2017-04-25 00:29:56 +02:00
|
|
|
import datetime as dt
|
|
|
|
|
2017-04-19 15:22:08 +02:00
|
|
|
import pytest
|
|
|
|
import pytz
|
2017-05-09 21:10:53 +02:00
|
|
|
|
2017-02-24 18:56:55 +01:00
|
|
|
import stix2
|
|
|
|
|
2017-04-19 15:22:08 +02:00
|
|
|
from .constants import COURSE_OF_ACTION_ID
|
|
|
|
|
2017-05-09 21:10:53 +02:00
|
|
|
|
2017-02-24 18:56:55 +01:00
|
|
|
EXPECTED = """{
|
2017-08-15 19:41:51 +02:00
|
|
|
"type": "course-of-action",
|
2017-02-24 18:56:55 +01:00
|
|
|
"id": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
2017-08-15 19:41:51 +02:00
|
|
|
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
|
|
|
"created": "2016-04-06T20:03:48.000Z",
|
2017-06-23 00:47:35 +02:00
|
|
|
"modified": "2016-04-06T20:03:48.000Z",
|
2017-02-24 18:56:55 +01:00
|
|
|
"name": "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter",
|
2017-08-15 19:41:51 +02:00
|
|
|
"description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..."
|
2017-02-24 18:56:55 +01:00
|
|
|
}"""
|
|
|
|
|
|
|
|
|
|
|
|
def test_course_of_action_example():
|
|
|
|
coa = stix2.CourseOfAction(
|
|
|
|
id="course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
|
|
|
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
2017-06-23 00:47:35 +02:00
|
|
|
created="2016-04-06T20:03:48.000Z",
|
|
|
|
modified="2016-04-06T20:03:48.000Z",
|
2017-02-24 18:56:55 +01:00
|
|
|
name="Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter",
|
|
|
|
description="This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..."
|
|
|
|
)
|
|
|
|
|
|
|
|
assert str(coa) == EXPECTED
|
|
|
|
|
2017-04-19 15:22:08 +02:00
|
|
|
|
|
|
|
@pytest.mark.parametrize("data", [
|
|
|
|
EXPECTED,
|
|
|
|
{
|
2017-06-23 00:47:35 +02:00
|
|
|
"created": "2016-04-06T20:03:48.000Z",
|
2017-04-19 15:22:08 +02:00
|
|
|
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
|
|
|
"description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ...",
|
|
|
|
"id": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
2017-06-23 00:47:35 +02:00
|
|
|
"modified": "2016-04-06T20:03:48.000Z",
|
2017-04-19 15:22:08 +02:00
|
|
|
"name": "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter",
|
|
|
|
"type": "course-of-action"
|
|
|
|
},
|
|
|
|
])
|
|
|
|
def test_parse_course_of_action(data):
|
|
|
|
coa = stix2.parse(data)
|
|
|
|
|
|
|
|
assert coa.type == 'course-of-action'
|
|
|
|
assert coa.id == COURSE_OF_ACTION_ID
|
|
|
|
assert coa.created == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
|
|
|
assert coa.modified == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
|
|
|
assert coa.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
|
|
|
assert coa.description == "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..."
|
|
|
|
assert coa.name == "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter"
|
|
|
|
|
2017-02-24 18:56:55 +01:00
|
|
|
# TODO: Add other examples
|