Update v21 test suite. Fixes #245
Desai, Kartikey H
parent
9941014f3a
commit
cdac66c04d
|
|
@ -8,7 +8,6 @@ ATTACK_PATTERN_ID = "attack-pattern--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061"
|
|||
CAMPAIGN_ID = "campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
|
||||
COURSE_OF_ACTION_ID = "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f"
|
||||
IDENTITY_ID = "identity--311b2d2d-f010-4473-83ec-1edf84858f4c"
|
||||
IDENTITY_ALT_ID = "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
INDICATOR_ID = "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7"
|
||||
INTRUSION_SET_ID = "intrusion-set--4e78f46f-a023-4e5f-bc24-71b3ca22ec29"
|
||||
MALWARE_ID = "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e"
|
||||
|
|
|
|||
|
|
@ -4,8 +4,6 @@ import pytest
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ALT_ID
|
||||
|
||||
EXPECTED_BUNDLE = """{
|
||||
"type": "bundle",
|
||||
"id": "bundle--00000000-0000-4000-8000-000000000007",
|
||||
|
|
@ -187,7 +185,7 @@ def test_parse_unknown_type():
|
|||
"id": "other--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
"created": "2016-04-06T20:03:00Z",
|
||||
"modified": "2016-04-06T20:03:00Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "Campaign by Green Group against a series of targets in the financial services sector.",
|
||||
"name": "Green Group Attacks Against Finance",
|
||||
}
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import CAMPAIGN_ID, CAMPAIGN_MORE_KWARGS, IDENTITY_ALT_ID
|
||||
from .constants import CAMPAIGN_ID, CAMPAIGN_MORE_KWARGS
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "campaign",
|
||||
|
|
@ -45,7 +45,7 @@ def test_parse_campaign(data):
|
|||
assert cmpn.id == CAMPAIGN_ID
|
||||
assert cmpn.created == dt.datetime(2016, 4, 6, 20, 3, 0, tzinfo=pytz.utc)
|
||||
assert cmpn.modified == dt.datetime(2016, 4, 6, 20, 3, 0, tzinfo=pytz.utc)
|
||||
assert cmpn.created_by_ref == IDENTITY_ALT_ID
|
||||
assert cmpn.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
assert cmpn.description == "Campaign by Green Group against a series of targets in the financial services sector."
|
||||
assert cmpn.name == "Green Group Attacks Against Finance"
|
||||
|
||||
|
|
|
|||
|
|
@ -3,8 +3,6 @@ import pytest
|
|||
import stix2
|
||||
from stix2 import core, exceptions
|
||||
|
||||
from .constants import IDENTITY_ALT_ID
|
||||
|
||||
BUNDLE = {
|
||||
"type": "bundle",
|
||||
"spec_version": "2.0",
|
||||
|
|
@ -98,7 +96,7 @@ def test_register_marking_with_no_version():
|
|||
def test_register_observable_with_version():
|
||||
observed_data = stix2.v20.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -136,7 +134,7 @@ def test_register_observable_with_version():
|
|||
def test_register_observable_extension_with_version():
|
||||
observed_data = stix2.v20.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import COURSE_OF_ACTION_ID, IDENTITY_ALT_ID
|
||||
from .constants import COURSE_OF_ACTION_ID
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "course-of-action",
|
||||
|
|
@ -21,7 +21,7 @@ EXPECTED = """{
|
|||
def test_course_of_action_example():
|
||||
coa = stix2.v20.CourseOfAction(
|
||||
id=COURSE_OF_ACTION_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
name="Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter",
|
||||
|
|
@ -36,7 +36,7 @@ def test_course_of_action_example():
|
|||
EXPECTED,
|
||||
{
|
||||
"created": "2016-04-06T20:03:48.000Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ...",
|
||||
"id": COURSE_OF_ACTION_ID,
|
||||
"modified": "2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -52,7 +52,7 @@ def test_parse_course_of_action(data):
|
|||
assert coa.id == COURSE_OF_ACTION_ID
|
||||
assert coa.created == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert coa.modified == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert coa.created_by_ref == IDENTITY_ALT_ID
|
||||
assert coa.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
assert coa.description == "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ..."
|
||||
assert coa.name == "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter"
|
||||
|
||||
|
|
|
|||
|
|
@ -4,8 +4,6 @@ from stix2 import parse
|
|||
from stix2.datastore.filters import Filter, apply_common_filters
|
||||
from stix2.utils import STIXdatetime, parse_into_datetime
|
||||
|
||||
from .constants import IDENTITY_ALT_ID
|
||||
|
||||
stix_objs = [
|
||||
{
|
||||
"created": "2017-01-27T13:49:53.997Z",
|
||||
|
|
@ -70,7 +68,7 @@ stix_objs = [
|
|||
{
|
||||
"type": "observed-data",
|
||||
"id": "observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"modified": "2016-04-06T19:58:16.000Z",
|
||||
"first_observed": "2015-12-21T19:00:00Z",
|
||||
|
|
@ -441,7 +439,7 @@ def test_filters7(stix_objs2, real_stix_objs2):
|
|||
obsvd_data_obj = {
|
||||
"type": "observed-data",
|
||||
"id": "observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"modified": "2016-04-06T19:58:16.000Z",
|
||||
"first_observed": "2015-12-21T19:00:00Z",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ALT_ID, INTRUSION_SET_ID
|
||||
from .constants import INTRUSION_SET_ID
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "intrusion-set",
|
||||
|
|
@ -29,7 +29,7 @@ EXPECTED = """{
|
|||
def test_intrusion_set_example():
|
||||
intrusion_set = stix2.v20.IntrusionSet(
|
||||
id=INTRUSION_SET_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
name="Bobcat Breakin",
|
||||
|
|
@ -49,7 +49,7 @@ def test_intrusion_set_example():
|
|||
"Zookeeper",
|
||||
],
|
||||
"created": "2016-04-06T20:03:48.000Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "Incidents usually feature a shared TTP of a bobcat being released...",
|
||||
"goals": [
|
||||
"acquisition-theft",
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ALT_ID, OBSERVED_DATA_ID
|
||||
from .constants import OBSERVED_DATA_ID
|
||||
|
||||
OBJECTS_REGEX = re.compile('\"objects\": {(?:.*?)(?:(?:[^{]*?)|(?:{[^{]*?}))*}', re.DOTALL)
|
||||
|
||||
|
|
@ -32,7 +32,7 @@ EXPECTED = """{
|
|||
def test_observed_data_example():
|
||||
observed_data = stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -77,7 +77,7 @@ EXPECTED_WITH_REF = """{
|
|||
def test_observed_data_example_with_refs():
|
||||
observed_data = stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -103,7 +103,7 @@ def test_observed_data_example_with_bad_refs():
|
|||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -131,7 +131,7 @@ def test_observed_data_example_with_non_dictionary():
|
|||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -149,7 +149,7 @@ def test_observed_data_example_with_empty_dictionary():
|
|||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
@ -170,7 +170,7 @@ def test_observed_data_example_with_empty_dictionary():
|
|||
"type": "observed-data",
|
||||
"id": OBSERVED_DATA_ID,
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"first_observed": "2015-12-21T19:00:00Z",
|
||||
"last_observed": "2015-12-21T19:00:00Z",
|
||||
"modified": "2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -193,7 +193,7 @@ def test_parse_observed_data(data):
|
|||
assert odata.modified == dt.datetime(2016, 4, 6, 19, 58, 16, tzinfo=pytz.utc)
|
||||
assert odata.first_observed == dt.datetime(2015, 12, 21, 19, 0, 0, tzinfo=pytz.utc)
|
||||
assert odata.last_observed == dt.datetime(2015, 12, 21, 19, 0, 0, tzinfo=pytz.utc)
|
||||
assert odata.created_by_ref == IDENTITY_ALT_ID
|
||||
assert odata.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
assert odata.objects["0"].type == "file"
|
||||
|
||||
|
||||
|
|
@ -564,7 +564,7 @@ EXPECTED_PROCESS_OD = """{
|
|||
def test_observed_data_with_process_example():
|
||||
observed_data = stix2.v20.ObservedData(
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ALT_ID, THREAT_ACTOR_ID
|
||||
from .constants import THREAT_ACTOR_ID
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "threat-actor",
|
||||
|
|
@ -24,7 +24,7 @@ EXPECTED = """{
|
|||
def test_threat_actor_example():
|
||||
threat_actor = stix2.v20.ThreatActor(
|
||||
id=THREAT_ACTOR_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
description="The Evil Org threat actor group",
|
||||
|
|
@ -40,7 +40,7 @@ def test_threat_actor_example():
|
|||
EXPECTED,
|
||||
{
|
||||
"created": "2016-04-06T20:03:48.000Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "The Evil Org threat actor group",
|
||||
"id": THREAT_ACTOR_ID,
|
||||
"modified": "2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -57,7 +57,7 @@ def test_parse_threat_actor(data):
|
|||
assert actor.id == THREAT_ACTOR_ID
|
||||
assert actor.created == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert actor.modified == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert actor.created_by_ref == IDENTITY_ALT_ID
|
||||
assert actor.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
assert actor.description == "The Evil Org threat actor group"
|
||||
assert actor.name == "Evil Org"
|
||||
assert actor.labels == ["crime-syndicate"]
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import IDENTITY_ALT_ID, TOOL_ID
|
||||
from .constants import TOOL_ID
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "tool",
|
||||
|
|
@ -36,7 +36,7 @@ EXPECTED_WITH_REVOKED = """{
|
|||
def test_tool_example():
|
||||
tool = stix2.v20.Tool(
|
||||
id=TOOL_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
labels=["remote-access"],
|
||||
|
|
@ -51,7 +51,7 @@ def test_tool_example():
|
|||
EXPECTED,
|
||||
{
|
||||
"created": "2016-04-06T20:03:48Z",
|
||||
"created_by_ref": IDENTITY_ALT_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"id": TOOL_ID,
|
||||
"modified": "2016-04-06T20:03:48Z",
|
||||
"labels": ["remote-access"],
|
||||
|
|
@ -67,7 +67,7 @@ def test_parse_tool(data):
|
|||
assert tool.id == TOOL_ID
|
||||
assert tool.created == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert tool.modified == dt.datetime(2016, 4, 6, 20, 3, 48, tzinfo=pytz.utc)
|
||||
assert tool.created_by_ref == IDENTITY_ALT_ID
|
||||
assert tool.created_by_ref == "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff"
|
||||
assert tool.labels == ["remote-access"]
|
||||
assert tool.name == "VNC"
|
||||
|
||||
|
|
@ -81,7 +81,7 @@ def test_tool_no_workbench_wrappers():
|
|||
def test_tool_serialize_with_defaults():
|
||||
tool = stix2.v20.Tool(
|
||||
id=TOOL_ID,
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
labels=["remote-access"],
|
||||
|
|
|
|||
|
|
@ -8,8 +8,6 @@ import pytz
|
|||
|
||||
import stix2.utils
|
||||
|
||||
from .constants import IDENTITY_ALT_ID
|
||||
|
||||
amsterdam = pytz.timezone('Europe/Amsterdam')
|
||||
eastern = pytz.timezone('US/Eastern')
|
||||
|
||||
|
|
@ -125,7 +123,7 @@ def test_deduplicate(stix_objs1):
|
|||
(
|
||||
stix2.v20.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
created_by_ref=IDENTITY_ALT_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
first_observed="2015-12-21T19:00:00Z",
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@ import pytz
|
|||
|
||||
import stix2
|
||||
|
||||
from .constants import CAMPAIGN_ID
|
||||
from .constants import CAMPAIGN_ID, CAMPAIGN_MORE_KWARGS
|
||||
|
||||
EXPECTED = """{
|
||||
"type": "campaign",
|
||||
|
|
@ -21,12 +21,7 @@ EXPECTED = """{
|
|||
|
||||
def test_campaign_example():
|
||||
campaign = stix2.v21.Campaign(
|
||||
id="campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:00Z",
|
||||
modified="2016-04-06T20:03:00Z",
|
||||
name="Green Group Attacks Against Finance",
|
||||
description="Campaign by Green Group against a series of targets in the financial services sector.",
|
||||
**CAMPAIGN_MORE_KWARGS
|
||||
)
|
||||
|
||||
assert str(campaign) == EXPECTED
|
||||
|
|
@ -38,7 +33,7 @@ def test_campaign_example():
|
|||
{
|
||||
"type": "campaign",
|
||||
"spec_version": "2.1",
|
||||
"id": "campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
"id": CAMPAIGN_ID,
|
||||
"created": "2016-04-06T20:03:00Z",
|
||||
"modified": "2016-04-06T20:03:00Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@ import pytest
|
|||
import stix2
|
||||
from stix2 import core, exceptions
|
||||
|
||||
from .constants import OBSERVED_DATA_ID
|
||||
|
||||
BUNDLE = {
|
||||
"type": "bundle",
|
||||
"id": "bundle--00000000-0000-4000-8000-000000000007",
|
||||
|
|
@ -98,7 +100,7 @@ def test_register_marking_with_no_version():
|
|||
|
||||
def test_register_observable_with_default_version():
|
||||
observed_data = stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -136,7 +138,7 @@ def test_register_observable_with_default_version():
|
|||
|
||||
def test_register_observable_extension_with_default_version():
|
||||
observed_data = stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ EXPECTED = """{
|
|||
|
||||
def test_course_of_action_example():
|
||||
coa = stix2.v21.CourseOfAction(
|
||||
id="course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
id=COURSE_OF_ACTION_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -39,7 +39,7 @@ def test_course_of_action_example():
|
|||
"created": "2016-04-06T20:03:48.000Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "This is how to add a filter rule to block inbound access to TCP port 80 to the existing UDP 1434 filter ...",
|
||||
"id": "course-of-action--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
"id": COURSE_OF_ACTION_ID,
|
||||
"modified": "2016-04-06T20:03:48.000Z",
|
||||
"name": "Add TCP port 80 Filter Rule to the existing Block UDP 1434 Filter",
|
||||
"spec_version": "2.1",
|
||||
|
|
|
|||
|
|
@ -3,7 +3,7 @@ import pytest
|
|||
import stix2
|
||||
import stix2.base
|
||||
|
||||
from .constants import FAKE_TIME, MARKING_DEFINITION_ID
|
||||
from .constants import FAKE_TIME, IDENTITY_ID, MARKING_DEFINITION_ID
|
||||
|
||||
IDENTITY_CUSTOM_PROP = stix2.v21.Identity(
|
||||
name="John Smith",
|
||||
|
|
@ -16,7 +16,7 @@ IDENTITY_CUSTOM_PROP = stix2.v21.Identity(
|
|||
def test_identity_custom_property():
|
||||
with pytest.raises(ValueError) as excinfo:
|
||||
stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11Z",
|
||||
modified="2015-12-21T19:59:11Z",
|
||||
name="John Smith",
|
||||
|
|
@ -27,7 +27,7 @@ def test_identity_custom_property():
|
|||
|
||||
with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
|
||||
stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11Z",
|
||||
modified="2015-12-21T19:59:11Z",
|
||||
name="John Smith",
|
||||
|
|
@ -40,7 +40,7 @@ def test_identity_custom_property():
|
|||
assert "Unexpected properties for Identity" in str(excinfo.value)
|
||||
|
||||
identity = stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11Z",
|
||||
modified="2015-12-21T19:59:11Z",
|
||||
name="John Smith",
|
||||
|
|
@ -55,7 +55,7 @@ def test_identity_custom_property():
|
|||
def test_identity_custom_property_invalid():
|
||||
with pytest.raises(stix2.exceptions.ExtraPropertiesError) as excinfo:
|
||||
stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11Z",
|
||||
modified="2015-12-21T19:59:11Z",
|
||||
name="John Smith",
|
||||
|
|
@ -69,7 +69,7 @@ def test_identity_custom_property_invalid():
|
|||
|
||||
def test_identity_custom_property_allowed():
|
||||
identity = stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11Z",
|
||||
modified="2015-12-21T19:59:11Z",
|
||||
name="John Smith",
|
||||
|
|
@ -130,7 +130,7 @@ def test_custom_property_dict_in_bundled_object():
|
|||
custom_identity = {
|
||||
'type': 'identity',
|
||||
'spec_version': '2.1',
|
||||
'id': 'identity--311b2d2d-f010-4473-83ec-1edf84858f4c',
|
||||
'id': IDENTITY_ID,
|
||||
'created': '2015-12-21T19:59:11Z',
|
||||
'name': 'John Smith',
|
||||
'identity_class': 'individual',
|
||||
|
|
@ -148,7 +148,7 @@ def test_custom_properties_dict_in_bundled_object():
|
|||
custom_identity = {
|
||||
'type': 'identity',
|
||||
'spec_version': '2.1',
|
||||
'id': 'identity--311b2d2d-f010-4473-83ec-1edf84858f4c',
|
||||
'id': IDENTITY_ID,
|
||||
'created': '2015-12-21T19:59:11Z',
|
||||
'name': 'John Smith',
|
||||
'identity_class': 'individual',
|
||||
|
|
|
|||
|
|
@ -4,6 +4,8 @@ from stix2 import parse
|
|||
from stix2.datastore.filters import Filter, apply_common_filters
|
||||
from stix2.utils import STIXdatetime, parse_into_datetime
|
||||
|
||||
from .constants import OBSERVED_DATA_ID
|
||||
|
||||
stix_objs = [
|
||||
{
|
||||
"created": "2017-01-27T13:49:53.997Z",
|
||||
|
|
@ -72,7 +74,7 @@ stix_objs = [
|
|||
{
|
||||
"type": "observed-data",
|
||||
"spec_version": "2.1",
|
||||
"id": "observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
"id": OBSERVED_DATA_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"modified": "2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -444,7 +446,7 @@ def test_filters7(stix_objs2, real_stix_objs2):
|
|||
obsvd_data_obj = {
|
||||
"type": "observed-data",
|
||||
"spec_version": "2.1",
|
||||
"id": "observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
"id": OBSERVED_DATA_ID,
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"modified": "2016-04-06T19:58:16.000Z",
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ EXPECTED = """{
|
|||
|
||||
def test_identity_example():
|
||||
identity = stix2.v21.Identity(
|
||||
id="identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
id=IDENTITY_ID,
|
||||
created="2015-12-21T19:59:11.000Z",
|
||||
modified="2015-12-21T19:59:11.000Z",
|
||||
name="John Smith",
|
||||
|
|
@ -35,7 +35,7 @@ def test_identity_example():
|
|||
EXPECTED,
|
||||
{
|
||||
"created": "2015-12-21T19:59:11.000Z",
|
||||
"id": "identity--311b2d2d-f010-4473-83ec-1edf84858f4c",
|
||||
"id": IDENTITY_ID,
|
||||
"identity_class": "individual",
|
||||
"modified": "2015-12-21T19:59:11.000Z",
|
||||
"name": "John Smith",
|
||||
|
|
|
|||
|
|
@ -157,7 +157,7 @@ def test_created_modified_time_are_identical_by_default():
|
|||
EXPECTED_INDICATOR,
|
||||
{
|
||||
"type": "indicator",
|
||||
"id": "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7",
|
||||
"id": INDICATOR_ID,
|
||||
"created": "2017-01-01T00:00:01Z",
|
||||
"modified": "2017-01-01T00:00:01Z",
|
||||
"indicator_types": [
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ EXPECTED = """{
|
|||
|
||||
def test_intrusion_set_example():
|
||||
intrusion_set = stix2.v21.IntrusionSet(
|
||||
id="intrusion-set--4e78f46f-a023-4e5f-bc24-71b3ca22ec29",
|
||||
id=INTRUSION_SET_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -57,7 +57,7 @@ def test_intrusion_set_example():
|
|||
"harassment",
|
||||
"damage",
|
||||
],
|
||||
"id": "intrusion-set--4e78f46f-a023-4e5f-bc24-71b3ca22ec29",
|
||||
"id": INTRUSION_SET_ID,
|
||||
"modified": "2016-04-06T20:03:48.000Z",
|
||||
"name": "Bobcat Breakin",
|
||||
"spec_version": "2.1",
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ def test_location_with_some_required_properties():
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"region": "north-america",
|
||||
|
|
@ -94,7 +94,7 @@ def test_parse_location(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 90.01,
|
||||
|
|
@ -103,7 +103,7 @@ def test_parse_location(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": -90.1,
|
||||
|
|
@ -123,7 +123,7 @@ def test_location_bad_latitude(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 80,
|
||||
|
|
@ -132,7 +132,7 @@ def test_location_bad_latitude(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 80,
|
||||
|
|
@ -152,7 +152,7 @@ def test_location_bad_longitude(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"longitude": 175.7,
|
||||
|
|
@ -161,7 +161,7 @@ def test_location_bad_longitude(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 80,
|
||||
|
|
@ -181,7 +181,7 @@ def test_location_properties_missing_when_precision_is_present(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 18.468842,
|
||||
|
|
@ -203,7 +203,7 @@ def test_location_negative_precision(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 18.468842,
|
||||
|
|
@ -215,7 +215,7 @@ def test_location_negative_precision(data):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"longitude": 160.7,
|
||||
|
|
@ -238,7 +238,7 @@ def test_location_latitude_dependency_missing(data, msg):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"latitude": 18.468842,
|
||||
|
|
@ -249,7 +249,7 @@ def test_location_latitude_dependency_missing(data, msg):
|
|||
{
|
||||
"type": "location",
|
||||
"spec_version": "2.1",
|
||||
"id": "location--a6e9345f-5a15-4c29-8bb3-7dcc5d168d64",
|
||||
"id": LOCATION_ID,
|
||||
"created": "2016-04-06T20:03:00.000Z",
|
||||
"modified": "2016-04-06T20:03:00.000Z",
|
||||
"longitude": 160.7,
|
||||
|
|
|
|||
|
|
@ -110,7 +110,7 @@ def test_invalid_kwarg_to_malware():
|
|||
{
|
||||
"type": "malware",
|
||||
"spec_version": "2.1",
|
||||
"id": "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e",
|
||||
"id": MALWARE_ID,
|
||||
"created": "2016-05-12T08:17:27.000Z",
|
||||
"modified": "2016-05-12T08:17:27.000Z",
|
||||
"malware_types": ["ransomware"],
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ def test_marking_def_example_with_tlp():
|
|||
|
||||
def test_marking_def_example_with_statement_positional_argument():
|
||||
marking_definition = stix2.v21.MarkingDefinition(
|
||||
id="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
id=MARKING_DEFINITION_ID,
|
||||
created="2017-01-20T00:00:00.000Z",
|
||||
definition_type="statement",
|
||||
definition=stix2.StatementMarking(statement="Copyright 2016, Example Corp"),
|
||||
|
|
@ -92,7 +92,7 @@ def test_marking_def_example_with_statement_positional_argument():
|
|||
def test_marking_def_example_with_kwargs_statement():
|
||||
kwargs = dict(statement="Copyright 2016, Example Corp")
|
||||
marking_definition = stix2.v21.MarkingDefinition(
|
||||
id="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
id=MARKING_DEFINITION_ID,
|
||||
created="2017-01-20T00:00:00.000Z",
|
||||
definition_type="statement",
|
||||
definition=stix2.StatementMarking(**kwargs),
|
||||
|
|
@ -104,7 +104,7 @@ def test_marking_def_example_with_kwargs_statement():
|
|||
def test_marking_def_invalid_type():
|
||||
with pytest.raises(ValueError):
|
||||
stix2.v21.MarkingDefinition(
|
||||
id="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
id=MARKING_DEFINITION_ID,
|
||||
created="2017-01-20T00:00:00.000Z",
|
||||
definition_type="my-definition-type",
|
||||
definition=stix2.StatementMarking("Copyright 2016, Example Corp"),
|
||||
|
|
@ -126,7 +126,7 @@ def test_campaign_with_markings_example():
|
|||
|
||||
def test_granular_example():
|
||||
granular_marking = stix2.v21.GranularMarking(
|
||||
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
marking_ref=MARKING_DEFINITION_ID,
|
||||
selectors=["abc", "abc.[23]", "abc.def", "abc.[2].efg"],
|
||||
)
|
||||
|
||||
|
|
@ -136,7 +136,7 @@ def test_granular_example():
|
|||
def test_granular_example_with_bad_selector():
|
||||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v21.GranularMarking(
|
||||
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
marking_ref=MARKING_DEFINITION_ID,
|
||||
selectors=["abc[0]"], # missing "."
|
||||
)
|
||||
|
||||
|
|
@ -156,7 +156,7 @@ def test_campaign_with_granular_markings_example():
|
|||
description="Campaign by Green Group against a series of targets in the financial services sector.",
|
||||
granular_markings=[
|
||||
stix2.v21.GranularMarking(
|
||||
marking_ref="marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
marking_ref=MARKING_DEFINITION_ID,
|
||||
selectors=["description"],
|
||||
),
|
||||
],
|
||||
|
|
@ -168,7 +168,7 @@ def test_campaign_with_granular_markings_example():
|
|||
"data", [
|
||||
EXPECTED_TLP_MARKING_DEFINITION,
|
||||
{
|
||||
"id": "marking-definition--613f2e26-407d-48c7-9eca-b8e91df99dc9",
|
||||
"id": MARKING_DEFINITION_ID,
|
||||
"spec_version": "2.1",
|
||||
"type": "marking-definition",
|
||||
"created": "2017-01-20T00:00:00Z",
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ def test_note_with_required_properties():
|
|||
{
|
||||
"type": "note",
|
||||
"spec_version": "2.1",
|
||||
"id": "note--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
|
||||
"id": NOTE_ID,
|
||||
"created": "2016-05-12T08:17:27.000Z",
|
||||
"modified": "2016-05-12T08:17:27.000Z",
|
||||
"abstract": "Tracking Team Note#1",
|
||||
|
|
@ -93,7 +93,7 @@ def test_note_with_required_properties():
|
|||
"John Doe",
|
||||
],
|
||||
"object_refs": [
|
||||
"campaign--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
CAMPAIGN_ID,
|
||||
],
|
||||
"external_references": [
|
||||
{
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ EXPECTED = """{
|
|||
|
||||
def test_observed_data_example():
|
||||
observed_data = stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -78,7 +78,7 @@ EXPECTED_WITH_REF = """{
|
|||
|
||||
def test_observed_data_example_with_refs():
|
||||
observed_data = stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -104,7 +104,7 @@ def test_observed_data_example_with_refs():
|
|||
def test_observed_data_example_with_bad_refs():
|
||||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -132,7 +132,7 @@ def test_observed_data_example_with_bad_refs():
|
|||
def test_observed_data_example_with_non_dictionary():
|
||||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -150,7 +150,7 @@ def test_observed_data_example_with_non_dictionary():
|
|||
def test_observed_data_example_with_empty_dictionary():
|
||||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
@ -171,7 +171,7 @@ def test_observed_data_example_with_empty_dictionary():
|
|||
{
|
||||
"type": "observed-data",
|
||||
"spec_version": "2.1",
|
||||
"id": "observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
"id": OBSERVED_DATA_ID,
|
||||
"created": "2016-04-06T19:58:16.000Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"first_observed": "2015-12-21T19:00:00Z",
|
||||
|
|
@ -565,7 +565,7 @@ EXPECTED_PROCESS_OD = """{
|
|||
|
||||
def test_observed_data_with_process_example():
|
||||
observed_data = stix2.v21.ObservedData(
|
||||
id="observed-data--b67d30ff-02ac-498a-92f9-32f845f448cf",
|
||||
id=OBSERVED_DATA_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T19:58:16.000Z",
|
||||
modified="2016-04-06T19:58:16.000Z",
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ def test_opinion_with_required_properties():
|
|||
{
|
||||
"type": "opinion",
|
||||
"spec_version": "2.1",
|
||||
"id": "opinion--b01efc25-77b4-4003-b18b-f6e24b5cd9f7",
|
||||
"id": OPINION_ID,
|
||||
"created": "2016-05-12T08:17:27.000Z",
|
||||
"modified": "2016-05-12T08:17:27.000Z",
|
||||
"explanation": EXPLANATION,
|
||||
|
|
|
|||
|
|
@ -162,11 +162,11 @@ def test_create_relationship_with_positional_args(indicator, malware):
|
|||
EXPECTED_RELATIONSHIP,
|
||||
{
|
||||
"created": "2016-04-06T20:06:37Z",
|
||||
"id": "relationship--df7c87eb-75d2-4948-af81-9d49d246f301",
|
||||
"id": RELATIONSHIP_ID,
|
||||
"modified": "2016-04-06T20:06:37Z",
|
||||
"relationship_type": "indicates",
|
||||
"source_ref": "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7",
|
||||
"target_ref": "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e",
|
||||
"source_ref": INDICATOR_ID,
|
||||
"target_ref": MALWARE_ID,
|
||||
"spec_version": "2.1",
|
||||
"type": "relationship",
|
||||
},
|
||||
|
|
@ -181,19 +181,19 @@ def test_parse_relationship(data):
|
|||
assert rel.created == dt.datetime(2016, 4, 6, 20, 6, 37, tzinfo=pytz.utc)
|
||||
assert rel.modified == dt.datetime(2016, 4, 6, 20, 6, 37, tzinfo=pytz.utc)
|
||||
assert rel.relationship_type == "indicates"
|
||||
assert rel.source_ref == "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7"
|
||||
assert rel.target_ref == "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e"
|
||||
assert rel.source_ref == INDICATOR_ID
|
||||
assert rel.target_ref == MALWARE_ID
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"data", [
|
||||
{
|
||||
"created": "2016-04-06T20:06:37Z",
|
||||
"id": "relationship--df7c87eb-75d2-4948-af81-9d49d246f301",
|
||||
"id": RELATIONSHIP_ID,
|
||||
"modified": "2016-04-06T20:06:37Z",
|
||||
"relationship_type": "indicates",
|
||||
"source_ref": "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7",
|
||||
"target_ref": "malware--9c4638ec-f1de-4ddb-abf4-1b760417654e",
|
||||
"source_ref": INDICATOR_ID,
|
||||
"target_ref": MALWARE_ID,
|
||||
"start_time": "2018-04-06T20:06:37Z",
|
||||
"stop_time": "2016-04-06T20:06:37Z",
|
||||
"spec_version": "2.1",
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ EXPECTED = """{
|
|||
|
||||
def test_report_example():
|
||||
report = stix2.v21.Report(
|
||||
id="report--84e4d88f-44ea-4bcd-bbf3-b2c1c320bcb3",
|
||||
id=REPORT_ID,
|
||||
created_by_ref="identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",
|
||||
created="2015-12-21T19:59:11.000Z",
|
||||
modified="2015-12-21T19:59:11.000Z",
|
||||
|
|
@ -50,7 +50,7 @@ def test_report_example():
|
|||
|
||||
def test_report_example_objects_in_object_refs():
|
||||
report = stix2.v21.Report(
|
||||
id="report--84e4d88f-44ea-4bcd-bbf3-b2c1c320bcb3",
|
||||
id=REPORT_ID,
|
||||
created_by_ref="identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",
|
||||
created="2015-12-21T19:59:11.000Z",
|
||||
modified="2015-12-21T19:59:11.000Z",
|
||||
|
|
@ -71,7 +71,7 @@ def test_report_example_objects_in_object_refs():
|
|||
def test_report_example_objects_in_object_refs_with_bad_id():
|
||||
with pytest.raises(stix2.exceptions.InvalidValueError) as excinfo:
|
||||
stix2.v21.Report(
|
||||
id="report--84e4d88f-44ea-4bcd-bbf3-b2c1c320bcb3",
|
||||
id=REPORT_ID,
|
||||
created_by_ref="identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",
|
||||
created="2015-12-21T19:59:11.000Z",
|
||||
modified="2015-12-21T19:59:11.000Z",
|
||||
|
|
@ -99,7 +99,7 @@ def test_report_example_objects_in_object_refs_with_bad_id():
|
|||
"created": "2015-12-21T19:59:11.000Z",
|
||||
"created_by_ref": "identity--a463ffb3-1bd9-4d94-b02d-74e4f1658283",
|
||||
"description": "A simple report with an indicator and campaign",
|
||||
"id": "report--84e4d88f-44ea-4bcd-bbf3-b2c1c320bcb3",
|
||||
"id": REPORT_ID,
|
||||
"report_types": [
|
||||
"campaign",
|
||||
],
|
||||
|
|
|
|||
|
|
@ -96,7 +96,7 @@ def test_create_sighting_from_objects_rather_than_ids(malware): # noqa: F811
|
|||
EXPECTED_SIGHTING,
|
||||
{
|
||||
"created": "2016-04-06T20:06:37Z",
|
||||
"id": "sighting--bfbc19db-ec35-4e45-beed-f8bde2a772fb",
|
||||
"id": SIGHTING_ID,
|
||||
"modified": "2016-04-06T20:06:37Z",
|
||||
"sighting_of_ref": "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7",
|
||||
"spec_version": "2.1",
|
||||
|
|
@ -115,5 +115,5 @@ def test_parse_sighting(data):
|
|||
assert sighting.id == SIGHTING_ID
|
||||
assert sighting.created == dt.datetime(2016, 4, 6, 20, 6, 37, tzinfo=pytz.utc)
|
||||
assert sighting.modified == dt.datetime(2016, 4, 6, 20, 6, 37, tzinfo=pytz.utc)
|
||||
assert sighting.sighting_of_ref == "indicator--a740531e-63ff-4e49-a9e1-a0a3eed0e3e7"
|
||||
assert sighting.sighting_of_ref == INDICATOR_ID
|
||||
assert sighting.where_sighted_refs == ["identity--8cc7afd6-5455-4d2b-a736-e614ee631d99"]
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ EXPECTED = """{
|
|||
|
||||
def test_threat_actor_example():
|
||||
threat_actor = stix2.v21.ThreatActor(
|
||||
id="threat-actor--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
id=THREAT_ACTOR_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -43,7 +43,7 @@ def test_threat_actor_example():
|
|||
"created": "2016-04-06T20:03:48.000Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"description": "The Evil Org threat actor group",
|
||||
"id": "threat-actor--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
"id": THREAT_ACTOR_ID,
|
||||
"threat_actor_types": [
|
||||
"crime-syndicate",
|
||||
],
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ EXPECTED_WITH_REVOKED = """{
|
|||
|
||||
def test_tool_example():
|
||||
tool = stix2.v21.Tool(
|
||||
id="tool--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
id=TOOL_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
|
|
@ -54,7 +54,7 @@ def test_tool_example():
|
|||
{
|
||||
"created": "2016-04-06T20:03:48Z",
|
||||
"created_by_ref": "identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
"id": "tool--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
"id": TOOL_ID,
|
||||
"tool_types": [
|
||||
"remote-access",
|
||||
],
|
||||
|
|
@ -86,7 +86,7 @@ def test_tool_no_workbench_wrappers():
|
|||
|
||||
def test_tool_serialize_with_defaults():
|
||||
tool = stix2.v21.Tool(
|
||||
id="tool--8e2e2d2b-17d4-4cbf-938f-98ee46b3cd3f",
|
||||
id=TOOL_ID,
|
||||
created_by_ref="identity--f431f809-377b-45e0-aa1c-6a4751cae5ff",
|
||||
created="2016-04-06T20:03:48.000Z",
|
||||
modified="2016-04-06T20:03:48.000Z",
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ EXPECTED = """{
|
|||
|
||||
def test_vulnerability_example():
|
||||
vulnerability = stix2.v21.Vulnerability(
|
||||
id="vulnerability--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
|
||||
id=VULNERABILITY_ID,
|
||||
created="2016-05-12T08:17:27.000Z",
|
||||
modified="2016-05-12T08:17:27.000Z",
|
||||
name="CVE-2016-1234",
|
||||
|
|
@ -51,7 +51,7 @@ def test_vulnerability_example():
|
|||
"source_name": "cve",
|
||||
},
|
||||
],
|
||||
"id": "vulnerability--0c7b5b88-8ff7-4a4d-aa9d-feb398cd0061",
|
||||
"id": VULNERABILITY_ID,
|
||||
"modified": "2016-05-12T08:17:27Z",
|
||||
"name": "CVE-2016-1234",
|
||||
"spec_version": "2.1",
|
||||
|
|
|
|||
Loading…
Reference in New Issue