Skip to content

Commit

Permalink
[DEPLOY] v0.8.5 - Body Payload Handler fixes for comma-delimited stri…
Browse files Browse the repository at this point in the history
…ng variations (#457)

* Bump version -> 0.8.5

* Update unit testing

* Body payload handler refactored. Closes #447.

* Fixed comma-delimited list handling. Closes #448.

* Adjusted unit testing to cover new code paths.

* Adjusted unit testing to cover new code paths.

* Refactored body payload handler. Closes #449.

* Adjust unit testing to cover new code paths.

* Refactored user_tags list handling. Closes #450.

* Adjust unit testing to cover new code paths.

* Adjust role_ids list handling. Closes #451.

* Adjust unit test to cover new code paths

* Fixed list / boolean handlers. Closes #452.

* Adjust unit testing to cover new code paths

* Refactor list handling logic. Closes #453.

* Adjust unit testing to cover new code paths

* Fix recipients list handling. Closes #454.

* Adjust unit testing to cover new code paths

* Fix comma-delimited list handling. Closes #455.

* Alter unit testing to cover additional code paths

* Update CHANGELOG.md

* Fix groups handling in generic excl. Closes #456.

* Fix typo
  • Loading branch information
jshcodes authored Nov 26, 2021
1 parent 9eeb47d commit 9755346
Show file tree
Hide file tree
Showing 22 changed files with 186 additions and 134 deletions.
33 changes: 33 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,36 @@
# Version 0.8.5
## Issues resolved
+ Fixed: Issue when passing comma-delimited strings or boolean values as keywords to the body payload handler for `indicator_object`. Closes #447.
- `_payload/_ioc.py`
- `tests/test_ioc.py`
+ Fixed: Issue when passing comma-delimited string for the `groups` keyword to the body payload handler for `ioa_exclusion_payload`. Closes #448.
- `_payload/_ioa.py`
- `tests/test_ioa_exclusions.py`
+ Fixed: Issue when passing comma-delimited string for the `ids` keyword to the body payload handler for `update_detects_payload`. Resolved boolean handling of `show_in_ui` keyword. Closes #449.
- `_payload/_detects.py`
- `tests/test_detects.py`
+ Fixed: Issue when passing comma-delimited string for `user_tags` keyword to the body payload handler for `submit`. Closes #450.
- `_payload/_falconx.py`
- `tests/test_falconx_sandbox.py`
+ Fixed: Issue when passing comma-delimited string for `role_ids` keyword to the body payload handler for Flight Control POST / PATCH operations. Closed #451.
- `_payload/_mssp.py`
- `tests/test_mssp.py`
+ Fixed: Issue when passing comma-delimited strings or boolean False to certain keywords within the `command_payload` body payload handler. Closes #452.
- `_payload/_real_time_response.py`
- `tests/test_real_time_response.py`
+ Fixed: Issue when passing comma-delimited strings to MalQuery Service Class body payload handlers. Closes #453.
- `_payload/_malquery.py`
- `tests/test_malquery.py`
+ Fixed: Issue with passing comma-delimited string for `recipients` within body payload handler for `update_action` method within Recon Service Class. Closes #454.
- `_payload/_recon.py`
- `tests/test_recon.py`
+ Fixed: Issue with passing comma-delimited strings for `rule_ids` and `rule_versions` keywords within FirewallManagement Service Class body payload handlers. Closes #455.
- `_payload/firewall.py`
- `tests/test_firewall_management.py`
+ Fixed: Issue with passing comma-delimited string for the `groups` keyword within the generic exclusion body payload handler. Closes #456.
- `_payload/_generic.py`
- `tests/test_ml_exclusions.py`

# Version 0.8.4
## Issues resolved
+ Fixed: TypeError when using a valid credential in the wrong cloud environment. (GOV -> US1 only). Closes #433.
Expand Down
32 changes: 24 additions & 8 deletions src/falconpy/_payload/_detects.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,30 @@


def update_detects_payload(current_payload: dict, passed_keywords: dict) -> dict:
"""Update the provided payload with any viable parameters provided as keywords."""
if passed_keywords.get("assigned_to_uuid", None):
current_payload["assigned_to_uuid"] = passed_keywords.get("assigned_to_uuid", None)
if passed_keywords.get("show_in_ui", None):
"""Update the provided payload with any viable parameters provided as keywords.
{
"assigned_to_uuid": "string",
"comment": "string",
"ids": [
"string"
],
"show_in_ui": true,
"status": "string"
}
"""
keys = ["assigned_to_uuid", "comment", "status"]
for key in keys:
if passed_keywords.get(key, None):
current_payload[key] = passed_keywords.get(key, None)

if passed_keywords.get("show_in_ui", None) is not None:
current_payload["show_in_ui"] = passed_keywords.get("show_in_ui", None)
if passed_keywords.get("status", None):
current_payload["status"] = passed_keywords.get("status", None)
if passed_keywords.get("comment", None):
current_payload["comment"] = passed_keywords.get("comment", None)

passed_list = passed_keywords.get("ids", None)
if passed_list:
if isinstance(passed_list, str):
passed_list = passed_list.split(",")
current_payload["ids"] = passed_list

return current_payload
8 changes: 6 additions & 2 deletions src/falconpy/_payload/_falconx.py
Original file line number Diff line number Diff line change
Expand Up @@ -82,8 +82,12 @@ def falconx_payload(passed_keywords: dict) -> dict:
if passed_keywords.get("send_email_notifications", None) is not None:
email_notify = passed_keywords.get("send_email_notifications", None)
returned_payload["send_email_notifications"] = email_notify
if passed_keywords.get("user_tags", None):
returned_payload["user_tags"] = passed_keywords.get("user_tags", None)

passed_tags = passed_keywords.get("user_tags", None)
if passed_tags:
if isinstance(passed_tags, str):
passed_tags = passed_tags.split(",")
returned_payload["user_tags"] = passed_tags

if sandbox:
returned_payload["sandbox"] = sandbox
Expand Down
21 changes: 15 additions & 6 deletions src/falconpy/_payload/_firewall.py
Original file line number Diff line number Diff line change
Expand Up @@ -94,8 +94,11 @@ def firewall_container_payload(passed_keywords: dict) -> dict:
returned_payload["is_default_policy"] = passed_keywords.get("is_default_policy", None)
if passed_keywords.get("test_mode", None) is not None:
returned_payload["test_mode"] = passed_keywords.get("test_mode", None)
if passed_keywords.get("rule_group_ids", None):
returned_payload["rule_group_ids"] = passed_keywords.get("rule_group_ids", None)
rg_list = passed_keywords.get("rule_group_ids", None)
if rg_list:
if isinstance(rg_list, str):
rg_list = rg_list.split(",")
returned_payload["rule_group_ids"] = rg_list

return returned_payload

Expand Down Expand Up @@ -213,10 +216,16 @@ def firewall_rule_group_update_payload(passed_keywords: dict) -> dict:
for key in keys:
if passed_keywords.get(key, None):
returned_payload[key] = passed_keywords.get(key, None)
if passed_keywords.get("rule_ids", None):
returned_payload["rule_ids"] = passed_keywords.get("rule_ids", None)
if passed_keywords.get("rule_versions", None):
returned_payload["rule_versions"] = passed_keywords.get("rule_versions", None)
id_list = passed_keywords.get("rule_ids", None)
if id_list:
if isinstance(id_list, str):
id_list = id_list.split(",")
returned_payload["rule_ids"] = id_list
ver_list = passed_keywords.get("rule_versions", None)
if ver_list:
if isinstance(ver_list, str):
ver_list = ver_list.split(",")
returned_payload["rule_versions"] = ver_list
diffs = passed_keywords.get("diff_operations", None)
if diffs:
if isinstance(diffs, list):
Expand Down
11 changes: 7 additions & 4 deletions src/falconpy/_payload/_generic.py
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,8 @@ def aggregate_payload(submitted_keywords: dict) -> dict: # pylint: disable=R091
if submitted_keywords.get("ranges", None):
returned_payload["ranges"] = submitted_keywords.get("ranges", None)

if submitted_keywords.get("size", None):
returned_payload["size"] = submitted_keywords.get("size", None)
if submitted_keywords.get("size", -1) >= 0:
returned_payload["size"] = submitted_keywords.get("size", 0)

if submitted_keywords.get("sort", None):
returned_payload["sort"] = submitted_keywords.get("sort", None)
Expand Down Expand Up @@ -170,8 +170,11 @@ def exclusion_payload(passed_keywords: dict) -> dict:
returned_payload = {}
if passed_keywords.get("comment", None):
returned_payload["comment"] = passed_keywords.get("comment", None)
if passed_keywords.get("groups", None):
returned_payload["groups"] = passed_keywords.get("groups", None)
group_list = passed_keywords.get("groups", None)
if group_list:
if isinstance(group_list, str):
group_list = group_list.split(",")
returned_payload["groups"] = group_list
if passed_keywords.get("value", None):
returned_payload["value"] = passed_keywords.get("value", None)

Expand Down
34 changes: 14 additions & 20 deletions src/falconpy/_payload/_ioa.py
Original file line number Diff line number Diff line change
Expand Up @@ -55,26 +55,20 @@ def ioa_exclusion_payload(passed_keywords: dict) -> dict:
}
"""
returned_payload = {}
if passed_keywords.get("comment", None):
returned_payload["comment"] = passed_keywords.get("comment", None)
if passed_keywords.get("groups", None):
returned_payload["groups"] = passed_keywords.get("groups", None)
if passed_keywords.get("cl_regex", None):
returned_payload["cl_regex"] = passed_keywords.get("cl_regex", None)
if passed_keywords.get("description", None):
returned_payload["description"] = passed_keywords.get("description", None)
if passed_keywords.get("detection_json", None):
returned_payload["detection_json"] = passed_keywords.get("detection_json", None)
if passed_keywords.get("groups", None):
returned_payload["groups"] = passed_keywords.get("groups", None)
if passed_keywords.get("ifn_regex", None):
returned_payload["ifn_regex"] = passed_keywords.get("ifn_regex", None)
if passed_keywords.get("name", None):
returned_payload["name"] = passed_keywords.get("name", None)
if passed_keywords.get("pattern_id", None):
returned_payload["pattern_id"] = passed_keywords.get("pattern_id", None)
if passed_keywords.get("pattern_name", None):
returned_payload["pattern_name"] = passed_keywords.get("pattern_name", None)

keys = [
"cl_regex", "comment", "description", "detection_json",
"ifn_regex", "name", "pattern_id", "pattern_name"
]
for key in keys:
if passed_keywords.get(key, None):
returned_payload[key] = passed_keywords.get(key, None)

passed_list = passed_keywords.get("groups", None)
if passed_list:
if isinstance(passed_list, str):
passed_list = passed_list.split(",")
returned_payload["groups"] = passed_list

return returned_payload

Expand Down
49 changes: 19 additions & 30 deletions src/falconpy/_payload/_ioc.py
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@
"""


def indicator_object(passed_keywords: dict) -> dict: # pylint: disable=R0912 # noqa: C901
def indicator_object(passed_keywords: dict) -> dict:
"""Create a properly formatted single indicator payload.
{
Expand All @@ -64,41 +64,30 @@ def indicator_object(passed_keywords: dict) -> dict: # pylint: disable=R0912 #
"value": "string"
}
"""
# flake8 / pylint both complain about complexity due to the number of if statements.
# Ignoring the complaint as this is just running through the potential passed keywords.
returned_payload = {}
if passed_keywords.get("action", None):
returned_payload["action"] = passed_keywords.get("action", None)
if passed_keywords.get("applied_globally", None):
keys = [
"action", "description", "expiration", "metadata", "id",
"mobile_action", "severity", "source", "type", "value"
]
for key in keys:
if passed_keywords.get(key, None):
returned_payload[key] = passed_keywords.get(key, None)

if not passed_keywords.get("applied_globally", None) is None:
returned_payload["applied_globally"] = passed_keywords.get("applied_globally", None)
if passed_keywords.get("description", None):
returned_payload["description"] = passed_keywords.get("description", None)
if passed_keywords.get("expiration", None):
returned_payload["expiration"] = passed_keywords.get("expiration", None)
if passed_keywords.get("host_groups", None):
returned_payload["host_groups"] = passed_keywords.get("host_groups", None)
if passed_keywords.get("metadata", None):
returned_payload["metadata"] = passed_keywords.get("metadata", None)

list_keys = ["host_groups", "platforms", "tags"]
for list_key in list_keys:
passed_list = passed_keywords.get(list_key, None)
if passed_list:
if isinstance(passed_list, str):
passed_list = passed_list.split(",")
returned_payload[list_key] = passed_list

if passed_keywords.get("filename", None):
returned_payload["metadata"] = {
"filename": passed_keywords.get("filename", None)
}
if passed_keywords.get("mobile_action", None):
returned_payload["mobile_action"] = passed_keywords.get("mobile_action", None)
if passed_keywords.get("platforms", None):
returned_payload["platforms"] = passed_keywords.get("platforms", None)
if passed_keywords.get("severity", None):
returned_payload["severity"] = passed_keywords.get("severity", None)
if passed_keywords.get("source", None):
returned_payload["source"] = passed_keywords.get("source", None)
if passed_keywords.get("tags", None):
returned_payload["tags"] = passed_keywords.get("tags", None)
if passed_keywords.get("type", None):
returned_payload["type"] = passed_keywords.get("type", None)
if passed_keywords.get("value", None):
returned_payload["value"] = passed_keywords.get("value", None)
if passed_keywords.get("id", None):
returned_payload["id"] = passed_keywords.get("id", None)

return returned_payload

Expand Down
10 changes: 8 additions & 2 deletions src/falconpy/_payload/_malquery.py
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,12 @@ def malquery_fuzzy_payload(passed_keywords: dict) -> dict:
"""
returned_payload = {}
filters = passed_keywords.get("filter_meta", None)
limit = passed_keywords.get("limit", None)
limit = passed_keywords.get("limit", 0)
if filters or limit:
returned_payload["options"] = {}
if filters:
if isinstance(filters, str):
filters = filters.split(",")
returned_payload["options"]["filter_meta"] = filters
if limit:
returned_payload["options"]["limit"] = limit
Expand All @@ -76,16 +78,20 @@ def handle_malquery_search_params(passed_params: dict) -> dict:
returned_base = {}
filters = passed_params.get("filter_filetypes", None)
filter_meta = passed_params.get("filter_meta", None)
limit = passed_params.get("limit", None)
limit = passed_params.get("limit", 0)
max_date = passed_params.get("max_date", None)
max_size = passed_params.get("max_size", None)
min_date = passed_params.get("min_date", None)
min_size = passed_params.get("min_size", None)
if any([filters, filter_meta, limit, max_date, max_size, min_date, min_size]):
returned_base["options"] = {}
if filters:
if isinstance(filters, str):
filters = filters.split(",")
returned_base["options"]["filter_filetypes"] = filters
if filter_meta:
if isinstance(filter_meta, str):
filter_meta = filter_meta.split(",")
returned_base["options"]["filter_meta"] = filter_meta
if limit:
returned_base["options"]["limit"] = limit
Expand Down
8 changes: 7 additions & 1 deletion src/falconpy/_payload/_mssp.py
Original file line number Diff line number Diff line change
Expand Up @@ -60,12 +60,18 @@ def mssp_payload(passed_keywords: dict) -> dict:
resources_item = {}
keys = [
"cid", "cid_group_id", "description", "name", "id",
"user_group_id", "role_ids", "user_uuids"
"user_group_id", "user_uuids"
]
for key in keys:
if passed_keywords.get(key, None):
resources_item[key] = passed_keywords.get(key, None)

passed_role_ids = passed_keywords.get("role_ids", None)
if passed_role_ids:
if isinstance(passed_role_ids, str):
passed_role_ids = passed_role_ids.split(",")
resources_item["role_ids"] = passed_role_ids

if resources_item:
returned_payload["resources"] = [resources_item]

Expand Down
Loading

0 comments on commit 9755346

Please sign in to comment.