cti-python-stix2/stix2/test/test_data_sources.py

155 lines
3.9 KiB
Python
Raw Normal View History

from stix2.sources import taxii
2017-05-25 19:31:45 +02:00
def test_ds_taxii():
2017-05-31 15:47:36 +02:00
ds = taxii.TAXIIDataSource()
assert ds.name == 'TAXII'
2017-05-31 15:58:14 +02:00
def test_ds_taxii_name():
2017-05-31 15:47:36 +02:00
ds = taxii.TAXIIDataSource(name='My Data Source Name')
assert ds.name == "My Data Source Name"
2017-05-31 15:58:14 +02:00
def test_ds_params():
2017-05-31 15:47:36 +02:00
url = "http://taxii_url.com:5000"
2017-05-31 15:58:14 +02:00
creds = {"username": "Wade", "password": "Wilson"}
ds = taxii.TAXIIDataSource(api_root=url, auth=creds)
2017-05-31 15:47:36 +02:00
assert ds.taxii_info['api_root']['url'] == url
assert ds.taxii_info['auth'] == creds
2017-05-31 15:58:14 +02:00
def test_parse_taxii_filters():
2017-05-31 15:47:36 +02:00
query = [
{
2017-05-31 15:58:14 +02:00
"field": "added_after",
"op": "=",
"value": "2016-02-01T00:00:01.000Z"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "id",
"op": "=",
"value": "taxii stix object ID"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "type",
"op": "=",
"value": "taxii stix object ID"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "version",
"op": "=",
"value": "first"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "created_by_ref",
"op": "=",
"value": "Bane"
2017-05-31 15:47:36 +02:00
}
]
expected_params = {
2017-05-31 15:58:14 +02:00
"added_after": "2016-02-01T00:00:01.000Z",
"match[id]": "taxii stix object ID",
"match[type]": "taxii stix object ID",
"match[version]": "first"
2017-05-31 15:47:36 +02:00
}
ds = taxii.TAXIIDataSource()
taxii_filters = ds._parse_taxii_filters(query)
assert taxii_filters == expected_params
def test_add_get_remove_filter():
class dummy(object):
x = 4
obj_1 = dummy()
2017-05-31 15:58:14 +02:00
# First 3 filters are valid, remaining fields are erroneous in some way
2017-05-31 15:47:36 +02:00
filters = [
{
"field": "type",
"op": '=',
2017-05-31 15:58:14 +02:00
"value": "malware"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "id",
"op": "!=",
"value": "stix object id"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "labels",
"op": "in",
"value": ["heartbleed", "malicious-activity"]
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "revoked",
"value": "filter missing \'op\' field"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "granular_markings",
"op": "=",
"value": "not supported field - just place holder"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "modified",
"op": "*",
"value": "not supported operator - just place holder"
2017-05-31 15:47:36 +02:00
},
{
2017-05-31 15:58:14 +02:00
"field": "created",
"op": "=",
"value": obj_1
2017-05-31 15:47:36 +02:00
}
]
2017-05-31 15:58:14 +02:00
expected_errors = [
2017-05-31 15:47:36 +02:00
"Filter was missing a required field(key). Each filter requires 'field', 'op', 'value' keys.",
"Filter 'field' is not a STIX 2.0 common property. Currently only STIX object common properties supported",
"Filter operation(from 'op' field) not supported",
"Filter 'value' type is not supported. The type(value) must be python immutable type or dictionary"
]
ds = taxii.TAXIIDataSource()
2017-05-31 15:58:14 +02:00
# add
2017-05-31 15:47:36 +02:00
ids, statuses = ds.add_filter(filters)
2017-05-31 15:58:14 +02:00
# 7 filters should have been successfully added
2017-05-31 15:47:36 +02:00
assert len(ids) == 7
2017-05-31 15:58:14 +02:00
# all filters added to data source
2017-05-31 15:47:36 +02:00
for idx, status in enumerate(statuses):
assert status['filter'] == filters[idx]
2017-05-31 15:58:14 +02:00
# proper status warnings were triggered
2017-05-31 15:47:36 +02:00
assert statuses[3]['errors'][0] == expected_errors[0]
assert statuses[4]['errors'][0] == expected_errors[1]
assert statuses[5]['errors'][0] == expected_errors[2]
assert statuses[6]['errors'][0] == expected_errors[3]
2017-05-31 15:58:14 +02:00
# def test_data_source_file():
# ds = file.FileDataSource()
#
# assert ds.name == "DataSource"
#
#
# def test_data_source_name():
# ds = file.FileDataSource(name="My File Data Source")
#
# assert ds.name == "My File Data Source"
#
#
# def test_data_source_get():
# ds = file.FileDataSource(name="My File Data Source")
#
# with pytest.raises(NotImplementedError):
# ds.get("foo")
#
# #filter testing
# def test_add_filter():
# ds = file.FileDataSource()