MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: Dump dependencies, update tests

pull/452/head
Raphaël Vinot 2019-09-11 14:20:55 +02:00
parent 53667485b9
commit b800dcb4b4
8 changed files with 35 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Pipfile.lock generated
View File

@ -645,11 +645,11 @@
}, },
"requests-mock": { "requests-mock": {
"hashes": [ "hashes": [
"sha256:12e17c7ad1397fd1df5ead7727eb3f1bdc9fe1c18293b0492e0e01b57997e38d", "sha256:510df890afe08d36eca5bb16b4aa6308a6f85e3159ad3013bac8b9de7bd5a010",
"sha256:dc9e416a095ee7c3360056990d52e5611fb94469352fc1c2dc85be1ff2189146" "sha256:88d3402dd8b3c69a9e4f9d3a73ad11b15920c6efd36bc27bf1f701cf4a8e4646"
], ],
"index": "pypi", "index": "pypi",
"version": "==1.6.0" "version": "==1.7.0"
}, },
"six": { "six": {
"hashes": [ "hashes": [
@ -660,9 +660,9 @@
}, },
"snowballstemmer": { "snowballstemmer": {
"hashes": [ "hashes": [
"sha256:9f3b9ffe0809d174f7047e121431acf99c89a7040f0ca84f94ba53a498e6d0c9" "sha256:713e53b79cbcf97bc5245a06080a33d54a77e7cce2f789c835a143bcdb5c033e"
], ],
"version": "==1.9.0" "version": "==1.9.1"
}, },
"soupsieve": { "soupsieve": {
"hashes": [ "hashes": [

2
docs/tutorial/FullOverview.ipynb
View File

@ -1471,7 +1471,7 @@
"name": "python", "name": "python",
"nbconvert_exporter": "python", "nbconvert_exporter": "python",
"pygments_lexer": "ipython3", "pygments_lexer": "ipython3",
"version": "3.6.7" "version": "3.7.3"
} }
}, },
"nbformat": 4, "nbformat": 4,

2
docs/tutorial/PyMISP_tutorial.ipynb
View File

@ -500,7 +500,7 @@
"name": "python", "name": "python",
"nbconvert_exporter": "python", "nbconvert_exporter": "python",
"pygments_lexer": "ipython3", "pygments_lexer": "ipython3",
"version": "3.6.7" "version": "3.7.3"
} }
}, },
"nbformat": 4, "nbformat": 4,

2
docs/tutorial/Search-FullOverview.ipynb
View File

@ -579,7 +579,7 @@
"name": "python", "name": "python",
"nbconvert_exporter": "python", "nbconvert_exporter": "python",
"pygments_lexer": "ipython3", "pygments_lexer": "ipython3",
"version": "3.6.7" "version": "3.7.3"
} }
}, },
"nbformat": 4, "nbformat": 4,

2
docs/tutorial/Search.ipynb
View File

@ -457,7 +457,7 @@
"name": "python", "name": "python",
"nbconvert_exporter": "python", "nbconvert_exporter": "python",
"pygments_lexer": "ipython3", "pygments_lexer": "ipython3",
"version": "3.6.7" "version": "3.7.3"
} }
}, },
"nbformat": 4, "nbformat": 4,

2
docs/tutorial/Usage-NG.ipynb
View File

@ -480,7 +480,7 @@
"name": "python", "name": "python",
"nbconvert_exporter": "python", "nbconvert_exporter": "python",
"pygments_lexer": "ipython3", "pygments_lexer": "ipython3",
"version": "3.6.7" "version": "3.7.3"
} }
}, },
"nbformat": 4, "nbformat": 4,

19
pymisp/aping.py
View File

@ -96,10 +96,11 @@ class ExpandedPyMISP(PyMISP):
self.category_type_mapping = self.describe_types['category_type_mappings'] self.category_type_mapping = self.describe_types['category_type_mappings']
self.sane_default = self.describe_types['sane_defaults'] self.sane_default = self.describe_types['sane_defaults']
@property def remote_acl(self, debug_type: str='findMissingFunctionNames'):
def remote_acl(self): """This should return an empty list, unless the ACL is outdated.
"""This should return an empty list, unless the ACL is outdated.""" debug_type can only be printAllFunctionNames, findMissingFunctionNames, or printRoleAccess
response = self._prepare_request('GET', 'events/queryACL.json') """
response = self._prepare_request('GET', f'events/queryACL/{debug_type}')
return self._check_response(response, expect_json=True) return self._check_response(response, expect_json=True)
@property @property
@ -1343,6 +1344,7 @@ class ExpandedPyMISP(PyMISP):
to_ids: Optional[Union[ToIDSType, List[ToIDSType]]]=None, to_ids: Optional[Union[ToIDSType, List[ToIDSType]]]=None,
deleted: Optional[str]=None, deleted: Optional[str]=None,
include_event_uuid: Optional[bool]=None, includeEventUuid: Optional[bool]=None, include_event_uuid: Optional[bool]=None, includeEventUuid: Optional[bool]=None,
include_event_tags: Optional[bool]=None, includeEventTags: Optional[bool]=None,
event_timestamp: Optional[DateTypes]=None, event_timestamp: Optional[DateTypes]=None,
sg_reference_only: Optional[bool]=None, sg_reference_only: Optional[bool]=None,
eventinfo: Optional[str]=None, eventinfo: Optional[str]=None,
@ -1378,6 +1380,7 @@ class ExpandedPyMISP(PyMISP):
:param to_ids: By default all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. 0 for the ones with to_ids set to False. :param to_ids: By default all attributes are returned that match the other filter parameters, irregardless of their to_ids setting. To restrict the returned data set to to_ids only attributes set this parameter to 1. 0 for the ones with to_ids set to False.
:param deleted: If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using "only" as a parameter it will limit the returned data set to soft-deleted data only. :param deleted: If this parameter is set to 1, it will return soft-deleted attributes along with active ones. By using "only" as a parameter it will limit the returned data set to soft-deleted data only.
:param include_event_uuid: Instead of just including the event ID, also include the event UUID in each of the attributes. :param include_event_uuid: Instead of just including the event ID, also include the event UUID in each of the attributes.
:param include_event_tags: Include the event level tags in each of the attributes.
:param event_timestamp: Only return attributes from events that have received a modification after the given timestamp. :param event_timestamp: Only return attributes from events that have received a modification after the given timestamp.
:param sg_reference_only: If this flag is set, sharing group objects will not be included, instead only the sharing group ID is set. :param sg_reference_only: If this flag is set, sharing group objects will not be included, instead only the sharing group ID is set.
:param eventinfo: Filter on the event's info field. :param eventinfo: Filter on the event's info field.
@ -1396,6 +1399,7 @@ class ExpandedPyMISP(PyMISP):
:param last: synonym for publish_timestamp :param last: synonym for publish_timestamp
:param enforceWarninglist: synonym for enforce_warninglist :param enforceWarninglist: synonym for enforce_warninglist
:param includeEventUuid: synonym for include_event_uuid :param includeEventUuid: synonym for include_event_uuid
:param includeEventTags: synonym for include_event_tags
:param includeContext: synonym for include_context :param includeContext: synonym for include_context
''' '''
@ -1416,6 +1420,8 @@ class ExpandedPyMISP(PyMISP):
enforce_warninglist = enforceWarninglist enforce_warninglist = enforceWarninglist
if includeEventUuid is not None: if includeEventUuid is not None:
include_event_uuid = includeEventUuid include_event_uuid = includeEventUuid
if includeEventTags is not None:
include_event_tags = includeEventTags
if includeContext is not None: if includeContext is not None:
include_context = includeContext include_context = includeContext
if includeCorrelations is not None: if includeCorrelations is not None:
@ -1462,6 +1468,7 @@ class ExpandedPyMISP(PyMISP):
query['to_ids'] = to_ids query['to_ids'] = to_ids
query['deleted'] = deleted query['deleted'] = deleted
query['includeEventUuid'] = self._make_misp_bool(include_event_uuid) query['includeEventUuid'] = self._make_misp_bool(include_event_uuid)
query['includeEventTags'] = self._make_misp_bool(include_event_tags)
if event_timestamp is not None: if event_timestamp is not None:
if isinstance(event_timestamp, (list, tuple)): if isinstance(event_timestamp, (list, tuple)):
query['event_timestamp'] = (self._make_timestamp(event_timestamp[0]), self._make_timestamp(event_timestamp[1])) query['event_timestamp'] = (self._make_timestamp(event_timestamp[0]), self._make_timestamp(event_timestamp[1]))
@ -2035,7 +2042,11 @@ class ExpandedPyMISP(PyMISP):
if 400 <= response.status_code < 500: if 400 <= response.status_code < 500:
# The server returns a json message with the error details # The server returns a json message with the error details
try:
error_message = response.json() error_message = response.json()
except Exception:
raise MISPServerError(f'Error code {response.status_code}:\n{response.text}')
logger.error(f'Something went wrong ({response.status_code}): {error_message}') logger.error(f'Something went wrong ({response.status_code}): {error_message}')
return {'errors': (response.status_code, error_message)} return {'errors': (response.status_code, error_message)}

9
tests/testlive_comprehensive.py
View File

@ -19,12 +19,15 @@ from uuid import uuid4
import email import email
from collections import defaultdict
import logging import logging
logging.disable(logging.CRITICAL) logging.disable(logging.CRITICAL)
try: try:
from pymisp import ExpandedPyMISP, MISPEvent, MISPOrganisation, MISPUser, Distribution, ThreatLevel, Analysis, MISPObject, MISPAttribute, MISPSighting, MISPShadowAttribute, MISPTag, MISPSharingGroup, MISPFeed, MISPServer from pymisp import ExpandedPyMISP, MISPEvent, MISPOrganisation, MISPUser, Distribution, ThreatLevel, Analysis, MISPObject, MISPAttribute, MISPSighting, MISPShadowAttribute, MISPTag, MISPSharingGroup, MISPFeed, MISPServer
from pymisp.tools import CSVLoader, DomainIPObject, ASNObject, GenericObjectGenerator from pymisp.tools import CSVLoader, DomainIPObject, ASNObject, GenericObjectGenerator
from pymisp.exceptions import MISPServerError
except ImportError: except ImportError:
if sys.version_info < (3, 6): if sys.version_info < (3, 6):
print('This test suite requires Python 3.6+, breaking.') print('This test suite requires Python 3.6+, breaking.')
@ -632,6 +635,7 @@ class TestComprehensive(unittest.TestCase):
# First has one text attribute # First has one text attribute
second = self.create_simple_event() second = self.create_simple_event()
second.info = 'foo blah' second.info = 'foo blah'
second.add_tag('tlp:amber___test')
second.set_date('2018-09-01') second.set_date('2018-09-01')
second.add_attribute('ip-src', '8.8.8.8') second.add_attribute('ip-src', '8.8.8.8')
# second has two attributes: text and ip-src # second has two attributes: text and ip-src
@ -728,6 +732,9 @@ class TestComprehensive(unittest.TestCase):
# include_event_uuid # include_event_uuid
attributes = self.user_misp_connector.search(controller='attributes', eventid=second.id, include_event_uuid=True) attributes = self.user_misp_connector.search(controller='attributes', eventid=second.id, include_event_uuid=True)
self.assertEqual(attributes[0].event_uuid, second.uuid) self.assertEqual(attributes[0].event_uuid, second.uuid)
# include_event_tags
attributes = self.user_misp_connector.search(controller='attributes', eventid=second.id, include_event_tags=True)
self.assertEqual(attributes[0].tags[0].name, 'tlp:amber___test')
# event_timestamp # event_timestamp
time.sleep(1) time.sleep(1)
@ -1344,6 +1351,8 @@ class TestComprehensive(unittest.TestCase):
for user in users: for user in users:
if user.email == users_email: if user.email == users_email:
break break
else:
raise Exception('Unable to find that user')
self.assertEqual(user.email, users_email) self.assertEqual(user.email, users_email)
# get user # get user
user = self.user_misp_connector.get_user(pythonify=True) user = self.user_misp_connector.get_user(pythonify=True)