Merge pull request #9372 from Security-Onion-Solutions/fix/sensoroni_analyzers_configuration_check_2_4

Fix localfile analyzer 'file_path' check and add new list value verification function for helpers

salt/sensoroni/files/analyzers/helpers.py

@@ -10,6 +10,11 @@ def checkSupportedType(meta, artifact_type):
         return True
 
 
+def verifyNonEmptyListValue(conf, key):
+    if key not in conf or not isinstance(conf[key], list) or len(conf[key]) == 0:
+        sys.exit(126)
+
+
 def parseArtifact(artifact):
     data = json.loads(artifact)
     return data

salt/sensoroni/files/analyzers/helpers_test.py

@@ -33,3 +33,14 @@ class TestHelpersMethods(unittest.TestCase):
         data = helpers.parseArtifact(input)
         self.assertEqual(data["artifactType"], "bar")
         self.assertEqual(data["value"], "foo")
+
+    def test_verifyNonEmptyListValue(self):
+        conf = {"file_path": ['testfile.csv']}
+        path = 'file_path'
+        self.assertTrue(conf, path)
+
+    def test_verifyNonEmptyListValueIsEmpty(self):
+        conf = {"file_path": ""}
+        with self.assertRaises(SystemExit) as cm:
+            helpers.verifyNonEmptyListValue(conf, 'file_path')
+            self.assertEqual(cm.exception.code, 126)

salt/sensoroni/files/analyzers/localfile/localfile.py

@@ -1,18 +1,10 @@
 import json
 import helpers
 import os
-import sys
 import argparse
 import csv
 
 
-def checkConfigRequirements(conf):
-    if "file_path" not in conf or len(conf['file_path']) == 0:
-        sys.exit(126)
-    else:
-        return True
-
-
 def searchFile(artifact, csvfiles):
     dir = os.path.dirname(os.path.realpath(__file__))
     found = []
@@ -54,7 +46,7 @@ def prepareResults(raw):
 
 
 def analyze(conf, input):
-    checkConfigRequirements(conf)
+    helpers.verifyNonEmptyListValue(conf, 'file_path')
     meta = helpers.loadMetadata(__file__)
     data = helpers.parseArtifact(input)
     helpers.checkSupportedType(meta, data["artifactType"])

salt/sensoroni/files/analyzers/localfile/localfile_test.py

@@ -28,22 +28,6 @@ class TestLocalfileMethods(unittest.TestCase):
                     mock.assert_called_once()
                     lcmock.assert_called_once()
 
-    def test_checkConfigRequirements_present(self):
-        conf = {"file_path": "['intel.csv']"}
-        self.assertTrue(localfile.checkConfigRequirements(conf))
-
-    def test_checkConfigRequirements_not_present(self):
-        conf = {"not_a_file_path": "blahblah"}
-        with self.assertRaises(SystemExit) as cm:
-            localfile.checkConfigRequirements(conf)
-        self.assertEqual(cm.exception.code, 126)
-
-    def test_checkConfigRequirements_empty(self):
-        conf = {"file_path": ""}
-        with self.assertRaises(SystemExit) as cm:
-            localfile.checkConfigRequirements(conf)
-        self.assertEqual(cm.exception.code, 126)
-
     def test_searchFile_multiple_found(self):
         artifact = "abcd1234"
         results = localfile.searchFile(artifact, ["localfile_test.csv"])
@@ -115,7 +99,7 @@ class TestLocalfileMethods(unittest.TestCase):
                    }
                  ]
         artifactInput = '{"value":"foo","artifactType":"url"}'
-        conf = {"file_path": "/home/intel.csv"}
+        conf = {"file_path": ['/home/intel.csv']}
         with patch('localfile.localfile.searchFile', new=MagicMock(return_value=output)) as mock:
             results = localfile.analyze(conf, artifactInput)
             self.assertEqual(results["summary"], "suspicious")