check_response(updated_server, expect_json=True)
|
updated_server = self._check_response(updated_server, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in updated_server:
|
if not (self.global_pythonify or pythonify) or 'errors' in updated_server:
|
||||||
|
@ -1196,6 +1213,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update an organisation'''
|
'''Update an organisation'''
|
||||||
if organisation_id is None:
|
if organisation_id is None:
|
||||||
organisation_id = self.__get_uuid_or_id_from_abstract_misp(organisation)
|
organisation_id = self.__get_uuid_or_id_from_abstract_misp(organisation)
|
||||||
|
else:
|
||||||
|
organisation_id = self.__get_uuid_or_id_from_abstract_misp(organisation_id)
|
||||||
updated_organisation = self._prepare_request('POST', f'admin/organisations/edit/{organisation_id}', data=organisation)
|
updated_organisation = self._prepare_request('POST', f'admin/organisations/edit/{organisation_id}', data=organisation)
|
||||||
updated_organisation = self._check_response(updated_organisation, expect_json=True)
|
updated_organisation = self._check_response(updated_organisation, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in updated_organisation:
|
if not (self.global_pythonify or pythonify) or 'errors' in updated_organisation:
|
||||||
|
@ -1253,6 +1272,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
'''Update an event on a MISP instance'''
|
'''Update an event on a MISP instance'''
|
||||||
if user_id is None:
|
if user_id is None:
|
||||||
user_id = self.__get_uuid_or_id_from_abstract_misp(user)
|
user_id = self.__get_uuid_or_id_from_abstract_misp(user)
|
||||||
|
else:
|
||||||
|
user_id = self.__get_uuid_or_id_from_abstract_misp(user_id)
|
||||||
updated_user = self._prepare_request('POST', f'admin/users/edit/{user_id}', data=user)
|
updated_user = self._prepare_request('POST', f'admin/users/edit/{user_id}', data=user)
|
||||||
updated_user = self._check_response(updated_user, expect_json=True)
|
updated_user = self._check_response(updated_user, expect_json=True)
|
||||||
if not (self.global_pythonify or pythonify) or 'errors' in updated_user:
|
if not (self.global_pythonify or pythonify) or 'errors' in updated_user:
|
||||||
|
@ -1601,6 +1622,8 @@ class ExpandedPyMISP(PyMISP):
|
||||||
url_path = f'sightings/restSearch/{context}'
|
url_path = f'sightings/restSearch/{context}'
|
||||||
else:
|
else:
|
||||||
url_path = 'sightings/restSearch'
|
url_path = 'sightings/restSearch'
|
||||||
|
if isinstance(context_id, (MISPEvent, MISPAttribute)):
|
||||||
|
context_id = self.__get_uuid_or_id_from_abstract_misp(context_id)
|
||||||
query['id'] = context_id
|
query['id'] = context_id
|
||||||
query['type'] = type_sighting
|
query['type'] = type_sighting
|
||||||
query['from'] = date_from
|
query['from'] = date_from
|
||||||
|
@ -1862,9 +1885,15 @@ class ExpandedPyMISP(PyMISP):
|
||||||
return str(obj)
|
return str(obj)
|
||||||
if isinstance(obj, (int, str)):
|
if isinstance(obj, (int, str)):
|
||||||
return obj
|
return obj
|
||||||
|
if self._old_misp((2, 4, 113), '2020-01-01', sys._getframe().f_code.co_name, message='MISP now accepts UUIDs to access entiries, usinf it is a lot safer across instances. Just update your MISP instance, plz.'):
|
||||||
if 'id' in obj:
|
if 'id' in obj:
|
||||||
return obj['id']
|
return obj['id']
|
||||||
|
if isinstance(obj, MISPShadowAttribute):
|
||||||
|
# A ShadowAttribute has the same UUID as the related Attribute, we *need* to use the ID
|
||||||
|
return obj['id']
|
||||||
|
if 'uuid' in obj:
|
||||||
return obj['uuid']
|
return obj['uuid']
|
||||||
|
return obj['id']
|
||||||
|
|
||||||
def _make_misp_bool(self, parameter: Union[bool, str, None]):
|
def _make_misp_bool(self, parameter: Union[bool, str, None]):
|
||||||
'''MISP wants 0 or 1 for bool, so we avoid True/False '0', '1' '''
|
'''MISP wants 0 or 1 for bool, so we avoid True/False '0', '1' '''
|
||||||
|
|
|
@ -82,11 +82,11 @@ class TestComprehensive(unittest.TestCase):
|
||||||
@classmethod
|
@classmethod
|
||||||
def tearDownClass(cls):
|
def tearDownClass(cls):
|
||||||
# Delete publisher
|
# Delete publisher
|
||||||
cls.admin_misp_connector.delete_user(cls.test_pub.id)
|
cls.admin_misp_connector.delete_user(cls.test_pub)
|
||||||
# Delete user
|
# Delete user
|
||||||
cls.admin_misp_connector.delete_user(cls.test_usr.id)
|
cls.admin_misp_connector.delete_user(cls.test_usr)
|
||||||
# Delete org
|
# Delete org
|
||||||
cls.admin_misp_connector.delete_organisation(cls.test_org.id)
|
cls.admin_misp_connector.delete_organisation(cls.test_org)
|
||||||
|
|
||||||
def create_simple_event(self, force_timestamps=False):
|
def create_simple_event(self, force_timestamps=False):
|
||||||
mispevent = MISPEvent(force_timestamps=force_timestamps)
|
mispevent = MISPEvent(force_timestamps=force_timestamps)
|
||||||
|
@ -152,25 +152,18 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(final_setting['value'], 5000)
|
self.assertEqual(final_setting['value'], 5000)
|
||||||
break
|
break
|
||||||
self.admin_misp_connector.set_server_setting('MISP.max_correlations_per_event', 10)
|
self.admin_misp_connector.set_server_setting('MISP.max_correlations_per_event', 10)
|
||||||
settings = self.admin_misp_connector.server_settings()
|
setting = self.admin_misp_connector.get_server_setting('MISP.max_correlations_per_event')
|
||||||
for final_setting in settings['finalSettings']:
|
self.assertEqual(setting['value'], 10)
|
||||||
if final_setting['setting'] == 'MISP.max_correlations_per_event':
|
|
||||||
self.assertEqual(final_setting['value'], 10)
|
|
||||||
break
|
|
||||||
self.admin_misp_connector.set_server_setting('MISP.max_correlations_per_event', 5000)
|
self.admin_misp_connector.set_server_setting('MISP.max_correlations_per_event', 5000)
|
||||||
|
|
||||||
settings = self.admin_misp_connector.server_settings()
|
setting = self.admin_misp_connector.get_server_setting('MISP.live')
|
||||||
for final_setting in settings['finalSettings']:
|
self.assertTrue(setting['value'])
|
||||||
if final_setting['setting'] == 'MISP.live':
|
|
||||||
self.assertTrue(final_setting['value'])
|
|
||||||
break
|
|
||||||
self.admin_misp_connector.set_server_setting('MISP.live', False, force=True)
|
self.admin_misp_connector.set_server_setting('MISP.live', False, force=True)
|
||||||
settings = self.admin_misp_connector.server_settings()
|
setting = self.admin_misp_connector.get_server_setting('MISP.live')
|
||||||
for final_setting in settings['finalSettings']:
|
self.assertFalse(setting['value'])
|
||||||
if final_setting['setting'] == 'MISP.live':
|
|
||||||
self.assertFalse(final_setting['value'])
|
|
||||||
break
|
|
||||||
self.admin_misp_connector.set_server_setting('MISP.live', True, force=True)
|
self.admin_misp_connector.set_server_setting('MISP.live', True, force=True)
|
||||||
|
setting = self.admin_misp_connector.get_server_setting('MISP.live')
|
||||||
|
self.assertTrue(setting['value'])
|
||||||
|
|
||||||
def test_search_value_event(self):
|
def test_search_value_event(self):
|
||||||
'''Search a value on the event controller
|
'''Search a value on the event controller
|
||||||
|
@ -194,9 +187,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(events, [])
|
self.assertEqual(events, [])
|
||||||
finally:
|
finally:
|
||||||
# Delete events
|
# Delete events
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_value_attribute(self):
|
def test_search_value_attribute(self):
|
||||||
'''Search value in attributes controller'''
|
'''Search value in attributes controller'''
|
||||||
|
@ -245,9 +238,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_type_event(self):
|
def test_search_type_event(self):
|
||||||
'''Search multiple events, search events containing attributes with specific types'''
|
'''Search multiple events, search events containing attributes with specific types'''
|
||||||
|
@ -266,9 +259,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertIn(e.id, [second.id, third.id])
|
self.assertIn(e.id, [second.id, third.id])
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_type_attribute(self):
|
def test_search_type_attribute(self):
|
||||||
'''Search multiple attributes, search attributes with specific types'''
|
'''Search multiple attributes, search attributes with specific types'''
|
||||||
|
@ -290,9 +283,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertIn(a.event_id, [second.id, third.id])
|
self.assertIn(a.event_id, [second.id, third.id])
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_tag_event(self):
|
def test_search_tag_event(self):
|
||||||
'''Search Tags at events level'''
|
'''Search Tags at events level'''
|
||||||
|
@ -324,9 +317,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(events, [])
|
self.assertEqual(events, [])
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_tag_attribute(self):
|
def test_search_tag_attribute(self):
|
||||||
'''Search Tags at attributes level'''
|
'''Search Tags at attributes level'''
|
||||||
|
@ -351,9 +344,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(attributes), 1)
|
self.assertEqual(len(attributes), 1)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_tag_advanced_event(self):
|
def test_search_tag_advanced_event(self):
|
||||||
'''Advanced search Tags at events level'''
|
'''Advanced search Tags at events level'''
|
||||||
|
@ -381,9 +374,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual([t for t in a.tags if t.name == 'tlp:white___test'], [])
|
self.assertEqual([t for t in a.tags if t.name == 'tlp:white___test'], [])
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_tag_advanced_attributes(self):
|
def test_search_tag_advanced_attributes(self):
|
||||||
'''Advanced search Tags at attributes level'''
|
'''Advanced search Tags at attributes level'''
|
||||||
|
@ -400,9 +393,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual([t for t in a.tags if t.name == 'foo_double___test'], [])
|
self.assertEqual([t for t in a.tags if t.name == 'foo_double___test'], [])
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_timestamp_event(self):
|
def test_search_timestamp_event(self):
|
||||||
'''Search specific update timestamps at events level'''
|
'''Search specific update timestamps at events level'''
|
||||||
|
@ -437,8 +430,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(events[0].timestamp.timestamp(), int(event_creation_timestamp_first.timestamp()))
|
self.assertEqual(events[0].timestamp.timestamp(), int(event_creation_timestamp_first.timestamp()))
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_search_timestamp_attribute(self):
|
def test_search_timestamp_attribute(self):
|
||||||
'''Search specific update timestamps at attributes level'''
|
'''Search specific update timestamps at attributes level'''
|
||||||
|
@ -475,8 +468,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(attributes[0].timestamp.timestamp(), int(event_creation_timestamp_first.timestamp()))
|
self.assertEqual(attributes[0].timestamp.timestamp(), int(event_creation_timestamp_first.timestamp()))
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_user_perms(self):
|
def test_user_perms(self):
|
||||||
'''Test publish rights'''
|
'''Test publish rights'''
|
||||||
|
@ -492,7 +485,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertTrue(first.published)
|
self.assertTrue(first.published)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_delete_by_uuid(self):
|
def test_delete_by_uuid(self):
|
||||||
try:
|
try:
|
||||||
|
@ -503,14 +496,13 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
r = self.user_misp_connector.delete_attribute(first.attributes[0].uuid)
|
r = self.user_misp_connector.delete_attribute(first.attributes[0].uuid)
|
||||||
self.assertEqual(r['message'], 'Attribute deleted.')
|
self.assertEqual(r['message'], 'Attribute deleted.')
|
||||||
# FIXME https://github.com/MISP/MISP/issues/4974
|
r = self.user_misp_connector.delete_object(first.objects[0].uuid)
|
||||||
# r = self.user_misp_connector.delete_object(first.objects[0].uuid)
|
self.assertEqual(r['message'], 'Object deleted')
|
||||||
# self.assertEqual(r['message'], 'Object deleted.')
|
r = self.user_misp_connector.delete_event(first.uuid)
|
||||||
# r = self.user_misp_connector.delete_event(first.uuid)
|
self.assertEqual(r['message'], 'Event deleted.')
|
||||||
# self.assertEqual(r['message'], 'Event deleted.')
|
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_search_publish_timestamp(self):
|
def test_search_publish_timestamp(self):
|
||||||
'''Search for a specific publication timestamp, an interval, and invalid values.'''
|
'''Search for a specific publication timestamp, an interval, and invalid values.'''
|
||||||
|
@ -548,8 +540,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(events[0].id, first.id)
|
self.assertEqual(events[0].id, first.id)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_default_distribution(self):
|
def test_default_distribution(self):
|
||||||
'''The default distributions on the VM are This community only for the events and Inherit from event for attr/obj)'''
|
'''The default distributions on the VM are This community only for the events and Inherit from event for attr/obj)'''
|
||||||
|
@ -573,13 +565,13 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(first.objects[1].distribution, Distribution.inherit.value)
|
self.assertEqual(first.objects[1].distribution, Distribution.inherit.value)
|
||||||
self.assertEqual(first.objects[1].attributes[0].distribution, Distribution.inherit.value)
|
self.assertEqual(first.objects[1].attributes[0].distribution, Distribution.inherit.value)
|
||||||
# Attribute create
|
# Attribute create
|
||||||
attribute = self.user_misp_connector.add_attribute(first.id, {'type': 'comment', 'value': 'bar'})
|
attribute = self.user_misp_connector.add_attribute(first, {'type': 'comment', 'value': 'bar'})
|
||||||
self.assertEqual(attribute.value, 'bar', attribute.to_json())
|
self.assertEqual(attribute.value, 'bar', attribute.to_json())
|
||||||
self.assertEqual(attribute.distribution, Distribution.inherit.value, attribute.to_json())
|
self.assertEqual(attribute.distribution, Distribution.inherit.value, attribute.to_json())
|
||||||
# Object - add
|
# Object - add
|
||||||
o = MISPObject('file')
|
o = MISPObject('file')
|
||||||
o.add_attribute('filename', value='blah.exe')
|
o.add_attribute('filename', value='blah.exe')
|
||||||
new_obj = self.user_misp_connector.add_object(first.id, o)
|
new_obj = self.user_misp_connector.add_object(first, o)
|
||||||
self.assertEqual(new_obj.distribution, int(Distribution.inherit.value))
|
self.assertEqual(new_obj.distribution, int(Distribution.inherit.value))
|
||||||
self.assertEqual(new_obj.attributes[0].distribution, int(Distribution.inherit.value))
|
self.assertEqual(new_obj.attributes[0].distribution, int(Distribution.inherit.value))
|
||||||
# Object - edit
|
# Object - edit
|
||||||
|
@ -591,7 +583,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(a.distribution, int(Distribution.inherit.value))
|
self.assertEqual(a.distribution, int(Distribution.inherit.value))
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_simple_event(self):
|
def test_simple_event(self):
|
||||||
'''Search a bunch of parameters:
|
'''Search a bunch of parameters:
|
||||||
|
@ -781,8 +773,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_edit_attribute(self):
|
def test_edit_attribute(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -791,16 +783,18 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
first.attributes[0].comment = 'This is the modified comment'
|
first.attributes[0].comment = 'This is the modified comment'
|
||||||
attribute = self.user_misp_connector.update_attribute(first.attributes[0])
|
attribute = self.user_misp_connector.update_attribute(first.attributes[0])
|
||||||
|
self.assertTrue(isinstance(attribute, MISPAttribute), attribute)
|
||||||
self.assertEqual(attribute.comment, 'This is the modified comment')
|
self.assertEqual(attribute.comment, 'This is the modified comment')
|
||||||
attribute = self.user_misp_connector.update_attribute({'comment': 'This is the modified comment, again'}, attribute.id)
|
attribute = self.user_misp_connector.update_attribute({'comment': 'This is the modified comment, again'}, attribute)
|
||||||
self.assertEqual(attribute.comment, 'This is the modified comment, again')
|
self.assertTrue(isinstance(attribute, MISPAttribute), attribute)
|
||||||
attribute = self.user_misp_connector.update_attribute({'disable_correlation': True}, attribute.id)
|
self.assertEqual(attribute.comment, 'This is the modified comment, again', attribute)
|
||||||
self.assertTrue(attribute.disable_correlation)
|
attribute = self.user_misp_connector.update_attribute({'disable_correlation': True}, attribute)
|
||||||
attribute = self.user_misp_connector.update_attribute({'disable_correlation': False}, attribute.id)
|
self.assertTrue(attribute.disable_correlation, attribute)
|
||||||
self.assertFalse(attribute.disable_correlation)
|
attribute = self.user_misp_connector.update_attribute({'disable_correlation': False}, attribute)
|
||||||
|
self.assertFalse(attribute.disable_correlation, attribute)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_sightings(self):
|
def test_sightings(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -820,8 +814,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
s.source = 'Testcases'
|
s.source = 'Testcases'
|
||||||
s.type = '1'
|
s.type = '1'
|
||||||
# NOTE: no pythonify available yet
|
# NOTE: no pythonify available yet
|
||||||
# r = self.user_misp_connector.add_sighting(s, second.attributes[0].id)
|
# r = self.user_misp_connector.add_sighting(s, second.attributes[0])
|
||||||
r = self.user_misp_connector.add_sighting(s, second.attributes[0].id)
|
r = self.user_misp_connector.add_sighting(s, second.attributes[0])
|
||||||
self.assertEqual(r['message'], 'Sighting added')
|
self.assertEqual(r['message'], 'Sighting added')
|
||||||
|
|
||||||
s = self.user_misp_connector.search_sightings(publish_timestamp=current_ts, include_attribute=True,
|
s = self.user_misp_connector.search_sightings(publish_timestamp=current_ts, include_attribute=True,
|
||||||
|
@ -867,11 +861,11 @@ class TestComprehensive(unittest.TestCase):
|
||||||
|
|
||||||
# NOTE: no pythonify available yet
|
# NOTE: no pythonify available yet
|
||||||
# r = self.admin_misp_connector.add_sighting(s, second.attributes[0].id, pythonify=True)
|
# r = self.admin_misp_connector.add_sighting(s, second.attributes[0].id, pythonify=True)
|
||||||
r = self.admin_misp_connector.add_sighting(s, second.attributes[0].id)
|
r = self.admin_misp_connector.add_sighting(s, second.attributes[0])
|
||||||
self.assertEqual(r['message'], 'Sighting added')
|
self.assertEqual(r['message'], 'Sighting added')
|
||||||
s = self.user_misp_connector.sightings(second.attributes[0])
|
s = self.user_misp_connector.sightings(second.attributes[0])
|
||||||
self.assertEqual(len(s), 2)
|
self.assertEqual(len(s), 2)
|
||||||
s = self.user_misp_connector.sightings(second.attributes[0], self.test_org.id)
|
s = self.user_misp_connector.sightings(second.attributes[0], self.test_org)
|
||||||
self.assertEqual(len(s), 1)
|
self.assertEqual(len(s), 1)
|
||||||
self.assertEqual(s[0].org_id, self.test_org.id)
|
self.assertEqual(s[0].org_id, self.test_org.id)
|
||||||
# Delete sighting
|
# Delete sighting
|
||||||
|
@ -880,8 +874,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
|
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_search_csv(self):
|
def test_search_csv(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -894,13 +888,13 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
second = self.user_misp_connector.add_event(second)
|
second = self.user_misp_connector.add_event(second)
|
||||||
|
|
||||||
response = self.user_misp_connector.publish(first.id, alert=False)
|
response = self.user_misp_connector.publish(first, alert=False)
|
||||||
self.assertEqual(response['errors'][1]['message'], 'You do not have permission to use this functionality.')
|
self.assertEqual(response['errors'][1]['message'], 'You do not have permission to use this functionality.')
|
||||||
|
|
||||||
# Default search, attribute with to_ids == True
|
# Default search, attribute with to_ids == True
|
||||||
first.attributes[0].to_ids = True
|
first.attributes[0].to_ids = True
|
||||||
first = self.user_misp_connector.update_event(first)
|
first = self.user_misp_connector.update_event(first)
|
||||||
self.admin_misp_connector.publish(first.id, alert=False)
|
self.admin_misp_connector.publish(first, alert=False)
|
||||||
csv = self.user_misp_connector.search(return_format='csv', publish_timestamp=first.timestamp.timestamp())
|
csv = self.user_misp_connector.search(return_format='csv', publish_timestamp=first.timestamp.timestamp())
|
||||||
self.assertEqual(len(csv), 1)
|
self.assertEqual(len(csv), 1)
|
||||||
self.assertEqual(csv[0]['value'], first.attributes[0].value)
|
self.assertEqual(csv[0]['value'], first.attributes[0].value)
|
||||||
|
@ -959,8 +953,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
# Mostly solved -> https://github.com/MISP/MISP/issues/4886
|
# Mostly solved -> https://github.com/MISP/MISP/issues/4886
|
||||||
time.sleep(5)
|
time.sleep(5)
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_search_stix(self):
|
def test_search_stix(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -975,7 +969,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(stix2['objects'][-1]['pattern'], "[network-traffic:src_ref.type = 'ipv4-addr' AND network-traffic:src_ref.value = '8.8.8.8']")
|
self.assertEqual(stix2['objects'][-1]['pattern'], "[network-traffic:src_ref.type = 'ipv4-addr' AND network-traffic:src_ref.value = '8.8.8.8']")
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_update_object(self):
|
def test_update_object(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1028,16 +1022,16 @@ class TestComprehensive(unittest.TestCase):
|
||||||
tags = self.admin_misp_connector.tags(pythonify=True)
|
tags = self.admin_misp_connector.tags(pythonify=True)
|
||||||
for t in tags:
|
for t in tags:
|
||||||
if t.name == 'generic_tag_test':
|
if t.name == 'generic_tag_test':
|
||||||
response = self.admin_misp_connector.delete_tag(t.id)
|
response = self.admin_misp_connector.delete_tag(t)
|
||||||
self.assertEqual(response['message'], 'Tag deleted.')
|
self.assertEqual(response['message'], 'Tag deleted.')
|
||||||
|
|
||||||
# Test delete object
|
# Test delete object
|
||||||
r = self.user_misp_connector.delete_object(second.objects[0].id)
|
r = self.user_misp_connector.delete_object(second.objects[0])
|
||||||
self.assertEqual(r['message'], 'Object deleted')
|
self.assertEqual(r['message'], 'Object deleted')
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_custom_template(self):
|
def test_custom_template(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1054,7 +1048,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(obj.get_attributes_by_relation('test_overwrite')[0].value, 'blah')
|
self.assertEqual(obj.get_attributes_by_relation('test_overwrite')[0].value, 'blah')
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_unknown_template(self):
|
def test_unknown_template(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1075,7 +1069,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertTrue(first.objects[1].attributes[0].disable_correlation)
|
self.assertTrue(first.objects[1].attributes[0].disable_correlation)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_domain_ip_object(self):
|
def test_domain_ip_object(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1089,7 +1083,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(first.objects[0].attributes), 5)
|
self.assertEqual(len(first.objects[0].attributes), 5)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_asn_object(self):
|
def test_asn_object(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1102,7 +1096,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(first.objects[0].attributes), 3)
|
self.assertEqual(len(first.objects[0].attributes), 3)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_object_template(self):
|
def test_object_template(self):
|
||||||
r = self.admin_misp_connector.update_object_templates()
|
r = self.admin_misp_connector.update_object_templates()
|
||||||
|
@ -1124,7 +1118,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
for tag in tags:
|
for tag in tags:
|
||||||
if not tag.hide_tag:
|
if not tag.hide_tag:
|
||||||
break
|
break
|
||||||
tag = self.admin_misp_connector.get_tag(tag.id, pythonify=True)
|
tag = self.admin_misp_connector.get_tag(tag, pythonify=True)
|
||||||
self.assertTrue('name' in tag)
|
self.assertTrue('name' in tag)
|
||||||
# Enable by MISPTag
|
# Enable by MISPTag
|
||||||
tag = self.admin_misp_connector.disable_tag(tag, pythonify=True)
|
tag = self.admin_misp_connector.disable_tag(tag, pythonify=True)
|
||||||
|
@ -1152,12 +1146,12 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertFalse(first.attributes[0].tags)
|
self.assertFalse(first.attributes[0].tags)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
# Delete tag
|
# Delete tag
|
||||||
response = self.admin_misp_connector.delete_tag(new_tag.id)
|
response = self.admin_misp_connector.delete_tag(new_tag)
|
||||||
self.assertEqual(response['message'], 'Tag deleted.')
|
self.assertEqual(response['message'], 'Tag deleted.')
|
||||||
response = self.admin_misp_connector.delete_tag(non_exportable_tag.id)
|
response = self.admin_misp_connector.delete_tag(non_exportable_tag)
|
||||||
self.assertEqual(response['message'], 'Tag deleted.')
|
self.assertEqual(response['message'], 'Tag deleted.')
|
||||||
|
|
||||||
def test_add_event_with_attachment_object_controller(self):
|
def test_add_event_with_attachment_object_controller(self):
|
||||||
|
@ -1166,29 +1160,27 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
fo, peo, seos = make_binary_objects('tests/viper-test-files/test_files/whoami.exe')
|
fo, peo, seos = make_binary_objects('tests/viper-test-files/test_files/whoami.exe')
|
||||||
for s in seos:
|
for s in seos:
|
||||||
r = self.user_misp_connector.add_object(first.id, s)
|
r = self.user_misp_connector.add_object(first, s)
|
||||||
self.assertEqual(r.name, 'pe-section', r)
|
self.assertEqual(r.name, 'pe-section', r)
|
||||||
|
|
||||||
r = self.user_misp_connector.add_object(first.id, peo)
|
r = self.user_misp_connector.add_object(first, peo)
|
||||||
self.assertEqual(r.name, 'pe', r)
|
self.assertEqual(r.name, 'pe', r)
|
||||||
for ref in peo.ObjectReference:
|
for ref in peo.ObjectReference:
|
||||||
r = self.user_misp_connector.add_object_reference(ref)
|
r = self.user_misp_connector.add_object_reference(ref)
|
||||||
# FIXME: https://github.com/MISP/MISP/issues/4866
|
|
||||||
self.assertEqual(r.object_uuid, peo.uuid, r.to_json())
|
self.assertEqual(r.object_uuid, peo.uuid, r.to_json())
|
||||||
|
|
||||||
r = self.user_misp_connector.add_object(first.id, fo)
|
r = self.user_misp_connector.add_object(first, fo)
|
||||||
obj_attrs = r.get_attributes_by_relation('ssdeep')
|
obj_attrs = r.get_attributes_by_relation('ssdeep')
|
||||||
self.assertEqual(len(obj_attrs), 1, obj_attrs)
|
self.assertEqual(len(obj_attrs), 1, obj_attrs)
|
||||||
self.assertEqual(r.name, 'file', r)
|
self.assertEqual(r.name, 'file', r)
|
||||||
r = self.user_misp_connector.add_object_reference(fo.ObjectReference[0])
|
r = self.user_misp_connector.add_object_reference(fo.ObjectReference[0])
|
||||||
# FIXME: https://github.com/MISP/MISP/issues/4866
|
|
||||||
self.assertEqual(r.object_uuid, fo.uuid, r.to_json())
|
self.assertEqual(r.object_uuid, fo.uuid, r.to_json())
|
||||||
self.assertEqual(r.referenced_uuid, peo.uuid, r.to_json())
|
self.assertEqual(r.referenced_uuid, peo.uuid, r.to_json())
|
||||||
r = self.user_misp_connector.delete_object_reference(r.id)
|
r = self.user_misp_connector.delete_object_reference(r)
|
||||||
self.assertEqual(r['message'], 'ObjectReference deleted')
|
self.assertEqual(r['message'], 'ObjectReference deleted')
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_add_event_with_attachment(self):
|
def test_add_event_with_attachment(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1206,7 +1198,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(first.objects[0].references[0].relationship_type, 'includes')
|
self.assertEqual(first.objects[0].references[0].relationship_type, 'includes')
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_taxonomies(self):
|
def test_taxonomies(self):
|
||||||
# Make sure we're up-to-date
|
# Make sure we're up-to-date
|
||||||
|
@ -1219,14 +1211,14 @@ class TestComprehensive(unittest.TestCase):
|
||||||
for tax in taxonomies:
|
for tax in taxonomies:
|
||||||
if tax.namespace == list_name_test:
|
if tax.namespace == list_name_test:
|
||||||
break
|
break
|
||||||
r = self.admin_misp_connector.get_taxonomy(tax.id, pythonify=True)
|
r = self.admin_misp_connector.get_taxonomy(tax, pythonify=True)
|
||||||
self.assertEqual(r.namespace, list_name_test)
|
self.assertEqual(r.namespace, list_name_test)
|
||||||
self.assertTrue('enabled' in r)
|
self.assertTrue('enabled' in r)
|
||||||
r = self.admin_misp_connector.enable_taxonomy(tax.id)
|
r = self.admin_misp_connector.enable_taxonomy(tax)
|
||||||
self.assertEqual(r['message'], 'Taxonomy enabled')
|
self.assertEqual(r['message'], 'Taxonomy enabled')
|
||||||
r = self.admin_misp_connector.enable_taxonomy_tags(tax.id)
|
r = self.admin_misp_connector.enable_taxonomy_tags(tax)
|
||||||
self.assertEqual(r['name'], 'The tag(s) has been saved.')
|
self.assertEqual(r['name'], 'The tag(s) has been saved.')
|
||||||
r = self.admin_misp_connector.disable_taxonomy(tax.id)
|
r = self.admin_misp_connector.disable_taxonomy(tax)
|
||||||
self.assertEqual(r['message'], 'Taxonomy disabled')
|
self.assertEqual(r['message'], 'Taxonomy disabled')
|
||||||
|
|
||||||
def test_warninglists(self):
|
def test_warninglists(self):
|
||||||
|
@ -1245,17 +1237,17 @@ class TestComprehensive(unittest.TestCase):
|
||||||
if wl.name == list_name_test:
|
if wl.name == list_name_test:
|
||||||
break
|
break
|
||||||
testwl = wl
|
testwl = wl
|
||||||
r = self.admin_misp_connector.get_warninglist(testwl.id, pythonify=True)
|
r = self.admin_misp_connector.get_warninglist(testwl, pythonify=True)
|
||||||
self.assertEqual(r.name, list_name_test)
|
self.assertEqual(r.name, list_name_test)
|
||||||
self.assertTrue('WarninglistEntry' in r)
|
self.assertTrue('WarninglistEntry' in r)
|
||||||
r = self.admin_misp_connector.enable_warninglist(testwl.id)
|
r = self.admin_misp_connector.enable_warninglist(testwl)
|
||||||
self.assertEqual(r['success'], '1 warninglist(s) enabled')
|
self.assertEqual(r['success'], '1 warninglist(s) enabled')
|
||||||
# Check if a value is in a warning list
|
# Check if a value is in a warning list
|
||||||
md5_empty_file = 'd41d8cd98f00b204e9800998ecf8427e'
|
md5_empty_file = 'd41d8cd98f00b204e9800998ecf8427e'
|
||||||
r = self.user_misp_connector.values_in_warninglist([md5_empty_file])
|
r = self.user_misp_connector.values_in_warninglist([md5_empty_file])
|
||||||
self.assertEqual(r[md5_empty_file][0]['name'], list_name_test)
|
self.assertEqual(r[md5_empty_file][0]['name'], list_name_test)
|
||||||
|
|
||||||
r = self.admin_misp_connector.disable_warninglist(testwl.id)
|
r = self.admin_misp_connector.disable_warninglist(testwl)
|
||||||
self.assertEqual(r['success'], '1 warninglist(s) disabled')
|
self.assertEqual(r['success'], '1 warninglist(s) disabled')
|
||||||
|
|
||||||
def test_noticelists(self):
|
def test_noticelists(self):
|
||||||
|
@ -1270,13 +1262,13 @@ class TestComprehensive(unittest.TestCase):
|
||||||
if nl.name == list_name_test:
|
if nl.name == list_name_test:
|
||||||
break
|
break
|
||||||
testnl = nl
|
testnl = nl
|
||||||
r = self.admin_misp_connector.get_noticelist(testnl.id, pythonify=True)
|
r = self.admin_misp_connector.get_noticelist(testnl, pythonify=True)
|
||||||
self.assertEqual(r.name, list_name_test)
|
self.assertEqual(r.name, list_name_test)
|
||||||
# FIXME: https://github.com/MISP/MISP/issues/4856
|
# FIXME: https://github.com/MISP/MISP/issues/4856
|
||||||
self.assertTrue('NoticelistEntry' in r)
|
self.assertTrue('NoticelistEntry' in r)
|
||||||
r = self.admin_misp_connector.enable_noticelist(testnl.id)
|
r = self.admin_misp_connector.enable_noticelist(testnl)
|
||||||
self.assertTrue(r['Noticelist']['enabled'], r)
|
self.assertTrue(r['Noticelist']['enabled'], r)
|
||||||
r = self.admin_misp_connector.disable_noticelist(testnl.id)
|
r = self.admin_misp_connector.disable_noticelist(testnl)
|
||||||
self.assertFalse(r['Noticelist']['enabled'], r)
|
self.assertFalse(r['Noticelist']['enabled'], r)
|
||||||
|
|
||||||
def test_galaxies(self):
|
def test_galaxies(self):
|
||||||
|
@ -1290,7 +1282,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
for galaxy in galaxies:
|
for galaxy in galaxies:
|
||||||
if galaxy.name == list_name_test:
|
if galaxy.name == list_name_test:
|
||||||
break
|
break
|
||||||
r = self.admin_misp_connector.get_galaxy(galaxy.id, pythonify=True)
|
r = self.admin_misp_connector.get_galaxy(galaxy, pythonify=True)
|
||||||
self.assertEqual(r.name, list_name_test)
|
self.assertEqual(r.name, list_name_test)
|
||||||
# FIXME: Fails due to https://github.com/MISP/MISP/issues/4855
|
# FIXME: Fails due to https://github.com/MISP/MISP/issues/4855
|
||||||
# self.assertTrue('GalaxyCluster' in r)
|
# self.assertTrue('GalaxyCluster' in r)
|
||||||
|
@ -1299,11 +1291,11 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
try:
|
try:
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
r = self.admin_misp_connector.push_event_to_ZMQ(first.id)
|
r = self.admin_misp_connector.push_event_to_ZMQ(first)
|
||||||
self.assertEqual(r['message'], 'Event published to ZMQ')
|
self.assertEqual(r['message'], 'Event published to ZMQ')
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_csv_loader(self):
|
def test_csv_loader(self):
|
||||||
csv1 = CSVLoader(template_name='file', csv_path=Path('tests/csv_testfiles/valid_fieldnames.csv'))
|
csv1 = CSVLoader(template_name='file', csv_path=Path('tests/csv_testfiles/valid_fieldnames.csv'))
|
||||||
|
@ -1317,11 +1309,11 @@ class TestComprehensive(unittest.TestCase):
|
||||||
try:
|
try:
|
||||||
first = self.user_misp_connector.add_event(event)
|
first = self.user_misp_connector.add_event(event)
|
||||||
for o in csv2.load():
|
for o in csv2.load():
|
||||||
new_object = self.user_misp_connector.add_object(first.id, o)
|
new_object = self.user_misp_connector.add_object(first, o)
|
||||||
self.assertEqual(len(new_object.attributes), 3)
|
self.assertEqual(len(new_object.attributes), 3)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_user(self):
|
def test_user(self):
|
||||||
# Get list
|
# Get list
|
||||||
|
@ -1366,21 +1358,22 @@ class TestComprehensive(unittest.TestCase):
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
second = self.admin_misp_connector.add_event(second, pythonify=True)
|
second = self.admin_misp_connector.add_event(second, pythonify=True)
|
||||||
# Get attribute
|
# Get attribute
|
||||||
attribute = self.user_misp_connector.get_attribute(first.attributes[0].id)
|
attribute = self.user_misp_connector.get_attribute(first.attributes[0])
|
||||||
self.assertEqual(first.attributes[0].uuid, attribute.uuid)
|
self.assertEqual(first.attributes[0].uuid, attribute.uuid)
|
||||||
# Add attribute
|
# Add attribute
|
||||||
new_attribute = MISPAttribute()
|
new_attribute = MISPAttribute()
|
||||||
new_attribute.value = '1.2.3.4'
|
new_attribute.value = '1.2.3.4'
|
||||||
new_attribute.type = 'ip-dst'
|
new_attribute.type = 'ip-dst'
|
||||||
new_attribute = self.user_misp_connector.add_attribute(first.id, new_attribute)
|
new_attribute = self.user_misp_connector.add_attribute(first, new_attribute)
|
||||||
self.assertEqual(new_attribute.value, '1.2.3.4')
|
self.assertTrue(isinstance(new_attribute, MISPAttribute), new_attribute)
|
||||||
|
self.assertEqual(new_attribute.value, '1.2.3.4', new_attribute)
|
||||||
# Test attribute already in event
|
# Test attribute already in event
|
||||||
# new_attribute.uuid = str(uuid4())
|
# new_attribute.uuid = str(uuid4())
|
||||||
# new_attribute = self.user_misp_connector.add_attribute(first.id, new_attribute)
|
# new_attribute = self.user_misp_connector.add_attribute(first, new_attribute)
|
||||||
new_similar = MISPAttribute()
|
new_similar = MISPAttribute()
|
||||||
new_similar.value = '1.2.3.4'
|
new_similar.value = '1.2.3.4'
|
||||||
new_similar.type = 'ip-dst'
|
new_similar.type = 'ip-dst'
|
||||||
similar_error = self.user_misp_connector.add_attribute(first.id, new_similar)
|
similar_error = self.user_misp_connector.add_attribute(first, new_similar)
|
||||||
self.assertEqual(similar_error['errors'][1]['errors']['value'][0], 'A similar attribute already exists for this event.')
|
self.assertEqual(similar_error['errors'][1]['errors']['value'][0], 'A similar attribute already exists for this event.')
|
||||||
|
|
||||||
# Test add multiple attributes at once
|
# Test add multiple attributes at once
|
||||||
|
@ -1397,7 +1390,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
attr4.value = '1.2.3.6'
|
attr4.value = '1.2.3.6'
|
||||||
attr4.type = 'ip-dst'
|
attr4.type = 'ip-dst'
|
||||||
attr4.add_tag('tlp:amber___test')
|
attr4.add_tag('tlp:amber___test')
|
||||||
response = self.user_misp_connector.add_attribute(first.id, [attr1, attr2, attr3, attr4])
|
response = self.user_misp_connector.add_attribute(first, [attr1, attr2, attr3, attr4])
|
||||||
if 'attributes' in response:
|
if 'attributes' in response:
|
||||||
# FIXME: this if statement can be removed as soon as 2.4.113 is released: the format changed between 112 and 113, we test 113+
|
# FIXME: this if statement can be removed as soon as 2.4.113 is released: the format changed between 112 and 113, we test 113+
|
||||||
self.assertEqual(response['attributes'][0].value, '1.2.3.5')
|
self.assertEqual(response['attributes'][0].value, '1.2.3.5')
|
||||||
|
@ -1421,10 +1414,10 @@ class TestComprehensive(unittest.TestCase):
|
||||||
new_proposal_update = self.user_misp_connector.update_attribute_proposal(new_attribute.id, {'to_ids': False})
|
new_proposal_update = self.user_misp_connector.update_attribute_proposal(new_attribute.id, {'to_ids': False})
|
||||||
self.assertEqual(new_proposal_update.to_ids, False)
|
self.assertEqual(new_proposal_update.to_ids, False)
|
||||||
# Delete attribute as proposal
|
# Delete attribute as proposal
|
||||||
proposal_delete = self.user_misp_connector.delete_attribute_proposal(new_attribute.id)
|
proposal_delete = self.user_misp_connector.delete_attribute_proposal(new_attribute)
|
||||||
self.assertTrue(proposal_delete['saved'])
|
self.assertTrue(proposal_delete['saved'])
|
||||||
# Get attribute proposal
|
# Get attribute proposal
|
||||||
temp_new_proposal = self.user_misp_connector.get_attribute_proposal(new_proposal.id)
|
temp_new_proposal = self.user_misp_connector.get_attribute_proposal(new_proposal)
|
||||||
self.assertEqual(temp_new_proposal.uuid, new_proposal.uuid)
|
self.assertEqual(temp_new_proposal.uuid, new_proposal.uuid)
|
||||||
# Get attribute proposal*S*
|
# Get attribute proposal*S*
|
||||||
proposals = self.user_misp_connector.attribute_proposals()
|
proposals = self.user_misp_connector.attribute_proposals()
|
||||||
|
@ -1441,19 +1434,19 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(proposals), 1)
|
self.assertEqual(len(proposals), 1)
|
||||||
self.assertEqual(proposals[0].value, '123.123.123.1')
|
self.assertEqual(proposals[0].value, '123.123.123.1')
|
||||||
# Accept attribute proposal - New attribute
|
# Accept attribute proposal - New attribute
|
||||||
self.user_misp_connector.accept_attribute_proposal(new_proposal.id)
|
self.user_misp_connector.accept_attribute_proposal(new_proposal)
|
||||||
first = self.user_misp_connector.get_event(first.id)
|
first = self.user_misp_connector.get_event(first)
|
||||||
self.assertEqual(first.attributes[-1].value, '5.2.3.4')
|
self.assertEqual(first.attributes[-1].value, '5.2.3.4')
|
||||||
# Accept attribute proposal - Attribute update
|
# Accept attribute proposal - Attribute update
|
||||||
response = self.user_misp_connector.accept_attribute_proposal(new_proposal_update.id)
|
response = self.user_misp_connector.accept_attribute_proposal(new_proposal_update)
|
||||||
self.assertEqual(response['message'], 'Proposed change accepted.')
|
self.assertEqual(response['message'], 'Proposed change accepted.')
|
||||||
attribute = self.user_misp_connector.get_attribute(new_attribute.id)
|
attribute = self.user_misp_connector.get_attribute(new_attribute)
|
||||||
self.assertEqual(attribute.to_ids, False)
|
self.assertEqual(attribute.to_ids, False)
|
||||||
# Discard attribute proposal
|
# Discard attribute proposal
|
||||||
new_proposal_update = self.user_misp_connector.update_attribute_proposal(new_attribute.id, {'to_ids': True})
|
new_proposal_update = self.user_misp_connector.update_attribute_proposal(new_attribute.id, {'to_ids': True})
|
||||||
response = self.user_misp_connector.discard_attribute_proposal(new_proposal_update.id)
|
response = self.user_misp_connector.discard_attribute_proposal(new_proposal_update)
|
||||||
self.assertEqual(response['message'], 'Proposal discarded.')
|
self.assertEqual(response['message'], 'Proposal discarded.')
|
||||||
attribute = self.user_misp_connector.get_attribute(new_attribute.id)
|
attribute = self.user_misp_connector.get_attribute(new_attribute)
|
||||||
self.assertEqual(attribute.to_ids, False)
|
self.assertEqual(attribute.to_ids, False)
|
||||||
|
|
||||||
# Test fallback to proposal if the user doesn't own the event
|
# Test fallback to proposal if the user doesn't own the event
|
||||||
|
@ -1461,26 +1454,26 @@ class TestComprehensive(unittest.TestCase):
|
||||||
prop_attr.from_dict(**{'type': 'ip-dst', 'value': '123.43.32.21'})
|
prop_attr.from_dict(**{'type': 'ip-dst', 'value': '123.43.32.21'})
|
||||||
# Add attribute on event owned by someone else
|
# Add attribute on event owned by someone else
|
||||||
attribute = self.user_misp_connector.add_attribute(second.id, prop_attr)
|
attribute = self.user_misp_connector.add_attribute(second.id, prop_attr)
|
||||||
self.assertTrue(isinstance(attribute, MISPShadowAttribute))
|
self.assertTrue(isinstance(attribute, MISPShadowAttribute), attribute)
|
||||||
# Test if add proposal without category works - https://github.com/MISP/MISP/issues/4868
|
# Test if add proposal without category works - https://github.com/MISP/MISP/issues/4868
|
||||||
attribute = self.user_misp_connector.add_attribute(second.id, {'type': 'ip-dst', 'value': '123.43.32.22'})
|
attribute = self.user_misp_connector.add_attribute(second.id, {'type': 'ip-dst', 'value': '123.43.32.22'})
|
||||||
self.assertTrue(isinstance(attribute, MISPShadowAttribute))
|
self.assertTrue(isinstance(attribute, MISPShadowAttribute))
|
||||||
# Add attribute with the same value as an existing proposal
|
# Add attribute with the same value as an existing proposal
|
||||||
prop_attr.uuid = str(uuid4())
|
prop_attr.uuid = str(uuid4())
|
||||||
attribute = self.admin_misp_connector.add_attribute(second.id, prop_attr, pythonify=True)
|
attribute = self.admin_misp_connector.add_attribute(second, prop_attr, pythonify=True)
|
||||||
prop_attr.uuid = str(uuid4())
|
prop_attr.uuid = str(uuid4())
|
||||||
# Add a duplicate attribute (same value)
|
# Add a duplicate attribute (same value)
|
||||||
attribute = self.admin_misp_connector.add_attribute(second.id, prop_attr, pythonify=True)
|
attribute = self.admin_misp_connector.add_attribute(second, prop_attr, pythonify=True)
|
||||||
self.assertTrue('errors' in attribute)
|
self.assertTrue('errors' in attribute)
|
||||||
# Update attribute owned by someone else
|
# Update attribute owned by someone else
|
||||||
attribute = self.user_misp_connector.update_attribute({'comment': 'blah'}, second.attributes[0].id)
|
attribute = self.user_misp_connector.update_attribute({'comment': 'blah'}, second.attributes[0].id)
|
||||||
self.assertTrue(isinstance(attribute, MISPShadowAttribute))
|
self.assertTrue(isinstance(attribute, MISPShadowAttribute), attribute)
|
||||||
self.assertEqual(attribute.value, second.attributes[0].value)
|
self.assertEqual(attribute.value, second.attributes[0].value)
|
||||||
# Delete attribute owned by someone else
|
# Delete attribute owned by someone else
|
||||||
response = self.user_misp_connector.delete_attribute(second.attributes[1].id)
|
response = self.user_misp_connector.delete_attribute(second.attributes[1])
|
||||||
self.assertTrue(response['success'])
|
self.assertTrue(response['success'])
|
||||||
# Delete attribute owned by user
|
# Delete attribute owned by user
|
||||||
response = self.admin_misp_connector.delete_attribute(second.attributes[1].id)
|
response = self.admin_misp_connector.delete_attribute(second.attributes[1])
|
||||||
self.assertEqual(response['message'], 'Attribute deleted.')
|
self.assertEqual(response['message'], 'Attribute deleted.')
|
||||||
|
|
||||||
# Test attribute*S*
|
# Test attribute*S*
|
||||||
|
@ -1495,8 +1488,8 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(events), 2)
|
self.assertEqual(len(events), 2)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
|
|
||||||
def test_search_type_event_csv(self):
|
def test_search_type_event_csv(self):
|
||||||
try:
|
try:
|
||||||
|
@ -1512,9 +1505,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(events), 6)
|
self.assertEqual(len(events), 6)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_search_logs(self):
|
def test_search_logs(self):
|
||||||
# FIXME: https://github.com/MISP/MISP/issues/4872
|
# FIXME: https://github.com/MISP/MISP/issues/4872
|
||||||
|
@ -1587,7 +1580,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(list(users_stats.keys()), ['flatData', 'treemap'])
|
self.assertEqual(list(users_stats.keys()), ['flatData', 'treemap'])
|
||||||
|
|
||||||
users_stats = self.admin_misp_connector.users_statistics(context='attributehistogram')
|
users_stats = self.admin_misp_connector.users_statistics(context='attributehistogram')
|
||||||
self.assertTrue(isinstance(users_stats, dict))
|
self.assertTrue(isinstance(users_stats, dict), users_stats)
|
||||||
|
|
||||||
self.user_misp_connector.add_sighting({'value': first.attributes[0].value})
|
self.user_misp_connector.add_sighting({'value': first.attributes[0].value})
|
||||||
users_stats = self.user_misp_connector.users_statistics(context='sightings')
|
users_stats = self.user_misp_connector.users_statistics(context='sightings')
|
||||||
|
@ -1598,9 +1591,9 @@ class TestComprehensive(unittest.TestCase):
|
||||||
# self.assertTrue('matrix' in users_stats)
|
# self.assertTrue('matrix' in users_stats)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second)
|
||||||
self.admin_misp_connector.delete_event(third.id)
|
self.admin_misp_connector.delete_event(third)
|
||||||
|
|
||||||
def test_direct(self):
|
def test_direct(self):
|
||||||
try:
|
try:
|
||||||
|
@ -1612,7 +1605,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
event_get.from_dict(**r)
|
event_get.from_dict(**r)
|
||||||
self.assertDictEqual(event.to_dict(), event_get.to_dict())
|
self.assertDictEqual(event.to_dict(), event_get.to_dict())
|
||||||
finally:
|
finally:
|
||||||
self.admin_misp_connector.delete_event(event.id)
|
self.admin_misp_connector.delete_event(event)
|
||||||
|
|
||||||
def test_freetext(self):
|
def test_freetext(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
|
@ -1620,27 +1613,27 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.admin_misp_connector.toggle_warninglist(warninglist_name='%dns resolv%', force_enable=True)
|
self.admin_misp_connector.toggle_warninglist(warninglist_name='%dns resolv%', force_enable=True)
|
||||||
first = self.user_misp_connector.add_event(first)
|
first = self.user_misp_connector.add_event(first)
|
||||||
# disable_background_processing => returns the parsed data, before insertion
|
# disable_background_processing => returns the parsed data, before insertion
|
||||||
r = self.user_misp_connector.freetext(first.id, '1.1.1.1 foo@bar.de', adhereToWarninglists=False,
|
r = self.user_misp_connector.freetext(first, '1.1.1.1 foo@bar.de', adhereToWarninglists=False,
|
||||||
distribution=2, returnMetaAttributes=False, pythonify=True,
|
distribution=2, returnMetaAttributes=False, pythonify=True,
|
||||||
kw_params={'disable_background_processing': 1})
|
kw_params={'disable_background_processing': 1})
|
||||||
self.assertTrue(isinstance(r, list))
|
self.assertTrue(isinstance(r, list))
|
||||||
self.assertEqual(r[0].value, '1.1.1.1')
|
self.assertEqual(r[0].value, '1.1.1.1')
|
||||||
r = self.user_misp_connector.freetext(first.id, '9.9.9.9 foo@bar.com', adhereToWarninglists='soft',
|
r = self.user_misp_connector.freetext(first, '9.9.9.9 foo@bar.com', adhereToWarninglists='soft',
|
||||||
distribution=2, returnMetaAttributes=False, pythonify=True,
|
distribution=2, returnMetaAttributes=False, pythonify=True,
|
||||||
kw_params={'disable_background_processing': 1})
|
kw_params={'disable_background_processing': 1})
|
||||||
self.assertTrue(isinstance(r, list))
|
self.assertTrue(isinstance(r, list))
|
||||||
self.assertEqual(r[0].value, '9.9.9.9')
|
self.assertEqual(r[0].value, '9.9.9.9')
|
||||||
event = self.user_misp_connector.get_event(first.id, pythonify=True)
|
event = self.user_misp_connector.get_event(first, pythonify=True)
|
||||||
self.assertEqual(event.attributes[3].value, '9.9.9.9')
|
self.assertEqual(event.attributes[3].value, '9.9.9.9')
|
||||||
self.assertFalse(event.attributes[3].to_ids)
|
self.assertFalse(event.attributes[3].to_ids)
|
||||||
r_wl = self.user_misp_connector.freetext(first.id, '8.8.8.8 foo@bar.de', adhereToWarninglists=True,
|
r_wl = self.user_misp_connector.freetext(first, '8.8.8.8 foo@bar.de', adhereToWarninglists=True,
|
||||||
distribution=2, returnMetaAttributes=False,
|
distribution=2, returnMetaAttributes=False,
|
||||||
kw_params={'disable_background_processing': 0})
|
kw_params={'disable_background_processing': 0})
|
||||||
self.assertEqual(r_wl[0].value, '8.8.8.8')
|
self.assertEqual(r_wl[0].value, '8.8.8.8')
|
||||||
event = self.user_misp_connector.get_event(first.id, pythonify=True)
|
event = self.user_misp_connector.get_event(first, pythonify=True)
|
||||||
for attribute in event.attributes:
|
for attribute in event.attributes:
|
||||||
self.assertFalse(attribute.value == '8.8.8.8')
|
self.assertFalse(attribute.value == '8.8.8.8')
|
||||||
r = self.user_misp_connector.freetext(first.id, '1.1.1.1 foo@bar.de', adhereToWarninglists=True,
|
r = self.user_misp_connector.freetext(first, '1.1.1.1 foo@bar.de', adhereToWarninglists=True,
|
||||||
distribution=2, returnMetaAttributes=True)
|
distribution=2, returnMetaAttributes=True)
|
||||||
self.assertTrue(isinstance(r, list))
|
self.assertTrue(isinstance(r, list))
|
||||||
self.assertTrue(isinstance(r[0]['types'], dict))
|
self.assertTrue(isinstance(r[0]['types'], dict))
|
||||||
|
@ -1648,7 +1641,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
# Mostly solved https://github.com/MISP/MISP/issues/4886
|
# Mostly solved https://github.com/MISP/MISP/issues/4886
|
||||||
time.sleep(10)
|
time.sleep(10)
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_sharing_groups(self):
|
def test_sharing_groups(self):
|
||||||
# add
|
# add
|
||||||
|
@ -1659,13 +1652,13 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(sharing_group.name, 'Testcases SG')
|
self.assertEqual(sharing_group.name, 'Testcases SG')
|
||||||
self.assertEqual(sharing_group.releasability, 'Testing')
|
self.assertEqual(sharing_group.releasability, 'Testing')
|
||||||
# add org
|
# add org
|
||||||
r = self.admin_misp_connector.add_org_to_sharing_group(sharing_group.id,
|
r = self.admin_misp_connector.add_org_to_sharing_group(sharing_group,
|
||||||
self.test_org.id, extend=True)
|
self.test_org, extend=True)
|
||||||
self.assertEqual(r['name'], 'Organisation added to the sharing group.')
|
self.assertEqual(r['name'], 'Organisation added to the sharing group.')
|
||||||
|
|
||||||
# delete org
|
# delete org
|
||||||
r = self.admin_misp_connector.remove_org_from_sharing_group(sharing_group.id,
|
r = self.admin_misp_connector.remove_org_from_sharing_group(sharing_group,
|
||||||
self.test_org.id)
|
self.test_org)
|
||||||
self.assertEqual(r['name'], 'Organisation removed from the sharing group.', r)
|
self.assertEqual(r['name'], 'Organisation removed from the sharing group.', r)
|
||||||
# Get list
|
# Get list
|
||||||
sharing_groups = self.admin_misp_connector.sharing_groups(pythonify=True)
|
sharing_groups = self.admin_misp_connector.sharing_groups(pythonify=True)
|
||||||
|
@ -1689,7 +1682,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(first_attribute.sharing_group_id, int(sharing_group.id))
|
self.assertEqual(first_attribute.sharing_group_id, int(sharing_group.id))
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
# Delete sharing group
|
# Delete sharing group
|
||||||
r = self.admin_misp_connector.delete_sharing_group(sharing_group.id)
|
r = self.admin_misp_connector.delete_sharing_group(sharing_group.id)
|
||||||
self.assertEqual(r['message'], 'SharingGroup deleted')
|
self.assertEqual(r['message'], 'SharingGroup deleted')
|
||||||
|
@ -1708,7 +1701,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
feed = self.admin_misp_connector.update_feed(feed, pythonify=True)
|
feed = self.admin_misp_connector.update_feed(feed, pythonify=True)
|
||||||
self.assertEqual(feed.name, 'TestFeed - Update')
|
self.assertEqual(feed.name, 'TestFeed - Update')
|
||||||
# Delete
|
# Delete
|
||||||
r = self.admin_misp_connector.delete_feed(feed.id)
|
r = self.admin_misp_connector.delete_feed(feed)
|
||||||
self.assertEqual(r['message'], 'Feed deleted.')
|
self.assertEqual(r['message'], 'Feed deleted.')
|
||||||
# List
|
# List
|
||||||
feeds = self.admin_misp_connector.feeds(pythonify=True)
|
feeds = self.admin_misp_connector.feeds(pythonify=True)
|
||||||
|
@ -1717,7 +1710,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
if feed.name == 'The Botvrij.eu Data':
|
if feed.name == 'The Botvrij.eu Data':
|
||||||
break
|
break
|
||||||
# Get
|
# Get
|
||||||
botvrij = self.admin_misp_connector.get_feed(feed.id, pythonify=True)
|
botvrij = self.admin_misp_connector.get_feed(feed, pythonify=True)
|
||||||
self.assertEqual(botvrij.url, "http://www.botvrij.eu/data/feed-osint")
|
self.assertEqual(botvrij.url, "http://www.botvrij.eu/data/feed-osint")
|
||||||
# Enable
|
# Enable
|
||||||
# MISP OSINT
|
# MISP OSINT
|
||||||
|
@ -1731,11 +1724,11 @@ class TestComprehensive(unittest.TestCase):
|
||||||
feed = self.admin_misp_connector.enable_feed_cache(botvrij.id, pythonify=True)
|
feed = self.admin_misp_connector.enable_feed_cache(botvrij.id, pythonify=True)
|
||||||
self.assertTrue(feed.caching_enabled)
|
self.assertTrue(feed.caching_enabled)
|
||||||
# Cache
|
# Cache
|
||||||
r = self.admin_misp_connector.cache_feed(botvrij.id)
|
r = self.admin_misp_connector.cache_feed(botvrij)
|
||||||
self.assertEqual(r['message'], 'Feed caching job initiated.')
|
self.assertEqual(r['message'], 'Feed caching job initiated.')
|
||||||
# Fetch
|
# Fetch
|
||||||
# Cannot test that, it fetches all the events.
|
# Cannot test that, it fetches all the events.
|
||||||
# r = self.admin_misp_connector.fetch_feed(botvrij.id)
|
# r = self.admin_misp_connector.fetch_feed(botvrij)
|
||||||
# FIXME https://github.com/MISP/MISP/issues/4834#issuecomment-511889274
|
# FIXME https://github.com/MISP/MISP/issues/4834#issuecomment-511889274
|
||||||
# self.assertEqual(r['message'], 'Feed caching job initiated.')
|
# self.assertEqual(r['message'], 'Feed caching job initiated.')
|
||||||
|
|
||||||
|
@ -1774,7 +1767,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
servers = self.admin_misp_connector.servers(pythonify=True)
|
servers = self.admin_misp_connector.servers(pythonify=True)
|
||||||
self.assertEqual(servers[0].name, 'Updated name')
|
self.assertEqual(servers[0].name, 'Updated name')
|
||||||
# Delete
|
# Delete
|
||||||
r = self.admin_misp_connector.delete_server(server.id)
|
r = self.admin_misp_connector.delete_server(server)
|
||||||
self.assertEqual(r['name'], 'Server deleted')
|
self.assertEqual(r['name'], 'Server deleted')
|
||||||
|
|
||||||
@unittest.skipIf(sys.version_info < (3, 6), 'Not supported on python < 3.6')
|
@unittest.skipIf(sys.version_info < (3, 6), 'Not supported on python < 3.6')
|
||||||
|
@ -1788,7 +1781,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertEqual(len(first.objects), 7)
|
self.assertEqual(len(first.objects), 7)
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
|
|
||||||
def test_upload_stix(self):
|
def test_upload_stix(self):
|
||||||
# FIXME https://github.com/MISP/MISP/issues/4892
|
# FIXME https://github.com/MISP/MISP/issues/4892
|
||||||
|
@ -1806,7 +1799,7 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.assertTrue(isinstance(second, dict))
|
self.assertTrue(isinstance(second, dict))
|
||||||
finally:
|
finally:
|
||||||
# Delete event
|
# Delete event
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first)
|
||||||
self.admin_misp_connector.delete_event(second['Event']['id'])
|
self.admin_misp_connector.delete_event(second['Event']['id'])
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -435,7 +435,9 @@ class TestSync(unittest.TestCase):
|
||||||
sg.name = 'Testcases SG'
|
sg.name = 'Testcases SG'
|
||||||
sg.releasability = 'Testing'
|
sg.releasability = 'Testing'
|
||||||
sharing_group = source.site_admin_connector.add_sharing_group(sg)
|
sharing_group = source.site_admin_connector.add_sharing_group(sg)
|
||||||
a = source.site_admin_connector.add_org_to_sharing_group(sharing_group, middle.test_org.uuid)
|
source.site_admin_connector.add_org_to_sharing_group(sharing_group, middle.test_org.uuid)
|
||||||
|
source.site_admin_connector.add_server_to_sharing_group(sharing_group, 0) # Add local server
|
||||||
|
# NOTE: the data on that sharing group *won't be synced anywhere*
|
||||||
|
|
||||||
a = event.add_attribute('text', 'SG only attr')
|
a = event.add_attribute('text', 'SG only attr')
|
||||||
a.distribution = Distribution.sharing_group
|
a.distribution = Distribution.sharing_group
|
||||||
|
@ -443,26 +445,33 @@ class TestSync(unittest.TestCase):
|
||||||
|
|
||||||
event = source.org_admin_connector.add_event(event)
|
event = source.org_admin_connector.add_event(event)
|
||||||
source.org_admin_connector.publish(event)
|
source.org_admin_connector.publish(event)
|
||||||
time.sleep(15)
|
time.sleep(60)
|
||||||
|
|
||||||
event_middle = middle.user_connector.get_event(event.uuid)
|
event_middle = middle.user_connector.get_event(event)
|
||||||
event_last = last.user_connector.get_event(event.uuid)
|
self.assertTrue(isinstance(event_middle, MISPEvent), event_middle)
|
||||||
self.assertEqual(len(event_middle.attributes), 3)
|
self.assertEqual(len(event_middle.attributes), 2, event_middle)
|
||||||
|
self.assertEqual(len(event_middle.objects), 1, event_middle)
|
||||||
|
self.assertEqual(len(event_middle.objects[0].attributes), 1, event_middle)
|
||||||
|
|
||||||
|
event_last = last.user_connector.get_event(event)
|
||||||
|
self.assertTrue(isinstance(event_last, MISPEvent), event_last)
|
||||||
self.assertEqual(len(event_last.attributes), 1)
|
self.assertEqual(len(event_last.attributes), 1)
|
||||||
# Test if event is properly sanitized
|
# Test if event is properly sanitized
|
||||||
event_middle_as_site_admin = middle.site_admin_connector.get_event(event.uuid)
|
event_middle_as_site_admin = middle.site_admin_connector.get_event(event.uuid)
|
||||||
self.assertEqual(len(event_middle_as_site_admin.attributes), 3)
|
self.assertEqual(len(event_middle_as_site_admin.attributes), 2)
|
||||||
event_last_as_site_admin = last.site_admin_connector.get_event(event.uuid)
|
event_last_as_site_admin = last.site_admin_connector.get_event(event.uuid)
|
||||||
self.assertEqual(len(event_last_as_site_admin.attributes), 1)
|
self.assertEqual(len(event_last_as_site_admin.attributes), 1)
|
||||||
# Get sharing group from middle instance
|
# Get sharing group from middle instance
|
||||||
sgs = middle.site_admin_connector.sharing_groups()
|
sgs = middle.site_admin_connector.sharing_groups()
|
||||||
self.assertEqual(len(sgs), 1)
|
self.assertEqual(len(sgs), 0)
|
||||||
self.assertEqual(sgs[0].name, 'Testcases SG')
|
|
||||||
middle.site_admin_connector.delete_sharing_group(sgs[0])
|
# TODO: Update sharing group so the attribute is pushed
|
||||||
|
# self.assertEqual(sgs[0].name, 'Testcases SG')
|
||||||
|
# middle.site_admin_connector.delete_sharing_group(sgs[0])
|
||||||
finally:
|
finally:
|
||||||
source.org_admin_connector.delete_event(event)
|
source.org_admin_connector.delete_event(event)
|
||||||
middle.site_admin_connector.delete_event(event_middle)
|
middle.site_admin_connector.delete_event(event)
|
||||||
last.site_admin_connector.delete_event(event_last)
|
last.site_admin_connector.delete_event(event)
|
||||||
source.site_admin_connector.delete_sharing_group(sharing_group.id)
|
source.site_admin_connector.delete_sharing_group(sharing_group.id)
|
||||||
middle.site_admin_connector.delete_sharing_group(sharing_group.id)
|
middle.site_admin_connector.delete_sharing_group(sharing_group.id)
|
||||||
source.site_admin_connector.update_server({'push': False}, source.sync_servers[0].id)
|
source.site_admin_connector.update_server({'push': False}, source.sync_servers[0].id)
|
||||||
|
|
Loading…
Reference in New Issue