add: [galaxies] basic tests

api/app/tests/api/test_galaxies.py

@@ -0,0 +1,129 @@
+import pytest
+from app.auth import auth
+from app.models import galaxy as galaxies_models
+from app.tests.api_tester import ApiTester
+from fastapi import status
+from fastapi.testclient import TestClient
+
+
+class TestTaxonomiesResource(ApiTester):
+    @pytest.mark.parametrize("scopes", [["galaxies:read"]])
+    def test_get_galaxies(
+        self,
+        client: TestClient,
+        threat_actor_galaxy: galaxies_models.Galaxy,
+        threat_actor_galaxy_cluster_apt29: galaxies_models.GalaxyCluster,
+        auth_token: auth.Token,
+    ):
+        response = client.get(
+            "/galaxies/", headers={"Authorization": "Bearer " + auth_token}
+        )
+        data = response.json()
+
+        assert response.status_code == status.HTTP_200_OK
+
+        assert len(data["items"]) == 1
+        assert data["items"][0]["id"] == threat_actor_galaxy.id
+        assert data["items"][0]["name"] == threat_actor_galaxy.name
+        assert data["items"][0]["type"] == threat_actor_galaxy.type
+        assert data["items"][0]["description"] == threat_actor_galaxy.description
+        assert data["items"][0]["namespace"] == threat_actor_galaxy.namespace
+        assert data["items"][0]["icon"] == threat_actor_galaxy.icon
+        assert data["items"][0]["enabled"] == threat_actor_galaxy.enabled
+        assert data["items"][0]["local_only"] == threat_actor_galaxy.local_only
+        assert data["items"][0]["default"] == threat_actor_galaxy.default
+        assert data["items"][0]["org_id"] == threat_actor_galaxy.org_id
+        assert data["items"][0]["orgc_id"] == threat_actor_galaxy.orgc_id
+
+        # check clusters
+        assert len(data["items"][0]["clusters"]) == 1
+        assert data["items"][0]["clusters"][0]["galaxy_id"] == threat_actor_galaxy.id
+        assert (
+            data["items"][0]["clusters"][0]["id"]
+            == threat_actor_galaxy_cluster_apt29.id
+        )
+        assert (
+            data["items"][0]["clusters"][0]["value"]
+            == threat_actor_galaxy_cluster_apt29.value
+        )
+        assert (
+            data["items"][0]["clusters"][0]["value"]
+            == threat_actor_galaxy_cluster_apt29.value
+        )
+        assert (
+            data["items"][0]["clusters"][0]["tag_name"]
+            == threat_actor_galaxy_cluster_apt29.tag_name
+        )
+
+    @pytest.mark.parametrize("scopes", [["galaxies:read"]])
+    def test_get_galaxy_by_id(
+        self,
+        client: TestClient,
+        threat_actor_galaxy: galaxies_models.Galaxy,
+        threat_actor_galaxy_cluster_apt29: galaxies_models.GalaxyCluster,
+        auth_token: auth.Token,
+    ):
+        response = client.get(
+            f"/galaxies/{threat_actor_galaxy.id}",
+            headers={"Authorization": "Bearer " + auth_token},
+        )
+        data = response.json()
+
+        assert response.status_code == status.HTTP_200_OK
+        assert data["id"] == threat_actor_galaxy.id
+        assert data["name"] == threat_actor_galaxy.name
+        assert data["type"] == threat_actor_galaxy.type
+        assert data["description"] == threat_actor_galaxy.description
+        assert data["namespace"] == threat_actor_galaxy.namespace
+        assert data["icon"] == threat_actor_galaxy.icon
+        assert data["enabled"] == threat_actor_galaxy.enabled
+        assert data["local_only"] == threat_actor_galaxy.local_only
+        assert data["default"] == threat_actor_galaxy.default
+        assert data["org_id"] == threat_actor_galaxy.org_id
+        assert data["orgc_id"] == threat_actor_galaxy.orgc_id
+
+        # check clusters
+        assert len(data["clusters"]) == 1
+        assert data["clusters"][0]["galaxy_id"] == threat_actor_galaxy.id
+        assert data["clusters"][0]["id"] == threat_actor_galaxy_cluster_apt29.id
+        assert data["clusters"][0]["value"] == threat_actor_galaxy_cluster_apt29.value
+        assert data["clusters"][0]["value"] == threat_actor_galaxy_cluster_apt29.value
+        assert (
+            data["clusters"][0]["tag_name"]
+            == threat_actor_galaxy_cluster_apt29.tag_name
+        )
+
+    @pytest.mark.parametrize("scopes", [["galaxies:update"]])
+    def test_patch_taxonomy(
+        self,
+        client: TestClient,
+        threat_actor_galaxy: galaxies_models.Galaxy,
+        auth_token: auth.Token,
+    ):
+        response = client.patch(
+            f"/galaxies/{threat_actor_galaxy.id}",
+            headers={"Authorization": "Bearer " + auth_token},
+            json={
+                "enabled": False,
+                "local_only": True,
+                "default": True,
+            },
+        )
+        data = response.json()
+
+        assert response.status_code == status.HTTP_200_OK
+
+        assert data["id"] == threat_actor_galaxy.id
+        assert data["name"] == threat_actor_galaxy.name
+        assert data["enabled"] is False
+        assert data["local_only"] is True
+        assert data["default"] is True
+
+    @pytest.mark.parametrize("scopes", [["galaxies:update"]])
+    def test_update_galaxies(
+        self,
+        client: TestClient,
+        auth_token: auth.Token,
+    ):
+        # TODO: implement test without importing all the misp-galaxies (takes too long)
+        pass

api/app/tests/api_tester.py

@@ -399,7 +399,7 @@ def tlp_taxonomy(
         db.commit()
         db.refresh(tlp_taxonomy)
 
-        return tlp_taxonomy
+        yield tlp_taxonomy
 
     @pytest.fixture(scope="class")
     def tlp_white_predicate(
@@ -423,3 +423,68 @@ def tlp_white_predicate(
         db.refresh(tlp_white_predicate)
 
         yield tlp_white_predicate
+
+    @pytest.fixture(scope="class")
+    def threat_actor_galaxy(
+        self,
+        db: Session,
+        organisation_1: organisation_models.Organisation,
+        user_1: user_models.User,
+    ):
+        threat_actor_galaxy = galaxy_models.Galaxy(
+            name="Threat Actor",
+            type="threat-actor",
+            description="Threat actors are characteristics of malicious actors (or adversaries) representing a cyber attack threat including presumed intent and historically observed behaviour.",
+            version=3,
+            namespace="misp",
+            icon="user-secret",
+            enabled=True,
+            local_only=False,
+            default=False,
+            org_id=organisation_1.id,
+            orgc_id=organisation_1.id,
+            created="2020-01-01 01:01:01",
+            modified="2020-01-01 01:01:01",
+        )
+
+        db.add(threat_actor_galaxy)
+        db.commit()
+        db.refresh(threat_actor_galaxy)
+
+        yield threat_actor_galaxy
+
+    @pytest.fixture(scope="class")
+    def threat_actor_galaxy_cluster_apt29(
+        self,
+        db: Session,
+        organisation_1: organisation_models.Organisation,
+        user_1: user_models.User,
+        threat_actor_galaxy: galaxy_models.Galaxy,
+    ):
+
+        threat_actor_galaxy_cluster_apt29 = galaxy_models.GalaxyCluster(
+            collection_uuid="7cdff317-a673-4474-84ec-4f1754947823",
+            type="threat-actor",
+            value="APT29",
+            tag_name='misp-galaxy:threat-actor="APT29"',
+            description="APT29 description.",
+            galaxy_id=threat_actor_galaxy.id,
+            source="MISP Project",
+            authors=[
+                "Author 1",
+                "Author 2",
+            ],
+            version=1,
+            uuid="b2056ff0-00b9-482e-b11c-c771daa5f28a",
+            distribution=event_models.DistributionLevel.ALL_COMMUNITIES,
+            sharing_group_id=None,
+            org_id=organisation_1.id,
+            orgc_id=organisation_1.id,
+            published=True,
+        )
+
+        db.add(threat_actor_galaxy_cluster_apt29)
+        db.commit()
+        db.refresh(threat_actor_galaxy_cluster_apt29)
+
+        yield threat_actor_galaxy_cluster_apt29