new: Method to check attribute and object existence

2020-11-07 10:17:16 +01:00 · 2020-11-07 10:17:16 +01:00 · 6c1f476bdd
parent 5e4dd2b974
commit 6c1f476bdd
2 changed files with 54 additions and 2 deletions
--- a/pymisp/api.py
+++ b/pymisp/api.py
@ -404,6 +404,15 @@ class PyMISP:
        o.from_dict(**misp_object_r)
        return o

+    def object_exists(self, misp_object: Union[MISPObject, int, str, UUID]) -> bool:
+        """Fast check if object exists.
+
+        :param misp_object: Attribute to check
+        """
+        object_id = get_uuid_or_id_from_abstract_misp(misp_object)
+        r = self._prepare_request('HEAD', f'objects/view/{object_id}')
+        return self._check_head_response(r)
+
    def add_object(self, event: Union[MISPEvent, int, str, UUID], misp_object: MISPObject, pythonify: bool = False) -> Union[Dict, MISPObject]:
        """Add a MISP Object to an existing MISP event

@ -544,6 +553,15 @@ class PyMISP:
        a.from_dict(**attribute_r)
        return a

+    def attribute_exists(self, attribute: Union[MISPAttribute, int, str, UUID]) -> bool:
+        """Fast check if attribute exists.
+
+        :param attribute: Attribute to check
+        """
+        attribute_id = get_uuid_or_id_from_abstract_misp(attribute)
+        r = self._prepare_request('HEAD', f'attributes/view/{attribute_id}')
+        return self._check_head_response(r)
+
    def add_attribute(self, event: Union[MISPEvent, int, str, UUID], attribute: MISPAttribute, pythonify: bool = False) -> Union[Dict, MISPAttribute, MISPShadowAttribute]:
        """Add an attribute to an existing MISP event

--- a/tests/testlive_comprehensive.py
+++ b/tests/testlive_comprehensive.py
@ -686,6 +686,42 @@ class TestComprehensive(unittest.TestCase):
            # Delete event
            self.admin_misp_connector.delete_event(first)

+    def test_exists(self):
+        """Check event, attribute and object existence"""
+        event = self.create_simple_event()
+        misp_object = MISPObject('domain-ip')
+        attribute = misp_object.add_attribute('domain', value='google.fr')
+        misp_object.add_attribute('ip', value='8.8.8.8')
+        event.add_object(misp_object)
+
+        # Event, attribute and object should not exists before event deletion
+        self.assertFalse(self.user_misp_connector.event_exists(event))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object))
+
+        try:
+            self.user_misp_connector.add_event(event)
+
+            self.assertTrue(self.user_misp_connector.event_exists(event))
+            self.assertTrue(self.user_misp_connector.event_exists(event.uuid))
+            self.assertTrue(self.user_misp_connector.event_exists(event.id))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute.uuid))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute.id))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object.id))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object.uuid))
+        finally:
+            self.admin_misp_connector.delete_event(event)
+
+        # Event, attribute and object should not exists after event deletion
+        self.assertFalse(self.user_misp_connector.event_exists(event))
+        self.assertFalse(self.user_misp_connector.event_exists(event.id))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute.id))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object.id))
+
    def test_simple_event(self):
        '''Search a bunch of parameters:
            * Value not existing
@ -713,9 +749,7 @@ class TestComprehensive(unittest.TestCase):
        second.add_attribute('ip-src', '8.8.8.8')
        # second has two attributes: text and ip-src
        try:
-            self.assertFalse(self.user_misp_connector.event_exists(first))
            first = self.user_misp_connector.add_event(first)
-            self.assertTrue(self.user_misp_connector.event_exists(first))
            second = self.user_misp_connector.add_event(second)
            timeframe = [first.timestamp.timestamp() - 5, first.timestamp.timestamp() + 5]
            # Search event we just created in multiple ways. Make sure it doesn't catch it when it shouldn't