Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[XSUP 31458] Fix test-module in PANW Enterprise DLP #31983

Merged
merged 13 commits into from
Jan 10, 2024
Merged

[XSUP 31458] Fix test-module in PANW Enterprise DLP #31983

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
5adee4f
fix test-module
yaakovpraisler Jan 4, 2024
6a9a7f6
rn
yaakovpraisler Jan 4, 2024
2ff4c54
rn
yaakovpraisler Jan 4, 2024
d5bc363
fix
yaakovpraisler Jan 4, 2024
8a8c0d7
fixed reset-last-run & increased coverage
yaakovpraisler Jan 7, 2024
dec9919
Merge branch 'master' into XSUP-31458
yaakovpraisler Jan 7, 2024
d3b8491
Merged master into current branch.
Jan 9, 2024
c40ec17
Bump pack from version Palo_Alto_Networks_Enterprise_DLP to 2.0.9.
Jan 9, 2024
93718cf
Merge branch 'master' into XSUP-31458
yaakovpraisler Jan 10, 2024
e9113d0
bump docker
yaakovpraisler Jan 10, 2024
cba2d05
Merge branch 'master' into XSUP-31458
yaakovpraisler Jan 10, 2024
7bae4b2
Update Packs/Palo_Alto_Networks_Enterprise_DLP/Integrations/Palo_Alto…
yaakovpraisler Jan 10, 2024
a107bee
Update Packs/Palo_Alto_Networks_Enterprise_DLP/ReleaseNotes/2_0_9.md
yaakovpraisler Jan 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
23 changes: 15 additions & 8 deletions ...e_DLP/Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,7 @@ def __init__(self, url, credentials, insecure, proxy):
self.refresh_token = credentials[PASSWORD]
else:
self.access_token = ''
self._refresh_token_with_client_credentials()

def _refresh_token(self):
"""Refreshes Access Token"""
Expand Down Expand Up @@ -213,7 +214,7 @@ def get_dlp_report(self, report_id: str, fetch_snippets=False):

return self._get_dlp_api_call(url)

def get_dlp_incidents(self, regions: str, start_time: int = None, end_time: int = None) -> dict:
def get_dlp_incidents(self, regions: str, start_time: int = None, end_time: int = None) -> tuple:
url = INCIDENTS_URL
params = {}
if regions:
Expand All @@ -225,7 +226,7 @@ def get_dlp_incidents(self, regions: str, start_time: int = None, end_time: int
query_string = urllib.parse.urlencode(params)
url = f"{url}?{query_string}"
resp, status_code = self._get_dlp_api_call(url)
return resp
return resp, status_code

def update_dlp_incident(self, incident_id: str, feedback: FeedbackStatus, user_id: str, region: str,
report_id: str, dlp_channel: str, error_details: str = None):
Expand Down Expand Up @@ -356,13 +357,19 @@ def parse_dlp_report(report_json) -> CommandResults:
)


def test(client):
def test(client: Client, params: dict):
""" Test Function to test validity of access and refresh tokens"""
report_json, status_code = client.get_dlp_report('1')
dlp_regions = params.get("dlp_regions", "")
report_json, status_code = client.get_dlp_incidents(regions=dlp_regions)
if status_code in [200, 204]:
return_results("ok")
else:
raise DemistoException(f"Integration test failed: Unexpected status ({status_code})")
message = f"Integration test failed: Unexpected status ({status_code}) - "
if "error" in report_json:
message += f"Error message: \"{report_json.get('error')}\""
else:
message += f"The DLP Regions \"{dlp_regions}\" might be invalid, please check them again."
yaakovpraisler marked this conversation as resolved.
Show resolved Hide resolved
raise DemistoException(message)


def print_debug_msg(msg: str):
Expand Down Expand Up @@ -447,7 +454,7 @@ def fetch_incidents(client: Client, regions: str, start_time: int = None, end_ti
else:
print_debug_msg('Start fetching most recent incidents')

notification_map = client.get_dlp_incidents(regions=regions, start_time=start_time, end_time=end_time)
notification_map, _ = client.get_dlp_incidents(regions=regions, start_time=start_time, end_time=end_time)
incidents = []
for region, notifications in notification_map.items():
for notification in notifications:
Expand Down Expand Up @@ -588,7 +595,7 @@ def reset_last_run_command() -> str:
"""
ctx = get_integration_context()
ctx[RESET_KEY] = 'true'
set_to_integration_context_with_retries(ctx)
set_integration_context(ctx)
return 'fetch-incidents was reset successfully.'


Expand Down Expand Up @@ -620,7 +627,7 @@ def main():
elif demisto.command() == 'pan-dlp-reset-last-run':
return_results(reset_last_run_command())
elif demisto.command() == "test-module":
test(client)
test(client, params)

except Exception as e:
return_error(f'Failed to execute {demisto.command()} command.\nError:\n{str(e)}')
Expand Down
1 change: 0 additions & 1 deletion ..._DLP/Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
category: Network Security

Check failure on line 1 in Packs/Palo_Alto_Networks_Enterprise_DLP/Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP.yml

View workflow job for this annotation

GitHub Actions / pre-commit / pre-commit

Validation Error DO106 

The docker image tag is not the latest numeric tag, please update it.
The docker image tag in the yml file is: 3.10.13.83255
The latest docker image tag in docker hub is: 3.10.13.84405

You can check for the most updated version of demisto/python3 here: https://hub.docker.com/r/demisto/python3/tags 
To update the docker image run:
demisto-sdk format -ud -i Packs/Palo_Alto_Networks_Enterprise_DLP/Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP.yml
commonfields:
id: Palo Alto Networks Enterprise DLP
version: -1
Expand Down Expand Up @@ -29,7 +29,6 @@
- EU
- AP
- UK
defaultvalue: US,EU,AP,UK
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what if a customer didn't configure this param because the default value fitted for him, and upgrades to your version?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my case it took the supported region in my DLP env (US), so I guess it will return the result for the support regions for the customers as well.

required: false
- display: Data profiles to allow exemption
name: dlp_exemptible_list
Expand Down
13 changes: 7 additions & 6 deletions .../Integrations/Palo_Alto_Networks_Enterprise_DLP/Palo_Alto_Networks_Enterprise_DLP_test.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -186,12 +186,14 @@ def test_parse_dlp_report(mocker):
def test_get_dlp_incidents(requests_mock):
requests_mock.get(f'{DLP_URL}/public/incident-notifications?regions=us', json={'us': []})
client = Client(DLP_URL, CREDENTIALS, False, None)
result = client.get_dlp_incidents(regions='us')
result, status_code = client.get_dlp_incidents(regions='us')
assert result == {'us': []}
assert status_code == 200


def test_fetch_notifications(requests_mock, mocker):
requests_mock.get(f'{DLP_URL}/public/incident-notifications?regions=us', json={'us': []})
mocker.patch.object(demisto, 'getIntegrationContext', return_value={"access_token": "abc"})
incident_mock = mocker.patch.object(demisto, 'createIncidents')

client = Client(DLP_URL, CREDENTIALS, False, None)
Expand Down Expand Up @@ -243,7 +245,7 @@ def test_refresh_token_with_access_token(requests_mock, mocker):
assert client.access_token == 'abc'


def test_refresh_token_with_client_credentials(requests_mock, mocker):
def test_refresh_token_with_client_credentials(requests_mock):
credentials = {
'credential': 'test credentials',
'credentials': {
Expand All @@ -263,9 +265,8 @@ def test_refresh_token_with_client_credentials(requests_mock, mocker):
'password': 'test-pass',
'passwordChanged': False
}
client = Client(DLP_URL, credentials, False, None)
requests_mock.post(PAN_AUTH_URL, json={'access_token': 'abc'})
client._refresh_token_with_client_credentials()
client = Client(DLP_URL, credentials, False, None)
assert client.access_token == 'abc'


Expand All @@ -289,12 +290,12 @@ def test_handle_403(requests_mock, mocker):
'password': 'test-pass',
'passwordChanged': False
}
requests_mock.post(PAN_AUTH_URL, json={'access_token': 'abc'})
client = Client(DLP_URL, credentials, False, None)
credentials_mocker = mocker.patch.object(client, '_refresh_token_with_client_credentials')
response_mock = mocker.MagicMock()
type(response_mock).status_code = mocker.PropertyMock(return_value=403)
client._handle_403_errors(response_mock)
credentials_mocker.assert_called_with()
assert client.access_token == 'abc'

client = Client(DLP_URL, CREDENTIALS, False, None)
tokens_mocker = mocker.patch.object(client, '_refresh_token')
Expand Down
4 changes: 4 additions & 0 deletions Packs/Palo_Alto_Networks_Enterprise_DLP/ReleaseNotes/2_0_9.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
#### Integrations
##### Palo Alto Networks Enterprise DLP
- Fixed an issue where running the ***test button*** and authenticating with the credentials option.
yaakovpraisler marked this conversation as resolved.
Show resolved Hide resolved
- Fixed an issue where the ***pan-dlp-reset-last-run*** command returned an error.
2 changes: 1 addition & 1 deletion Packs/Palo_Alto_Networks_Enterprise_DLP/pack_metadata.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
"support": "xsoar",
"author": "Palo Alto Networks Enterprise DLP",
"url": "https://www.paloaltonetworks.com/enterprise-data-loss-prevention",
"currentVersion": "2.0.8",
"currentVersion": "2.0.9",
"categories": [
"Network Security"
],
Expand Down