Reacta no timeinterval provided case

opencybersecurityalliance · Apr 5, 2022 · a6751cd · a6751cd
1 parent aa79e5d
commit a6751cd
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 3 deletions.
diff --git a/stix_shifter_modules/reaqta/stix_translation/query_constructor.py b/stix_shifter_modules/reaqta/stix_translation/query_constructor.py
@@ -13,7 +13,7 @@
 
 class QueryStringPatternTranslator:
 
-    def __init__(self, pattern: Pattern, data_model_mapper):
+    def __init__(self, pattern: Pattern, data_model_mapper, options:dict):
         self.dmm = data_model_mapper
         self.comparator_lookup = self.dmm.map_comparator()
         self.pattern = pattern
@@ -200,7 +200,7 @@ def parse_expression(self, pattern: Pattern):
 
 
 def translate_pattern(pattern: Pattern, data_model_mapping, options):
-    query_translator = QueryStringPatternTranslator(pattern, data_model_mapping)
+    query_translator = QueryStringPatternTranslator(pattern, data_model_mapping, options)
     query = query_translator.translated
 
     if query_translator.formated_qualifier:

diff --git a/stix_shifter_modules/reaqta/test/stix_translation/test_stix_to_hunt_query.py b/stix_shifter_modules/reaqta/test/stix_translation/test_stix_to_hunt_query.py
@@ -15,6 +15,17 @@ def test_source_timeinterval(self):
 
         self.assertEqual(query, test_string)
 
+    # TODO: 
+    #  (($ip = "172.16.60.184" AND happenedAfter = Mar 24, 2020 5:21 PM AND happenedBefore = Mar 24, 2020 5:21 PM) OR ($ip = "172.16.60.185" AND happenedAfter = Mar 24, 2020 5:21 PM AND happenedBefore = Mar 24, 2020 5:21 PM)) 
+    # def test_source_no_timeinterval(self):
+    #     stix_pattern = "[ipv4-addr:value = '172.16.60.184']"
+    #     queries = translation.translate('reaqta', 'query', '{}', stix_pattern)
+    #     query = queries['queries']
+
+    #     test_string = ['$ip = "172.16.60.184" AND happenedAfter = "2022-03-24T20:21:35.519Z" AND happenedBefore = "2022-03-24T20:21:35.619Z"']
+
+    #     self.assertEqual(query, test_string)
+
     def test_not_operator(self):
         stix_pattern = "[ipv4-addr:value NOT = '172.31.60.104' OR network-traffic:src_ref.value != '172.31.60.104']" \
                         "START t'2022-03-24T20:21:35.519Z' STOP t'2022-03-24T20:21:35.619Z'"
@@ -147,7 +158,7 @@ def test_network_traffic_ip_port(self):
         self.assertEqual(query, test_string)
 
 
-        
+
 
     def test_combined(self):
         stix_pattern = "([network-traffic:src_ref.value = '127.0.0.1' AND file:hashes.'MD5' != '23db6982caef9e9152f1a5b2589e6ca3' OR file:hashes.'SHA-256'= 'ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad']  " \