Update test PR to work with latest code, fix flake8

mvt/common/indicators.py

@@ -56,7 +56,7 @@ class Indicators:
             else:
                 self.log.info("Invalid STIX2 path %s in MVT_STIX2 environment variable", path)
 
-    def load_indicators_files(self, files):
+    def load_indicators_files(self, files, load_default=True):
         """
         Load a list of indicators files
         """
@@ -67,7 +67,8 @@ class Indicators:
                 self.log.warning("This indicators file %s does not exist", file_path)
 
         # Load downloaded indicators and any indicators from env variable
-        self._load_downloaded_indicators()
+        if load_default:
+            self._load_downloaded_indicators()
         self._check_stix2_env_variable()
         self.log.info("Loaded a total of %d unique indicators", self.ioc_count)
 

tests/artifacts/generate_stix.py

@@ -1,6 +1,6 @@
-import sys
 import os
-from stix2.v21 import (Indicator, Malware, Relationship, Bundle, DomainName)
+
+from stix2.v21 import (Indicator, Malware, Relationship, Bundle)
 
 
 if __name__ == "__main__":
@@ -38,4 +38,5 @@ if __name__ == "__main__":
     bundle = Bundle(objects=res)
     with open("test.stix2", "w+") as f:
         f.write(bundle.serialize(pretty=True))
+
     print("test.stix2 file created")

tests/common/test_indicators.py

@@ -1,8 +1,10 @@
 import pytest
 import logging
 import os
+
+from mvt.common.indicators import Indicators
+
 from ..utils import get_artifact, init_setup
-from mvt.common.indicators import Indicators, IndicatorsFileBadFormat
 
 
 class TestIndicators:
@@ -13,7 +15,7 @@ class TestIndicators:
     def test_parse_stix2(self):
         stix_path = get_artifact("test.stix2")
         ind = Indicators(log=logging)
-        ind.parse_stix2(stix_path)
+        ind.load_indicators_files([stix_path], load_default=False)
         assert ind.ioc_count == 4
         assert len(ind.ioc_domains) == 1
         assert len(ind.ioc_emails) == 1
@@ -23,12 +25,13 @@ class TestIndicators:
     def test_check_domain(self):
         ind = Indicators(log=logging)
         stix_path = get_artifact("test.stix2")
-        ind.parse_stix2(stix_path)
-        assert ind.check_domain("https://www.example.org/foobar") == True
-        assert ind.check_domain("http://example.org:8080/toto") == True
+        ind.load_indicators_files([stix_path], load_default=False)
+        assert ind.check_domain("https://www.example.org/foobar")
+        assert ind.check_domain("http://example.org:8080/toto")
 
     def test_env_stix(self):
         stix_path = get_artifact("test.stix2")
         os.environ["MVT_STIX2"] = stix_path
         ind = Indicators(log=logging)
+        ind.load_indicators_files([stix_path], load_default=False)
         assert ind.ioc_count == 4

tests/ios/test_backup_info.py

@@ -1,11 +1,11 @@
 import pytest
 import logging
-import os
-from ..utils import get_artifact, get_artifact_folder, init_setup
-from mvt.common.indicators import Indicators, IndicatorsFileBadFormat
+
 from mvt.ios.modules.backup.backup_info import BackupInfo
 from mvt.common.module import run_module
 
+from ..utils import get_artifact_folder, init_setup
+
 
 class TestBackupInfoModule:
     @pytest.fixture(scope="session", autouse=True)
@@ -17,4 +17,3 @@ class TestBackupInfoModule:
         run_module(m)
         assert m.results["Build Version"] == "18C66"
         assert m.results["IMEI"] == '42'
-

tests/ios/test_datausage.py

@@ -1,11 +1,11 @@
 import pytest
 import logging
-import os
-from ..utils import get_artifact, get_artifact_folder, init_setup
-from mvt.common.indicators import Indicators, IndicatorsFileBadFormat
+
+from mvt.common.indicators import Indicators
 from mvt.ios.modules.mixed.net_datausage import Datausage
 from mvt.common.module import run_module
 
+from ..utils import get_artifact, get_artifact_folder, init_setup
 
 class TestDatausageModule:
     @pytest.fixture(scope="session", autouse=True)
@@ -28,5 +28,3 @@ class TestDatausageModule:
         m.indicators = ind
         run_module(m)
         assert len(m.detected) == 4
-
-

tests/ios/test_manifest.py

@@ -1,11 +1,11 @@
 import pytest
 import logging
-import os
-from ..utils import get_artifact, get_artifact_folder, init_setup
-from mvt.common.indicators import Indicators, IndicatorsFileBadFormat
+
+from mvt.common.indicators import Indicators
 from mvt.ios.modules.backup.manifest import Manifest
 from mvt.common.module import run_module
 
+from ..utils import get_artifact, get_artifact_folder, init_setup
 
 class TestManifestModule:
     @pytest.fixture(scope="session", autouse=True)
@@ -28,5 +28,3 @@ class TestManifestModule:
         m.indicators = ind
         run_module(m)
         assert len(m.detected) == 2
-
-

tests/ios/test_tcc.py

@@ -1,10 +1,10 @@
 import pytest
 import logging
-import os
-from ..utils import get_artifact_folder, init_setup
+
 from mvt.ios.modules.mixed.tcc import TCC
 from mvt.common.module import run_module
 
+from ..utils import get_artifact_folder, init_setup
 
 class TestManifestModule:
     @pytest.fixture(scope="session", autouse=True)
@@ -16,8 +16,7 @@ class TestManifestModule:
         run_module(m)
         assert len(m.results) == 11
         # FIXME: TCC should suport timeline
-        assert len(m.timeline) == 0
+        assert len(m.timeline) == 11
         assert len(m.detected) == 0
         assert m.results[0]["service"] == "kTCCServiceUbiquity"
         assert m.results[0]["auth_value"] == "allowed"
-

tests/utils.py

@@ -1,5 +1,6 @@
 import os
 
+
 def get_artifact(fname):
     """
     Return the artifact path in the artifact folder
@@ -10,9 +11,11 @@ def get_artifact(fname):
         return fpath
     return
 
+
 def get_artifact_folder():
     return os.path.join(os.path.dirname(__file__), "artifacts")
 
+
 def init_setup():
     """
     init data to have a clean state before testing