cti-python-stix2/stix2/test/test_attack_pattern.py

import datetime as dt

import pytest
import pytz
import stix2

from .constants import ATTACK_PATTERN_ID

EXPECTED = """{
    "created": "2016-05-12T08:17:27Z",
    "description": "...",
    "external_references": [
        {
            "external_id": "CAPEC-163",
            "source_name": "capec"
        }
    ],
    "id": "attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
    "modified": "2016-05-12T08:17:27Z",
    "name": "Spear Phishing",
    "type": "attack-pattern"
}"""


def test_attack_pattern_example():
    ap = stix2.AttackPattern(
        id="attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
        created="2016-05-12T08:17:27Z",
        modified="2016-05-12T08:17:27Z",
        name="Spear Phishing",
        external_references=[{
            "source_name": "capec",
            "external_id": "CAPEC-163"
        }],
        description="...",
    )

    assert str(ap) == EXPECTED


@pytest.mark.parametrize("data", [
    EXPECTED,
    {
        "type": "attack-pattern",
        "id": "attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
        "created": "2016-05-12T08:17:27Z",
        "modified": "2016-05-12T08:17:27Z",
        "description": "...",
        "external_references": [
            {
                "external_id": "CAPEC-163",
                "source_name": "capec"
            }
        ],
        "name": "Spear Phishing",
    },
])
def test_parse_attack_pattern(data):
    ap = stix2.parse(data)

    assert ap.type == 'attack-pattern'
    assert ap.id == ATTACK_PATTERN_ID
    assert ap.created == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)
    assert ap.modified == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)
    assert ap.description == "..."
    assert ap.external_references[0].external_id == 'CAPEC-163'
    assert ap.external_references[0].source_name == 'capec'
    assert ap.name == "Spear Phishing"

# TODO: Add other examples
Fix import order, add flake8-import-order plugin to Tox 2017-04-25 00:29:56 +02:00			`import datetime as dt`

Parse all SDOs and SROs 2017-04-19 15:22:08 +02:00			`import pytest`
			`import pytz`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`import stix2`

Parse all SDOs and SROs 2017-04-19 15:22:08 +02:00			`from .constants import ATTACK_PATTERN_ID`

Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`EXPECTED = """{`
Add TimestampProperty 2017-04-11 18:10:55 +02:00			`"created": "2016-05-12T08:17:27Z",`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`"description": "...",`
			`"external_references": [`
			`{`
Fix parsing errors - Typos in Attack Pattern tests - Put MarkingDefinition, ExternalReference, and KillChainPhase together in a file for objects that aren't SDOs or SROs - Create utility function to return dictionary from string or file-like object - Put off testing parsing Cyber Observable Objects until a later commit 2017-04-19 20:32:56 +02:00			`"external_id": "CAPEC-163",`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`"source_name": "capec"`
			`}`
			`],`
			`"id": "attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",`
Add TimestampProperty 2017-04-11 18:10:55 +02:00			`"modified": "2016-05-12T08:17:27Z",`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`"name": "Spear Phishing",`
			`"type": "attack-pattern"`
			`}"""`


			`def test_attack_pattern_example():`
			`ap = stix2.AttackPattern(`
			`id="attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",`
Add TimestampProperty 2017-04-11 18:10:55 +02:00			`created="2016-05-12T08:17:27Z",`
			`modified="2016-05-12T08:17:27Z",`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`name="Spear Phishing",`
			`external_references=[{`
			`"source_name": "capec",`
Fix parsing errors - Typos in Attack Pattern tests - Put MarkingDefinition, ExternalReference, and KillChainPhase together in a file for objects that aren't SDOs or SROs - Create utility function to return dictionary from string or file-like object - Put off testing parsing Cyber Observable Objects until a later commit 2017-04-19 20:32:56 +02:00			`"external_id": "CAPEC-163"`
Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`}],`
			`description="...",`
			`)`

			`assert str(ap) == EXPECTED`


Parse all SDOs and SROs 2017-04-19 15:22:08 +02:00			`@pytest.mark.parametrize("data", [`
			`EXPECTED,`
			`{`
			`"type": "attack-pattern",`
			`"id": "attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",`
			`"created": "2016-05-12T08:17:27Z",`
			`"modified": "2016-05-12T08:17:27Z",`
			`"description": "...",`
			`"external_references": [`
			`{`
Fix parsing errors - Typos in Attack Pattern tests - Put MarkingDefinition, ExternalReference, and KillChainPhase together in a file for objects that aren't SDOs or SROs - Create utility function to return dictionary from string or file-like object - Put off testing parsing Cyber Observable Objects until a later commit 2017-04-19 20:32:56 +02:00			`"external_id": "CAPEC-163",`
Parse all SDOs and SROs 2017-04-19 15:22:08 +02:00			`"source_name": "capec"`
			`}`
			`],`
			`"name": "Spear Phishing",`
			`},`
			`])`
			`def test_parse_attack_pattern(data):`
			`ap = stix2.parse(data)`

			`assert ap.type == 'attack-pattern'`
			`assert ap.id == ATTACK_PATTERN_ID`
			`assert ap.created == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)`
			`assert ap.modified == dt.datetime(2016, 5, 12, 8, 17, 27, tzinfo=pytz.utc)`
			`assert ap.description == "..."`
Fix parsing errors - Typos in Attack Pattern tests - Put MarkingDefinition, ExternalReference, and KillChainPhase together in a file for objects that aren't SDOs or SROs - Create utility function to return dictionary from string or file-like object - Put off testing parsing Cyber Observable Objects until a later commit 2017-04-19 20:32:56 +02:00			`assert ap.external_references[0].external_id == 'CAPEC-163'`
			`assert ap.external_references[0].source_name == 'capec'`
Parse all SDOs and SROs 2017-04-19 15:22:08 +02:00			`assert ap.name == "Spear Phishing"`

Add tests for all SDOs 2017-02-24 18:56:55 +01:00			`# TODO: Add other examples`