MISP
/
cti-python-stix2
mirror of https://github.com/MISP/cti-python-stix2
2
0
Fork 0
Code Issues Releases Wiki Activity

Change object markings for immutable SDOs

stix2.1
clenk 2017-08-21 13:57:01 -04:00
parent c0d02fbfcd
commit 8687521111
5 changed files with 113 additions and 105 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
stix2/markings/__init__.py
View File

@ -63,9 +63,9 @@ def set_markings(obj, selectors, marking):
""" """
if selectors is None: if selectors is None:
object_markings.set_markings(obj, marking) return object_markings.set_markings(obj, marking)
else: else:
granular_markings.set_markings(obj, selectors, marking) return granular_markings.set_markings(obj, selectors, marking)
def remove_markings(obj, selectors, marking): def remove_markings(obj, selectors, marking):
@ -89,9 +89,9 @@ def remove_markings(obj, selectors, marking):
""" """
if selectors is None: if selectors is None:
object_markings.remove_markings(obj, marking) return object_markings.remove_markings(obj, marking)
else: else:
granular_markings.remove_markings(obj, selectors, marking) return granular_markings.remove_markings(obj, selectors, marking)
def add_markings(obj, selectors, marking): def add_markings(obj, selectors, marking):
@ -134,9 +134,9 @@ def clear_markings(obj, selectors):
""" """
if selectors is None: if selectors is None:
object_markings.clear_markings(obj) return object_markings.clear_markings(obj)
else: else:
granular_markings.clear_markings(obj, selectors) return granular_markings.clear_markings(obj, selectors)
def is_marked(obj, selectors, marking=None, inherited=False, descendants=False): def is_marked(obj, selectors, marking=None, inherited=False, descendants=False):

7
stix2/markings/object_markings.py
View File

@ -63,8 +63,11 @@ def remove_markings(obj, marking):
raise AssertionError("Unable to remove Object Level Marking(s) from " raise AssertionError("Unable to remove Object Level Marking(s) from "
"internal collection. Marking(s) not found...") "internal collection. Marking(s) not found...")
return obj.new_version(object_marking_refs=[x for x in object_markings new_markings = [x for x in object_markings if x not in marking]
if x not in marking]) if new_markings:
return obj.new_version(object_marking_refs=new_markings)
else:
return obj.new_version(object_marking_refs=None)
def set_markings(obj, marking): def set_markings(obj, marking):

1
stix2/properties.py
View File

@ -311,6 +311,7 @@ class ReferenceProperty(Property):
def clean(self, value): def clean(self, value):
if isinstance(value, _STIXBase): if isinstance(value, _STIXBase):
value = value.id value = value.id
value = str(value)
if self.type: if self.type:
if not value.startswith(self.type): if not value.startswith(self.type):
raise ValueError("must start with '{0}'.".format(self.type)) raise ValueError("must start with '{0}'.".format(self.type))

9
stix2/test/constants.py
View File

@ -20,6 +20,15 @@ TOOL_ID = "tool--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
SIGHTING_ID = "sighting--bfbc19db-ec35-4e45-beed-f8bde2a772fb" SIGHTING_ID = "sighting--bfbc19db-ec35-4e45-beed-f8bde2a772fb"
VULNERABILITY_ID = "vulnerability--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061" VULNERABILITY_ID = "vulnerability--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061"
MARKING_IDS = [
"marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
"marking-definition--443eb5c3-a76c-4a0a-8caa-e93998e7bc09",
"marking-definition--57fcd772-9c1d-41b0-8d1f-3d47713415d9",
"marking-definition--462bf1a6-03d2-419c-b74e-eee2238b2de4",
"marking-definition--68520ae2-fefe-43a9-84ee-2c2a934d2c7d",
"marking-definition--2802dfb1-1019-40a8-8848-68d0ec0e417f",
]
# Minimum required args for an Identity instance # Minimum required args for an Identity instance
IDENTITY_KWARGS = dict( IDENTITY_KWARGS = dict(
name="John Smith", name="John Smith",

189
stix2/test/test_object_markings.py
View File

@ -1,10 +1,20 @@
import pytest import pytest
from stix2 import markings from stix2 import Malware, exceptions, markings
from .constants import FAKE_TIME, MALWARE_ID, MARKING_IDS
from .constants import MALWARE_KWARGS as MALWARE_KWARGS_CONST
"""Tests for the Data Markings API.""" """Tests for the Data Markings API."""
MALWARE_KWARGS = MALWARE_KWARGS_CONST.copy()
MALWARE_KWARGS.update({
'id': MALWARE_ID,
'created': FAKE_TIME,
'modified': FAKE_TIME,
})
def test_add_markings_one_marking(): def test_add_markings_one_marking():
before = { before = {
@ -15,10 +25,10 @@ def test_add_markings_one_marking():
after = { after = {
"title": "test title", "title": "test title",
"description": "test description", "description": "test description",
"object_marking_refs": ["marking-definition--1"] "object_marking_refs": [MARKING_IDS[0]]
} }
markings.add_markings(before, None, "marking-definition--1") markings.add_markings(before, None, MARKING_IDS[0])
assert before == after assert before == after
@ -32,41 +42,38 @@ def test_add_markings_multiple_marking():
after = { after = {
"title": "test title", "title": "test title",
"description": "test description", "description": "test description",
"object_marking_refs": ["marking-definition--1", "marking-definition--2"] "object_marking_refs": [MARKING_IDS[0], MARKING_IDS[1]]
} }
markings.add_markings(before, None, ["marking-definition--1", "marking-definition--2"]) markings.add_markings(before, None, [MARKING_IDS[0], MARKING_IDS[1]])
for m in before["object_marking_refs"]: for m in before["object_marking_refs"]:
assert m in after["object_marking_refs"] assert m in after["object_marking_refs"]
def test_add_markings_combination(): def test_add_markings_combination():
before = { before = Malware(
"title": "test title", **MALWARE_KWARGS
"description": "test description" )
} after = Malware(
object_marking_refs=[MARKING_IDS[0], MARKING_IDS[1]],
after = { granular_markings=[
"title": "test title",
"description": "test description",
"object_marking_refs": ["marking-definition--1", "marking-definition--2"],
"granular_markings": [
{ {
"selectors": ["title"], "selectors": ["labels"],
"marking_ref": "marking-definition--3" "marking_ref": MARKING_IDS[2]
}, },
{ {
"selectors": ["description"], "selectors": ["name"],
"marking_ref": "marking-definition--4" "marking_ref": MARKING_IDS[3]
}, },
] ],
} **MALWARE_KWARGS
)
markings.add_markings(before, None, "marking-definition--1") before = markings.add_markings(before, None, MARKING_IDS[0])
markings.add_markings(before, None, "marking-definition--2") before = markings.add_markings(before, None, MARKING_IDS[1])
markings.add_markings(before, "title", "marking-definition--3") before = markings.add_markings(before, "labels", MARKING_IDS[2])
markings.add_markings(before, "description", "marking-definition--4") before = markings.add_markings(before, "name", MARKING_IDS[3])
for m in before["granular_markings"]: for m in before["granular_markings"]:
assert m in after["granular_markings"] assert m in after["granular_markings"]
@ -79,15 +86,14 @@ def test_add_markings_combination():
([""]), ([""]),
(""), (""),
([]), ([]),
(["marking-definition--1", 456]) ([MARKING_IDS[0], 456])
]) ])
def test_add_markings_bad_markings(data): def test_add_markings_bad_markings(data):
before = { before = Malware(
"title": "test title", **MALWARE_KWARGS
"description": "test description" )
} with pytest.raises(exceptions.InvalidValueError):
with pytest.raises(AssertionError): before = markings.add_markings(before, None, data)
markings.add_markings(before, None, data)
assert "object_marking_refs" not in before assert "object_marking_refs" not in before
@ -240,65 +246,58 @@ def test_get_markings_object_and_granular_combinations(data):
def test_remove_markings_object_level(): def test_remove_markings_object_level():
after = { before = Malware(
"title": "test title", object_marking_refs=[MARKING_IDS[0]],
"description": "test description" **MALWARE_KWARGS
} )
after = Malware(
**MALWARE_KWARGS
)
before = { before = markings.remove_markings(before, None, MARKING_IDS[0])
"title": "test title",
"description": "test description",
"object_marking_refs": ["marking-definition--1"]
}
markings.remove_markings(before, None, "marking-definition--1") assert 'object_marking_refs' not in before
assert 'object_marking_refs' not in after
assert before == after
def test_remove_markings_multiple(): def test_remove_markings_multiple():
after = { before = Malware(
"title": "test title", object_marking_refs=[MARKING_IDS[0], MARKING_IDS[1], MARKING_IDS[2]],
"description": "test description", **MALWARE_KWARGS
"object_marking_refs": ["marking-definition--2"] )
} after = Malware(
object_marking_refs=[MARKING_IDS[1]],
**MALWARE_KWARGS
)
before = { before = markings.remove_markings(before, None, [MARKING_IDS[0], MARKING_IDS[2]])
"title": "test title",
"description": "test description",
"object_marking_refs": ["marking-definition--1", "marking-definition--2", "marking-definition--3"]
}
markings.remove_markings(before, None, ["marking-definition--1", "marking-definition--3"]) assert before['object_marking_refs'] == after['object_marking_refs']
assert before == after
def test_remove_markings_bad_markings(): def test_remove_markings_bad_markings():
before = { before = {
"title": "test title", "title": "test title",
"description": "test description", "description": "test description",
"object_marking_refs": ["marking-definition--1", "marking-definition--2", "marking-definition--3"] "object_marking_refs": [MARKING_IDS[0], MARKING_IDS[1], MARKING_IDS[2]]
} }
with pytest.raises(AssertionError): with pytest.raises(AssertionError):
markings.remove_markings(before, None, ["marking-definition--5"]) markings.remove_markings(before, None, [MARKING_IDS[4]])
def test_clear_markings(): def test_clear_markings():
after = { before = Malware(
"title": "test title", object_marking_refs=[MARKING_IDS[0], MARKING_IDS[1], MARKING_IDS[2]],
"description": "test description" **MALWARE_KWARGS
} )
after = Malware(
**MALWARE_KWARGS
)
before = { before = markings.clear_markings(before, None)
"title": "test title",
"description": "test description",
"object_marking_refs": ["marking-definition--1", "marking-definition--2", "marking-definition--3"]
}
markings.clear_markings(before, None) assert 'object_marking_refs' not in before
assert 'object_marking_refs' not in after
assert before == after
def test_is_marked_object_and_granular_combinations(): def test_is_marked_object_and_granular_combinations():
@ -442,23 +441,21 @@ def test_is_marked_object_and_granular_combinations():
def test_set_marking(): def test_set_marking():
before = { before = Malware(
"title": "test title", object_marking_refs=[MARKING_IDS[0], MARKING_IDS[1], MARKING_IDS[2]],
"description": "test description", **MALWARE_KWARGS
"object_marking_refs": ["marking-definition--1", "marking-definition--2", "marking-definition--3"] )
} after = Malware(
after = { object_marking_refs=[MARKING_IDS[4], MARKING_IDS[5]],
"title": "test title", **MALWARE_KWARGS
"description": "test description", )
"object_marking_refs": ["marking-definition--7", "marking-definition--9"]
}
markings.set_markings(before, None, ["marking-definition--7", "marking-definition--9"]) before = markings.set_markings(before, None, [MARKING_IDS[4], MARKING_IDS[5]])
for m in before["object_marking_refs"]: for m in before["object_marking_refs"]:
assert m in ["marking-definition--7", "marking-definition--9"] assert m in [MARKING_IDS[4], MARKING_IDS[5]]
assert ["marking-definition--1", "marking-definition--2", "marking-definition--3"] not in before["object_marking_refs"] assert [MARKING_IDS[0], MARKING_IDS[1], MARKING_IDS[2]] not in before["object_marking_refs"]
for x in before["object_marking_refs"]: for x in before["object_marking_refs"]:
assert x in after["object_marking_refs"] assert x in after["object_marking_refs"]
@ -468,20 +465,18 @@ def test_set_marking():
([]), ([]),
([""]), ([""]),
(""), (""),
(["marking-definition--7", 687]) ([MARKING_IDS[4], 687])
]) ])
def test_set_marking_bad_input(data): def test_set_marking_bad_input(data):
before = { before = Malware(
"description": "test description", object_marking_refs=[MARKING_IDS[0]],
"title": "foo", **MALWARE_KWARGS
"object_marking_refs": ["marking-definition--1"] )
} after = Malware(
after = { object_marking_refs=[MARKING_IDS[0]],
"description": "test description", **MALWARE_KWARGS
"title": "foo", )
"object_marking_refs": ["marking-definition--1"] with pytest.raises(exceptions.InvalidValueError):
} before = markings.set_markings(before, None, data)
with pytest.raises(AssertionError):
markings.set_markings(before, None, data)
assert before == after assert before == after