Fix some more improper exception re-raises in the filesystem

datastore test suite.  Add a new test corpus file, located so
as to test the backward compatibility functionality of
FileSystemSource.  Add a test to the suite which ensures that
this new file is found.
master
Michael Chisholm 2018-11-27 14:20:55 -05:00
parent 63166ab256
commit d8a775c60d
2 changed files with 49 additions and 4 deletions

View File

@ -0,0 +1,27 @@
{
"type": "malware",
"id": "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38",
"created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
"created": "2017-05-31T21:32:58.226Z",
"modified": "2018-11-16T22:54:20.390Z",
"name": "Rover",
"description": "Rover is malware suspected of being used for espionage purposes. It was used in 2015 in a targeted email sent to an Indian Ambassador to Afghanistan.[[Citation: Palo Alto Rover]]",
"labels": [
"version four"
],
"external_references": [
{
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/wiki/Software/S0090",
"external_id": "S0090"
},
{
"source_name": "Palo Alto Rover",
"description": "Ray, V., Hayashi, K. (2016, February 29). New Malware \u2018Rover\u2019 Targets Indian Ambassador to Afghanistan. Retrieved February 29, 2016.",
"url": "http://researchcenter.paloaltonetworks.com/2016/02/new-malware-rover-targets-indian-ambassador-to-afghanistan/"
}
],
"object_marking_refs": [
"marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
]
}

View File

@ -118,7 +118,7 @@ def rel_fs_store():
# errno symbolic value, but not the windows meaning... # errno symbolic value, but not the windows meaning...
if e.errno in (errno.ENOENT, 3): if e.errno in (errno.ENOENT, 3):
continue continue
raise e raise
def test_filesystem_source_nonexistent_folder(): def test_filesystem_source_nonexistent_folder():
@ -158,7 +158,7 @@ def test_filesystem_source_get_object(fs_source):
mal = fs_source.get("malware--6b616fc1-1505-48e3-8b2c-0d19337bff38") mal = fs_source.get("malware--6b616fc1-1505-48e3-8b2c-0d19337bff38")
assert mal.id == "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38" assert mal.id == "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38"
assert mal.name == "Rover" assert mal.name == "Rover"
assert mal.modified == datetime.datetime(2018, 11, 1, 23, 24, 48, 457000, assert mal.modified == datetime.datetime(2018, 11, 16, 22, 54, 20, 390000,
pytz.utc) pytz.utc)
@ -200,6 +200,24 @@ def test_filesytem_source_query_multiple(fs_source):
assert len(is_1.external_references) == 4 assert len(is_1.external_references) == 4
def test_filesystem_source_backward_compatible(fs_source):
# this specific object is outside an "ID" directory; make sure we can get
# it.
modified = datetime.datetime(2018, 11, 16, 22, 54, 20, 390000, pytz.utc)
results = fs_source.query([
Filter("type", "=", "malware"),
Filter("id", "=", "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38"),
Filter("modified", "=", modified)
])
assert len(results) == 1
result = results[0]
assert result.type == "malware"
assert result.id == "malware--6b616fc1-1505-48e3-8b2c-0d19337bff38"
assert result.modified == modified
assert result.labels == ["version four"]
def test_filesystem_sink_add_python_stix_object(fs_sink, fs_source): def test_filesystem_sink_add_python_stix_object(fs_sink, fs_source):
# add python stix object # add python stix object
camp1 = Campaign(name="Hannibal", camp1 = Campaign(name="Hannibal",
@ -434,7 +452,7 @@ def test_filesystem_store_query_single_filter(fs_store):
def test_filesystem_store_empty_query(fs_store): def test_filesystem_store_empty_query(fs_store):
results = fs_store.query() # returns all results = fs_store.query() # returns all
assert len(results) == 29 assert len(results) == 30
assert "tool--242f3da3-4425-4d11-8f5c-b842886da966" in [obj.id for obj in results] assert "tool--242f3da3-4425-4d11-8f5c-b842886da966" in [obj.id for obj in results]
assert "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" in [obj.id for obj in results] assert "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" in [obj.id for obj in results]
@ -448,7 +466,7 @@ def test_filesystem_store_query_multiple_filters(fs_store):
def test_filesystem_store_query_dont_include_type_folder(fs_store): def test_filesystem_store_query_dont_include_type_folder(fs_store):
results = fs_store.query(Filter("type", "!=", "tool")) results = fs_store.query(Filter("type", "!=", "tool"))
assert len(results) == 27 assert len(results) == 28
def test_filesystem_store_add(fs_store): def test_filesystem_store_add(fs_store):