From 6c1f476bdd869b265774d7dc14738d6b2aa1a00a Mon Sep 17 00:00:00 2001
From: Jakub Onderka <jakub.onderka@gmail.com>
Date: Sat, 7 Nov 2020 10:17:16 +0100
Subject: [PATCH] new: Method to check attribute and object existence

---
 pymisp/api.py                   | 18 ++++++++++++++++
 tests/testlive_comprehensive.py | 38 +++++++++++++++++++++++++++++++--
 2 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/pymisp/api.py b/pymisp/api.py
index ae527ab..314c9ac 100644
--- a/pymisp/api.py
+++ b/pymisp/api.py
@@ -404,6 +404,15 @@ class PyMISP:
         o.from_dict(**misp_object_r)
         return o
 
+    def object_exists(self, misp_object: Union[MISPObject, int, str, UUID]) -> bool:
+        """Fast check if object exists.
+
+        :param misp_object: Attribute to check
+        """
+        object_id = get_uuid_or_id_from_abstract_misp(misp_object)
+        r = self._prepare_request('HEAD', f'objects/view/{object_id}')
+        return self._check_head_response(r)
+
     def add_object(self, event: Union[MISPEvent, int, str, UUID], misp_object: MISPObject, pythonify: bool = False) -> Union[Dict, MISPObject]:
         """Add a MISP Object to an existing MISP event
 
@@ -544,6 +553,15 @@ class PyMISP:
         a.from_dict(**attribute_r)
         return a
 
+    def attribute_exists(self, attribute: Union[MISPAttribute, int, str, UUID]) -> bool:
+        """Fast check if attribute exists.
+
+        :param attribute: Attribute to check
+        """
+        attribute_id = get_uuid_or_id_from_abstract_misp(attribute)
+        r = self._prepare_request('HEAD', f'attributes/view/{attribute_id}')
+        return self._check_head_response(r)
+
     def add_attribute(self, event: Union[MISPEvent, int, str, UUID], attribute: MISPAttribute, pythonify: bool = False) -> Union[Dict, MISPAttribute, MISPShadowAttribute]:
         """Add an attribute to an existing MISP event
 
diff --git a/tests/testlive_comprehensive.py b/tests/testlive_comprehensive.py
index 695206a..8318b37 100644
--- a/tests/testlive_comprehensive.py
+++ b/tests/testlive_comprehensive.py
@@ -686,6 +686,42 @@ class TestComprehensive(unittest.TestCase):
             # Delete event
             self.admin_misp_connector.delete_event(first)
 
+    def test_exists(self):
+        """Check event, attribute and object existence"""
+        event = self.create_simple_event()
+        misp_object = MISPObject('domain-ip')
+        attribute = misp_object.add_attribute('domain', value='google.fr')
+        misp_object.add_attribute('ip', value='8.8.8.8')
+        event.add_object(misp_object)
+
+        # Event, attribute and object should not exists before event deletion
+        self.assertFalse(self.user_misp_connector.event_exists(event))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object))
+
+        try:
+            self.user_misp_connector.add_event(event)
+
+            self.assertTrue(self.user_misp_connector.event_exists(event))
+            self.assertTrue(self.user_misp_connector.event_exists(event.uuid))
+            self.assertTrue(self.user_misp_connector.event_exists(event.id))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute.uuid))
+            self.assertTrue(self.user_misp_connector.attribute_exists(attribute.id))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object.id))
+            self.assertTrue(self.user_misp_connector.object_exists(misp_object.uuid))
+        finally:
+            self.admin_misp_connector.delete_event(event)
+
+        # Event, attribute and object should not exists after event deletion
+        self.assertFalse(self.user_misp_connector.event_exists(event))
+        self.assertFalse(self.user_misp_connector.event_exists(event.id))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute))
+        self.assertFalse(self.user_misp_connector.attribute_exists(attribute.id))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object))
+        self.assertFalse(self.user_misp_connector.object_exists(misp_object.id))
+
     def test_simple_event(self):
         '''Search a bunch of parameters:
             * Value not existing
@@ -713,9 +749,7 @@ class TestComprehensive(unittest.TestCase):
         second.add_attribute('ip-src', '8.8.8.8')
         # second has two attributes: text and ip-src
         try:
-            self.assertFalse(self.user_misp_connector.event_exists(first))
             first = self.user_misp_connector.add_event(first)
-            self.assertTrue(self.user_misp_connector.event_exists(first))
             second = self.user_misp_connector.add_event(second)
             timeframe = [first.timestamp.timestamp() - 5, first.timestamp.timestamp() + 5]
             # Search event we just created in multiple ways. Make sure it doesn't catch it when it shouldn't