synapse 2.165.0__py311-none-any.whl → 2.167.0__py311-none-any.whl

synapse/models/risk.py

@@ -68,6 +68,14 @@ class RiskModule(s_module.CoreModule):
 
                 ('risk:threat', ('guid', {}), {
                     'doc': 'A threat cluster or subgraph of threat activity, as reported by a specific organization.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'org:name'}},
+                            {'type': 'prop', 'opts': {'name': 'org:names'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                            {'type': 'prop', 'opts': {'name': 'tag'}},
+                        ),
+                    },
                 }),
                 ('risk:attack', ('guid', {}), {
                     'doc': 'An instance of an actor attacking a target.',
@@ -81,9 +89,22 @@ class RiskModule(s_module.CoreModule):
                 }),
                 ('risk:compromise', ('guid', {}), {
                     'doc': 'An instance of a compromise and its aggregate impact.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                        ),
+                    },
                 }),
                 ('risk:mitigation', ('guid', {}), {
                     'doc': 'A mitigation for a specific risk:vuln.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'name'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                            {'type': 'prop', 'opts': {'name': 'tag'}},
+                        ),
+                    },
                 }),
                 ('risk:attacktype', ('taxonomy', {}), {
                     'doc': 'A taxonomy of attack types.',
@@ -104,6 +125,14 @@ class RiskModule(s_module.CoreModule):
                 }),
                 ('risk:tool:software', ('guid', {}), {
                     'doc': 'A software tool used in threat activity, as reported by a specific organization.',
+                    'display': {
+                        'columns': (
+                            {'type': 'prop', 'opts': {'name': 'soft:name'}},
+                            {'type': 'prop', 'opts': {'name': 'soft:names'}},
+                            {'type': 'prop', 'opts': {'name': 'reporter:name'}},
+                            {'type': 'prop', 'opts': {'name': 'tag'}},
+                        ),
+                    },
                 }),
 
                 ('risk:alert:verdict:taxonomy', ('taxonomy', {}), {
@@ -128,19 +157,22 @@ class RiskModule(s_module.CoreModule):
                 ('risk:extortion:type:taxonomy', ('taxonomy', {}), {
                     'interfaces': ('meta:taxonomy',),
                     'doc': 'A taxonomy of extortion event types.'}),
+
                 ('risk:technique:masquerade', ('guid', {}), {
                     'doc': 'Represents the assessment that a node is designed to resemble another in order to mislead.'}),
             ),
             'edges': (
                 # some explicit examples...
                 (('risk:attack', 'uses', 'ou:technique'), {
-                    'doc': 'The attackers used the technique in the attack.'}),
+                    'doc': 'The attacker used the technique in the attack.'}),
                 (('risk:threat', 'uses', 'ou:technique'), {
                     'doc': 'The threat cluster uses the technique.'}),
                 (('risk:tool:software', 'uses', 'ou:technique'), {
                     'doc': 'The tool uses the technique.'}),
                 (('risk:compromise', 'uses', 'ou:technique'), {
-                    'doc': 'The attackers used the technique in the compromise.'}),
+                    'doc': 'The attacker used the technique in the compromise.'}),
+                (('risk:extortion', 'uses', 'ou:technique'), {
+                    'doc': 'The attacker used the technique to extort the victim.'}),
 
                 (('risk:attack', 'uses', 'risk:vuln'), {
                     'doc': 'The attack used the vulnerability.'}),
@@ -936,12 +968,18 @@ class RiskModule(s_module.CoreModule):
                     ('compromise', ('risk:compromise', {}), {
                         'doc': 'The compromise which allowed the leaker access to the information.'}),
 
+                    ('extortion', ('risk:extortion', {}), {
+                        'doc': 'The extortion event which used the threat of the leak as leverage.'}),
+
                     ('public', ('bool', {}), {
                         'doc': 'Set to true if the leaked information was made publicly available.'}),
 
                     ('public:url', ('inet:url', {}), {
                         'doc': 'The URL where the leaked information was made publicly available.'}),
 
+                    ('size:bytes', ('int', {'min': 0}), {
+                        'doc': 'The approximate uncompressed size of the total data leaked.'}),
+
                 )),
 
                 ('risk:extortion:type:taxonomy', {}, ()),
@@ -963,6 +1001,9 @@ class RiskModule(s_module.CoreModule):
                     ('demanded', ('time', {}), {
                         'doc': 'The time that the attacker made their demands.'}),
 
+                    ('deadline', ('time', {}), {
+                        'doc': 'The time that the demand must be met.'}),
+
                     ('goal', ('ou:goal', {}), {
                         'doc': 'The goal of the attacker in extorting the victim.'}),
 
@@ -976,7 +1017,7 @@ class RiskModule(s_module.CoreModule):
                         'doc': 'The extortion target identity.'}),
 
                     ('success', ('bool', {}), {
-                        'doc': 'Set to true if the victim met the attackers demands.'}),
+                        'doc': "Set to true if the victim met the attacker's demands."}),
 
                     ('enacted', ('bool', {}), {
                         'doc': 'Set to true if attacker carried out the threat.'}),

synapse/telepath.py

@@ -135,25 +135,24 @@ def mergeAhaInfo(info0, info1):
 
     return info0
 
-async def open(url, timeout=None):
+async def open(url, onlink=None):
     '''
-    Open a new telepath Client (or AHA Service Pool) based on the given URL.
-    '''
-    # backward compatible support for a list of URLs or urlinfo dicts...
-    if isinstance(url, (tuple, list)): # pragma: no cover
-        return await Client.anit(url)
-
-    urlinfo = chopurl(url)
+    Open a new telepath ClientV2 object based on the given URL.
 
-    if urlinfo.get('scheme') == 'aha':
-
-        ahaclient, ahasvc = await _getAhaSvc(urlinfo, timeout=timeout)
+    Args:
+        url (str): The URL to connect to.
+        onlink: An optional async callback function to run when connections are made.
 
-        # check if we should return a Pool rather than a Client :)
-        if ahasvc.get('services'):
-            return await Pool.anit(ahaclient, ahasvc, urlinfo)
+    Notes:
+        The onlink callback function has the call signature ``(proxy, urlinfo)``.
+        The proxy is the Telepath Proxy object.
+        The urlinfo is the parsed URL information used to create the proxy object.
+        The urlinfo structure may change between versions of Synapse.
 
-    return await Client.anit(urlinfo)
+    Returns:
+        ClientV2: A ClientV2 object.
+    '''
+    return await ClientV2.anit(url, onlink=onlink)
 
 async def _getAhaSvc(urlinfo, timeout=None):
 
@@ -501,6 +500,7 @@ class GenrMethod(Method):
 class Pipeline(s_base.Base):
 
     async def __anit__(self, proxy, genr, name=None):
+        s_common.deprecated('Telepath.Pipeline', curv='2.167.0')
 
         await s_base.Base.__anit__(self)
 
@@ -832,7 +832,7 @@ class Proxy(s_base.Base):
 
                         mesg = await link.rx()
                         if mesg is None:
-                            raise s_exc.LinkShutDown(mesg=mesg)
+                            raise s_exc.LinkShutDown(mesg='Remote peer disconnected')
 
                         if mesg[0] != 't2:yield':  # pragma: no cover
                             info = 'Telepath protocol violation:  unexpected message received'
@@ -869,6 +869,8 @@ class Proxy(s_base.Base):
         if self.sess is not None:
             return await self.taskv2(todo, name=name)
 
+        s_common.deprecated('Telepath task with no session', curv='2.166.0')
+
         task = Task()
 
         mesg = ('task:init', {
@@ -980,21 +982,39 @@ class Proxy(s_base.Base):
         setattr(self, name, meth)
         return meth
 
-class Pool(s_base.Base):
+class ClientV2(s_base.Base):
     '''
     A telepath client which:
         * connects to multiple services
         * distributes API calls across them
         * receives topology updates from AHA
+
+    NOTE: This must co-exist with Client until we eliminate uses that
+          attempt to call telepath APIs directly from the Client rather
+          than awaiting a proxy()
     '''
-    async def __anit__(self, aha, ahasvc, urlinfo):
+    async def __anit__(self, urlinfo, onlink=None):
+
         await s_base.Base.__anit__(self)
+
+        # some ugly stuff in order to be backward compatible...
+        if not isinstance(urlinfo, (list, tuple)):
+            urlinfo = (urlinfo,)
+
+        urlinfo = [chopurl(u) for u in urlinfo]
+
+        self.aha = None
+
         self.clients = {}
         self.proxies = set()
 
-        self.aha = aha
-        self.ahasvc = ahasvc
-        self.urlinfo = urlinfo
+        self.poolname = None
+
+        self.onlink = onlink
+
+        self.booturls = urlinfo
+        self.bootdeque = collections.deque()
+        self.bootdeque.extend(self.booturls)
 
         self.ready = asyncio.Event()
         self.deque = collections.deque()
@@ -1003,7 +1023,6 @@ class Pool(s_base.Base):
             'svc:add': self._onPoolSvcAdd,
             'svc:del': self._onPoolSvcDel,
         }
-        self.schedCoro(self._toposync())
 
         async def fini():
             await self._shutDownPool()
@@ -1012,8 +1031,63 @@ class Pool(s_base.Base):
 
         self.onfini(fini)
 
+        self.schedCoro(self._initBootProxy())
+
+    def getNextBootUrl(self):
+        if not self.bootdeque:
+            self.bootdeque.extend(self.booturls)
+        return self.bootdeque.popleft()
+
+    async def _initBootProxy(self):
+
+        lastlog = 0.0
+        while not self.isfini:
+
+            urlinfo = self.getNextBootUrl()
+
+            try:
+
+                if urlinfo.get('scheme') == 'aha':
+
+                    self.aha, svcinfo = await _getAhaSvc(urlinfo)
+
+                    # if the service is a pool, enter pool mode and fire
+                    # the topography sync task to manage pool members.
+                    services = svcinfo.get('services')
+                    if services is not None:
+                        # we are an AHA pool!
+                        if self.poolname is None:
+                            self.poolname = svcinfo.get('name')
+                            self.schedCoro(self._toposync())
+                        return
+
+                # regular telepath client behavior
+                proxy = await openinfo(urlinfo)
+                await self._onPoolLink(proxy, urlinfo)
+
+                async def reconnect():
+                    if not self.isfini:
+                        self.schedCoro(self._initBootProxy())
+
+                proxy.onfini(reconnect)
+                return
+
+            except Exception as e:
+
+                now = time.monotonic()
+                if now > lastlog + 60.0:  # don't logspam the disconnect message more than 1/min
+                    url = s_urlhelp.sanitizeUrl(zipurl(urlinfo))
+                    logger.exception(f'telepath clientv2 ({url}) encountered an error: {e}')
+                    lastlog = now
+
+                retrysleep = float(urlinfo.get('retrysleep', 0.2))
+                await self.waitfini(timeout=retrysleep)
+
+    async def waitready(self, timeout=None):
+        await s_common.wait_for(self.ready.wait(), timeout=timeout)
+
     def size(self):
-        return len(self.clients)
+        return len(self.proxies)
 
     async def _onPoolSvcAdd(self, mesg):
         svcname = mesg[1].get('name')
@@ -1022,7 +1096,7 @@ class Pool(s_base.Base):
             await oldc.fini()
 
         urlinfo = {'scheme': 'aha', 'host': svcname, 'path': ''}
-        self.clients[svcname] = await Client.anit(urlinfo, onlink=self._onPoolLink)
+        self.clients[svcname] = await ClientV2.anit(urlinfo, onlink=self._onPoolLink)
         await self.fire('svc:add', **mesg[1])
 
     async def _onPoolSvcDel(self, mesg):
@@ -1033,10 +1107,11 @@ class Pool(s_base.Base):
         self.deque.clear()
         await self.fire('svc:del', **mesg[1])
 
-    async def _onPoolLink(self, proxy):
+    async def _onPoolLink(self, proxy, urlinfo):
 
         async def onfini():
-            self.proxies.remove(proxy)
+            if proxy in self.proxies:
+                self.proxies.remove(proxy)
             if proxy in self.deque:
                 self.deque.remove(proxy)
             if not len(self.proxies):
@@ -1046,13 +1121,23 @@ class Pool(s_base.Base):
         self.proxies.add(proxy)
         self.ready.set()
 
+        if self.onlink is not None:
+            try:
+                await self.onlink(proxy, urlinfo)
+            except Exception as e:
+                logger.exception(f'onlink: {self.onlink}')
+
     async def _shutDownPool(self):
         # when we reconnect to our AHA service, we need to dump the current
         # topology state and gather it again.
-        for client in self.clients.values():
+        for client in list(self.clients.values()):
             await client.fini()
 
+        for proxy in list(self.proxies):
+            await proxy.fini()
+
         self.deque.clear()
+        self.ready.clear()
         self.clients.clear()
         self.proxies.clear()
 
@@ -1065,16 +1150,14 @@ class Pool(s_base.Base):
 
         while not self.isfini:
 
-            poolname = self.ahasvc.get('name')
-
             try:
                 ahaproxy = await self.aha.proxy()
 
                 await reset()
 
-                async for mesg in ahaproxy.iterPoolTopo(poolname):
+                async for mesg in ahaproxy.iterPoolTopo(self.poolname):
                     hand = self.mesghands.get(mesg[0])
-                    if hand is None: # pragma: no cover
+                    if hand is None:  # pragma: no cover
                         logger.warning(f'Unknown AHA pool topography message: {mesg}')
                         continue
 
@@ -1092,7 +1175,7 @@ class Pool(s_base.Base):
 
                 await self.ready.wait()
 
-                if self.isfini: # pragma: no cover
+                if self.isfini:  # pragma: no cover
                     raise s_exc.IsFini()
 
                 if not self.deque:

synapse/tests/files/stormpkg/dotstorm/dotstorm.yaml

@@ -9,3 +9,6 @@ modules:
 
 commands:
     - name: dotstorm.bar
+
+onload: |
+  $lib.time.sleep(0)

synapse/tests/test_cortex.py

@@ -4564,10 +4564,9 @@ class CortexBasicTest(s_t_utils.SynTest):
             await core1.addFeedData('syn.nodes', data)
             self.len(1, await core1.nodes('test:int=8 -#test.12345'))
 
-            # This tag does match regex
             data = [(('test:int', 8), {'tags': {'test.1234': (None, None)}})]
             await core1.addFeedData('syn.nodes', data)
-            self.len(0, await core1.nodes('test:int=8 -#test.1234'))
+            self.len(0, await core1.nodes('test:int=8 -#newtag.1234'))
 
             core1.view.layers[0].readonly = True
             await self.asyncraises(s_exc.IsReadOnly, core1.addFeedData('syn.nodes', data))
@@ -6338,7 +6337,7 @@ class CortexBasicTest(s_t_utils.SynTest):
                 async def action():
                     await asyncio.sleep(0.1)
                     await core.callStorm('return($lib.view.get().fork())')
-                    await core.callStorm('return($lib.cron.add(query="{graph:node=*}", hourly=30).pack())')
+                    await core.callStorm('return($lib.cron.add(query="{meta:note=*}", hourly=30).pack())')
                     tdef = {'cond': 'node:add', 'storm': '[test:str="foobar"]', 'form': 'test:int'}
                     opts = {'vars': {'tdef': tdef}}
                     trig = await core.callStorm('return($lib.trigger.add($tdef))', opts=opts)
@@ -7008,7 +7007,7 @@ class CortexBasicTest(s_t_utils.SynTest):
             # clear out the #cno.cve tags and test prune behavior.
             await core.nodes('#cno.cve [ -#cno.cve ]')
 
-            await core.nodes('[ inet:ipv4=1.2.3.4 +#cno.cve.2021.12345.foo +#cno.cve.2021.55555 ]')
+            await core.nodes('[ inet:ipv4=1.2.3.4 +#cno.cve.2021.12345.foo +#cno.cve.2021.55555.bar ]')
 
             await core.nodes('$lib.model.tags.set(cno.cve, prune, (2))')
 
@@ -7016,6 +7015,10 @@ class CortexBasicTest(s_t_utils.SynTest):
             nodes = await core.nodes('[ inet:ipv4=1.2.3.4 -#cno.cve.2021.55555 ]')
             self.sorteq(('cno', 'cno.cve', 'cno.cve.2021', 'cno.cve.2021.12345', 'cno.cve.2021.12345.foo'), [t[0] for t in nodes[0].getTags()])
 
+            # double delete shouldn't prune
+            nodes = await core.nodes('[ inet:ipv4=1.2.3.4 -#cno.cve.2021.55555 ]')
+            self.sorteq(('cno', 'cno.cve', 'cno.cve.2021', 'cno.cve.2021.12345', 'cno.cve.2021.12345.foo'), [t[0] for t in nodes[0].getTags()])
+
             # test that the pruning behavior stops at the correct level
             nodes = await core.nodes('[ inet:ipv4=1.2.3.4 -#cno.cve.2021.12345.foo ]')
             self.sorteq(('cno', 'cno.cve', 'cno.cve.2021', 'cno.cve.2021.12345'), [t[0] for t in nodes[0].getTags()])
@@ -7809,6 +7812,9 @@ class CortexBasicTest(s_t_utils.SynTest):
                     self.stormHasNoWarnErr(msgs)
                     self.stormIsInPrint('AHA service (01.core...) added to service pool (pool00.loop.vertex.link)', msgs)
 
+                    msgs = await core00.stormlist('cortex.storm.pool.set newp')
+                    self.stormIsInErr(':// not found in [newp]', msgs)
+
                     msgs = await core00.stormlist('cortex.storm.pool.set --connection-timeout 1 --sync-timeout 1 aha://pool00...')
                     self.stormHasNoWarnErr(msgs)
                     self.stormIsInPrint('Storm pool configuration set.', msgs)
@@ -7817,6 +7823,8 @@ class CortexBasicTest(s_t_utils.SynTest):
 
                     core00 = await base.enter_context(self.getTestCore(dirn=dirn00))
 
+                    await core00.stormpool.waitready(timeout=12)
+
                     with self.getLoggerStream('synapse') as stream:
                         msgs = await alist(core00.storm('inet:asn=0'))
                         self.len(1, [m for m in msgs if m[0] == 'node'])
@@ -7906,28 +7914,28 @@ class CortexBasicTest(s_t_utils.SynTest):
 
                     stream.seek(0)
                     data = stream.read()
-                    self.isin('Unable to get proxy', data)
+                    self.isin('Storm query mirror pool is empty, running query locally.', data)
 
                     with self.getLoggerStream('synapse') as stream:
                         self.true(await core00.callStorm('inet:asn=0 return($lib.true)'))
 
                     stream.seek(0)
                     data = stream.read()
-                    self.isin('Unable to get proxy', data)
+                    self.isin('Storm query mirror pool is empty, running query locally.', data)
 
                     with self.getLoggerStream('synapse') as stream:
                         self.len(1, await alist(core00.exportStorm('inet:asn=0')))
 
                     stream.seek(0)
                     data = stream.read()
-                    self.isin('Unable to get proxy', data)
+                    self.isin('Storm query mirror pool is empty, running query locally.', data)
 
                     with self.getLoggerStream('synapse') as stream:
                         self.eq(1, await core00.count('inet:asn=0'))
 
                     stream.seek(0)
                     data = stream.read()
-                    self.isin('Unable to get proxy', data)
+                    self.isin('Storm query mirror pool is empty, running query locally.', data)
 
                     core01 = await base.enter_context(self.getTestCore(dirn=dirn01))
                     await core01.promote(graceful=True)
@@ -7984,3 +7992,66 @@ class CortexBasicTest(s_t_utils.SynTest):
 
                     msgs = await alist(core01.storm('inet:asn=0', opts={'mirror': False}))
                     self.len(1, [m for m in msgs if m[0] == 'node'])
+
+    async def test_cortex_authgate(self):
+        # TODO - Remove this in 3.0.0
+        with self.getTestDir() as dirn:
+
+            async with self.getTestCore(dirn=dirn) as core:  # type: s_cortex.Cortex
+
+                unfo = await core.addUser('lowuser')
+                lowuser = unfo.get('iden')
+
+                msgs = await core.stormlist('auth.user.addrule lowuser --gate cortex node')
+                self.stormIsInWarn('Adding rule on the "cortex" authgate. This authgate is not used', msgs)
+                msgs = await core.stormlist('auth.role.addrule all --gate cortex hehe')
+                self.stormIsInWarn('Adding rule on the "cortex" authgate. This authgate is not used', msgs)
+
+                aslow = {'user': lowuser}
+
+                # The cortex authgate does nothing
+                with self.raises(s_exc.AuthDeny) as cm:
+                    await core.nodes('[test:str=hello]', opts=aslow)
+
+            with self.getAsyncLoggerStream('synapse.cortex') as stream:
+                async with self.getTestCore(dirn=dirn) as core:  # type: s_cortex.Cortex
+                    # The cortex authgate still does nothing
+                    with self.raises(s_exc.AuthDeny) as cm:
+                        await core.nodes('[test:str=hello]', opts=aslow)
+            stream.seek(0)
+            buf = stream.read()
+            self.isin('(lowuser) has a rule on the "cortex" authgate', buf)
+            self.isin('(all) has a rule on the "cortex" authgate', buf)
+
+    async def test_cortex_check_nexus_init(self):
+        # This test is a simple safety net for making sure no nexus events
+        # happen before the nexus subsystem is initialized (initNexusSubsystem).
+        # It's possible for code which calls nexus APIs to run but not do
+        # anything which wouldn't be caught here. I don't think there's a good
+        # way to check for that condition though.
+
+        class Cortex(s_cortex.Cortex):
+            async def initServiceStorage(self):
+                self._test_pre_service_storage_index = await self.nexsroot.index()
+                ret = await super().initServiceStorage()
+                self._test_post_service_storage_index = await self.nexsroot.index()
+                return ret
+
+            async def initNexusSubsystem(self):
+                self._test_pre_nexus_index = await self.nexsroot.index()
+                ret = await super().initNexusSubsystem()
+                self._test_post_nexus_index = await self.nexsroot.index()
+                return ret
+
+        conf = {
+            'layer:lmdb:map_async': True,
+            'nexslog:en': True,
+            'layers:logedits': True,
+        }
+
+        with self.getTestDir() as dirn:
+            async with await Cortex.anit(dirn, conf=conf) as core:
+                offs = core._test_pre_service_storage_index
+                self.eq(core._test_post_service_storage_index, offs)
+                self.eq(core._test_pre_nexus_index, offs)
+                self.ge(core._test_post_nexus_index, core._test_pre_nexus_index)

synapse/tests/test_datamodel.py

@@ -41,6 +41,28 @@ class DeprecatedModel(s_module.CoreModule):
 
 class DataModelTest(s_t_utils.SynTest):
 
+    async def test_datamodel_basics(self):
+        async with self.getTestCore() as core:
+            core.model.addType('woot:one', 'guid', {}, {
+                'display': {
+                    'columns': (
+                        {'type': 'newp', 'opts': {}},
+                    ),
+                },
+            })
+            with self.raises(s_exc.BadFormDef):
+                core.model.addForm('woot:one', {}, ())
+
+            core.model.addType('woot:two', 'guid', {}, {
+                'display': {
+                    'columns': (
+                        {'type': 'prop', 'opts': {'name': 'hehe'}},
+                    ),
+                },
+            })
+            with self.raises(s_exc.BadFormDef):
+                core.model.addForm('woot:two', {}, ())
+
     async def test_datamodel_formname(self):
         modl = s_datamodel.Model()
         mods = (

synapse/tests/test_lib_agenda.py

@@ -361,10 +361,13 @@ class AgendaTest(s_t_utils.SynTest):
 
                 # schedule a query to run every Wednesday and Friday at 10:15am
                 cdef = {'creator': visi.iden, 'iden': s_common.guid(), 'storm': '$lib.queue.gen(visi).put(bar)',
+                        'pool': True,
                         'reqs': {s_tu.HOUR: 10, s_tu.MINUTE: 15},
                         'incunit': s_agenda.TimeUnit.DAYOFWEEK,
                         'incvals': (2, 4)}
                 adef = await agenda.add(cdef)
+
+                self.true(adef['pool'])
                 guid = adef.get('iden')
 
                 self.len(1, agenda.apptheap)
@@ -634,7 +637,7 @@ class AgendaTest(s_t_utils.SynTest):
             nodes = await core.nodes('test:int=97', opts={'view': newview})
             self.len(0, nodes)
 
-    async def test_agenda_edit_creator(self):
+    async def test_agenda_edit(self):
 
         async with self.getTestCore() as core:
 
@@ -645,8 +648,12 @@ class AgendaTest(s_t_utils.SynTest):
             self.stormHasNoWarnErr(msgs)
 
             cdef = await core.callStorm('for $cron in $lib.cron.list() { return($cron) }')
+            self.false(cdef['pool'])
             self.eq(cdef['creator'], core.auth.rootuser.iden)
 
+            cdef = await core.callStorm('for $cron in $lib.cron.list() { $cron.set(pool, (true)) return($cron) }')
+            self.true(cdef['pool'])
+
             opts = {'vars': {'lowuser': lowuser}}
             cdef = await core.callStorm('for $cron in $lib.cron.list() { return($cron.set(creator, $lowuser)) }',
                                         opts=opts)

synapse/tests/test_lib_aha.py

@@ -6,6 +6,7 @@ from unittest import mock
 import synapse.exc as s_exc
 import synapse.axon as s_axon
 import synapse.common as s_common
+import synapse.cortex as s_cortex
 import synapse.telepath as s_telepath
 
 import synapse.lib.aha as s_aha
@@ -186,8 +187,8 @@ class AhaTest(s_test.SynTest):
                     self.nn(await proxy.getCellIden())
 
                 with self.raises(s_exc.BadArg):
-                    await cryo.ahaclient.waitready(timeout=2)
-                    await cryo.ahaclient.modAhaSvcInfo('cryo.mynet', {'newp': 'newp'})
+                    _proxy = await cryo.ahaclient.proxy(timeout=2)
+                    await _proxy.modAhaSvcInfo('cryo.mynet', {'newp': 'newp'})
 
                 async with await s_telepath.openurl('aha://root:secret@0.cryo.mynet') as proxy:
                     self.nn(await proxy.getCellIden())
@@ -1146,8 +1147,6 @@ class AhaTest(s_test.SynTest):
 
         async with self.getTestAhaProv() as aha:
 
-            import synapse.cortex as s_cortex
-
             async with await s_base.Base.anit() as base:
 
                 with self.getTestDir() as dirn:
@@ -1169,13 +1168,24 @@ class AhaTest(s_test.SynTest):
                     self.stormHasNoWarnErr(msgs)
                     self.stormIsInPrint('Created AHA service pool: pool00.loop.vertex.link', msgs)
 
-                    with self.raises(s_exc.BadArg):
-                        await s_telepath.open('aha://pool00...')
+                    # Pool has no members....
+                    pool = await s_telepath.open('aha://pool00...')
+                    self.eq(0, pool.size())
+                    waiter = pool.waiter(0, 'svc:add')
 
                     msgs = await core00.stormlist('aha.pool.svc.add pool00... 00...')
                     self.stormHasNoWarnErr(msgs)
                     self.stormIsInPrint('AHA service (00...) added to service pool (pool00.loop.vertex.link)', msgs)
 
+                    self.len(1, await waiter.wait(timeout=12))
+                    prox = await pool.proxy(timeout=12)
+                    info = await prox.getCellInfo()
+                    self.eq('00', info.get('cell').get('aha').get('name'))
+                    self.eq(1, pool.size())
+                    await pool.fini()
+                    self.eq(0, pool.size())
+                    self.true(prox.isfini)
+
                     poolinfo = await aha.getAhaPool('pool00...')
                     self.len(1, poolinfo['services'])
 
@@ -1184,6 +1194,9 @@ class AhaTest(s_test.SynTest):
                     self.stormIsInPrint('    00.loop.vertex.link', msgs)
                     self.stormIsInPrint('1 pools', msgs)
 
+                    msgs = await core00.stormlist('$lib.print($lib.aha.pool.get(pool00.loop.vertex.link))')
+                    self.stormIsInPrint('aha:pool: pool00.loop.vertex.link', msgs)
+
                     async with await s_telepath.open('aha://pool00...') as pool:
 
                         replay = s_common.envbool('SYNDEV_NEXUS_REPLAY')