Fixed CortexCoreIR http_request (#35206)

* fixed xpanse * add RN * fixed * adding rn * fix test * fix test * fix testcommonserver pyton * fix unit tests and revert changes in demistomock * add xplanatory docstring * Bump pack from version Base to 1.34.24. * adding memory threshold to incident enrichment --------- Co-authored-by: sapirshuker <[email protected]> Co-authored-by: Content Bot <[email protected]>
demisto · Jul 4, 2024 · e1d71ed · e1d71ed
1 parent a218daa
commit e1d71ed
Show file tree

Hide file tree

Showing 15 changed files with 55 additions and 17 deletions.
diff --git a/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.py b/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule.py
@@ -145,18 +145,15 @@
 RBAC_VALIDATIONS_VERSION = '8.6.0'
 RBAC_VALIDATIONS_BUILD_NUMBER = '992980'
 FORWARD_USER_RUN_RBAC = is_xsiam() and is_demisto_version_ge(version=RBAC_VALIDATIONS_VERSION,
-                                                             build_number=RBAC_VALIDATIONS_BUILD_NUMBER)
+                                                             build_number=RBAC_VALIDATIONS_BUILD_NUMBER) and not is_using_engine()
 
 
 class CoreClient(BaseClient):
 
-    def __init__(self, base_url: str, headers: dict, timeout: int = 120, proxy: bool = False, verify: bool = False,
-                 using_base_client_http_request: bool = True
-                 ):
+    def __init__(self, base_url: str, headers: dict, timeout: int = 120, proxy: bool = False, verify: bool = False):
         super().__init__(base_url=base_url, headers=headers, proxy=proxy, verify=verify)
         self.timeout = timeout
         # For Xpanse tenants requiring direct use of the base client HTTP request instead of the _apiCall,
-        self.using_base_client_http_request = using_base_client_http_request
 
     def _http_request(self, method, url_suffix='', full_url=None, headers=None, json_data=None,
                       params=None, data=None, timeout=None, raise_on_status=False, ok_codes=None,
@@ -204,7 +201,7 @@ def _http_request(self, method, url_suffix='', full_url=None, headers=None, json
                 establish a connection to a remote machine before a timeout occurs.
                 can be only float (Connection Timeout) or a tuple (Connection Timeout, Read Timeout).
         '''
-        if (not FORWARD_USER_RUN_RBAC) or self.using_base_client_http_request:
+        if (not FORWARD_USER_RUN_RBAC):
             return BaseClient._http_request(self,  # we use the standard base_client http_request without overriding it
                                             method=method,
                                             url_suffix=url_suffix,

diff --git a/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule_test.py b/Packs/ApiModules/Scripts/CoreIRApiModule/CoreIRApiModule_test.py
@@ -4072,7 +4072,6 @@ def test_http_request_demisto_call(mocker, data, expected_result):
     from CoreIRApiModule import CoreClient
     client = CoreClient(
         base_url=f'{Core_URL}/public_api/v1', headers={},
-        using_base_client_http_request=False
     )
     mocker.patch("CoreIRApiModule.FORWARD_USER_RUN_RBAC", new=True)
     mocker.patch.object(demisto, "_apiCall", return_value={'name': '/api/webapp/public_api/v1/distributions/get_versions/',

diff --git a/Packs/Base/ReleaseNotes/1_34_24.md b/Packs/Base/ReleaseNotes/1_34_24.md
@@ -0,0 +1,6 @@
+
+#### Scripts
+
+##### CommonServerPython
+
+- Added a function ***is_using_engine*** to check if platform is using engine.
diff --git a/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py b/Packs/Base/Scripts/CommonServerPython/CommonServerPython.py
@@ -8391,6 +8391,14 @@ def is_xsiam():
     return demisto.demistoVersion().get("platform") == "x2"
 
 
+def is_using_engine():
+    """Determines whether or not the platform is using engine.
+    :return: True iff the platform is using engine.
+    :rtype: ``bool``
+    """
+    return demisto.demistoVersion().get("engine")
+
+
 class DemistoHandler(logging.Handler):
     """
         Handler to route logging messages to an IntegrationLogger or demisto.debug if not supplied

diff --git a/Packs/Base/pack_metadata.json b/Packs/Base/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Base",
     "description": "The base pack for Cortex XSOAR.",
     "support": "xsoar",
-    "currentVersion": "1.34.23",
+    "currentVersion": "1.34.24",
     "author": "Cortex XSOAR",
     "serverMinVersion": "6.0.0",
     "url": "https://www.paloaltonetworks.com/cortex",

diff --git a/Packs/Core/Integrations/CoreIOCs/CoreIOCs.py b/Packs/Core/Integrations/CoreIOCs/CoreIOCs.py
@@ -54,7 +54,6 @@ def __init__(self, params: dict):
         self._base_url: str = urljoin(url, '/public_api/v1/indicators/')
         self._verify_cert: bool = not params.get('insecure', False)
         self._params = params
-        self.using_base_client_http_request = False
         handle_proxy()
 
     def http_request(self, url_suffix: str, requests_kwargs=None) -> dict:

diff --git a/Packs/Core/Integrations/CortexCoreIR/CortexCoreIR.py b/Packs/Core/Integrations/CortexCoreIR/CortexCoreIR.py
@@ -215,7 +215,6 @@ def main():  # pragma: no cover
         verify=verify_cert,
         headers=headers,
         timeout=timeout,
-        using_base_client_http_request=True,
     )
 
     try:

diff --git a/Packs/Core/ReleaseNotes/3_0_49.md b/Packs/Core/ReleaseNotes/3_0_49.md
@@ -0,0 +1,10 @@
+
+#### Integrations
+
+##### Indicators detection
+
+- Fixed an issue where the integration commands failed due to a change in the API request process.
+
+##### Investigation & Response
+
+- Fixed an issue where the integration commands failed due to a change in the API request process.
diff --git a/Packs/Core/pack_metadata.json b/Packs/Core/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Core - Investigation and Response",
     "description": "Automates incident response",
     "support": "xsoar",
-    "currentVersion": "3.0.48",
+    "currentVersion": "3.0.49",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR_test.py b/Packs/CortexXDR/Integrations/CortexXDRIR/CortexXDRIR_test.py
@@ -1526,12 +1526,18 @@ def test_main(mocker):
 
 
 @freeze_time("1993-06-17 11:00:00 GMT")
-def test_core_http_request_xsiam_tenant(mocker):
+def test_core_http_request_xpanse_tenant(mocker):
     """
+    Unit test to verify behavior in Xpanse tenants on the Xsiam platform with XSOAR Marketplace.
+
+    This test ensures that when working with Xpanse tenants on the Xsiam platform integrated with the
+    XSOAR Marketplace, the http_request function from CommonServerPython is used instead of _apiCall,
+    as required in Xsiam tenants (CIAC-10878).
+
     Given:
         - Only the required params in the configuration.
     When:
-        - Running a test_module to test the http_request function in CoreIRApiModule.
+        - Running a get_incidents to test the http_request function in CoreIRApiModule.
     Then:
         - Should fail since command '_apiCall' is not available via engine.
     """
@@ -1545,7 +1551,7 @@ def test_core_http_request_xsiam_tenant(mocker):
         timeout=120,
         params=False
     )
-    mocker.patch("CoreIRApiModule.FORWARD_USER_RUN_RBAC", new=True)
+    mocker.patch("CoreIRApiModule.FORWARD_USER_RUN_RBAC", new=False)
     mocker.patch.object(demisto, "_apiCall", return_value=Exception("command '_apiCall' is not available via engine (85)"))
     mocker.patch.object(BaseClient, "_http_request", return_value={'reply': {"incidents": [{"incident": {"incident_id": "1"}}]}})
     res = client.get_incidents(incident_id_list=['1'])

diff --git a/Packs/CortexXDR/ReleaseNotes/6_1_51.md b/Packs/CortexXDR/ReleaseNotes/6_1_51.md
@@ -0,0 +1,6 @@
+
+#### Integrations
+
+##### Palo Alto Networks Cortex XDR - Investigation and Response
+
+- Fixed an issue where the integration commands failed due to a change in the API request process.
diff --git a/Packs/CortexXDR/pack_metadata.json b/Packs/CortexXDR/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Cortex XDR by Palo Alto Networks",
     "description": "Automates Cortex XDR incident response, and includes custom Cortex XDR incident views and layouts to aid analyst investigations.",
     "support": "xsoar",
-    "currentVersion": "6.1.50",
+    "currentVersion": "6.1.51",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",

diff --git a/Packs/ctf01/ReleaseNotes/1_0_19.md b/Packs/ctf01/ReleaseNotes/1_0_19.md
@@ -0,0 +1,7 @@
+
+#### Integrations
+
+##### Cortex XDR - IR CTF
+
+- Fixed an issue where the integration commands failed due to a change in the API request process.
+- Updated the Docker image to: *demisto/python3:3.10.13.87159*.
diff --git a/Packs/ctf01/pack_metadata.json b/Packs/ctf01/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Capture The Flag - 01",
     "description": "XSOAR's Capture the flag (CTF)",
     "support": "xsoar",
-    "currentVersion": "1.0.18",
+    "currentVersion": "1.0.19",
     "serverMinVersion": "8.2.0",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",

diff --git a/Tests/conf.json b/Tests/conf.json
@@ -159,7 +159,8 @@
         {
             "playbookID": "Test Playbook - Cortex XDR Malware - Incident Enrichment",
             "timeout": 1200,
-            "integrations": "Cortex XDR - IR"
+            "integrations": "Cortex XDR - IR",
+            "memory_threshold": 120
         },
         {
             "integrations": [