Merge branch 'khdesai-fix_issue_307'

Closes #317.

stix2/properties.py

@@ -9,7 +9,6 @@ import re
 import uuid
 
 from six import string_types, text_type
-from stix2patterns.validator import run_validator
 
 import stix2
 
@@ -557,14 +556,7 @@ class EnumProperty(StringProperty):
 
 
 class PatternProperty(StringProperty):
-
+    pass
-    def clean(self, value):
-        cleaned_value = super(PatternProperty, self).clean(value)
-        errors = run_validator(cleaned_value)
-        if errors:
-            raise ValueError(str(errors[0]))
-
-        return cleaned_value
 
 
 class ObservableProperty(Property):

stix2/test/v20/test_indicator.py

@@ -192,3 +192,23 @@ def test_invalid_indicator_pattern():
     assert excinfo.value.cls == stix2.v20.Indicator
     assert excinfo.value.prop_name == 'pattern'
     assert 'mismatched input' in excinfo.value.reason
+
+
+def test_indicator_stix21_invalid_pattern():
+    now = dt.datetime(2017, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
+    epoch = dt.datetime(1970, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
+    patrn = "[EXISTS windows-registry-key:values]"
+
+    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
+        stix2.v20.Indicator(
+            type="indicator",
+            id=INDICATOR_ID,
+            created=now,
+            modified=now,
+            pattern=patrn,
+            valid_from=epoch,
+            labels=["malicious-activity"],
+        )
+
+    assert excinfo.value.cls == stix2.v20.Indicator
+    assert "FAIL: Error found at line 1:8. no viable alternative at input 'EXISTS" in str(excinfo.value)

stix2/test/v21/test_indicator.py

@@ -251,3 +251,42 @@ def test_indicator_with_custom_embed_objs_extra_props_error():
     assert excinfo.value.cls == stix2.v21.Indicator
     assert excinfo.value.properties == ['bad_custom_prop']
     assert str(excinfo.value) == "Unexpected properties for Indicator: (bad_custom_prop)."
+
+
+def test_indicator_stix20_invalid_pattern():
+    now = dt.datetime(2017, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
+    epoch = dt.datetime(1970, 1, 1, 0, 0, 1, tzinfo=pytz.utc)
+    patrn = "[win-registry-key:key = 'hkey_local_machine\\\\foo\\\\bar'] WITHIN 5 SECONDS WITHIN 6 SECONDS"
+
+    with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
+        stix2.v21.Indicator(
+            type="indicator",
+            id=INDICATOR_ID,
+            created=now,
+            modified=now,
+            pattern=patrn,
+            pattern_type="stix",
+            valid_from=epoch,
+            indicator_types=['malicious-activity'],
+        )
+
+    assert excinfo.value.cls == stix2.v21.Indicator
+    assert "FAIL: The same qualifier is used more than once" in str(excinfo.value)
+
+    ind = stix2.v21.Indicator(
+        type="indicator",
+        id=INDICATOR_ID,
+        created=now,
+        modified=now,
+        pattern=patrn,
+        pattern_type="stix",
+        pattern_version="2.0",
+        valid_from=epoch,
+        indicator_types=['malicious-activity'],
+    )
+
+    assert ind.id == INDICATOR_ID
+    assert ind.indicator_types == ['malicious-activity']
+    assert ind.pattern == patrn
+    assert ind.pattern_type == "stix"
+    assert ind.pattern_version == "2.0"

stix2/v20/sdo.py

@@ -3,8 +3,11 @@
 from collections import OrderedDict
 import itertools
 
+from stix2patterns.validator import run_validator
+
 from ..core import STIXDomainObject
 from ..custom import _custom_object_builder
+from ..exceptions import InvalidValueError
 from ..properties import (
     BooleanProperty, IDProperty, IntegerProperty, ListProperty,
     ObservableProperty, PatternProperty, ReferenceProperty, StringProperty,
@@ -135,6 +138,11 @@ class Indicator(STIXDomainObject):
         ('granular_markings', ListProperty(GranularMarking)),
     ])
 
+    def _check_object_constraints(self):
+        errors = run_validator(self.get('pattern'), '2.0')
+        if errors:
+            raise InvalidValueError(self.__class__, 'pattern', str(errors[0]))
+
 
 class IntrusionSet(STIXDomainObject):
     """For more detailed information on this object's properties, see

stix2/v21/sdo.py

@@ -5,10 +5,13 @@ import itertools
 import warnings
 
 from six.moves.urllib.parse import quote_plus
+from stix2patterns.validator import run_validator
 
 from ..core import STIXDomainObject
 from ..custom import _custom_object_builder
-from ..exceptions import PropertyPresenceError, STIXDeprecationWarning
+from ..exceptions import (
+    InvalidValueError, PropertyPresenceError, STIXDeprecationWarning,
+)
 from ..properties import (
     BinaryProperty, BooleanProperty, EmbeddedObjectProperty, EnumProperty,
     FloatProperty, IDProperty, IntegerProperty, ListProperty,
@@ -232,6 +235,16 @@ class Indicator(STIXDomainObject):
             msg = "{0.id} 'valid_until' must be greater than 'valid_from'"
             raise ValueError(msg.format(self))
 
+        if self.get('pattern_type') == "stix":
+            try:
+                pat_ver = self.get('pattern_version')
+            except AttributeError:
+                pat_ver = '2.1'
+
+            errors = run_validator(self.get('pattern'), pat_ver)
+            if errors:
+                raise InvalidValueError(self.__class__, 'pattern', str(errors[0]))
+
 
 class Infrastructure(STIXDomainObject):
     # TODO: Add link