synapse 2.152.0__py311-none-any.whl → 2.154.0__py311-none-any.whl

synapse/tests/test_lib_trigger.py

@@ -552,3 +552,318 @@ class TrigTest(s_t_utils.SynTest):
 
             trig = await core.callStorm('return ($lib.trigger.get($iden))', opts=opts)
             self.eq(trig.get('user'), derp.iden)
+
+    async def test_trigger_edges(self):
+        async with self.getTestCore() as core:
+            view = await core.callStorm('return ($lib.view.get().fork().iden)')
+
+            await self.asyncraises(s_exc.SchemaViolation, core.nodes('''
+                $tdef = $lib.dict(
+                    cond="edge:add",
+                    form="test:int",
+                    storm="[+#asdfasdf]"
+                )
+                $lib.trigger.add($tdef)
+            '''))
+
+            await self.asyncraises(s_exc.SchemaViolation, core.nodes('''
+                $tdef = $lib.dict(
+                    cond="edge:add",
+                    form="test:int",
+                    storm="[+#asdfasdf]",
+                    verb=$lib.null
+                )
+                $lib.trigger.add($tdef)
+            '''))
+
+            # edge:add
+            tdef = {
+                'cond': 'edge:add',
+                'verb': 'refs',
+                'storm': '[ +#neato ] | spin | iden $auto.opts.n2iden | [ +#other ] | [ <(seen)+ { [ test:str=$auto.opts.verb ] } ]',
+                'view': view,
+            }
+            await core.nodes('$lib.trigger.add($tdef)', opts={'vars': {'tdef': tdef}}) # only verb
+
+            opts = {'view': view}
+
+            await core.nodes('trigger.add edge:add --verb refs --form test:int --query { [ +#burrito ] }', opts=opts)   # n1 + edge
+            await core.nodes('trigger.add edge:add --verb refs --n2form test:int --query { [ +#ping ]}', opts=opts)  # edge + n2
+            await core.nodes('trigger.add edge:add --verb refs --form test:int --n2form test:int --query { [ +#pong ]}', opts=opts)  # n1 + verb + n2
+
+            await core.nodes('[ test:str=foo <(refs)+ { [ test:str=bar ] } ]', opts=opts)  # fire the verb-only trigger
+            await core.nodes('[ test:int=123 +(refs)> { [ test:str=biz ] } ]', opts=opts)  # fire the n1 trigger and the verb trigger
+            await core.nodes('[ test:int=456 <(refs)+ { [ test:str=baz ] } ]', opts=opts)  # fire the n2 trigger and the verb trigger
+            await core.nodes('[ test:int=789 +(refs)> { [ test:int=0 ] } ]', opts=opts) # FIRE ALL THE CANNONS
+
+            await core.nodes('[ test:int=9876 +(refs)> { [ test:int=54321 ]}]', opts=opts)  # explicitly hit the cache
+
+            node = await core.nodes('test:int=0', opts=opts)
+            self.len(1, node)
+            self.isin('other', node[0].tags)
+
+            node = await core.nodes('test:int=123', opts=opts)
+            self.len(1, node)
+            self.isin('neato', node[0].tags)
+            self.isin('burrito', node[0].tags)
+
+            node = await core.nodes('test:int=456', opts=opts)
+            self.len(1, node)
+            self.isin('other', node[0].tags)
+
+            node = await core.nodes('test:int=789', opts=opts)
+            self.len(1, node)
+            self.isin('neato', node[0].tags)
+            self.isin('burrito', node[0].tags)
+            self.isin('ping', node[0].tags)
+            self.isin('pong', node[0].tags)
+
+            node = await core.nodes('test:str=foo', opts=opts)
+            self.len(1, node)
+            self.isin('other', node[0].tags)
+
+            node = await core.nodes('test:str=bar', opts=opts)
+            self.len(1, node)
+            self.isin('neato', node[0].tags)
+
+            node = await core.nodes('test:str=biz', opts=opts)
+            self.len(1, node)
+            self.isin('other', node[0].tags)
+
+            node = await core.nodes('test:str=baz', opts=opts)
+            self.len(1, node)
+            self.isin('ping', node[0].tags)
+            self.isin('neato', node[0].tags)
+
+            node = await core.nodes('test:int=9876', opts=opts)
+            self.len(1, node)
+            self.isin('neato', node[0].tags)
+            self.isin('burrito', node[0].tags)
+            self.isin('ping', node[0].tags)
+            self.isin('pong', node[0].tags)
+
+            # invalidate the cache
+            await core.nodes('trigger.add edge:add --verb refs --form test:int --n2form test:int --query { [ +#invalid ]}', opts=opts)  # n1 + verb + n2
+
+            node = await core.nodes('[test:int=2468 <(refs)+ { [test:int=1357] }]', opts=opts)
+            self.notin('invalid', node[0].tags)
+
+            node = await core.nodes('test:int=1357', opts=opts)
+            self.isin('invalid', node[0].tags)
+
+            nodes = await core.nodes('test:str=refs -(seen)> *', opts=opts)  # collates all the n2 nodes
+            ndefs = set([
+                ('test:int', 0),
+                ('test:int', 456),
+                ('test:str', 'foo'),
+                ('test:str', 'biz'),
+                ('test:int', 54321),
+                ('test:int', 2468)
+            ])
+            self.eq(ndefs, set([n.ndef for n in nodes]))
+
+            nodes = await core.nodes('syn:trigger:cond="edge:add"', opts=opts)
+            self.len(5, nodes)
+            n2 = 0
+            for n in nodes:
+                self.eq(n.props['verb'], 'refs')
+                if n.props.get('n2form') is not None:
+                    n2 += 1
+            self.eq(n2, 3)
+
+            await core.nodes('for $trig in $lib.trigger.list() { $lib.trigger.del($trig.iden) }', opts=opts)
+            self.len(0, await core.nodes('syn:trigger', opts=opts))
+
+            # edge:del triggers
+            await core.nodes('trigger.add edge:del --verb refs  --query { [ +#cookies ] | spin | iden $auto.opts.n2iden | [ +#milk ] }', opts=opts)  # only edge
+            await core.nodes('trigger.add edge:del --verb refs --form test:int --query { [ +#cupcake ] }', opts=opts) # n1 form + edge
+            await core.nodes('trigger.add edge:del --verb refs --n2form test:int --query { [ +#icecream ] }', opts=opts) # edge + n2 form
+            await core.nodes('trigger.add edge:del --verb refs --form test:int --n2form test:int --query { [ +#croissant ] }', opts=opts) # n1 form + verb + n2 form
+
+            await core.nodes('test:str=foo [ <(refs)- { test:str=bar }]', opts=opts)  # fire the verb-only trigger
+            await core.nodes('test:int=123 | edges.del *', opts=opts)  # fire the n1 trigger and verb trigger
+            await core.nodes('test:int=456 | edges.del refs --n2', opts=opts)  # fire the n2 trigger and verb trigger
+            await core.nodes('test:int=789 [ -(refs)> { test:int=0 } ]', opts=opts)  # fire everything
+
+            await core.nodes('test:int=9876 [ -(refs)> { test:int=54321 } ]', opts=opts)  # explicitly hit the cache
+
+            node = await core.nodes('test:int=0', opts=opts)
+            self.isin('milk', node[0].tags)
+
+            node = await core.nodes('test:int=123', opts=opts)
+            self.isin('cupcake', node[0].tags)
+            self.isin('cookies', node[0].tags)
+
+            # test:int=456 won't have anything on it, but test:str=baz will
+            node = await core.nodes('test:int=789', opts=opts)
+            self.isin('cookies', node[0].tags)
+            self.isin('icecream', node[0].tags)
+            self.isin('croissant', node[0].tags)
+            self.isin('cupcake', node[0].tags)
+
+            node = await core.nodes('test:str=foo', opts=opts)
+            self.isin('milk', node[0].tags)
+
+            node = await core.nodes('test:str=bar', opts=opts)
+            self.isin('cookies', node[0].tags)
+
+            node = await core.nodes('test:str=biz', opts=opts)
+            self.isin('milk', node[0].tags)
+
+            node = await core.nodes('test:str=baz', opts=opts)
+            self.isin('cookies', node[0].tags)
+            self.isin('icecream', node[0].tags)
+
+            node = await core.nodes('test:int=9876', opts=opts)
+            self.len(1, node)
+            self.isin('cookies', node[0].tags)
+            self.isin('icecream', node[0].tags)
+            self.isin('croissant', node[0].tags)
+            self.isin('cupcake', node[0].tags)
+
+            await core.nodes('trigger.add edge:del --verb refs --form test:int --n2form test:int --query { [ +#scone ] }', opts=opts) # n1 form + verb + n2 form
+            node = await core.nodes('test:int=1357 | [ -(refs)> { test:int=2468 } ]', opts=opts)
+            self.isin('scone', node[0].tags)
+
+            nodes = await core.nodes('syn:trigger:cond="edge:del"', opts=opts)
+            self.len(5, nodes)
+            n2 = 0
+            for n in nodes:
+                self.eq(n.props['verb'], 'refs')
+                if n.props.get('n2form') is not None:
+                    n2 += 1
+            self.eq(n2, 3)
+
+            # make a pair of nodes in the base view, then the edge in the forked, and rip out one of the nodes
+            await core.nodes('[test:int=21701 test:int=23209]')
+            await core.nodes('test:int=21701 | [ <(refs)+ { test:int=23209 } ]', opts=opts)
+            await core.nodes('test:int=21701 | delnode')
+
+            await core.nodes('test:int=23209 | edges.del *', opts=opts)
+            node = await core.nodes('test:int=23209', opts=opts)
+            self.len(1, node)
+            self.isin('cookies', node[0].tags)
+            self.isin('cupcake', node[0].tags)
+            # the other two edge:del triggers cannot run because we can't get to n2 anymore
+
+            await core.nodes('for $trig in $lib.trigger.list() { $lib.trigger.del($trig.iden) }', opts=opts)
+            self.len(0, await core.nodes('syn:trigger', opts=opts))
+
+    async def test_trigger_edge_globs(self):
+        async with self.getTestCore() as core:
+            await core.nodes('trigger.add edge:add --verb foo* --query { [ +#foo ] | spin | iden $auto.opts.n2iden | [+#other] }')
+            await core.nodes('trigger.add edge:add --verb see* --form test:int --query { [ +#n1 ] }')
+            await core.nodes('trigger.add edge:add --verb r* --n2form test:int --query { [ +#n2 ] }')
+            await core.nodes('trigger.add edge:add --verb no** --form test:int --n2form test:str --query { [ +#both ] }')
+
+            async with core.enterMigrationMode():
+                nodes = await core.nodes('[test:int=123 +(foo:beep:boop)> { [test:str=neato] }]')
+                self.len(1, nodes)
+                self.notin('foo', nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=123 +(foo:bar:baz)> { [test:str=neato] }]')
+            self.len(1, nodes)
+            self.isin('foo', nodes[0].tags)
+
+            nodes = await core.nodes('test:str=neato')
+            self.len(1, nodes)
+            self.isin('other', nodes[0].tags)
+
+            nodes = await core.nodes('[test:str=stuff +(see.saw)> { test:str=neato } ]')
+            self.len(1, nodes)
+            self.notin('n1', nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=456 +(see.saw)> { test:str=neato } ]')
+            self.len(1, nodes)
+            self.isin('n1', nodes[0].tags)
+
+            nodes = await core.nodes('[test:str=neato +(ready)> { [ test:str=burrito ] } ]')
+            self.len(1, nodes)
+            self.notin('n2', nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=456 +(ready)> { test:int=123 } ]')
+            self.len(1, nodes)
+            self.isin('n2', nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=789 +(nope)> { test:int=123 } ]')
+            self.len(1, nodes)
+            self.notin('both', nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=789 +(nope)> { test:str=burrito } ]')
+            self.len(1, nodes)
+            self.isin('both', nodes[0].tags)
+
+            await core.nodes('trigger.add edge:add --verb not* --form test:int --n2form test:str --query { [ +#cache.destroy ] }')
+
+            nodes = await core.nodes('[test:int=135 +(note)> { [ test:str=koolaidman ] } ]')
+            self.len(1, nodes)
+            self.isin('both', nodes[0].tags)
+            self.isin('cache.destroy', nodes[0].tags)
+
+            await core.nodes('for $trig in $lib.trigger.list() { $lib.trigger.del($trig.iden) }')
+            self.len(0, await core.nodes('syn:trigger'))
+
+            nodes = await core.nodes('[test:int=12345 +(note)> { [ test:str=scrambledeggs ] } ]')
+            self.len(1, nodes)
+            self.len(0, nodes[0].tags)
+
+            nodes = await core.nodes('[test:int=9876 +(foo:bar)> { test:str=neato }]')
+            self.len(1, nodes)
+            self.notin('foo', nodes[0].tags)
+
+            await core.nodes('trigger.add edge:del --verb foo* --query { [ +#del.none ] | spin | iden $auto.opts.n2iden | [+#del.other] }')
+            await core.nodes('trigger.add edge:del --verb see* --form test:int --query { [ +#del.one ] }')
+            await core.nodes('trigger.add edge:del --verb r* --n2form test:int --query { [ +#del.two ] }')
+            await core.nodes('trigger.add edge:del --verb no** --form test:int --n2form test:str --query { [ +#del.all ] }')
+
+            async with core.enterMigrationMode():
+                nodes = await core.nodes('test:int=123 | [ -(foo:beep:boop)> { test:str=neato } ]')
+                self.len(1, nodes)
+                self.notin('del.none', nodes[0].tags)
+
+            nodes = await core.nodes('test:int=123 | [ -(foo:bar:baz)> { test:str=neato } ]')
+            self.len(1, nodes)
+            self.isin('del.none', nodes[0].tags)
+
+            nodes = await core.nodes('test:str=neato')
+            self.len(1, nodes)
+            self.isin('del.other', nodes[0].tags)
+
+            nodes = await core.nodes('test:int=456 | [ -(see.saw)> {test:str=neato} ]')
+            self.len(1, nodes)
+            self.isin('del.one', nodes[0].tags)
+
+            nodes = await core.nodes('test:int=456 | [ -(ready)> {test:int=123}]')
+            self.len(1, nodes)
+            self.isin('del.two', nodes[0].tags)
+
+            nodes = await core.nodes('test:int=789 | [ -(nope)> { test:int=123 } ]')
+            self.len(1, nodes)
+            self.notin('del.all', nodes[0].tags)
+
+            nodes = await core.nodes('test:int=789 | [ -(nope)> { test:str=burrito } ]')
+            self.len(1, nodes)
+            self.isin('del.all', nodes[0].tags)
+
+            await core.nodes('trigger.add edge:del --verb no** --form test:int --n2form test:str --query { [ +#cleanup ] }')
+
+            nodes = await core.nodes('test:int=12345 | [ -(note)> { test:str=scrambledeggs } ]')
+            self.len(1, nodes)
+            self.isin('cleanup', nodes[0].tags)
+            self.isin('del.all', nodes[0].tags)
+
+            view = await core.callStorm('return ($lib.view.get().fork().iden)')
+            opts = {'view': view}
+            await core.nodes('trigger.add edge:del --verb no** --form test:str --query { [ +#coffee ] }', opts=opts)
+            await core.nodes('trigger.add edge:del --verb no** --form test:str --n2form test:str --query { [ +#oeis.a000668 ] }', opts=opts)
+
+            await core.nodes('[test:str=mersenne test:str=prime]')
+            await core.nodes('test:str=mersenne [ +(notes)> { test:str=prime } ]', opts=opts)
+            await core.nodes('test:str=prime | delnode')
+            node = await core.nodes('test:str=mersenne | edges.del *', opts=opts)
+            self.len(1, node)
+            self.len(1, node[0].tags)
+            self.isin('coffee', node[0].tags)
+
+            await core.nodes('for $trig in $lib.trigger.list() { $lib.trigger.del($trig.iden) }')
+            self.len(0, await core.nodes('syn:trigger'))

synapse/tests/test_lib_view.py

@@ -182,8 +182,7 @@ class ViewTest(s_t_utils.SynTest):
             tmpiden = tmplayr['iden']
             await self.asyncraises(s_exc.ReadOnlyLayer, core.view.addLayer(tmpiden))
             await self.asyncraises(s_exc.ReadOnlyLayer, view2.addLayer(tmpiden))
-            await self.asyncraises(s_exc.ReadOnlyLayer, core.view.setLayers([tmpiden]))
-            await self.asyncraises(s_exc.ReadOnlyLayer, view2.setLayers([tmpiden]))
+            await self.asyncraises(s_exc.BadArg, view2.setLayers([tmpiden]))
 
             # You can't merge a non-forked view
             await self.asyncraises(s_exc.SynErr, view2.core.view.merge())

synapse/tests/test_model_base.py

@@ -351,3 +351,29 @@ class BaseTest(s_t_utils.SynTest):
                 doc = ifdef.get('doc')
                 self.nn(doc)
                 self.ge(len(doc), 3)
+
+    async def test_model_doc_deprecated(self):
+
+        async with self.getTestCore() as core:
+
+            # Check properties that have "deprecated" in the doc string. Skip "isnow" because it's
+            # likely to have "deprecated" in the doc string due to what it does.
+            nodes = await core.nodes('syn:prop:doc~="(?i)deprecate"')
+            for node in nodes:
+                prop = core.model.prop(node.ndef[1])
+                if prop.name == 'isnow':
+                    continue
+
+                self.true(prop.deprecated, msg=prop)
+
+            # Check types that have "deprecated" in the doc string.
+            nodes = await core.nodes('syn:type:doc="(?i)deprecate"')
+            for node in nodes:
+                typo = core.model.type(node.ndef[1])
+                self.true(typo.deprecated, msg=typo)
+
+            # Check forms that have "deprecated" in the doc string.
+            nodes = await core.nodes('syn:form:doc="(?i)deprecate"')
+            for node in nodes:
+                form = core.model.form(node.ndef[1])
+                self.true(form.deprecated, msg=form)

synapse/tests/test_model_inet.py

@@ -875,6 +875,18 @@ class InetModelTest(s_t_utils.SynTest):
             self.eq(2851995905, norm)
             self.eq(info.get('subs').get('type'), 'linklocal')
 
+            norm, info = t.norm('100.63.255.255')
+            self.eq(info.get('subs').get('type'), 'unicast')
+
+            norm, info = t.norm('100.64.0.0')
+            self.eq(info.get('subs').get('type'), 'shared')
+
+            norm, info = t.norm('100.127.255.255')
+            self.eq(info.get('subs').get('type'), 'shared')
+
+            norm, info = t.norm('100.128.0.0')
+            self.eq(info.get('subs').get('type'), 'unicast')
+
             # Don't allow invalid values
             with self.raises(s_exc.BadTypeValu):
                 t.norm(0x00000000 - 1)
@@ -1332,6 +1344,10 @@ class InetModelTest(s_t_utils.SynTest):
             t = core.model.type(formname)
             self.raises(s_exc.BadTypeValu, t.norm, 'http:///wat')
             self.raises(s_exc.BadTypeValu, t.norm, 'wat')  # No Protocol
+            self.raises(s_exc.BadTypeValu, t.norm, "file://''")  # Missing address/url
+            self.raises(s_exc.BadTypeValu, t.norm, "file://#")  # Missing address/url
+            self.raises(s_exc.BadTypeValu, t.norm, "file://$")  # Missing address/url
+            self.raises(s_exc.BadTypeValu, t.norm, "file://%")  # Missing address/url
 
             self.raises(s_exc.BadTypeValu, t.norm, 'www.google\udcfesites.com/hehe.asp')
             valu = t.norm('http://www.googlesites.com/hehe\udcfestuff.asp')
@@ -1440,6 +1456,12 @@ class InetModelTest(s_t_utils.SynTest):
             nodes = await core.nodes(q)
             self.len(0, nodes)
 
+            nodes = await core.nodes('[ inet:url="https://+:80/woot" ]')
+            self.len(1, nodes)
+
+            self.none(nodes[0].get('ipv4'))
+            self.none(nodes[0].get('fqdn'))
+
     async def test_url_file(self):
 
         async with self.getTestCore() as core:

synapse/tests/test_model_orgs.py

@@ -586,6 +586,34 @@ class OuModelTest(s_t_utils.SynTest):
             self.len(1, nodes)
             self.len(1, nodes[0].get('industries'))
 
+            nodes = await core.nodes('''[ ou:requirement=50b757fafe4a839ec499023ebcffe7c0
+                :name="acquire pizza toppings"
+                :text="The team must acquire ANSI standard pizza toppings."
+                :goal={[ ou:goal=* :name=pizza ]}
+                :issuer={[ ps:contact=* :name=visi ]}
+                :assignee={ gen.ou.org.hq ledos }
+                :optional=(true)
+                :priority=highest
+                :issued=20120202
+                :period=(2023, ?)
+                :active=(true)
+                :deps=(*, *)
+                :deps:min=1
+            ]''')
+            self.len(1, nodes)
+            self.eq('acquire pizza toppings', nodes[0].get('name'))
+            self.eq('The team must acquire ANSI standard pizza toppings.', nodes[0].get('text'))
+            self.eq(1, nodes[0].get('deps:min'))
+            self.eq(50, nodes[0].get('priority'))
+            self.eq(True, nodes[0].get('optional'))
+            self.eq(1328140800000, nodes[0].get('issued'))
+            self.eq((1672531200000, 9223372036854775807), nodes[0].get('period'))
+
+            self.len(2, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 -> ou:requirement'))
+            self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 -> ou:goal +:name=pizza'))
+            self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 :issuer -> ps:contact +:name=visi'))
+            self.len(1, await core.nodes('ou:requirement=50b757fafe4a839ec499023ebcffe7c0 :assignee -> ps:contact +:orgname=ledos'))
+
     async def test_ou_code_prefixes(self):
         guid0 = s_common.guid()
         guid1 = s_common.guid()

synapse/tests/test_model_risk.py

@@ -280,6 +280,7 @@ class RiskModelTest(s_t_utils.SynTest):
                     :url=https://vertex.link/alerts/WOOT-20
                     :ext:id=WOOT-20
                     :engine={[ it:prod:softver=* :name=visiware ]}
+                    :host=*
                 ]
             ''')
             self.len(1, nodes)
@@ -289,6 +290,8 @@ class RiskModelTest(s_t_utils.SynTest):
             self.eq(2554848000000, nodes[0].get('detected'))
             self.eq('WOOT-20', nodes[0].get('ext:id'))
             self.eq('https://vertex.link/alerts/WOOT-20', nodes[0].get('url'))
+            self.nn(nodes[0].get('host'))
+            self.len(1, await core.nodes('risk:alert -> it:host'))
             self.len(1, await core.nodes('risk:alert -> risk:vuln'))
             self.len(1, await core.nodes('risk:alert -> risk:attack'))
             self.len(1, await core.nodes('risk:alert :engine -> it:prod:softver'))
@@ -299,6 +302,8 @@ class RiskModelTest(s_t_utils.SynTest):
                     :name = "Visi Wants Pizza"
                     :desc = "Visi wants a pepperoni and mushroom pizza"
                     :type = when.noms.attack
+                    :url=https://vertex.link/pwned
+                    :ext:id=PWN-00
                     :reporter = *
                     :reporter:name = vertex
                     :severity = 10
@@ -324,6 +329,8 @@ class RiskModelTest(s_t_utils.SynTest):
             self.eq('Visi wants a pepperoni and mushroom pizza', nodes[0].get('desc'))
             self.eq('when.noms.attack.', nodes[0].get('type'))
             self.eq('vertex', nodes[0].get('reporter:name'))
+            self.eq('PWN-00', nodes[0].get('ext:id'))
+            self.eq('https://vertex.link/pwned', nodes[0].get('url'))
             self.nn(nodes[0].get('target'))
             self.nn(nodes[0].get('attacker'))
             self.nn(nodes[0].get('campaign'))
@@ -394,6 +401,72 @@ class RiskModelTest(s_t_utils.SynTest):
             self.len(1, nodes[0].get('techniques'))
             self.len(1, await core.nodes('risk:threat:merged:isnow -> risk:threat'))
 
+            nodes = await core.nodes('''[ risk:leak=*
+                :name="WikiLeaks ACME      Leak"
+                :desc="WikiLeaks leaked ACME stuff."
+                :disclosed=20231102
+                :owner={ gen.ou.org.hq acme }
+                :leaker={ gen.ou.org.hq wikileaks }
+                :type=public
+                :goal={[ ou:goal=* :name=publicity ]}
+                :compromise={[ risk:compromise=* :target={ gen.ou.org.hq acme } ]}
+                :public=(true)
+                :public:url=https://wikileaks.org/acme
+                :reporter={ gen.ou.org vertex }
+                :reporter:name=vertex
+            ]''')
+            self.len(1, nodes)
+            self.eq('wikileaks acme leak', nodes[0].get('name'))
+            self.eq('WikiLeaks leaked ACME stuff.', nodes[0].get('desc'))
+            self.eq(1698883200000, nodes[0].get('disclosed'))
+            self.eq('public.', nodes[0].get('type'))
+            self.eq(1, nodes[0].get('public'))
+            self.eq('https://wikileaks.org/acme', nodes[0].get('public:url'))
+            self.eq('vertex', nodes[0].get('reporter:name'))
+
+            self.len(1, await core.nodes('risk:leak -> risk:leak:type:taxonomy'))
+            self.len(1, await core.nodes('risk:leak :owner -> ps:contact +:orgname=acme'))
+            self.len(1, await core.nodes('risk:leak :leaker -> ps:contact +:orgname=wikileaks'))
+            self.len(1, await core.nodes('risk:leak -> ou:goal +:name=publicity'))
+            self.len(1, await core.nodes('risk:leak -> risk:compromise :target -> ps:contact +:orgname=acme'))
+            self.len(1, await core.nodes('risk:leak :reporter -> ou:org +:name=vertex'))
+
+            nodes = await core.nodes('''[ risk:extortion=*
+                :demanded=20231102
+                :name="APT99 Extorted     ACME"
+                :desc="APT99 extorted ACME for a zillion vertex coins."
+                :type=fingain
+                :attacker={[ ps:contact=* :name=agent99 ]}
+                :target={ gen.ou.org.hq acme }
+                :success=(true)
+                :enacted=(true)
+                :public=(true)
+                :public:url=https://apt99.com/acme
+                :compromise={[ risk:compromise=* :target={ gen.ou.org.hq acme } ]}
+                :demanded:payment:price=99.99
+                :demanded:payment:currency=VTC
+                :reporter={ gen.ou.org vertex }
+                :reporter:name=vertex
+            ]''')
+
+            self.len(1, nodes)
+            self.eq('apt99 extorted acme', nodes[0].get('name'))
+            self.eq('APT99 extorted ACME for a zillion vertex coins.', nodes[0].get('desc'))
+            self.eq(1698883200000, nodes[0].get('demanded'))
+            self.eq('fingain.', nodes[0].get('type'))
+            self.eq(1, nodes[0].get('public'))
+            self.eq(1, nodes[0].get('success'))
+            self.eq(1, nodes[0].get('enacted'))
+            self.eq('https://apt99.com/acme', nodes[0].get('public:url'))
+            self.eq('99.99', nodes[0].get('demanded:payment:price'))
+            self.eq('vtc', nodes[0].get('demanded:payment:currency'))
+            self.eq('vertex', nodes[0].get('reporter:name'))
+
+            self.len(1, await core.nodes('risk:extortion :target -> ps:contact +:orgname=acme'))
+            self.len(1, await core.nodes('risk:extortion :attacker -> ps:contact +:name=agent99'))
+            self.len(1, await core.nodes('risk:extortion -> risk:compromise :target -> ps:contact +:orgname=acme'))
+            self.len(1, await core.nodes('risk:extortion :reporter -> ou:org +:name=vertex'))
+
     async def test_model_risk_mitigation(self):
         async with self.getTestCore() as core:
             nodes = await core.nodes('''[

synapse/tests/test_tools_autodoc.py

@@ -3,6 +3,8 @@ import synapse.common as s_common
 import synapse.tests.files as s_t_files
 import synapse.tests.utils as s_t_utils
 
+import synapse.lib.autodoc as s_l_autodoc
+
 import synapse.tools.autodoc as s_autodoc
 
 class TestAutoDoc(s_t_utils.SynTest):
@@ -126,6 +128,7 @@ class TestAutoDoc(s_t_utils.SynTest):
             self.isin('StormvarServiceCell Storm Service', s)
             self.isin('This documentation is generated for version 0.0.1 of the service.', s)
             self.isin('Storm Package\\: stormvar', s)
+
             self.isin('.. _stormcmd-stormvar-magic:\n', s)
             self.isin('magic\n-----', s)
             self.isin('Test stormvar support', s)
@@ -136,6 +139,10 @@ class TestAutoDoc(s_t_utils.SynTest):
             self.isin('nodedata with the following keys', s)
             self.isin('``foo`` on ``inet:ipv4``', s)
 
+            self.isin('.. _stormmod-stormvar-apimod', s)
+            self.isin('status()', s)
+            self.notin('testmod', s)
+
     async def test_tools_autodoc_stormpkg(self):
 
         with self.getTestDir() as path:
@@ -153,6 +160,7 @@ class TestAutoDoc(s_t_utils.SynTest):
 
             self.isin('Storm Package\\: testpkg', s)
             self.isin('This documentation is generated for version 0.0.1 of the package.', s)
+
             self.isin('This package implements the following Storm Commands.', s)
             self.isin('.. _stormcmd-testpkg-testpkgcmd', s)
 
@@ -171,6 +179,23 @@ class TestAutoDoc(s_t_utils.SynTest):
             self.isin('testpkg.baz', s)
             self.isin("Help on baz opt (default: ('-7days', 'now'))", s)
 
+            self.isin('This package implements the following Storm Modules.', s)
+            self.isin('.. _stormmod-testpkg-apimod', s)
+
+            self.notin('testmod', s)
+
+            self.isin('search(text, mintime=-30days)', s)
+            self.isin('text (str): The text.', s)
+            self.isin('Yields:', s)
+            self.isin('The return type is ``node``.', s)
+
+            self.isin('status()', s)
+
+            # coverage for no apidefs
+            rst = s_l_autodoc.RstHelp()
+            await s_autodoc.processStormModules(rst, 'foo', [])
+            self.eq('\nStorm Modules\n=============\n\nThis package does not export any Storm APIs.\n', rst.getRstText())
+
     async def test_tools_autodoc_stormtypes(self):
         with self.getTestDir() as path:
 

synapse/tests/test_tools_genpkg.py

@@ -69,6 +69,10 @@ class GenPkgTest(s_test.SynTest):
             ymlpath = s_common.genpath(dirname, 'files', 'stormpkg', 'badjsonpkg.yaml')
             await s_genpkg.main((ymlpath,))
 
+        with self.raises(s_exc.SchemaViolation):
+            ymlpath = s_common.genpath(dirname, 'files', 'stormpkg', 'badapidef.yaml')
+            await s_genpkg.main((ymlpath,))
+
         ymlpath = s_common.genpath(dirname, 'files', 'stormpkg', 'testpkg.yaml')
         async with self.getTestCore() as core:
 
@@ -98,10 +102,12 @@ class GenPkgTest(s_test.SynTest):
             self.eq(pdef['version'], '0.0.1')
             self.eq(pdef['modules'][0]['name'], 'testmod')
             self.eq(pdef['modules'][0]['storm'], 'inet:ipv4\n')
-            self.eq(pdef['modules'][1]['name'], 'testpkg.testext')
-            self.eq(pdef['modules'][1]['storm'], 'inet:fqdn\n')
-            self.eq(pdef['modules'][2]['name'], 'testpkg.testextfile')
+            self.eq(pdef['modules'][1]['name'], 'apimod')
+            self.isin('function search', pdef['modules'][1]['storm'])
+            self.eq(pdef['modules'][2]['name'], 'testpkg.testext')
             self.eq(pdef['modules'][2]['storm'], 'inet:fqdn\n')
+            self.eq(pdef['modules'][3]['name'], 'testpkg.testextfile')
+            self.eq(pdef['modules'][3]['storm'], 'inet:fqdn\n')
             self.eq(pdef['commands'][0]['name'], 'testpkgcmd')
             self.eq(pdef['commands'][0]['storm'], 'inet:ipv6\n')