add: [tests] Tests for STIX 2.x Bundle import with specific producer …

…or title set by user
MISP · Aug 20, 2024 · fd87de3 · fd87de3
1 parent 8c7328c
commit fd87de3
Show file tree

Hide file tree

Showing 4 changed files with 108 additions and 7 deletions.
diff --git a/tests/test_external_stix20_bundles.py b/tests/test_external_stix20_bundles.py
@@ -1536,6 +1536,18 @@ def __assemble_galaxy_bundle(cls, event_galaxy, attribute_galaxy):
         ]
         return dict_to_stix2(bundle, allow_custom=True)
 
+    ############################################################################
+    #                              EVENTS SAMPLES                              #
+    ############################################################################
+
+    @classmethod
+    def get_bundle_with_event_title(cls):
+        bundle = deepcopy(cls.__bundle)
+        bundle['objects'] = [
+            deepcopy(cls.__identity), *_IP_ADDRESS_ATTRIBUTES
+        ]
+        return dict_to_stix2(bundle, allow_custom=True)
+
     ############################################################################
     #                             GALAXIES SAMPLES                             #
     ############################################################################

diff --git a/tests/test_external_stix20_import.py b/tests/test_external_stix20_import.py
@@ -2,12 +2,50 @@
 # -*- coding: utf-8 -*-
 
 from .test_external_stix20_bundles import TestExternalSTIX20Bundles
-from ._test_stix import TestSTIX21
-from ._test_stix_import import TestExternalSTIX2Import, TestSTIX21Import
+from ._test_stix import TestSTIX20
+from ._test_stix_import import TestExternalSTIX2Import, TestSTIX20Import
 from uuid import uuid5
 
 
-class TestExternalSTIX21Import(TestExternalSTIX2Import, TestSTIX21, TestSTIX21Import):
+class TestExternalSTIX20Import(TestExternalSTIX2Import, TestSTIX20, TestSTIX20Import):
+
+    ############################################################################
+    #                         MISP EVENT IMPORT TESTS.                         #
+    ############################################################################
+
+    def test_stix20_bundle_with_event_title(self):
+        bundle = TestExternalSTIX20Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(title='Malicious IP addresses report')
+        event = self.parser.misp_event
+        self.assertEqual(event.info, self.parser.event_title)
+
+    def test_stix20_bundle_with_event_title_and_producer(self):
+        bundle = TestExternalSTIX20Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(
+            title='Malicious IP addresses report',
+            producer='MISP Project'
+        )
+        event = self.parser.misp_event
+        self.assertEqual(
+            event.info,
+            f'{self.parser.event_title} - produced by {self.parser.producer}'
+        )
+        self.assertEqual(
+            event.tags[0]['name'],
+            f'misp-galaxy:producer="{self.parser.producer}"'
+        )
+
+    def test_stix20_bundle_with_producer(self):
+        bundle = TestExternalSTIX20Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(producer='MISP Project')
+        event = self.parser.misp_event
+        self.assertEqual(
+            event.tags[0]['name'],
+            f'misp-galaxy:producer="{self.parser.producer}"'
+        )
 
     ############################################################################
     #                        MISP GALAXIES IMPORT TESTS                        #

diff --git a/tests/test_external_stix21_bundles.py b/tests/test_external_stix21_bundles.py
@@ -1831,6 +1831,18 @@ def __assemble_galaxy_bundle(cls, event_galaxy, attribute_galaxy):
         ]
         return dict_to_stix2(bundle, allow_custom=True)
 
+    ############################################################################
+    #                              EVENTS SAMPLES                              #
+    ############################################################################
+
+    @classmethod
+    def get_bundle_with_event_title(cls):
+        bundle = deepcopy(cls.__bundle)
+        bundle['objects'] = [
+            deepcopy(cls.__identity), *_IP_ADDRESS_ATTRIBUTES
+        ]
+        return dict_to_stix2(bundle, allow_custom=True)
+
     ############################################################################
     #                             GALAXIES SAMPLES                             #
     ############################################################################

diff --git a/tests/test_external_stix21_import.py b/tests/test_external_stix21_import.py
@@ -10,11 +10,50 @@
 
 class TestExternalSTIX21Import(TestExternalSTIX2Import, TestSTIX21, TestSTIX21Import):
 
-    ################################################################################
-    #                          MISP GALAXIES IMPORT TESTS                          #
-    ################################################################################
+    ############################################################################
+    #                         MISP EVENT IMPORT TESTS.                         #
+    ############################################################################
+
+    def test_stix21_bundle_with_event_title(self):
+        bundle = TestExternalSTIX21Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(title='Malicious IP addresses report')
+        event = self.parser.misp_event
+        self.assertEqual(event.info, self.parser.event_title)
+
+    def test_stix21_bundle_with_event_title_and_producer(self):
+        bundle = TestExternalSTIX21Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(
+            title='Malicious IP addresses report',
+            producer='MISP Project'
+        )
+        event = self.parser.misp_event
+        self.assertEqual(
+            event.info,
+            f'{self.parser.event_title} - produced by {self.parser.producer}'
+        )
+        self.assertEqual(
+            event.tags[0]['name'],
+            f'misp-galaxy:producer="{self.parser.producer}"'
+        )
+
+    def test_stix21_bundle_with_producer(self):
+        bundle = TestExternalSTIX21Bundles.get_bundle_with_event_title()
+        self.parser.load_stix_bundle(bundle)
+        self.parser.parse_stix_bundle(producer='MISP Project')
+        event = self.parser.misp_event
+        self.assertEqual(
+            event.tags[0]['name'],
+            f'misp-galaxy:producer="{self.parser.producer}"'
+        )
+
+    ############################################################################
+    #                        MISP GALAXIES IMPORT TESTS                        #
+    ############################################################################
 
-    def _check_location_galaxy_features(self, galaxies, stix_object, galaxy_type, cluster_value=None):
+    def _check_location_galaxy_features(
+            self, galaxies, stix_object, galaxy_type, cluster_value=None):
         self.assertEqual(len(galaxies), 1)
         galaxy = galaxies[0]
         self.assertEqual(len(galaxy.clusters), 1)