From 7a8f690a8bcd8c9579c1f56336c1a9f6fa5e2e6b Mon Sep 17 00:00:00 2001 From: Yehuda Pashay Date: Sun, 25 Apr 2021 17:30:04 +0300 Subject: [PATCH 1/2] Fix PR issues --- Integrations/Cyberint/Cyberint.py | 11 ++++++----- Integrations/Cyberint/Cyberint_test.py | 24 +++++++++++++++++++----- 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/Integrations/Cyberint/Cyberint.py b/Integrations/Cyberint/Cyberint.py index 75640a92aa2c..a13cbf1f951d 100644 --- a/Integrations/Cyberint/Cyberint.py +++ b/Integrations/Cyberint/Cyberint.py @@ -399,6 +399,7 @@ def create_fetch_incident_attachment(raw_response: Response, attachment_file_nam file_result = fileResult(filename=attachment_name, data=raw_response.content) # check for error if file_result["Type"] == EntryType.ERROR: + print("1111111111") demisto.error(f'file result type error {file_result["Contents"]}') return { @@ -507,6 +508,11 @@ def fetch_incidents(client: Client, last_run: Dict[str, int], attachments.append(tmp_attachment) alert["attachments"] = attachments + alert_csv_id = alert.get('alert_data', {}).get('csv', {}).get('id', '') + if alert_csv_id: + extracted_csv_data = extract_data_from_csv_stream(client, alert_id, # type: ignore + alert_csv_id) + alert['alert_data']['csv'] = extracted_csv_data incident = { 'name': f'Cyberint alert {alert_id}: {alert_title}', @@ -517,11 +523,6 @@ def fetch_incidents(client: Client, last_run: Dict[str, int], } incidents.append(incident) - alert_csv_id = alert.get('alert_data', {}).get('csv', {}).get('id', '') - if alert_csv_id: - extracted_csv_data = extract_data_from_csv_stream(client, alert_id, # type: ignore - alert_csv_id) - alert['alert_data']['csv'] = extracted_csv_data if incidents: # Update the time for the next fetch so that there won't be duplicates. diff --git a/Integrations/Cyberint/Cyberint_test.py b/Integrations/Cyberint/Cyberint_test.py index 0a870ab9e913..d83503d5aebe 100644 --- a/Integrations/Cyberint/Cyberint_test.py +++ b/Integrations/Cyberint/Cyberint_test.py @@ -210,8 +210,15 @@ def test_extract_data_from_csv_stream(requests_mock): def test_cyberint_alerts_analysis_report_command(requests_mock): """ - Adddd docs - + Scenario: Retrieve expert analysis report. + Given: + - User has provided valid credentials and arguments. + When: + - A alerts-analysis-report is called and there analysis report reference in the response. + Then: + - Ensure that the return ContentsFormat of the file is 'text'. + - Ensure that the return Type is file. + - Ensure the name of the file. """ from Cyberint import Client, cyberint_alerts_get_analysis_report_command @@ -227,9 +234,16 @@ def test_cyberint_alerts_analysis_report_command(requests_mock): def test_cyberint_alerts_get_attachment_command(requests_mock): """ - Add docs - - """ + Scenario: Retrieve alert attachment. + Given: + - User has provided valid credentials and arguments. + When: + - A alerts-get-attachment called and there attachments reference in the response. + Then: + - Ensure that the return ContentsFormat of the file is 'text'. + - Ensure that the return Type is file. + - Ensure the name of the file. + """ from Cyberint import Client, cyberint_alerts_get_attachment_command png_content_mock = open('test_data/attachment_file_mock.png', 'rb') From 410527dd40365a71c515ab93cd73cbca08851c51 Mon Sep 17 00:00:00 2001 From: Yehuda Pashay Date: Tue, 11 May 2021 15:45:37 +0300 Subject: [PATCH 2/2] Update integration files --- Integrations/Cyberint/Cyberint.py | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Integrations/Cyberint/Cyberint.py b/Integrations/Cyberint/Cyberint.py index a13cbf1f951d..72c1ba629caf 100644 --- a/Integrations/Cyberint/Cyberint.py +++ b/Integrations/Cyberint/Cyberint.py @@ -397,10 +397,6 @@ def create_fetch_incident_attachment(raw_response: Response, attachment_file_nam attachment_name = get_attachment_name(attachment_file_name) file_result = fileResult(filename=attachment_name, data=raw_response.content) - # check for error - if file_result["Type"] == EntryType.ERROR: - print("1111111111") - demisto.error(f'file result type error {file_result["Contents"]}') return { "path": file_result["FileID"], @@ -523,7 +519,6 @@ def fetch_incidents(client: Client, last_run: Dict[str, int], } incidents.append(incident) - if incidents: # Update the time for the next fetch so that there won't be duplicates. last_incident_time = incidents[0].get('occurred', '')