cti-python-stix2/stix2/test/test_malware.py

import datetime as dt

import pytest
import pytz

import stix2

from .constants import FAKE_TIME, MALWARE_ID, MALWARE_KWARGS
from .fixtures import clock, uuid4, malware  # noqa: F401

EXPECTED_MALWARE = """{
    "created": "2016-05-12T08:17:27Z",
    "id": "malware--fedcba98-7654-3210-fedc-ba9876543210",
    "labels": [
        "ransomware"
    ],
    "modified": "2016-05-12T08:17:27Z",
    "name": "Cryptolocker",
    "type": "malware"
}"""


def test_malware_with_all_required_fields():
    now = dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)

    mal = stix2.Malware(
        type="malware",
        id=MALWARE_ID,
        created=now,
        modified=now,
        labels=["ransomware"],
        name="Cryptolocker",
    )

    assert str(mal) == EXPECTED_MALWARE


def test_malware_autogenerated_fields(malware):  # noqa: F811
    assert malware.type == 'malware'
    assert malware.id == 'malware--00000000-0000-0000-0000-000000000001'
    assert malware.created == FAKE_TIME
    assert malware.modified == FAKE_TIME
    assert malware.labels == ['ransomware']
    assert malware.name == "Cryptolocker"

    assert malware['type'] == 'malware'
    assert malware['id'] == 'malware--00000000-0000-0000-0000-000000000001'
    assert malware['created'] == FAKE_TIME
    assert malware['modified'] == FAKE_TIME
    assert malware['labels'] == ['ransomware']
    assert malware['name'] == "Cryptolocker"


def test_malware_type_must_be_malware():
    with pytest.raises(ValueError) as excinfo:
        stix2.Malware(type='xxx', **MALWARE_KWARGS)

    assert str(excinfo.value) == "Invalid value for Malware 'type': must equal 'malware'."


def test_malware_id_must_start_with_malware():
    with pytest.raises(ValueError) as excinfo:
        stix2.Malware(id='my-prefix--', **MALWARE_KWARGS)

    assert str(excinfo.value) == "Invalid value for Malware 'id': must start with 'malware--'."


def test_malware_required_fields():
    with pytest.raises(ValueError) as excinfo:
        stix2.Malware()
    assert str(excinfo.value) == "Missing required field(s) for Malware: (labels, name)."


def test_malware_required_field_name():
    with pytest.raises(ValueError) as excinfo:
        stix2.Malware(labels=['ransomware'])
    assert str(excinfo.value) == "Missing required field(s) for Malware: (name)."


def test_cannot_assign_to_malware_attributes(malware):  # noqa: F811
    with pytest.raises(ValueError) as excinfo:
        malware.name = "Cryptolocker II"

    assert str(excinfo.value) == "Cannot modify properties after creation."


def test_invalid_kwarg_to_malware():
    with pytest.raises(TypeError) as excinfo:
        stix2.Malware(my_custom_property="foo", **MALWARE_KWARGS)
    assert str(excinfo.value) == "unexpected keyword arguments: ['my_custom_property']"


def test_parse_malware():
    mal = stix2.parse(EXPECTED_MALWARE)

    assert mal.type == 'malware'
    assert mal.id == MALWARE_ID
    assert mal.created == "2016-05-12T08:17:27Z"
    assert mal.modified == "2016-05-12T08:17:27Z"
    assert mal.labels == ['ransomware']
    assert mal.name == "Cryptolocker"
Split up test functions 2017-03-22 13:46:39 +01:00			`import datetime as dt`

			`import pytest`
			`import pytz`

			`import stix2`

			`from .constants import FAKE_TIME, MALWARE_ID, MALWARE_KWARGS`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`from .fixtures import clock, uuid4, malware # noqa: F401`
Split up test functions 2017-03-22 13:46:39 +01:00
			`EXPECTED_MALWARE = """{`
			`"created": "2016-05-12T08:17:27Z",`
			`"id": "malware--fedcba98-7654-3210-fedc-ba9876543210",`
			`"labels": [`
			`"ransomware"`
			`],`
			`"modified": "2016-05-12T08:17:27Z",`
			`"name": "Cryptolocker",`
			`"type": "malware"`
			`}"""`


			`def test_malware_with_all_required_fields():`
			`now = dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)`

Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`mal = stix2.Malware(`
Split up test functions 2017-03-22 13:46:39 +01:00			`type="malware",`
			`id=MALWARE_ID,`
			`created=now,`
			`modified=now,`
			`labels=["ransomware"],`
			`name="Cryptolocker",`
			`)`

Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`assert str(mal) == EXPECTED_MALWARE`
Split up test functions 2017-03-22 13:46:39 +01:00

Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`def test_malware_autogenerated_fields(malware): # noqa: F811`
Split up test functions 2017-03-22 13:46:39 +01:00			`assert malware.type == 'malware'`
			`assert malware.id == 'malware--00000000-0000-0000-0000-000000000001'`
			`assert malware.created == FAKE_TIME`
			`assert malware.modified == FAKE_TIME`
			`assert malware.labels == ['ransomware']`
			`assert malware.name == "Cryptolocker"`

			`assert malware['type'] == 'malware'`
			`assert malware['id'] == 'malware--00000000-0000-0000-0000-000000000001'`
			`assert malware['created'] == FAKE_TIME`
			`assert malware['modified'] == FAKE_TIME`
			`assert malware['labels'] == ['ransomware']`
			`assert malware['name'] == "Cryptolocker"`


			`def test_malware_type_must_be_malware():`
			`with pytest.raises(ValueError) as excinfo:`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`stix2.Malware(type='xxx', **MALWARE_KWARGS)`
Split up test functions 2017-03-22 13:46:39 +01:00
			`assert str(excinfo.value) == "Invalid value for Malware 'type': must equal 'malware'."`


			`def test_malware_id_must_start_with_malware():`
			`with pytest.raises(ValueError) as excinfo:`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`stix2.Malware(id='my-prefix--', **MALWARE_KWARGS)`
Split up test functions 2017-03-22 13:46:39 +01:00
			`assert str(excinfo.value) == "Invalid value for Malware 'id': must start with 'malware--'."`


			`def test_malware_required_fields():`
			`with pytest.raises(ValueError) as excinfo:`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`stix2.Malware()`
Split up test functions 2017-03-22 13:46:39 +01:00			`assert str(excinfo.value) == "Missing required field(s) for Malware: (labels, name)."`


			`def test_malware_required_field_name():`
			`with pytest.raises(ValueError) as excinfo:`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`stix2.Malware(labels=['ransomware'])`
Split up test functions 2017-03-22 13:46:39 +01:00			`assert str(excinfo.value) == "Missing required field(s) for Malware: (name)."`


Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`def test_cannot_assign_to_malware_attributes(malware): # noqa: F811`
Split up test functions 2017-03-22 13:46:39 +01:00			`with pytest.raises(ValueError) as excinfo:`
			`malware.name = "Cryptolocker II"`

			`assert str(excinfo.value) == "Cannot modify properties after creation."`


			`def test_invalid_kwarg_to_malware():`
			`with pytest.raises(TypeError) as excinfo:`
Fix or ignore Flake8 warnings. 2017-03-22 14:05:59 +01:00			`stix2.Malware(my_custom_property="foo", **MALWARE_KWARGS)`
Split up test functions 2017-03-22 13:46:39 +01:00			`assert str(excinfo.value) == "unexpected keyword arguments: ['my_custom_property']"`
Add parsing of Malware objects 2017-04-05 23:12:44 +02:00

			`def test_parse_malware():`
			`mal = stix2.parse(EXPECTED_MALWARE)`

			`assert mal.type == 'malware'`
			`assert mal.id == MALWARE_ID`
			`assert mal.created == "2016-05-12T08:17:27Z"`
			`assert mal.modified == "2016-05-12T08:17:27Z"`
			`assert mal.labels == ['ransomware']`
			`assert mal.name == "Cryptolocker"`