add content for basic incident testing
parent
be0ebbad65
commit
b696f14560
|
@ -9,6 +9,7 @@ CAMPAIGN_ID = "campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
|
||||||
COURSE_OF_ACTION_ID = "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
|
COURSE_OF_ACTION_ID = "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
|
||||||
GROUPING_ID = "grouping--753abcde-3141-5926-ace5-0a810b1ff996"
|
GROUPING_ID = "grouping--753abcde-3141-5926-ace5-0a810b1ff996"
|
||||||
IDENTITY_ID = "identity--311b2d2d-f010-4473-83ec-1edf84858f4c"
|
IDENTITY_ID = "identity--311b2d2d-f010-4473-83ec-1edf84858f4c"
|
||||||
|
INCIDENT_ID = "incident--40fc3b35-0dc4-4afd-9927-288d44bfce20"
|
||||||
INDICATOR_ID = "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7"
|
INDICATOR_ID = "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7"
|
||||||
INFRASTRUCTURE_ID = "infrastructure--3000ae1b-784c-f03d-8abc-0a625b2ff018"
|
INFRASTRUCTURE_ID = "infrastructure--3000ae1b-784c-f03d-8abc-0a625b2ff018"
|
||||||
INTRUSION_SET_ID = "intrusion-set--4e78f46f-a023-4e5f-bc24-71b3ca22ec29"
|
INTRUSION_SET_ID = "intrusion-set--4e78f46f-a023-4e5f-bc24-71b3ca22ec29"
|
||||||
|
|
|
@ -0,0 +1,81 @@
|
||||||
|
import datetime as dt
|
||||||
|
|
||||||
|
import pytest
|
||||||
|
import pytz
|
||||||
|
|
||||||
|
import stix2
|
||||||
|
|
||||||
|
from .constants import INCIDENT_ID
|
||||||
|
|
||||||
|
EXPECTED = """{
|
||||||
|
"type": "incident",
|
||||||
|
"spec_version": "2.1",
|
||||||
|
"id": "incident--40fc3b35-0dc4-4afd-9927-288d44bfce20",
|
||||||
|
"created": "2015-12-21T19:59:11.000Z",
|
||||||
|
"modified": "2015-12-21T19:59:11.000Z",
|
||||||
|
"name": "Breach of Cyber Tech Dynamics",
|
||||||
|
"description": "Intrusion into enterprise network"
|
||||||
|
}"""
|
||||||
|
|
||||||
|
|
||||||
|
def test_incident_example():
|
||||||
|
incident = stix2.v21.Incident(
|
||||||
|
id=INCIDENT_ID,
|
||||||
|
created="2015-12-21T19:59:11.000Z",
|
||||||
|
modified="2015-12-21T19:59:11.000Z",
|
||||||
|
name="Breach of Cyber Tech Dynamics",
|
||||||
|
description="Intrusion into enterprise network",
|
||||||
|
)
|
||||||
|
|
||||||
|
assert str(incident) == EXPECTED
|
||||||
|
|
||||||
|
|
||||||
|
@pytest.mark.parametrize(
|
||||||
|
"data", [
|
||||||
|
EXPECTED,
|
||||||
|
{
|
||||||
|
"created": "2015-12-21T19:59:11.000Z",
|
||||||
|
"id": INCIDENT_ID,
|
||||||
|
"description": "Intrusion into enterprise network",
|
||||||
|
"modified": "2015-12-21T19:59:11.000Z",
|
||||||
|
"name": "Breach of Cyber Tech Dynamics",
|
||||||
|
"spec_version": "2.1",
|
||||||
|
"type": "incident",
|
||||||
|
},
|
||||||
|
],
|
||||||
|
)
|
||||||
|
def test_parse_incident(data):
|
||||||
|
incident = stix2.parse(data, version="2.1")
|
||||||
|
|
||||||
|
assert incident.type == 'incident'
|
||||||
|
assert incident.spec_version == '2.1'
|
||||||
|
assert incident.id == INCIDENT_ID
|
||||||
|
assert incident.created == dt.datetime(2015, 12, 21, 19, 59, 11, tzinfo=pytz.utc)
|
||||||
|
assert incident.modified == dt.datetime(2015, 12, 21, 19, 59, 11, tzinfo=pytz.utc)
|
||||||
|
assert incident.name == 'Breach of Cyber Tech Dynamics'
|
||||||
|
assert incident.description == 'Intrusion into enterprise network'
|
||||||
|
|
||||||
|
|
||||||
|
def test_parse_no_type():
|
||||||
|
with pytest.raises(stix2.exceptions.ParseError):
|
||||||
|
stix2.parse(
|
||||||
|
"""
|
||||||
|
{
|
||||||
|
"id": "incident--40fc3b35-0dc4-4afd-9927-288d44bfce20",
|
||||||
|
"created": "2015-12-21T19:59:11.000Z",
|
||||||
|
"modified": "2015-12-21T19:59:11.000Z",
|
||||||
|
"name": "Breach of Cyber Tech Dynamics",
|
||||||
|
"description": "Intrusion into enterprise network"
|
||||||
|
}""", version="2.1",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
|
def test_incident_with_custom():
|
||||||
|
incident = stix2.v21.Incident(
|
||||||
|
name="Breach of Cyber Tech Dynamics",
|
||||||
|
description="Intrusion into enterprise network",
|
||||||
|
custom_properties={'x_foo': 'bar'},
|
||||||
|
)
|
||||||
|
|
||||||
|
assert incident.x_foo == "bar"
|
||||||
|
assert "x_foo" in incident.object_properties()
|
Loading…
Reference in New Issue